cyber test 2 review

Ace your homework & exams now with Quizwiz!

public interest

"EPIC is a _____________________________ research center in Washington, DC. EPIC was established in 1994 to focus public attention on emerging privacy and civil liberties issues and to protect privacy, freedom of expression, and democratic values in the information age. "

Li0n

"The ISC was created in 2001 following the successful detection, analysis, and widespread warning of the ______________ worm. Today, the ISC provides a free analysis and warning service to thousands of Internet users and organizations, and is actively working with Internet Service Providers to fight back against the most malicious attackers."

benchmarks

"The National Checklist Program (NCP), defined by the NIST SP 800-70, is the U.S. government repository of publicly available security checklists (or __________________________) that provide detailed low level guidance on setting the security configuration of operating systems and applications."

lookup

A ____________________ table stores the pre-computed hashes of passwords in a password dictionary along with the corresponding password. This table is a data structure that processes hundreds of hash lookups per second.

dictionary

A _______________________ attack uses a file containing common words, phrases, and passwords. The file has the hashes calculated.

cipher

A ________________________ lock uses buttons that a user presses in a given sequence to open the door.

brute-force

A _________________________ attack attempts every possible combination of characters up to a given length

parameters

A validation rule checks that data falls within the _____________________ defined by the database designer.

True

An IDS often requires assistance from other networking devices to respond to an attack.

inline

An IPS device operates in __________________ mode.

false

A Type I Error that rejects a person that registers and is an authorized user is known as a ________________ rejection. In many biometric applications, these rejections can have a very negative impact on business

fence

A _______________ is a barrier that encloses secure areas and designates property boundaries.

53

99.99% availability means ___________ minutes of downtime per year.

privacy impact assessment

A _________________________________________________ (or PIA) ensures that personally identifiable information (PII) is properly handled throughout an organization.

True

A CSIRT can be an ad hoc group within the organization.

fire

A Physical Facilities Domain includes all of the services used by an organization including HVAC, water, and _______________ detection.

internet

A Private Cloud Domain includes private servers, resources, and IT infrastructure available to members of an organization via the ______________________.

True

A RAID solution can be either hardware-based or software-based.

analyst

A Security __________________ configures firewalls and IDSs, implements security software, diagnoses and troubleshoots problems, and coordinates with systems and network administrators to ensure the proper implementation of security technology

redundant array of independent disks

A ____________________________________________________________________ combines multiple physical hard drives into a single logical unit to provide data redundancy and improve performance.

continuity

A business ________________ plan is a broader plan than a DRP because it includes getting critical systems to another location while repair of the original facility is under way.

N+1

A car has four tires and a spare tire in the trunk in case of a flat. This is a comparative example of ____________ Redundancy

(a)bureau (b)authenticate

A certificate authority functions the same as the licensing _____[a]_____. The CA issues digital certificates that _____[b]_____ the identity of organizations and users. These certificates also sign messages to ensure that no one tampered with the messages.

(a)root (b)subordinate

A certificate chain for a two tier CA contains an offline ____[a]____ CA and an online ______[b]______ CA.

a.computer-targeted b.computer-assisted c.computer-incidental

A computer may be involved in a cybercrime in different ways (per our reading). These include:

patches

A critical requirement of hardening operating systems is the application of security ___________________ and updates.

unauthorized

A data breach occurs anytime an _________________________ person copies, transmits, views, steals, or accesses sensitive information

passport

A digital certificate is equivalent to an electronic __________________. They enable users, hosts, and organizations to exchange information securely over the Internet.

exceptions

A fFirewall blocks incoming and outgoing network connections, unless ______________________________ are defined to open and close the ports required by a program

true

A hash tool uses a cryptographic hashing function to verify and ensure data integrity.

intrusion

A host _________________________ detection system is software that runs on a host computer that monitors suspicious activity.

true

A host-based solution is a software application that runs on a local host computer to protect it

false

A large file, application folder, or the contents of a disk drive, result in varying size hash values.

LAN

A misconfigured firewall represents what kind of common threat?

True

A network computing system may contain redundant equipment and still not be a fully redundant system

true

A packet analyzer can captures data transmitted on a network for legitimate purposes.

true

A packet sniffer can capture network traffic on both wired and wireless networks.

scanner

A port ____________________________ is an application that probes a device for open ports by sending a message to each port and waiting for a response.

recalculate

A potential attacker could intercept a hashed message, _________________ the hash, and append the hash to the message

N+1

A power generator that comes online when a main power source fails is an example of ________________ redundancy.

Limiting

A procedure that prohibits an employee from removing sensitive documents from the premises.

GLBA

A provision provides for opt-out methods so that individuals can control the use of informationprovided in a business transaction with an organization that is part of the financial institution.

farm

A server _______________ is a facility that houses hundreds or thousands of servers for companies

Diversity

A server containing the confidential pictures is in a locked room that requires a swipe card from one manufacturer and biometric authentication supplied by another manufacturer. This is an example of what defense?

PCI DSS

A set of contractual rules governing how to protect credit card data as merchants andbanks exchange the transaction

User-defined Integrity

A set of rules defined by a user which does not belong to one of the other categories

algorithms

A significant security improvement from WPA to WPA2 was the mandatory use of AES _________________

(a)counter cipher (b)message authentication code

A significant security improvement from WPA to WPA2 was the the introduction of _______________[a]_________________ Mode with Block Chaining ______________________[b]_______________________________ Protocol as a replacement for TKIP.

ports

A simple method that many administrators use to help secure the network from unauthorized access is to disable all unused ________________ on a switch.

utility

A single point of failure can be a special piece of hardware, a process, a specific piece of data, or even an essential __________________.

critical operation

A single point of failure is the point in a _______________________ that causes the entire operation to fail should it fail.

packets

A software firewall is a program that runs on a computer to allow or deny traffic between the computer and other connected computers. It applies a set of rules to data transmissions through inspection and filtering of data ________________.

bitlocker

A user can also choose to encrypt an entire hard drive in Windows using a feature called ______________________________.

weakness

A vulnerability scanner assesses computers, computer systems, networks, or applications for ____________________________.

