Cybersecurity Midterm
databases
A collection of related data stored in a structured form and usually managed by specialized systems.
b
A computer is the _____ of an attack when it is used to conduct an attack against another computer. a. object b. subject c. facilitator d. target
a
A(n) _____ is a document containing contact information for the people to be notified in the event of an incident. a. alert roster b. phone list c. call registry d. emergency notification system
Utility
An attribute of information that describes how data has value or usefulness for an end purpose.
Availability
An attribute of information that describes how data is accessible and correctly formatted for use without interference or obstruction.
accuracy
An attribute of information that describes how data is free of errors and has the value that the user expects.
authentic
An attribute of information that describes how data is genuine or original rather than reproduced or fabricated.
Confidentiality
An attribute of information that describes how data is protected from disclosure or exposure to unauthorized individuals or systems.
integrity
An attribute of information that describes how data is whole, complete, and uncorrupted.
possession
An attribute of information that describes how the data's ownership or control is legitimate or authorized.
chief information officer (CIO)
An executive-level position that oversees the organization's computing technology and strives to create efficiency in the processing and access of the organization's information.
availability disruption
An interruption or disruption in service, usually from a service provider, which causes an adverse event within an organization.
media
As a subset of information assets, the systems, technologies, and networks that store, process, and transmit information.
information
Data that has been organized, structured, and presented to provide additional insight into its context, worth, and usefulness.
d
Human error or failure often can be prevented with training, ongoing awareness activities, and _____. a. threats b. hugs c. paperwork d. controls
noise
In incident response, alarm events that are accurate and noteworthy but do not pose significant threats to information security; also, the presence of additional and disruptive signals in network communications or electrical power delivery.
computer security
In the early days of computers, this term specified the protection of the physical location and assets associated with computer technology from outside threats, but it later came to represent all actions taken to protect computer systems from losses.
Data trustees
Individuals who are assigned the task of managing a particular set of information and coordinating its protection, storage, and use.
data custodians or data stewards
Individuals who are responsible for the storage, maintenance, and protection of information.
d
Individuals who control and are responsible for the security and use of a particular set of information are known as data _____. a. custodians b. users c. trustees d. owners
Data owners
Individuals who control, and are therefore ultimately responsible for, the security and use of a particular set of information.
personally identifiable information (PII)
Information about a person's history, background, and attributes that can be used to commit identity theft. This information typically includes a person's name, address, Social Security number, family information, employment history, and financial information.
Protecting the organization's ability to function Protecting the data and information the organization collects and uses, whether physical or electronic Enabling the safe operation of applications running on the organization's IT systems Safeguarding the organization's technology assets
Information security performs four important functions for an organization:
data users
Internal and external stakeholders (customers, suppliers, and employees) who interact with information in support of their organization's planning and operations.
data
Items of fact collected by an organization; includes raw numbers, facts, and words.
champion team leader security policy developers risk assessment specialists security professionals systems administrators end users
Members of the information security project team fill the following roles:
d
Most common data backup schemes involve _____. a. RAID b. disk-to-disk-to-cloud c. neither a nor b d. both a and b
intellectual property (IP)
Original ideas and inventions created, owned, and controlled by a particular person or organization; IP includes the representation of original ideas.
information security
Protection of the confidentiality, integrity, and availability of information assets, whether in storage, processing, or transmission, via the application of policy, education, training and awareness, and technology.
