Final Exam Review

Ace your homework & exams now with Quizwiz!

True

A Chinese wall security policy defines a barrier and develops a set of rules that makes sure no subject gets to objects on the other side.

True

A keyword mixed alphabet cipher uses a cipher alphabet that consists of a keyword, minus duplicates, followed by the remaining letters of the alphabet.

logical access control

A mechanism that limits access to computer systems and network resources is __________

Zone Transfer

A__________ is a unique query of a DNS server that asks for the contents of it's zone

Acceptability

Alan is evaluating different biometric systems and is concerned that users might not want to subject themselves to retinal scans due to privacy concerns. Which characteristic of a biometric system is he considering?

False

An SOC 1 report primarily focuses on security and privacy controls.

$40,000

Assume that there are 100 users in an organization who use desktop PC's. The value of each PC is $1,000, which has an exposure factor or 2. Now, if the new ARO is, what will be the value of ALE for this organization

Decryption

Betty receives a cipher text message from her colleague Tim. What type of function does Betty need to use to read the plaintext message?

vulnerabilities

Black-hat hackers generally poke holes in systems, but do not attempt to disclose __________ they find to the administrators of those systems.

80

Bob is using a port scanner to identify open ports on a server in his environment. He is scanning a web server that uses Hypertext Transfer Protocol (HTTP). Which port should Bob expect to be open to support this service?

Health Insurance Portability and Accountability Act (HIPAA)

Bob recently accepted a position as the information security and compliance manager for a medicalpractice. Which regulation is likely to most directly apply to Bob's employer?

Prudent

Christopher is designing a security policy for his organization. He would like to use an approach that allows a reasonable list of activities but does not allow other activities. Which permission level is he planning to use?

False

Committee of Sponsoring Organizations (COSO) is a set of best practices for IT management.

Internet

Connecting your computers or devices to the ________ immediately exposes them to attack.

True

Content dependent access control requires the access control mechanism to look at the data to decide who should get to see it.

True

Data loss prevention (DLP) uses business rules to classify sensitive information to prevent unauthorized users from sharing it.

True

Digital signatures require asymmetric key cryptography.

Accountability

Ed wants to make sure that his system is designed in a manner that allows tracing actions to an individual. Which phase of access control is Ed concerned about?

False

Encrypting data on storage devices or hard drives is a main strategy to ensure data integrity.

False

FAR (False Acceptance Rate) is the rate at which valid subjects are rejected.

Black-box test

Fran is conducting a security test of a new application. She does not have any access to the source code or other details of the application she is testing. What type of test is Fran conducting?

Wi-Fi

Gary is configuring a Smartphone and is selecting a wireless connectivity method. Which approach will provide him with the highest speed wireless connectivity?

Integrity

Gary is sending a message to Patricia. He wants to ensure that nobody tampers with the message while it is in transit. What goal of cryptography is Gary attempting to achieve?

443

Henry would like to create a different firewall rule that allows encrypted web traffic to reach a web server. What port is used for that communication?

True

In security testing, reconnaissanceinvolves reviewing a systemto learn as much as possible about the organization, its systems, and its networks.

Is the security control likely to become obsolete in the near future?

Jacob is conducting an audit of the security controls at an organization as an independent reviewer. Which question would NOT be part of his audit?

URL links and ZIP files

Malicious software can be hidden in a _____.

True

Many jurisdictions require audits by law.

True

Message authentication confirms the identity of the person who started a correspondence.

SaaS (Software as a Service)

Microsoft Office 365 is a popular example of__________

security audit

One crucial type of evaluation to avoid a data breach is a

False

Passphrases are less secure than passwords.

True

Performing security testing includes vulnerability testing and penetration testing.

True

Regarding an intrusion detection system (IDS), stateful matching looks for specific sequences appearing across several packets in a traffic stream rather than justin individual packets.

Audit

Ricky is reviewing security logs to independently assess security controls. Which security review process is Ricky engaging in?

False

Role-based access control (RBAC) means limiting users' access to database views, as opposed to allowing users to access data in database tables directly.

promiscuous

Sniffers operate in ______ mode

False

Temporal isolation is commonly used in combination with rule-based access control.