(a)default (b)ports (c)active

A vulnerability scanner looks for the following types of vulnerabilities: Use of _____[a]_____ passwords or common passwords Missing patches Open _____[b]_____ Misconfiguration of operating systems and software _____[c]_____ IP addresses Note: no partial credit given

(a)audit (b)access

A(n) _____[a]_____ log tracks user authentication attempts. A(n) _____[b]_____ log provides all of the details on requests for specific files on a system.

intrusion prevention system

A(n) _______________________________________ can immediately detect and stop an attack.

true

AES superseded TKIP for even key management and encryption protection.

intellectual property

About SIIA: "The Software & Information Industry Association is the principal trade association for the software and digital content industry. SIIA provides global services in government relations, business development, corporate education and ____________________________ protection to the leading companies that are setting the pace for the digital age."

offensive security

About Us: "Kali Linux is an open source project that is maintained and funded by _______________________, a provider of world-class information security training and penetration testing services."

infrastructure

About: "InfraGard is a partnership between the FBI and members of the private sector. The InfraGard program provides a vehicle for seamless public-private collaboration with government that expedites the timely exchange of information and promotes mutual learning opportunities relevant to the protection of Critical ______________________________."

least privilege

According to the Principle of ______________________________, users should be limited to only the resources they need on a computer system or on a network.

HSRP

Actively selects an active device and a standby device for routing redundancy

(a)disgruntled (b)misconfigure

Activists, _____[a]_____ employees and industry competitors can delete data, destroy devices or _____[b]_____ devices to make data and information systems unavailable.

profile

Advanced threat intelligence is a type of event or _______________ data that can contribute to security monitoring and response.

eradicate

After identifying the breach, the organization needs to contain and __________________ it.

original state

After incident remediation, an organization needs to restore all systems to their ___________________ before the breach.

Domain Integrity

All data stored in a column must follow the same format and definition

entity integrity

All rows must have a unique identifier called a Primary Key

consequences

All users must be aware of security policies and _______________________ of not complying with the organization's policies

GLBP

Allows load balancing between a group of redundant routers

validate

Always _________________________ backups to ensure the integrity of the data.

binary

An 8-bit checksum calculates the hash by converting the message into ____________________ numbers

true

An ARO can be greater than 100% if a loss can occur more than once a year.

badge

An access _______________ allows an individual to gain access to an area with automated entry points. An entry point can be a door, a turnstile, a gate, or other barrier. Various technologies used include magnetic stripe, barcode, or biometrics.

lockout

An account _________________ Policy locks a computer for a configured duration when too many incorrect login attempts occur

appliance

An administrator can implement _____________________________-based content filtering, which is similar to router-based content filtering.

(a)configuration (b)services

An administrator hardens an operating system by modifying the default _____[a]_____ to make it more secure to outside threats. This process includes the removal of unnecessary programs and _____[b]_____.

false

An automated patch service provides administrators with a less controlled setting

true

An example of drop down master data controls is using a locations list from the U.S. postal address system.

Physical Facilities

An open lobby that allows a visitor to walk straight through to the inside facilities represent what kind of common threat?

Layering

An organization stores its confidential documents on a server in a building surrounded by an electronic fence. This is an example of what defense?

True

An organization's DRP restores mission critical systems first.

detection

Anomaly ___________________ refers to identifying patterns in data that do not conform to expected behavior.

patterns

Anomaly verification requires verification data requests or modifications when a system detects unusual or surprising _____________________.

True

Application resilience is the application's ability to react to problems in one of its components while still functioning.

standards

Asset _____________________ identify specific hardware and software products that the organization uses and supports

characteristics

Asset classification assigns all resources of an organization into a group based on common _______________________

lifecycle

Asset management manages the __________________ and inventory of technology assets including devices and software.

rogue

Attackers can target DNS servers in order to deny access to network resources or redirect traffic to ________________ websites

Public Cloud Domain

Attacking a federated identity repository represent what kind of common threat?

false

Avoid using SHA-1 and SHA-2 due to the discovery of security flaws.

grant

BJA Mission:"BJA provides leadership and services in ____________________ administration and criminal justice policy development to support local, state, and tribal law enforcement in achieving safer communities."

True

Backing up data is one of the most effective ways of protecting against data loss.

fingerprints

Because a hash value changes every time data is changed, cryptographic hash values are often called digital ___________________________.

motherboard

Before using BitLocker, a user needs to enable Trusted Platform Module (TPM) in the BIOS. The TPM is a specialized chip installed on the ________________________________.

revocation

Best practices for securing privileged accounts includes establishing a process for ______________________ of rights when employees leave or change jobs

gateway

Best practices for securing privileged accounts includes implementing a _________________ between the end-user and sensitive assets to limit network exposure to malware

True

Biometrics describes the automated methods of recognizing an individual based on a physiological or behavioral characteristic

(a)financial (b)data

Biometrics provides confidential _____[a]_____ transactions and personal _____[b]_____ privacy.

False

BitLocker To Go is similar to Bitlocker in that it uses a TPM chip

validation

Browsers and applications perform a ______________________ check before they trust a certificate to ensure they are valid.

processes

Businesses and consumers use IoT devices to automate _________________________, monitor environmental conditions, and alert the user of adverse conditions.

aerospace

COTS systems used in the _________________ and defense industry for battlespace communications networks provide access to the improved reliability, availability, and information processing of standardized equipment

computer security incident response team

CSIRT is the acronym for what term?

true

CSPRNGs generate a random number that has a high level of randomness and is completely unpredictable, so it is cryptographically secure.