d
Redundancy can be implemented at a number of points throughout the security architecture, such as in _____. a. firewalls b. proxy servers c. access controls d. All of the above
c
Risk _____ defines the quantity and nature of risk that organizations are willing to accept as they evaluate the tradeoffs between perfect security and unlimited accessibility. a. benefit b. residual c. appetite d. acceptance
c
SP 800-14, Generally Accepted Principles and Practices for Securing Information Technology Systems, provides best practices and security principles that can direct the security team in the development of a security _____. a. standard b. plan c. blueprint d. policy
b
The EISP component of _____ provides information on the importance of information security in the organization and the legal and ethical obligation to protect critical information about customers, employees, and markets. a. Information Security Responsibilities and Roles b. Need for Information Security c. Information Security Elements d. Statement of Purpose
c
The _____ hijacking attack uses IP spoofing to enable an attacker to impersonate another entity on the network. a. WWW b. HTTP c. TCP d. FTP
c
The average amount of time until the next hardware failure is known as _____. a. mean time to repair (MTTR) b. mean time to diagnose (MTTD) c. mean time to failure (MTTF) d. mean time between failure (MTBF)
b
The community of interest made up of IT managers and skilled professionals in systems design, programming, networks, and other related disciplines is called _____. a. Information Security Management and Professionals b. Information Technology Management and Professionals c. Organizational Management and Professionals d. Executive Management
information system (IS)
The entire set of software, hardware, data, people, procedures, and networks that enable the use of information resources in the organization.
information assets
The focus of information security; information that has value to the organization and the systems that store, process, and transmit the information.
C.I.A. triad
The industry standard for computer security since the development of the mainframe; the standard is based on three characteristics that describe the attributes of information that are important to protect: confidentiality, integrity, and availability.
access; asset; attack; control, safeguard, or countermeasure; exploit; exposure; loss; protection profile or security posture; risk; subjects and objects of attack; threat; threat agent; threat event; threat source; vulnerability
The key information security concepts
uptime
The percentage of time a particular service is available.
downtime
The percentage of time a particular service is not available.
d
The probability that a specific vulnerability within an organization will be attacked by a threat is known as _____. a. potential b. determinism c. externality d. likelihood
Physical security
The protection of material items, objects, or areas from unauthorized access and misuse.
d
The protection of tangible items, objects, or areas from unauthorized access and misuse is known as _____. a. network security b. communications security c. information security d. physical security
d
The protection of the confidentiality, integrity, and availability of information assets, whether in storage, processing, or transmission, via the application of policy, education, training and awareness, and technology is known as _____. a. physical security b. communications security c. network security d. information security
d
The spheres of security are the foundation of the security framework and illustrate how information is under attack from a variety of sources, with far fewer protection layers between the information and potential attackers on the _____ side of the organization. a. technology b. Internet c. operational d. people
chief information security officer (CISO)
The title typically assigned to the top information security manager in an organization.
software piracy
The unauthorized duplication, installation, or distribution of copyrighted computer software, which is a violation of intellectual property.
Information classification Secure document storage Application of general security policies Education of information custodians and end users
To protect the confidentiality of information, you can use several measures, including the following:
Know yourself and know your enemy
To protect your organization's information, you must
False
True or False: "Knowing yourself" means identifying, examining, and understanding the threats facing the organization's information assets.
True
True or False: A breach of possession may not always result in a breach of confidentiality.
True
True or False: A data custodian works directly with data owners and is responsible for the storage, maintenance, and protection of the information.
False
True or False: A disaster is any adverse event that could result in loss of an information asset or assets but does not currently threaten the viability of the entire organization.
False
True or False: An advance-fee fraud attack involves the interception of cryptographic elements to determine keys and encryption algorithms.
True
True or False: Business impact analysis is a preparatory activity common to both CP and risk management.
True
True or False: Exposure factor is the expected percentage of loss that would occur from a particular attack.
True
True or False: Good security programs begin and end with policy.
False
True or False: Incident detail assessment determines the impact from a breach of confidentiality, integrity, and availability on information and information assets.
False
True or False: Network security focuses on the protection of physical items, objects, or areas from unauthorized access and misuse.
False
True or False: Risk mitigation is the process of assigning a risk rating or score to each information asset.
True
True or False: Some policies may also need a sunset clause indicating their expiration date.
True
True or False: Technical mechanisms like digital watermarks and embedded code, copyright codes, and even the intentional placement of bad sectors on software media have been used to deter or prevent the theft of software intellectual property.
False
True or False: The bottom-up approach to information security has a higher probability of success than the top-down approach.
False
True or False: The operational plan documents the organization's intended long-term direction and efforts for the next several years.
