csc final

sensors work, for example, when a foot steps on a pressure-sensitive pad under a rug, or a window is opened.

Contact and weight

Each organization sets policy to choose one of two approaches when employing digital forensics. Select the statement that best identifies the options.

Both of these are approaches that might be chosen

A primary mailing list for new vulnerabilities, called simply __________, provides time-sensitive coverage of emerging vulnerabilities, documenting how they are exploited and reporting on how to remediate them. Individuals can register for the flagship mailing list or any one of the entire family of its mailing lists.

Bugtraq

According to Schwartz, Erwin, Weafer, and Briney, "__________" are the real techies who create and install security solutions.

Builders

The __________ certification program has added a number of concentrations that can demonstrate advanced knowledge beyond the basic certification's CBK.

CISSP

In PKI, the CA periodically distributes a(n) _________ to all users that identifies all revoked certificates.

CRL

occurs when an authorized person opens a door, and other people, who may or may not be authorized, also enter.

Tailgating

are hired by the organization to serve in a temporary position or to supplement the existing workforce.

Temporary employees

Fire __________ systems are devices installed and maintained to detect and respond to a fire, potential fire, or combustion danger.

suppression

A method of encryption that requires the same secret key to encipher and decipher the message is known as __________ encryption.

symmetric

The __________ vulnerability assessment is designed to find and document vulnerabilities that may be present in the organization's wireless local area networks.

wireless

3DES was created to offer the same strength as the DES algorithm but ran three times as fast, thus saving time.

F

A background check must always be conducted to determine the level of trust the business can place in a candidate for an information security position.

F

A badge is an identification card that is typically carried concealed

F

A cryptovariable is a value representing the application of a hash algorithm on a message.

F

A false positive is the failure of an IDPS system to react to an actual attack event.

F

A(n) partially distributed IDPS control strategy combines the best of other IDPS strategies.

T

A(n) war game puts a subset of plans in place to create a realistic test environment.

T

An affidavit is sworn testimony that certain facts are in the possession of an investigating officer and that they warrant the examination of specific items located at a specific place.

T

An example of the type of vulnerability exposed via traffic analysis occurs when an organization is trying to determine if all its device signatures have been adequately masked.

T

An organization should integrate security awareness education into a new hire's ongoing job orientation and make it a part of every employee's on-the-job security training.

T

Bluetooth is a de facto industry standard for short-range wireless communications between devices.

T

Carbon dioxide systems remove a fire's supply of oxygen.

T

Corrective action decisions are usually expressed in terms of trade-offs.

T

Each organization has to determine its own project management methodology for IT and information security projects.

T

Gaseous emission systems can be used in the suppression of fires.

T

Guards can evaluate each situation as it arises and make reasoned responses.

T

ISSAP stands for Information Systems Security Architecture Professional.

T

In general, ESD damage to chips produces two types of failures: immediate and latent.

T

In most cases, organizations look for a technically qualified information security generalist who has a solid understanding of how an organization operates.

T

Locks can be divided into categories based on the triggering process, including manual, programmable, electronic, and biometric.

T

Once a project is underway, it is managed using a process known as gap analysis, which ensures that progress is measured periodically.

T

Planners need to estimate the effort required to complete each task, subtask, or action step in the project plan.

T

Security managers are accountable for the day-to-day operation of the information security program.

T

The CISA credential is touted by ISACA as the certification that is appropriate for all but which type of professionals?

accounting

To evaluate the performance of a security system, administrators must establish system performance

baselines

To use a packet sniffer legally, the administrator must

be on a network that the organization owns have knowledge and consent of the content's creators be under direct authorization of the network's owners

Some cases of __________ are simple, such as requiring employees to begin using a new password on an announced date.

direct changeover

The ability to detect a target computer's __________ is very valuable to an attacker.

operating system

A(n) __________ is a software program or hardware appliance that can intercept, copy, and interpret network traffic.

packet sniffer

UPS devices typically have capacities that may run up to __________ VA.

1000

SHA-1 produces a(n) ___________-bit message digest, which can then be used as an input to a digital signature algorithm.

160

DES uses a(n) ___________-bit block size.