False

The Delphi method is the estimated loss due to a specific realized threat. The formula to calculate this loss is = SLE × ARO.

True

The Diffie-Hellman (DHE) algorithm is the basis for several common key exchange protocols, including Diffie-Hellman in Ephemeral mode (DHE) and Elliptic Curve DHE (ECDHE).

True

The OSI Reference Model is a theoretical model of networking with interchangeable layers.

Network interface card (NIC)

The Physical part of the LAN Domain Includes a __ , which is an interface between the computer and the LAN physical media.

Remote Access

The _________ Domain connects remote users to the organization's IT infrastructure.

LAN-to-WAN Domain

The ____________ represents the fourth layer of defense for a typical IT infrastructure.

False

The difference between black-hat hackers and white-hat hackers is that black-hat hackers are mainly concerned with finding weaknesses for the purpose of fixing them, and white-hat hackers want to find weaknesses just for the fun of it or to exploit them.

False

The four main types of logs that you need to keep to support security auditing include event, access, user, and security.

security kernel

The_________ is the central part of a computing environment's hardware, software, and firmware that enforces access control for computer systems.

Intrusion Detection System (IDS)

This security appliance examines IP data streams for common attack and malicious intent patterns.

True

True downtime cost is the amount of money a company loses due to downtime, either intentional or unintentional. It is also called opportunity cost.

False

User-based permission levels limit a person to executing certain functions and often enforces mutual exclusivity.

False

Wardialers are becoming more frequently used given the rise of digital telephony and now IP telephony or Voice over IP (VoIP).

Rivest-Shamir-Adelman (RSA)

What is NOT a symmetric encryption algorithm?

512 bits

What is NOT a valid encryption key length for use with the Blowfish algorithm?

Unencrypted email

What is NOT an effective key distribution method for plaintext encryption keys?

System configurations

What is NOT generally a section in an audit report?

A list of identified risks that results from the risk-identification process

What is meant by risk register?

DRP diects the actions necessary to recover after a disaster, DRP is a part of a BCP, and BCP does not specify how to recover from disasters just interuptions.

What is the difference between BCP and a DRP

synchronous token

What term is used to describe a device used as a logo authenticator for remote users of a network?

downtime

What term is used to describe the amount of time that an IT system, application, or data is not available to users?

Switch

What type of network device normally connects directly to endpoints and uses MAC-based filtering to limit traffic flows?

System integrity monitoring

What type of security monitoring tool would be most likely to identify an unauthorized change to a computer system?

Wired Equivalent Privacy (WEP)

What wireless security technology contains significant flaws and should never be used?

Non Repudiation

When Patricia receives a message from Gary, she wants to be able to demonstrate to Sue that the message actually came from Gary. What goal of cryptography is Patricia attempting to achieve?

threshold

When you apply an account-lockout policy, set the ___________ to a high enough number that authorized users aren't locked out due to mistyped passwords.

False

You must always use the same algorithm to encrypt information and decrypt the same information.

False

You should use easy-to-remember personal information to create secure passwords.

Authority-level policy

_______ is an authorization method in which access to resources is decided by the user's formal status .

Recovery Time Objective (RTO)

____________ is the amount of time it takes to recover and make a system, application, and data available for use after an outage.

Cryptography

____________ is the practice of hiding data and keeping it away from unauthorized users.

logic attacks

use software flaws to crash or seriously hinder the performance of remote servers; can prevent by keeping software up to date

Threat

which term describes an action that can damage or compromise an asset?

True

A DoS attack is a coordinated attempt to deny service by causing a computer to perform an unproductive task

True

A HIDS can detect inappropriate traffic that originates inside the network.

Hot site

Among common recovery location options, this is one that can take over operation quickly. It has all the equipment and data already staged at the location, though you may need to refresh or update the data.

Discretionary access control (DAC)

Gary would like to choose an access control model in which the owner of a resource decides who may modify permissions on that resource. Which model fits that scenario?

True

Hypertext Transfer Protocol (HTTP) is the communications protocol between web browsers and websites with data in cleartext.

