Cyber Security II

Ace your homework & exams now with Quizwiz!

What best describes vulnerabilities? Select one: a. The amount of risk that remains after steps have been taken to mitigate risk b. Any type of activity or event that can result in a loss of C.I.A. c. A flaw or weakness in system security procedures, design, implementation, or internal controls d. Net negative impact of the exercise of a vulnerability

A flaw or weakness in system security procedures, design, implementation, or internal controls

Which choice describes the main difference between risk management and risk assessments? Select one: a. Risk management is a point-in-time event, while a risk assessment is a continuing process. b. A risk assessment is a point-in-time event, while risk management is an continuing process. c. Risk assessments are comprehensive in scope, while risk management is concentrated on a specific system. d. Risk assessment is one part of an overall risk management strategy for an organization.

A risk assessment is a point-in-time event, while risk management is an continuing process.

What is Kerberos? Select one: a. A security model by MAC. b. A three-headed dog of Hades. c. A remote authentication protocol for dial in to server. d. A trusted third-party authentication protocol.

A trusted third-party authentication protocol.

Which process is needed to operate the system in the company? Select one: a. Certification process b. Accreditation process c. Quality control process d. Configuration process

Accreditation process

Which best describes IPS compared to IDS? Select one: a. An inline monitoring system that can modify the environment to block an attack b. A system used to analyze vulnerabilities aganist a host machine c. An active device that detects and alertsd administrators d. A passive device that detects and alertsd administrators

An active device that detects and alertsd administrators

What best describes threats? Select one: a. A flaw or weakness in system security procedures, design, implementation, or internal controls b. Any type of activity or event that can result in a loss of C.I.A. c. The amount of risk that remains after steps have been taken to mitigate risk d. Net negative impact of the exercise of a vulnerability

Any type of activity or event that can result in a loss of C.I.A.

If an organization wants to implement a policy to define how long long archives and other data are kept Select one: a. Data loss prevention b. Storage media c. Transmission d. Archiving and Retention Requirements

Archiving and Retention Requirements

Of the following, which management is needed to manage the hardware and software items in your company? Select one: a. Risk management b. Asset management c. Software management d. Project management

Asset management

________created by one or more logs that track events occurring on a system or network Select one: a. Clipping levels b. Audit Trails c. Auditing with Logs d. Accountability e. security audit

Audit Trails

________ used to record details such as who, what, when, and where for any events of interest Select one: a. Clipping levels b. security audit c. Audit Trails d. Accountability e. Auditing with Logs

Auditing with Logs

When a company decide to block access to FaceBook completely. What risk management strategy are they using? Select one: a. Transfer b. Avoid c. Mitigate d. Accept

Avoid

Investigator uses which method to create an image of a drive for forensics investigation? Select one: a. Hashing b. Bit copy tool c. Diskcopy command d. Xcopy

Bit copy tool

______ used to generate alerts when the threshold is exceeded Select one: a. security audit b. Auditing with Logs c. Accountability d. Audit Trails e. Clipping levels

Clipping levels

Of the following, which is the first phase of forensics investigation process? Select one: a. Reporting b. Examination c. Analysis d. Collection

Collection

An individual is dishonest or unethical and using a computer in an unauthorized manner is considered as? a. Cyber Stalking b. Net Crime c. Computer abuse d. Cyber Terrorism e. Computer crime

Computer abuse

Which of the following data needs to be most protected? Select one: a. Public b. Sensitive c. Private d. Confidential

Confidential

_______ is the practice of ensuring that systems are configured with security in mind Select one: a. Change management b. Project management c. Configuration management d. Group policy

Configuration management

Common among adults is to use of the Internet to harass another person is called? Select one: a. Cyber Stalking b. Net Crime c. Cyber bullying d. Cyber Terrorism e. Cyber Warfare

Cyber Stalking

He uses the Internet to attack a victim through harassment, coercion, or intimidation is an example of? Select one: a. Cyber bullying b. Cyber Terrorism c. Cyber Warfare d. Net Crime e. Cyber Stalking

Cyber bullying

According to discretionary access control model, which entity is authorized to grant access to other users? Select one: a. Group Lead b. Data Owner c. Security Supervisor d. Boss

Data Owner

The procedure to secure data moving in a media is called? Select one: a. Data at process b. Data at rest c. Data at execution d. Data at motion

Data at motion

The ability of hackers to gain knowledge by piecing together unclassified data to determine classified or secret information is called? Select one: a. Data acquisition b. Data inference c. Data collection d. Data analysis

Data inference

If a company wants to ensure that a file is only stored once on a system. Which policy you would recommend? Select one: a. Data loss prevention b. Archiving and Retention Requirements c. Storage media d. Transmission e. Deduplication

Deduplication

What is the purpose of tunneling protocol? Select one: a. Encapsulate data b. Allow dial-in c. None of the above d. Speed up data transfer

Encapsulate data

_____________are controls implemented to protect against risks from USB devices, mobile phones, thin clients, and virtualization Select one: a. Firewall b. AV c. Endpoint devices d. IDS

Endpoint devices

A fault tolerance for one or more servers is called Select one: a. Failover cluster b. RAID 10 c. Load balance d. Dual CPUs