64

Class __________ fires are extinguished by agents that remove oxygen from the fire.

B

At the World Championships in Athletics in Helsinki in August 2005, a virus called Cabir infected dozens of __________, the first time this occurred in a public setting.

Bluetooth mobile phones

A(n) __________ is used to justify that the project will be reviewed and verified prior to the development of the project plan.

CBA

are encrypted message components that can be mathematically proven to be authentic.

Digital signatures

One of the leading causes of damage to sensitive circuitry is

ESD

__________ is the action of luring an individual into committing a crime to get a conviction.

Entrapment

Many organizations use a(n) __________ interview to remind the employee of contractual obligations, such as nondisclosure agreements, and to obtain feedback on the employee's tenure in the organization.

Exit

"Administrators" provide the policies, guidelines, and standards in the Schwartz, Erwin, Weafer, and Briney classification.

F

A general guideline for performance of hard drives suggests that when the amount of data stored on a particular hard drive averages 95% of available capacity for a prolonged period, you should consider an upgrade for the drive.

F

A padded cell is a hardened honeynet

F

A passive vulnerability scanner is one that initiates traffic on the network in order to determine security holes.

F

A user ticket is opened when a user calls about an issue.

F

A(n) monitoring vulnerability scanner is one that listens in on the network and determines vulnerable versions of both server and client software.

F

Adopted by NIST in 1976 as a federal standard, DES uses a 64-bit block size and key.

F

All organizations should designate a champion from the general management community of interest to supervise the implementation of an information security project plan.

F

An effective information security governance program requires constant change.

F

As DES became known as being too weak for highly classified communications, Double DES was created to provide a level of security far beyond that of DES.

F

Common forms of mechanical locks include electric strike locks, which (usually) require people to announce themselves before being "buzzed" through a locked door.

F

Common implementations of a registration authority (RA) include functions to issue digital certificates to users and servers.

F

Existing information security-related certifications are typically well understood by those responsible for hiring in organizations.

F

Fire suppression systems typically work by denying an environment one of the three requirements for a fire to burn: a match, fuel, and oxygen.

F

GIAC stands for Global Information Architecture Certification.

F

ISSMP stands for Information Systems Security Monitoring Professional.

F

In general, the design phase is accomplished by changing the configuration and operation of the organization's information systems to make them more secure.

F

In the early stages of planning, the project planner should attempt to specify completion dates only for major employees within the project.

F

Mechanical locks can accept a variety of inputs as keys, including magnetic strips on ID cards, radio signals from badges, personal identification numbers (PINs) typed into a keypad, or some combination of these to activate an electrically powered locking mechanism.

F

Organizations are not required by law to protect employee information that is sensitive or personal.

F

Planning for the implementation phase requires the creation of a detailed request for proposal, which is often assigned either to a project manager or the project champion.

F

testing is a straightforward testing technique that looks for vulnerabilities in a program or protocol by feeding random input to the program or a network running the protocol.

Fuzz

Computing and other electrical equipment used in areas where water can accumulate must be uniquely grounded using __________ equipment.

GFCI

is a protocol that can be used to secure communications across any IP-based network such as LANs, WANs, and the Internet.

IPSec

A __________ is the information used in conjunction with an algorithm to create the ciphertext from the plaintext or derive the plaintext from the ciphertext.

Key

is the entire range of values that can possibly be used to construct an individual key.

Keyspace

are usually passive devices and can be deployed into existing networks with little or no disruption to normal network operations.

NIDPSs

is used to respond to network change requests and network architectural design proposals.

Network connectivity RA

was developed by Phil Zimmermann and uses the IDEA cipher for message encoding.

PGP

The __________ process is designed to find and document vulnerabilities that may be present because there are misconfigured systems in use within the organization.

PSV

The __________ commercial site focuses on current security tool resources.

Packet Storm

a level beyond vulnerability testing, is a set of security tests and evaluations that simulate attacks by a malicious external source (hacker).

Penetration testing

The __________ level of the bull's-eye model establishes the ground rules for the use of all systems and describes what is appropriate and what is inappropriate; it enables all other information security components to function correctly.