True
True or False: The organization should adopt naming standards that do not convey information to potential system attackers.
False
True or False: The primary mission of information security is to ensure that systems and their content retain their confidentiality.
False
True or False: The security framework is a more detailed version of the security blueprint.
True
True or False: Using a service bureau is a BC strategy in which an organization contracts with a service agency to provide a facility for a fee.
False
True or False: With the removal of copyright protection mechanisms, software can be easily and legally distributed and installed.
d
Understanding the _____ context means understanding the impact of elements such as the business environment, the legal/regulatory/compliance environment, as well as the threat environment. a. design b. risk evaluation c. internal d. external
d
Which of these is NOT a unique function of information security management? a. programs b. policy c. planning d. hardware
d
Which type of organizations should prepare for the unexpected? a. large organizations which have many assets at risk b. only those without good insurance c. small organizations that can easily recover d. organizations of every size and purpose
a
_____ is a contractual document guaranteeing certain minimal levels of service provided by a vendor. a. Service agreement b. Mutual agreement c. Time-share agreement d. Memorandum of understanding
b
_____ is any technology that aids in gathering information about a person or organization without their knowledge. a. A Trojan b. Spyware c. A worm d. A bot
d
_____ often function as standards or procedures to be used when configuring or maintaining systems. a. ESSPs b. EISPs c. ISSPs d. SysSPs
d
_____ risk treatment is a strategy to do nothing to protect a vulnerability and to accept the outcome of its exploitation. a. Defense b. Mitigation c. Transference d. Acceptance
d
_____ signifies how often you expect a specific type of attack to occur. a. CBA b. ALE c. SLE d. ARO
d
A crime involving digital media, computer technology, or related components is best called an act of _____. a. digital abuse b. computer trespass c. computer theft d. digital malfeasance
service level agreement (SLA)
A document or part of a document that specifies the expected level of service from a service provider, including provisions for minimum acceptable availability and penalties or remediation procedures for downtime.
d
A fundamental difference between a BIA and risk management is that risk management focuses on identifying threats, vulnerabilities, and attacks to determine which controls can protect information, while the BIA assumes that _____. a. controls have been bypassed b. controls have proven ineffective c. controls have failed d. All of the above
McCumber Cube
A graphical representation of the architectural approach used in computer and information security; commonly shown as a cube composed of 3×3×3 cells, similar to a Rubik's Cube.
communities of interest
A group of individuals who are united by similar interests or values within an organization and who share a common goal of helping the organization to meet its objectives.
brownout
A long-term decrease in quality of electrical power availability.
surge
A long-term increase in electrical power availability.
blackout
A long-term interruption (outage) in electrical power availability.
bottom-up approach
A method of establishing security policies and/or practices that begins as a grassroots effort in which systems administrators attempt to improve the security of their systems.
top-down approach
A methodology of establishing security policies and/or practices that is initiated by upper management.
a
A server would experience a(n) _____ attack when a hacker compromises it to acquire information via a remote location using a network connection. a. direct b. software c. indirect d. hardware
sag
A short-term decrease in electrical power availability.
spike
A short-term increase in electrical power availability, also known as a swell.
d
A short-term interruption in electrical power availability is known as a _____. a. lag b. blackout c. brownout d. fault
fault
A short-term interruption in electrical power availability.
security
A state of being secure and free from danger or harm; also, the actions taken to make someone or something secure.
network security
A subset of communications security; the protection of voice and data networking components, connections, and content.
Database security
A subset of information security that focuses on the assessment and protection of information stored in data repositories.
c
A table of hash values and their corresponding plaintext values used to look up password values if an attacker is able to steal a system's encrypted password file is known as a(n) _____. a. crack file b. crib c. rainbow table d. dictionary
exploits
A technique used to compromise a system; may also describe the tool, program, or script used in the compromise.
b
A threat _____ is an evaluation of the threats to information assets, including a determination of their likelihood of occurrence and potential impact of an attack. a. review b. assessment c. search d. investigation
