CIS Midterm Study Guide

Ace your homework & exams now with Quizwiz!

Which of the following statements best describes the relationship of a BCP to a DRP?

A DRP is a component of a BCP

Which risk analysis value represents the annual probability of a loss?

ARO

Which risk is most effectively mitigated by an upstream Internet service provider (ISP)?

Distributed denial of service (DDoS)

An attacker uses exploit software when wardialing

False

Risk management is responding to a negative event when it occurs

False

Vishing a type of wireless network attack

False

With adequate security controls and defenses, an organization can often reduce its risk to zero.

False

A DoS attack is coordinated attempt to deny service by occupying a computer to perform large amounts of unnecessary tasks.

True

A VPN router is a security appliance that is sued to filter IP packets

True

A birthday attack is a type of cryptographic attack that is used to make brute-force attack of one-way hashes easier

True

Authorization is the process of granting rights to use an organization's IT assets, systems, applications, and data to a specific user.

True

Failing to prevent an attack all but invites an attack.

True

It is faster to create the incremental weekday backups than the differential backups

True

Using a secure logon and authentication process is one of the six steps used to prevent malware

True

A rootkit uses a directed broadcast to create a flood of network traffic for the victim computer

false

Which risk response would be most appropriate if the impact of a risk becoming a reality is negligible?

Accept

The System/Application Domain holds all the mission-critical systems, applications, and data

True

In the Remote Access Domain, if private data or confidential data is compromised remotely, you should set automatic blocking for attempted logon retries.

False

Which security control is most helpful in protecting against eavesdropping on wirless LAN (WLAN) data transmissions that would jeopardize confidentiality

Applying strong encryption

Simple Network Management Protocol is used for network device monitoring, alarm, and performance.

True

Spyware gathers information about a user through an internet connection, without his or her knowledge

True

Matthew captures traffic on his network and notices connections using ports 20, 22, 23, and 80. Which port normally hosts a protocol that uses secure, encrypted connections?

22

What a key principle of risk management programs?

Don't spend more to protect an asset than it is worth

Bob recently accepted a position as the information security and compliance manager for a medical practice. Which regulation is likely to most directly apply to Bob's employer?

Health Insurance Portability and Accountability Act

Which mitigation plan is most appropriate to limit the risk of unauthorized access to workstations?

Password Protection

Which element of the security framework requires approval from upper management and applies to the entire organization

Policy

Chris is writing a document that provides step-by-step instructions for end users seeking to update the security software on their computers. Performing these updates is mandatory. Which type of document is Chris writing?

Procedure

Which tool can capture the packets transmitted between systems over a network

Protocol analyzer

Which type of risk analysis uses relative ranking?

Qualitative risk analysis

Which type of risk analysis uses formulas and numeric values to indicate risk severity?

Quantitative risk analysis

Which formula is typically used to describe the components of information security risks?

Risk = Threat X Vulnerability

According to PMI, which term described the list of identified risks?

Risk register

What is NOT one of the three tenets of information security

Safety

In which type of attack does the attacker attempt to take over an existing connection between two systems

Session hijacking

Which risk-response option would best describe purchasing fire insurance?

Transfer

Spam is some act intended to deceive or trick the receiver, normally in email messages

false

The Sarbanes-Oxley Act requires all types of financial institutions to protect customers private financial information

false

The main difference between a virus and a worm is that a virus does not need a host program to infect

false

Maria's company recently experienced a major system outage due to the failure of a critical component. During that time period, the company did not register any sales through its online site. Which type of loss did the company experience as a result of lost sales?

Opportunity Cost

Which term is used to indicate the amount of data loss that is acceptable?

RPO

Which group is most likely a target of a social engineering attack

Receptionists and administrative assistants

Networks, routers, and equipment require continuous monitoring and management to keep wide area network (WAN) service available.

True

Organizations should start defining their IT security policy framework by defining an asset classification policy

True

Risk refers to the amount of harm a threat exploiting a vulnerability can cause

True


Related study sets

How animals work 3 part a chapter 40

View Set