Policies

allows for major security control components to be reviewed on a periodic basis to ensure that they are current, accurate, and appropriate.

Program review

involves a wide variety of computing sites outside the organization's primary facility and includes all forms of telecommuting.

Remote site computing

A(n) __________ port, also known as a monitoring port, is a specially configured connection on a network device that is capable of viewing all of the traffic that moves through the entire device.

SPAN

The __________ is responsible for the fragmentation, compression, encryption, and attachment of an SSL header to the cleartext prior to transmission.

SSL

The __________ is a statement of the boundaries of the RA.

Scope

is a cornerstone in the protection of information assets and in the prevention of financial loss.

Separation of duties

The __________ layer of the bull's-eye model includes computers used as servers, desktop computers, and systems used for process control and manufacturing.

Systems

"Unfreezing" in the Lewin change model involves thawing hard-and-fast habits and established procedures.

T

A proven method for prioritizing a program of complex change is the bull's-eye method.

T

A variation of the dry-pipe system is the pre-action system, which has a two-phase response to a fire.

T

A wireless security toolkit should include the ability to sniff wireless traffic, scan wireless hosts, and assess the level of privacy or confidentiality afforded on the wireless network.

T

A(n) distinguished name uniquely identifies a certificate entity to a user's public key.

T

A(n) known vulnerability is a published weakness or fault in an information asset or its protective systems that may be exploited and result in loss.

T

applications use a combination of techniques to detect an intrusion and then trace it back to its source.

Trap-and-trace

A device that assures the delivery of electric power without interruption is a(n)

UPS

is the amount of effort (usually in hours) required to perform cryptanalysis to decode an encrypted message when the key or algorithm (or both) are unknown.

Work factor

The ISSMP examination is designed to provide CISSPs with a mechanism to demonstrate competence in

business continuity planning and disaster recovery planning enterprise security management practices security management practices

Effective planning for information security involves:

collecting information about an organization's information security environment. collecting information about an organization's technical architecture. collecting information about an organization's objectives.

A(n) __________ item is a hardware or software item that is to be modified and revised throughout its life cycle.

configuration

Intrusion __________ activities finalize the restoration of operations to a normal state and seek to identify the source and method of the intrusion in order to ensure that the same type of attack cannot occur again.

correction

One approach that can improve the situational awareness of the information security function is to use a process known as __________ to quickly identify changes to the internal environment.

difference analysis

Activities that scan network locales for active systems and then identify the network services offered by the host systems are known as

fingerprinting

Technology __________ guides how frequently technical systems are updated, and how technical updates are approved and funded.

governance

Network behavior analysis system __________ sensors are typically intended for network perimeter use, so they are deployed in close proximity to the perimeter firewalls, often between the firewall and the Internet border router to limit incoming attacks that could overwhelm the firewall.

inline

The information security function can be placed within the

insurance and risk management function legal department administrative services function

The ISSEP allows CISSP certificate holders to demonstrate expert knowledge of all of the following except __________.

international laws

In the __________ UPS, the internal components of the standby models are replaced with a pair of inverters and converters.

line-interactive

Many who move to business-oriented information security were formerly__________ who were often involved in national security or cybersecurity.

military personnel

Which of the following is NOT a described IDPS control strategy?

partially distributed

A __________ vulnerability scanner listens in on the network and identifies vulnerable versions of both server and client software.

passive

Control __________ baselines are established for network traffic and for firewall performance and IDPS performance.

performance

A __________ is usually the best approach to security project implementation.

phased implementation

In a __________ implementation, the entire security system is put in place in a single office, department, or division before expanding to the rest of the organization.

pilot

Using a database of precomputed hashes from sequentially calculated passwords called a(n) __________, an attacker can simply look up a hashed password and read out the text version

rainbow table

Many public organizations must spend all budgeted funds within the fiscal year-otherwise, the subsequent year's budget is

reduced by the unspent amount

A step commonly used for Internet vulnerability assessment includes __________, which occurs when the penetration test engine is unleashed at the scheduled time using the planned target list and test selection.

scanning

The goal of the __________ is to resolve any pending project-related issues, critique the overall effort of the project, and draw conclusions about how to improve the project management process for the future.

wrap-up