Failover cluster

Which application can be used to detect intrusion on the host machine? Select one: a. AV software b. HIDS c. HIPS d. NIDS

HIDS

Which Protocol is used to protect data in motion? Select one: a. IPsec b. SMTP c. SFTP d. L2T

IPsec

Which protocol can be used by itself as a tunneling? Select one: a. IPsec b. SSH c. L2TP d. MPPE

IPsec

The process of submitting a user name is called? Select one: a. Accounting b. Accountability c. Identification d. Authentication

Identification

The purpose of system hardening is to Select one: a. Implement configuration management b. Increase the security of the operating system c. Document changes to operating system d. Increase policy awareness

Increase the security of the operating system

What is the main concern with using the single sign-on? Select one: a. Increases the unauthorized access if a password is revealed b. The security administrator's assignment would increase c. Makes it hard to remember passwords d. Access rights of users would be decreased

Increases the unauthorized access if a password is revealed

Which protocol doesn't encrypt the traffic itself? Select one: a. MPPE b. L2TP c. IPsec d. SSH

L2TP

How can you control call forwarding in your phone system? Select one: a. Setup a password on the phone system b. Limit which phone numbers can use this feature c. Stop all long distance calls d. Restrict long distance calls

Limit which phone numbers can use this feature

The company decided to install several technical controls in their system. What risk management strategy are they using? Select one: a. Transfer b. Accept c. Avoid d. Mitigate

Mitigate

SEMs are designed to do: Select one: a. Update the vulnerabilities database b. Identifies lists of applications installed on the system c. To give administratorts an opportunity to perform vulnerability tests d. Monitoring an enterprise for security events

Monitoring an enterprise for security events

What makes MS-CHAP v2 better than MS-CHAP? Select one: a. Use of a nonce b. Mutual authentication c. Support for biometrics d. Use of certificates

Mutual authentication

____________ is used to control which clients are granted access to a network based on the health status. Select one: a. Firewall b. NAC c. Radius d. IDS

NAC

Which application can be used to detect intrusion on the network? Select one: a. NIDS b. AV software c. HIDS d. HIPS

NIDS

If the cost of the control is significantly lower than the losses without the control, then the cost of control is? Select one: a. Justified b. Requires further investigation c. Maybe justified d. Not justified

Not justified

Health is defined by criteria such as (Choose more than one answer) Select one or more: a. OS is up-to-date b. User can login c. firewall enabled d. Quarantine is enabled e. up-to-date antivirus

OS is up-to-date firewall enabled up-to-date antivirus

As a security professional, you were asked to perform a vulnerability assessment, what is your first step before starting the process? Select one: a. Collect all documentations b. List all discovered vulnerabilities c. Obtain permission from the business owner d. Perform discovery on the network

Obtain permission from the business owner

The purpose of order of volatility is to Select one: a. Examining volatile data first b. Obtaining volatile data first c. Examining non-volatile data first d. Obtaining non-volatile data first

Obtaining volatile data first

Which control can be used to prevent password sniffing attacks from occuring? Select one: a. Static and repeated passwords b. Encryption and frequent passwords c. Static and one-time password d. One-time passwords and encryption

One-time passwords and encryption

A good example of nontechnical control is? Select one: a. Policy b. Firewall c. IDS d. IPS

Policy

Chain of custody is used to: Select one: a. Get permission from my boss b. Proof that evidence has been protected c. The amount of effort required to acquire different data sources d. Data collection method

Proof that evidence has been protected

Of the following choices, what deserves the lowest level of protection based commercial companies' standards? Select one: a. Sensitive b. Private c. Public d. Confidential

Public

A company using a numerical-based risk analysis to locate risks. What type of risk analysis is this? Select one: a. Qualitative analysis b. Total cost of ownership c. Return on investment d. Quantitative analysis

Quantitative analysis

uses two or more drives in an array and uses striping without parity Select one: a. RAID 1 b. RAID 0 c. RAID 10 d. RAID 5

RAID 0

__________ uses two disks only to provide data protection Select one: a. RAID 10 b. RAID 0 c. RAID 5 d. RAID 1

RAID 1

_________uses three or more drives in an array and uses striping with parity Select one: a. RAID 5 b. RAID 0 c. RAID 1 d. RAID 10

RAID 5

When the costs and savings are about the same, then we need to implement________________ to determine whether the cost is justified Select one: a. ROI b. NDB c. SLA d. RFI

ROI

The last step in vulnerability assessment is? Select one: a. Document vulnerabilities b. Analyze results c. Remediate d. Discovery

Remediate

What is the acronym for RADUIS? Select one: a. Remote Authentication Dialing User System b. Remote Authentication Dial-in User Service c. Remote Access Dial-in User System d. Roaming Access Dial-in User Service

Remote Authentication Dial-in User Service

Kerberos can prevent which one of the following attacks? Select one: a. Tunneling attack b. Replay attack c. Procedure attack d. Negative attack

Replay attack

Of the following, which is the last phase of forensics investigation? Select one: a. Collection b. Analysis c. Examination d. Reporting

Reporting

Which regulatory requirements mandate specific protections for data related to publicly held companies? Select one: a. SOX b. PII c. HIPPA d. SCACS

SOX

Which protocol is needed to provide a secure VoIP communication? Select one: a. NAC b. TACACS c. SRTP d. PSTN

SRTP

Which one of the following represents an ALE calculation? Select one: a. Single loss expectancy x annualized rate of occurrence. b. Asset value x loss expectancy. c. Gross loss expectancy x loss frequency. d. actual spare cost

Single loss expectancy x annualized rate of occurrence.