True

Categorizing the impact level for a threat helps an organization realize the dollar impact of the threat.

passwords

Change the default _________________ before connecting any new appliance to a network.

web browser

Content control software restricts the content that a user can access using a ________________________ over the Internet.

integrity

Code signing is used to verify the _______________ of executable files downloaded from a vendor website.

smart

Commercial HVAC systems and other building management systems now connect to the Internet for remote monitoring and control. These systems are often called "__________________ systems"

a:virus b:patches c:password

Common NAC systems checks include: Updated _____[a]_____ detection Operating systems _____[b]_____ and updates Complex _____[c]_____ enforcement

True

Computer Fraud and Abuse Act was created in 1986

Obscurity

Concealing certain types of information makes it more difficult for cyber criminals to attack a system. This would be considered what type of defense?

false

Congress created FISMA in 2005 to change the U.S. government's approach to information security.

moral

Criminal laws enforce a commonly accepted _________________ code backed by the authority of the government.

a. The output has a fixed length. b. Two different input values will almost never result in the same hash values. e. The input can be any length. f. The hash function is one way

Cryptographic hash functions have the following properties:

certificates

Cyber criminals attack timeservers to disrupt secure communication that depends on digital _________________________ and to hide attack information like accurate time stamps.

agree

Cyber criminals may target videoconferencing equipment in order to eavesdrop on video calls.

True

Cyber criminals target IoT systems in order to intercept data or to affect performance and availability.

type

Data _____________ validation is the simplest data validation and verifies that a user entering data is consistent with the type of characters expected.

supply

Data centers should be on a different power ______________ from the rest of the building

will inherit new permissions

Data copied to a different volume

will inherit new permissions

Data copied to the same volume

masks

Data field validation via input ______________ prevents users from entering invalid data or help ensure that they enter data consistently.

true

Data integrity refers to the accuracy, consistency, and reliability of data stored in a database.

will inherit new permissions

Data moved to a different volume

will keep the original permissions

Data moved to the same volume

(a)reputation (b)liability

Data theft by users can cost organizations financially resulting in damage to an organization's _____[a]_____ or posing a legal _____[b]_____ associated with disclosure of sensitive information.

User

Data theft represents what kind of common threat?

true

Database anomaly detection can protect data from massive destruction or changes.

True

Destruction of systems, applications, or data may be accidental or deliberate

true

Device hardening involves implementing proven methods of physically securing network devices.

true

Digital certificates identify how long a certificate is valid.

true

Digital signatures can provide the same functionality as handwritten signatures.

verification

Digital signatures require two operations: Key generation & Key _____________________ Both operations require key encryption and decryption.

cloning

Disk _____________________ copies the contents of the computer's hard disk to an image file.

format

Domain integrity enforcement can be as simple as choosing the correct data type, length and or ____________ for a column.

true

Domain integrity ensures that all the data items in a column fall within a defined set of valid values.

True

Downtime can be caused by application errors, infrastructure failures, application upgrades, and patching.

utilitarian

During the 19th century, Jeremy Benthan and John Stuart Mill created _________________________ Ethics. The guiding principle is that any actions that provide the greatest amount of good over bad or evil are ethical choices.

Agree

Educate users annually on policies, staff manuals, and handbook updates.

False

Electronic Privacy Information Center (EPIC) promotes privacy and open government laws and policies globally and focuses on US-China relations.

VRRP

Elects a virtual router master

Limiting

Employees in the the shipping department do not need access to marketing presenations to perform their jobs. This is an example of what defense?

LAN

Exploits of data in-transit represent what kind of common threat?

tolerance

Fault _____________________ enables a system to continue operating if one or more components fail.

True

Federal IT systems are the largest creator and user of information within the United States.

99.999

Five nines mean that systems and services are available _________________ % of the time.

5.26

Five nines means that both planned and unplanned downtime is less than ____________ minutes per year

100

GPS tracking can pinpoint a location within __________________ meters.

true

Good risk mitigation finds a balance between the negative impact of countermeasures and controls and the benefit of risk reduction.

true

HIDS stores all log data locally.

True

HMAC defeats man-in-the-middle attacks and provides authentication of the data origin.

True

HMACs can be used for web user authentication.

secret

HMACs use an additional _______________ key as input to the hash function.

heating, ventilation, and air conditioning

HVAC systems control the ambient environment including temperature, humidity, airflow, and air filtering. HVAC is the acronym for what?

misconfiguration

Hardware failures threats to data and information availability include hard drive crashes or firewall _______________________________.

downtime

Hardware monitoring systems are used to monitor the health of these systems and to minimize server and application ________________

True

Hardware-monitoring systems have become an essential security countermeasure

one-way

Hash functions are ______________ functions. It is computationally infeasible for two different sets of data to come up with the same output

digest

Hashing is a tool that ensures data integrity by taking binary data and producing a fixed-length representation called the hash value or message _________________.

false

Hashing is relatively easy to compute and equally easy to reverse.

man-in-the-middle

Hashing is vulnerable to ______________________ attacks and does not provide security to transmitted data.

false

High availability refers to a system or component that is continuously nonoperational for a given length of time

True

Higher frequency RFID systems are more sensitive to radio wave interference.

False

Higher frequency RFID systems have a faster data transfer rate and shorter read ranges.

entry

Human error threats to data and information availability include actions such as an employee that makes inadvertent data _________ errors

reporting

IC3 Mission Statement: "The mission of the Internet Crime Complaint Center is to provide the public with a reliable and convenient _______________________ mechanism to submit information to the Federal Bureau of Investigation concerning suspected Internet-facilitated criminal activity and to develop effective alliances with law enforcement and industry partners."

False

IDS device is physically positioned in the network so that traffic must be diverted in order to reach it.

False

IDS is a better solution than IPS

11i

IEEE 802.__________ is now the industry standard for securing WLANs.

traffic flows

IPFIX is a standard format for exporting router-based information about network _____________________ to data collection devices

False

IPS allows malicious traffic to pass before addressing the problem.

accept the risk and periodaccly re-assess

Identify one common way to reduce risk (as presented in our reading):

identify assets and their value

Identify one risk analysis has goal:

ports

If a network cable or switch fails, STP recalculates available paths and unblocks necessary _____________ to allow a redundant path to become active.

True

If an organization does not standardize its hardware selection, personnel may not easily find a replacement component

simplicity

If an organization implements complex systems that are hard to understand and troubleshoot, it may actually backfire. What type of defense best alleviates this issue?

thaw

If the administrator needs to change a system's configuration, they must first ______________________ the protected partition by disabling Deep Freeze.

True

Implement logging to manage threats to applications.

Agree

Implementing an idle timer that will automatically log the user out and lock the screen after a specified period is typically good security practice.

(a):loading (b):refuse

In a highly secure environment, an organization should place video and electronic surveillance at all entrances, exits, _____[a]_____ bays, stairwells and _____[b]_____ collection areas.

secpol.msc

In all versions of Windows except Home edition, enter _______________ at the Run command to open the Local Security Policy tool.

antivirus

In regards to IT disaster recovery, Detective controls include using up-to-date _______________ software.

documents

In regards to IT disaster recovery, corrective controls include keeping critical _______________________ in the disaster recovery plan.

monitoring

In regards to IT disaster recovery, detective controls include installing server and network ____________________ software

surge protectors

In regards to IT disaster recovery, preventative controls include keeping data backed up, keeping data backups off-site, using ____________________, or installing generators

True

In some situations, an organization may want employees to log in only during specific hours.

response

Incident _______________ is the procedures that an organization follows after an event occurs outside the normal range.

source

Incident analysis helps to identify the _________________, extent, impact, and details of a data breach

true

Incident containment efforts include the immediate actions performed such as disconnecting a system from the network to stop the information leak.

True

Many DoS attacks use ICMP as part of the attack

true

Many industry specific laws have a security and/or a privacy component.

trustworthy

Integrity ensures that data remains unchanged and __________________ by anyone or anything over its entire life cycle.

true

It may take several different programs and multiple scans to remove all malicious software completely from a computer.

linux

Kali _______________ incorporates more than 300 penetration testing and security auditing programs.

Physical Facilities

Lack of surveillance represents what kind of common threat?

national vulnerability database

Launched by NIST in 2005, the US _____________________________________________________ (or NVD for short) provides a vulnerability database of enhanced CVE content that is fully synchronized with the CVE List, so any updates to the CVE List appear immediately in NVD.

guard shelters

List one component of a perimeter security system (as discussed in our reading):

barbed wire

List one type of "top guard" used with fencing:

True

Logs are useful for performing auditing analysis and identifying trends and long-term problems.

simple

MBSA checks blank, _______________________, or non-existent passwords

128

MD5 is a complex sequence of simple binary operations performed on input data to produce a _______________ bit hash value

message digest 5

MD5 is short for what?

warning

Malicious rogue antivirus products may appear like an actual Windows _______________________________ window

Devices

Malware represents what kind of common threat?

true

Manage threats to a private cloud domain by disabling probing and port scanning.

disaster recovery plan

Manage threats to physical facilities by developing a _____________________________________________ plan.

guests

Manage threats to physical facilities by establishing policies and procedures for ___________________ visiting the facility.

asset

Manage threats to physical facilities by implementing an _________________ tagging system.

physical

Manage threats to physical facilities by testing building security using both cyber and ____________________ means to covertly gain access.

service pack

Manufacturers may combine patches and upgrades into a comprehensive update application called a _______________________.

download

Many network and workstation infections and attacks trace back to users who ___________________ unauthorized emails, photos, music, games, apps, programs and videos to workstations, networks, or storage devices.

cable locks

Many portable devices and expensive computer monitors have a special steel bracket security slot built in to use in conjunction with __________________________.

VPPA

Many privacy advocates consider this law to be the strongest U.S. privacy law.

strikes a.Labor events walkouts a.Labor events vandalism c.Social-political events protests c.Social-political events sabotage c.Social-political events terrorism c.Social-political events war c.Social-political events fire b.Materials events power failures d.Utilities disruptions fuel shortages d.Utilities disruptions

Match the human-caused disasters with it's corresponding category:

earthquake b.Geological tsunamis b.Geological volcano b.Geological hurricane d.Meteorological tornado d.Meteorological lightning d.Meteorological pandemic a.Health quarantine a.Health floods c.Miscellaneous fire c.Miscellaneous

Match the natural disasters with it's corresponding category:

ping

Mitigate LAN threats by Disabling _____________ and port scanning

encryption

Mitigate LAN threats by Implementing ____________________________ between devices and wireless networks.

penetration tests

Mitigate LAN threats by conducting post-configuration _______________________________

credentials

Mitigate LAN threats by denying access for data centers to anyone without the proper _____________________.

unknown

Mitigate Private Cloud threats by monitoring implementing file transfer monitoring and scanning for ______________ file types.

traffic

Mitigate Private Cloud threats by monitoring inbound IP ___________________ anomalies.

disaster recovery plan

Mitigate common threats to applications by developing a _______________________________________ plan for critical applications.

awareness

Mitigate social engineering attacks on a public cloud domain by completing ____________________ programs

(a)severity (b)file permissions

Mitigation involves reducing the _____[a]_____ of the loss or the likelihood of the loss from occurring. Many technical controls mitigate risk including authentication systems, _____[b]_____, and firewalls.

radio

Mobile devices transmit data using ________________ signals that any device with a compatible antenna can receive.

incrementally

Modern methodologies reduce risk by developing software ______________________ and providing regular updates and patches.

humidity

Most physical computer hardware devices come with environmental requirements that include acceptable temperature and ____________________ ranges.

a.device b.quarantines

NAC evaluates an incoming _____[a]_____ against the policies of the network. NAC also _____[b]_____ systems that do not comply and manages the remediation of noncompliant systems.

1. Develop the policy statement 2. Conduct the business impact analysis 3. Calculate risk 4. Identify preventive controls 5. Develop recovery strategies 6. Develop the contingency plan 7. Test the plan 8. Maintain the plan

NIST developed a "best practices" for Business Continuity. Place these steps in the proper order as presented in our reading (and from NIST):

true

No technical solution, controls or countermeasures make information systems any more secure than the behaviors and processes of the people who use these systems.

standard

Non-________________ environments require more expertise to manage and they increase the cost of maintenance contracts and inventory.

Asynchronous Replication

Not synchronized in real time but close to it Requires less bandwidth Sites can be further apart because latency is less of an issue

true

On a hashed based authentication system, a user password hash match grants user access to a system

true

On a hashed based authentication system, passwords are never stored to a local hard drive.