___________ refer to mandatory activities, actions, or rules Select one: a. Procedures b. Policy c. Standards d. Guidelines

Standards

What best describes residual risk? Select one: a. The amount of risk that remains after steps have been taken to mitigate risk. b. Any type of activity or event that can result in a loss of C.I.A. c. A flaw or weakness in system security procedures, design, implementation, or internal controls d. Net negative impact of the exercise of a vulnerability

The amount of risk that remains after steps have been taken to mitigate risk.

How do you describe the purpose of examination in forensics investigation? Select one: a. The analyst develops a plan that prioritizes the sources, establishing the order in which the data should be acquired b. The investigator starts assessing and extracting the relevant pieces of information from the composed data while protecting its integrity c. The investigator collects data related to the event identified following by labeling, recording and integrity preservation d. The investigator searches for the evidence and begins investigation immediately

The investigator collects data related to the event identified following by labeling, recording and integrity preservation

How do you describe the purpose of assembly of data in forensics investigation? Select one: a. The analyst should create a plan that prioritizes the sources, establishing the order in which the data should be acquired b. The investigator collects data related to the event identified following by labeling, recording and integrity preservation c. The investigators collect the evidence and begin investigation immediately d. The investigator should start assessing and extracting the relevant pieces of information from the composed data while protecting its integrity

The investigator should start assessing and extracting the relevant pieces of information from the composed data while protecting its integrity

When a company decides to buy insurance to deal with any losses, which one of the following is being applied? Select one: a. Mitigate b. Accept c. Avoid d. Transfer

Transfer

Which mode encrypts and encapsulates the entire packet? Select one: a. Encryption mode b. Hidden mode c. Transport mode d. Tunnel mode

Tunnel mode

Discretionary Access Controls (DAC) are: Select one: a. Less flexible than mandatory access controls. b. Concerned with information flow. c. Based upon security labels. d. Widely used in commercial environments.

Widely used in commercial environments.

Which of the following is not part of logical access security? Select one: a. username b. cipher locks c. passwords. d. access profiles

cipher locks

Mandatory Access control requires attaching labels to all objects. Which is considered as objects? Select one: a. devices, processes and I/O pipe b. files, directories, sockets and processes c. files, directories, and print queue d. users, programs and windows

files, directories, and print queue

Preventive controls are used to Select one: a. takes action to reverse the effects of an event b. identify the event either as it is occurring or after it has occurred c. focused on stopping losses due to risks d. focused on reducing losses due to risks to an acceptable level

focused on stopping losses due to risks

The purpose of DRP is to Select one: a. help an organization prepare for emergencies that can interrupt the mission of the business b. Document changes to operating system c. identifies steps to recover critical systems d. Increase policy awareness

identifies steps to recover critical systems

Detective controls are used to Select one: a. focused on reducing losses due to risks to an acceptable level b. focused on stopping losses due to risks c. identify the event either as it is occurring or after it has occurred d. takes action to reverse the effects of an event

identify the event either as it is occurring or after it has occurred

What is the definition of control? Select one: a. A preventive method used to implement firewall to stop attackers b. A corrective method used to correct security violations c. means, methods, actions, techniques, processes, procedures, or devices that reduce the vulnerability of a system d. means, methods, actions, techniques, processes, procedures, or devices to stop attackers for starting an attack against the system

means, methods, actions, techniques, processes, procedures, or devices that reduce the vulnerability of a system

__________examines an organization's practices and operations to determine whether they conform to the organization's policies or applicable laws Select one: a. Accountability b. security audit c. Audit Trails d. Auditing with Logs e. Clipping levels

security audit

Corrective controls are used to Select one: a. focused on stopping losses due to risks b. takes action to reverse the effects of an event c. focused on reducing losses due to risks to an acceptable level d. identify the event either as it is occurring or after it has occurred

takes action to reverse the effects of an event

There are three ways to authenticate to the computer security software are by something you know, something you are, and something: Select one: a. your essential b. you have c. you can become d. Non-trivial

you have


Related study sets

Aerobic training adaptations (#5)

View Set

Economics chapter 1: the fundamental economic problem

View Set

Bio 2402-A&P 2- Chapter 22: Immune System Smartbook Assignment

View Set

Physics: Chapter 1, 2, 3, and 7 Concept Questions

View Set

Insurance Information and Privacy Protection Act Quiz

View Set

Chapter 12: Public Policy (Inquizitive | GOVT 2306)

View Set

Principles of Marketing Unit 3 Practice Test

View Set

Econ: Wall Street Reform and Consumer Protection Act Question

View Set

spansih test, Spanish Question Words

View Set