True

One benefit of RFID asset tags is that they can track any asset that physically leaves a secure area.

inactivity

One method of managing device threats includes enabling screen lockout during times of ______________________.

patching

One method of managing device threats includes updating and/or ____________________ all operating systems and software applications.

lockout

One method of managing user threats includes Implementing access control __________________ procedures based on AUP monitoring and compliance.

domain

One method of managing user threats includes content filtering to permit or deny specific _________________ names in accordance with Acceptable Use Policies

media

One method of managing user threats includes enabling automatic antivirus scans for inserted _______________ drives, files, and email attachments.

true

One of the most vulnerable aspects of database integrity management is controlling the data input process.

uptime

Organizations measure availability by percentage of ____________________.

false

Outsourcing services, purchasing insurance, or purchasing maintenance contracts are all examples of risk avoidance.

SOX

Overhauled financial and corporate accounting standards and specifically targeted thestandards of publicly traded firms in the United States.

intercept

Packet analyzers ____________________ and log network traffic

true

Passwords need to be long enough to make the time it takes to execute a brute-force attack too long to be worthwhile

code

Patches are ________________ updates that manufacturers provide to prevent a newly discovered virus or worm from making a successful attack.

(a)network (b)permission

Pen testing involves a cybersecurity specialist that hacks a website, _____[a]_____, or server with the organization's _____[b]_____ to try to gain access to resources with the knowledge of usernames, passwords, or other normal means.

False

Pen testing is the same as vulnerability testing.

malicious

Penetration testing is a method of testing the areas of weaknesses in systems by using various ____________________ techniques

ethical

Penetration testing is also known as ____________________ hacking.

switches

Port security on these devices limits the number of valid MAC addresses allowed on a port.

brownout

Power degradation includes ______________, which are prolonged low voltage issues

inrush

Power degradation includes ___________________ current, which is an initial surge of power

Physical Facilities

Power interruptions represent what kind of common threat?

(a)multifactor (b)passwords (c)smartcards

Prevent data breeches by using _____[a]_____ authentication, encryption, one-time _____[b]_____, phone-based authentication, and _____[c]_____ .

intellectual

Prevent loss or theft of _______________________ property with due diligence, use of encryption, and data backups.

elevated

Privileged accounts have the credentials to gain access to systems and they provide _____________________, unrestricted access.

data

Proper incident detection includes how the incident occurred, what _______________ it involved, and what systems it involved

1.Determine the proper asset identification category 2.Identifying the owner for all information assets and application software 3.Determine the criteria for classification 4.Implement a classification schema

Properly order the following steps to identify and classify the assets of an organization:

HSRP

Provides high network availability by providing first-hop routing redundancy

false

Qualitative risk analysis assigns numbers to the risk analysis process.

false

Quantitative risk analysis uses opinions and scenarios.

True

RAID takes data that is normally stored on a single disk and spreads it out among several drives.

asset

RFID can help automate _______________ tracking or wirelessly configure electronic devices.

True

RFID tags do not need to be visible to scan.

False

RFID tags need a battery to store information.

routing

RIP vulnerabilities include advertising bogus ________________ information and claiming a route to a particular unused host

false

Referential integrity maintains the integrity of primary keys.

consquences

Regulations establish rules designed to address _______________________________ in a rapidly changing society enforcing penalties for violating those rules.

3389

Remote Desktop used which port number (by default)?

Assistance

Remote ___________________ allows the customer to view the repair or upgrade in real time on the screen.

Assistance

Remote ____________________ allows technicians to assist customers with problems from a remote location

Desktop

Remote _____________________ allows technicians to view and control a computer from a remote location.

True

Remote access refers to any combination of hardware and software that enables users to access a local internal network remotely.

true

Remote users accessing an organization's infrastructure may download sensitive data via a Private Cloud Domain.

client

Remote-access users must have a VPN ___________________ installed on their computers to form a secure connection with the corporate private network.

GLBA

Restricts information sharing with third-party firms.

false

Reverse Lookup tables sacrifice hash-cracking speed to make the lookup tables smaller.

true

Risk mitigation can have a negative impact on the organization.

True

SCAP is a method for using specific standards to automate vulnerability management, measurement, and policy compliance evaluation

security content automation protocol

SCAP is the acronym for what?

False

SCAP uses proprietary standards to enumerate security software flaws and configuration issues.

defense

SEI is a Federally Funded Research and Development Center sponsored by the U.S. Department of _____________________.

secure hash algorithm

SHA is short for what?

false

SHA-1 algorithms are the secure hash algorithms that the U.S. Government requires by law for use in sensitive unclassified information.

22

SSH uses what TCP port?

true

STP intentionally blocks redundant paths

true

Salt added to a hash does not have to be secret since it is a random number.

(a)cellular (b)workplace

Sections of The Electronic Communications Privacy Act (ECPA) address email, _____[a]_____ communications, _____[b]_____ privacy, and a host of other issues related to communicating electronically.

wiring

Secure ________________ closets, data centers, and computer rooms.

instantaneous

Security guards are the best solution for access control when the situation requires an _______________________ and appropriate response.

true

Shared key authentication provides mechanisms to authenticate and encrypt data between a wireless clients and AP or wireless routers.

hash

Signing a ______________ instead of the whole document provides efficiency, compatibility, and integrity.

(a)web browser (b)applications (c)virtualized

Software as a service (SaaS) is a subscription-based model that provides access to software that is centrally hosted and accessed by users via a _____[a]_____. Platform as a service (PaaS) provides a platform that allows an organization to develop, run, and manage its _____[b]_____ on the service's hardware using tools that the service provides. Infrastructure as a service (IaaS) provides _____[c]_____ computing resources such as hardware, software, servers, storage and other infrastructure components over the Internet.

true

Software security vulnerabilities provide weaknesses that cyber criminals can exploit

Synchronous Replication

Synchronizes both locations in real time Requires high bandwidth Locations must be close together to reduce latency

redundant

System resiliency generally requires __________________ systems, in terms of both power and processing.

True

System resiliency is more than hardening devices; it requires that both data and services be available even when under attack.

True

System resiliency is the ability to maintain availability during disruptive events.

referential Integrity

Table relationships must remain consistent

Limiting

Technology-based solutions such as file permissions are one of ________________ access

(a)plaintext (b)encrypted

Telnet is an older protocol that uses unsecure _____[a]_____ transmission of both the login authentication. Secure Shell (SSH) is a protocol that provides a secure _____[b]_____ management connection to a remote device.

23

Telnet uses what TCP port?

one

The 8-bit checksum 2's complement converts a binary to its opposite value, and then it adds ___________

(a)non-profit (b)education

The Advanced Cyber Security Center (ACSC) is a _____[a]_____ organization that brings together industry, academia, and government to address advanced cyber threats. The organization shares information on cyber threats, engages in cybersecurity research and development, and creates _____[b]_____ programs to promote the cybersecurity profession.

commerce

The Bureau of Industry and Security in the U.S. Department of ____________________________ now controls non-military cryptography exports

(a)software (b)networked

The CERT Division of SEI studies and solves problems in the cybersecurity arena including security vulnerabilities in _____[a]_____ products, changes in _____[b]_____ systems, and training to help improve cybersecurity.

show secure bootset

The Cisco IOS command _______________________________ activates IOS image resilience.

true

The Common-Good Approach proposes that the common good is whatever benefits the community.

true

The Computer Ethics Institute (CEI) created Ten Commandments of Computer Ethics

computer

The Computer Fraud and Abuse Act (CFAA) criminalizes the use of a ____________________ in a crime that is interstate in nature.

commerce

The Computer Fraud and Abuse Act (CFAA) makes it a crime to knowingly access a computer considered either a government computer or a computer used in interstate _________________, without permission.

budapest convention on cybercrime

The Convention on Cybercrime is also known as the _______________________________________________________

True

The Convention on Cybercrime was the first international treaty on Internet crimes

true

The ISC identifies sites used for attacks and provides data on the types of attacks launched against various industries and regions of the world.

log entries

The Internet Storm Center (ISC) gathers millions of _____________________ from intrusion detection systems every day using sensors covering 500,000 IP addresses in over 50 countries.

True

The Interwork Operating System (IOS) for Cisco routers and switches includes a resilient configuration feature.

domain

The LAN ______________________ requires strong security and access controls since users can access the organization's systems, applications, and data from the LAN domain.

scoring

The NVD uses the Common Vulnerability ________________ System to assess the impact of vulnerabilities.

privacy

The Rights Approach to ethics looks at how an action affects the rights of others to judge whether an action is right or wrong. These rights include the right to truth, _________________, safety, and that society applies laws fairly to all members of society.

False

The SOC is ground zero for network troubleshooting, performance monitoring, software distribution and updates, communications management, and device management.

carnegie mellon

The Software Engineering Institute (SEI) at _______________________________________ University helps government and industry organizations to develop, operate, and maintain software systems that are innovative, affordable, and trustworthy.

Specified Answer for: 1 harm Specified Answer for: 2 interfere Specified Answer for: 3 snoop Specified Answer for: 4 steal Specified Answer for: 5 false Specified Answer for: 6 proprietary Specified Answer for: 7 compensation Specified Answer for: 8 intellectual Specified Answer for: 9 program Specified Answer for: 10 respect

The Ten Commandments of Computer Ethics (as created by CEI): 1. Thou Shalt Not Use A Computer To _____[1]_____ Other People. 2. Thou Shalt Not _____[2]_____ With Other People's Computer Work. 3. Thou Shalt Not _____[3]_____ Around In Other People's Computer Files. 4. Thou Shalt Not Use A Computer To _____[4]_____ . 5. Thou Shalt Not Use A Computer To Bear _____[5]_____ Witness. 6. Thou Shalt Not Copy Or Use _____[6]_____ Software For Which You have Not paid. 7. Thou Shalt Not Use Other People's Computer Without Authorization Or Proper _____[7]_____ . 8. Thou Shalt Not Appropriate Other People's _____[8]_____ Output. 9. Thou Shalt Think About The Social Consequences of The _____[9]_____ You Are Writing or The System You Are Designing. 10. Thou Shalt Use A Computer In Ways That Insure Consideration and _____[10]_____ For Your Fellow Humans.

common vulnerabilities and exposure

The United States Computer Emergency Readiness Team (US-CERT) and the U.S. Department of Homeland Security sponsor a dictionary of _______________________________________ (also known as CVE).

false

The WEP standard became a Wi-Fi security standard in 2006

False

The Windows installation process enables remote desktop by default.

public

The _______________ Cloud Domain includes services hosted by a cloud provider, service provider, or Internet provider

mitre

The ___________________ Corporation maintains the CVE List and its public website

security

The ______________________ Operation Center (SOC) is a dedicated site that monitors, assesses, and defends the organization's information systems such as websites, applications, databases, data centers, networks, servers, and user systems.

default gateway

The _______________________________ is typically the router that provides devices access to the rest of the network or to the Internet. If there is only one router serving in this role, it is a single point of failure.

global positioning

The ______________________________________ System uses satellites and computers to determine the location of a device.

chief information security officer

The _________________________________________ is the top information security officer reporting to the CIO. The CISO is a business manager first, technologist second.

annualized rate of occurrence

The ____________________________________________ is the probability that a loss will occur during the year (also expressed as a percentage).

national vulnerability database

The ________________________________________________________ is a U.S. government repository of standards-based vulnerability management data that uses SCAP.

first-hop

The ability of a network to dynamically recover from the failure of a device acting as a default gateway is known as ________________ redundancy.

foreign

The basis of referential integrity is ______________ keys. A _____________ key in one table references a primary key in a second table.

annual loss expectancy

The calculation of ALE gives management some guidance on what it should spend to protect assets. What is ALE?

agree

The cybersecurity specialist needs to understand how the law and the organization's interests help to guide ethical decisions.

forensics

The field of digital _________________ uses hashing to verify all digital media that contain files.

true

The goal of any security conscience organization is to minimize the downtime of mission critical processes

false

The length of a salt string should be smaller than the length of the hash function's output.

crossover

The most widely used method to measure the accuracy of biometric authentication is the ______________________ Error Rate.

True

The primary reason that an organization uses pen testing is to find and fix any vulnerability before a cyber criminal finds and exploits said vulnerability.

network admission control

The purpose of ___________________________________ allows authorized users with compliant systems access to a network. A compliant system meets all of the policy requirements of the organization.

false

The two types of vulnerability scanners available software-based and hardware-based.

deep freezing

With ________________, any applications installed or files saved are lost when the system restarts.

media

The use of unauthorized _______________________ like CDs, USB drives and network storage devices can result in malware infections and attacks.

vulnerabilities

Threat identification begins with the process of creating a CVE Identifier for publicly known cybersecurity ______________________________ .

switches

Threats to these devices include attacks against network protocols like ARP/STP.

Routers

Threats to these devices include attacks against network protocols like RIP/OSPF.

False

Tier 2 staff are considered subject matter experts.

diversity

To accomplish a goal of _____________________, organizations can use security products manufactured by different companies for multifactor authentication.

virtual private network

To communicate and share resources over a network that is not secure, users employ a ______________________________________.

password

To crack a hash, an attacker must guess the _____________________.

false

To maintain availability, a security solution should be complex from the inside and from the outside.

mutual

To prevent rouge access points, the computer industry developed ____________________ authentication, also called two-way authentication

False

To use BitLocker, at least three volumes must be present on a hard disk.

offsite

Transport backups to an approved _______________________ storage location on a daily, weekly, or monthly rotation, as required by security policy.

true

Unapproved or non-compliant software may not be malicious.

True

Unauthorized VPNs can hide the theft of unauthorized information.

scripts

User threats may include unauthorized websites. A website may prompt a visitor to download __________________ or plugins that contain malicious code or adware.

Agree

Users are often the weakest link in the information security systems and pose a significant threat to the confidentiality, integrity, and availability of the organization's data.

sensitive

Users must be aware of _______________________ data, security policies and procedures, technologies and countermeasures provided to protect information and information systems.

False

Using GPS to locate a cell phone without the user's permission is legal.

stretching

Using a technique called key __________________ will also help to protect against attack. This technique makes the hash function very slowly.

8f

Using the 8-bit Checksum (Simple Hash Algorithm) provided in reading section 5.1.1.3, what is the hash value for the message CISCO

electrical power

Utility interruptions include a(n) _____________________ failure.

gateways

VPN _______________________ establish, manage, and control VPN connections.

detection

Video and electronic surveillance can incorporate motion __________________ and notification.

True

Video and electronic surveillance can supplement (and in some cases - replace) security guards.

log

Video and electronic surveillance have the ability to record and _______________ surveillance videos and data for long periods

telecommunication

Videoconferencing allows two or more locations to communicate simultaneously using __________________________ technologies.

(a)registration (b)proxy (c)hijacking

VoiP _____[a]_____ spoofing routes all incoming calls for the victim to cyber criminals. VoiP _____[b]_____ impersonating tricks the victim into communicating with a rogue proxy set up by the cyber criminals. VoiP call _____[c]_____ intercepts and reroutes to a different path before reaching the destination. Note: no partial credit given for this question

PCI DSS

Voluntary standard (in theory) and merchants/vendors can choose whether they wish toabide by the standard

True

Vulnerability scanners help automate security auditing.

message integrity

WPA provided ___________________________________ checks which could detect if an attacker had captured and altered data passed between the wireless access point and a wireless client.

verify /md5

What Cisco command verifies the integrity of IOS images used on Cisco routers?

law enforcement

What We Do: "NW3C provides a nationwide support system for ___________________________ and regulatory agencies involved in the prevention, investigation and prosecution of economic and high-tech crime."

a.common c.statutory e.administrative

What are the primary sources of laws and regulations in the United States?

True

With Windows Active Directory, account policies are automatically set when a user logs in to Windows.

4

What is the minimum number of disks in a RAID 0+1 ?

2

What is the minimum number of disks in a RAID 1 ?

3

What is the minimum number of disks in a RAID 5 ?

flame malware

What malware compromised the security of MD5 in 2012?

local

When a computer is not part of an Active Directory domain, the user configures policies through Windows _______________ Security Policy.

18

When a student turns _____________ years old or enters a postsecondary institution at any age, students rights under FERPA transfer from the student's parents to the studen

database

When a user creates an account, the system hashes the chosen password and stores the hash in a __________________.

True

When administrators eliminate applications or hardware that do not meet the objectives and guidelines, they are effectively increasing security.

True

When an organization chooses to reduce risk, it may design a new business process with adequate built-in risk control.

commercial off-the-shelf

When discussing asset and systems standardization, COTS is short for what?

Agree

When physically protecting computer equipment, keep telecommunication rooms locked

fault tolerant hardware

Which type of system design (listed below) is the most complex and most costly ??? Fault tolerant hardware Cluster architecture Backups

U.S National institute of standards and technology

Who developed SHA?

True

With EFS, only the user that encrypted the data will be able to access the encrypted files or folders.

(a)parity (b)striping (c)mirroring

With RAID: _____[a]_____ detects data errors. _____[b]_____ writes data across multiple drives. _____[c]_____ stores duplicate data on a second drive.

pre-shared key

With WPA-PSK, the PSK is short for what?

local server

With an automated patch update service, a computer system can get get an update from a(n) ____________________________.

date

With an automated patch update service, administrators can force the update of systems for a specific ___________________

(a)public (b)trust

With digital certificates, an individual gets a certificate for a _____[a]_____ key from a commercial CA. The certificate belongs to a chain of certificates called the chain of _____[b]_____.

chain

With digital certificates, path validation selects a certificate of the issuing CA for each certificate in the _____________.

cluster

With high availability systems, if a server within a(n) _________________ fails, other servers continue to process the same service as the failed device.

substations

With redundant power sources, two or more feeds originate from two or more electrical __________________.

true

With referential integrity a user cannot delete a record which is related to another one.

(a):points (b):failures

With the Five Nines, ensuring high availability includes eliminating ________[a]_________ of failure, designing for reliability, and detecting _____[b]_____ as they occur.

true

With the Five Nines, sustaining high availability can potentially increase the likelihood of failed components.

unattended

Workstations left powered on and ________________________ pose a risk of unauthorized access to network resources.

509

X.______________ is a standard for a PKI to manage digital certificates.

a:asset b:security

_____[a]_____ management includes a complete inventory of hardware and software. This means that the organization needs to know all of components that can be subject to _____[b]_____ risks.

salting

_________________ also makes it impossible to use lookup tables and rainbow tables to crack a hash.

null

_________________ in a database signifies missing or unknown values.

routers

__________________ communicate with one another to identify the best possible path to deliver traffic to different networks.

netflow

__________________ is a Cisco IOS technology that provides statistics on packets flowing through a Cisco router or multilayer switch.

Layering

__________________ is creating a barrier of multiple defenses that coordinate together to prevent attacks.

salting

___________________ creates a different hash result for two users who have the same password.

VLANS

____________________ use logical connections instead of physical connections.

firewalls

______________________ are hardware or software solutions that enforce network security policies.

asymmetric

______________________ cryptography is the basis for digital signatures.

resiliency

______________________ is the methods and configurations used to make a system or network tolerant of failure.

spanning tree

_________________________ Protocol prevents loops on a network when switches interconnect via multiple paths.

non-repudiation

_________________________ is a way to ensure that the sender of an electronic message or electronic document cannot deny having sent the message or document and that the recipient cannot deny having received the message or document.

access points

______________________________ are the devices that communicate with a wireless devices and connect them back to a wired network.

network time protocol

________________________________________ is a protocol that synchronizes the clocks of computer systems over data networks.

encrypting file system

__________________________________________________ is a Windows feature that can encrypt data.

microsoft baseline security analyzer

___________________________________________________ assesses missing security updates and security misconfigurations in Microsoft Windows.

public key infrastructure

_______________________________________________________________ (PKI) is the policies, roles, and procedures required to create, manage, distribute, use, store, and revoke digital certificates.

neutral

a CA acts as ______________ third party for individuals exchanging identification. The CA does an in-depth investigation prior to the issuance of credentials.

True

a post-incident follow-up should be conducted after a full recovery of all operations and data are completed.

monitors

administer the security tools perform a security monitoring function improve processes

Modify

allows users to change and delete existing files and folders, but they cannot create new ones

Write

allows users to create new files and folders and make changes to existing files and folders

Full control

allows users to see the contents of a file or folder, change and delete existing files and folders,create new files and folders, and run programs in a folder

Read

allows users to see the contents of a folder and open files and folders

read and Execute

allows users to see the contents of existing files and folders and can run programs in a folder

CFAA

amendment to the Comprehensive Crime Control Act of 1984 prohibits the unauthorized accessof a computer

COPPA

applies to the online collection of personal information by persons or entities under U.S.jurisdiction from children under 13 years of age

Application accounts

ave broad access to company information residing in applications and databases

check digit

provides for an extra calculation to generate a check digit for error detection

consistency

checks for the consistency of codes in related data items

range

checks that data lies within a minimum and maximum value

format

checks that the data conforms to a specified format

size

checks the number of characters in a data item

news media industry

communicate information on events as they happen

Privileged user accounts

credentials that give administrative privileges on one or more systems, they are used across allmanaged systems, and it is common practice to monitor the use of these accounts.

True

cybersecurity specialists help protect personal data and the ability to use network based services.

retail industry

efficient supply chains and the delivery of products to customers

FOIA

enables public access to U.S. government records. This law carries a presumption of disclosure,so the burden is on the government as to why it cannot release the information.

Privacy Act of 1974

establishes a Code of Fair Information Practice that governs the collection, maintenance, use,and dissemination of personally identifiable information about individuals that is maintainedin systems of records by federal agencies

true

if an administrator denies permissions to a network share for an individual or a group, this denial overrides any other permission settings.

eavesdropping

implement VoIP security by encrypting voice message packets to protect against _____________________.

finance industry

maintain high availability for continuous trading, compliance, and customer trust

VPPA

protects an individual from having the video tapes, DVD's and games rented disclosed to anotherparty

CIPA

protects children under the age of 17 from exposure to offensive Internet content and obscenematerial

Domain administrative accounts

provide control over all domain controllers to modify domain membership

definers

provide policies, guidelines, and standards include consultants who do risk assessment and develop the product technical architectures within an organization who have a broad knowledge senior level individuals within an organization who have a broad knowledge

Domain administrative accounts

provide privileged administrative access to workstations and servers within a Windows domain

public safety industry

provide security and services to a community, state, or nation

Emergency accounts

provide unprivileged user administrative access to secure systems and are used in the case ofan emergency

Local administrative accounts

provide unrestricted access to the local host and are used to perform maintenance onworkstations, servers, databases, and network devices.

healthcare facilities

require high availability to provide around-the-clock care for patients

HIPAA

standards mandate safeguards for physical storage, maintenance, transmission, and accessto individuals' health information

California SB 1386

state law regarding the notification of the unauthorized disclosure of personally identifiableinformation

builders

techies who create and install security solutions

network

the _________________ Operation Center (NOC) is one or more locations containing the tools that provide administrators with a detailed status of the organization's network.

FERPA

this federal law gave students access to their education records

Agree

tie security awareness to performance review objectives.

services

to limit cyber criminal exploits, remove any unnecessary ______________ on a system because these criminals know that most devices run more than they need.

True

to measure the overall effectiveness of an operation center, an organization will conduct realistic drills and exercises.

Service accounts

used by an application or service to interact with the operating system and can have domainadministrative privileges

Application accounts

used by applications to access databases, run scripts, or provide access to other applications


Related study sets

Assignment 7 ECON 121 (Chapter 30)

View Set

History 100 GR1 Review, History 100 GR 2

View Set

Biology 107- What is Anatomy and Physiology?

View Set

Chapter 1: The World of Innovative Management assignments

View Set