SYNflood

In a ________, the attacker sends a large number of packets requesting connections to the victim computer

True

In a chosen-ciphertext attack, cryptanalysts submit data coded with the same cipher and key they are trying to break to the decryption device to see either the plaintext output or the effect the decrypted message has on some system.

True

SOC 2 reports are created for internal and other authorized stakeholders and are commonly implemented for service providers, hosted data centers, and managed cloud computing providers.

True

SSO (Single Sign-On) reduces human error, which is a major part of system failures.

True

Today's LAN is governed by the institute of Electrical and Electronics Engineers (IEEE) 802.3 standards

Quantum cryptography

Which approach to cryptography provides the strongest theoretical protection?

Smart card and personal identification number(PIN)

Which one of the following is an example of two-factor authentication?

Honeypots

________ are traps which are set to capture information about improper activity on a network.

Relationships

__________ are permissions granted to an authorized user, such as read, write, and execute.

True

A Wireless Access Point (WAP) is the connection between a wired and wireless network

Behavior Detection

Which intrusion detection system strategy relies upon pattern matching?

voice pattern

Which of these biometric authentication methods is not as accurate as the rest?

Password

Which one of the following is an example of a logical access control'?

Subjects cannot change objects that have a lower integrity level.

Which one of the following principles is NOT a component of the Biba integrity model?

packet sniffer

A protocol analyzer or ______ is a software program that enables a computer to monitor and capture network traffic.

True

A substitution cipher replaces bits, characters, or blocks of information with other bits, characters, or blocks.

False

Voice pattern biometrics are accurate for authentication because voices can't easily be replicated by computer software.

Crossover error rate (CER)

Which characteristic of a biometric system measures the system's accuracy using a balance of different error types?

An authentication method in which a user is authenticated at multiple times or event intervals.

Which of the following adequately defines continuous authentication?

True

An algorithm is a repeatable process that produces the same result when it receives the same input.

False

In a known-plaintext attack (KPA), the cryptanalyst has access only to a segment of encrypted data, and has no choice as to what that data might be.

True

A trusted operating system (TOS) provides features that satisfy specific government requirements for security.

risk management

Any organization that is serious about security will view ___________ as an ongoing process.

True

In non-discretionary access control, access rules are closely managed by the security administrators.

True

In security testing data collection, observation is the input used to differentiate between paper procedures and the way the job is really done.

True

Internet Small Computer System Interface (iSCSI) is a storage networking standard used to link data storage devices to networks using IP for its transport layer.

True

The hash message authentication code (HMAC) is a hash function that uses a key to create a hash, or message digest.

Confidentiality

The requirement to keep information private or secret is the definition of __________.

False

The weakest link in the security of an IT infrastructure is the server.

Need-to-know

_________ is used to describe a property that indicates that a specific subject needs access to a specific object. This is necessary to access the object in addition to processing the proper clearance for the object's classification.

Alice's private key

Alice would like to send a message to Bob using a digital signature. What cryptographic key does Alice use to create the digital signature?

True

An SOC 1 report is commonly implemented for organizations that must comply with Sarbanes -Oxley (SOX) or the Gramm-Leach-Bliley Act (GLBA)

Attack

An attempt to exploit a vulnerability of a computer or network component.

SOC 3

Emily is the information security director for a large company that handles sensitive personal information. She is hiring an auditor to conduct an assessment demonstrating that her firm is satisfying requirements regarding customer private data. What type of assessment should she request?

True

In an incremental backup process, as the week progresses the nightly (incremental) backup takes about the same amount of time

hacker

In popular usage and in the media, the term ______ often describes someone who breaks into a computer system with authorization.

True

Integrity-checking tools use cryptographic methods to make sure nothing and no one has modified the software.

Captive portal

Karen would like to use a wireless authentication technology similar to that found in hotels where users are redirected to a webpage when they connect to the network. What technology should she deploy?

confidentiality of data and control of access to classified information.

The Bell-La Padula access control model focuses primarily on______________

True

The cost of the countermeasure should be less than the ALE.

Accountability

The process of associating actions with users for later reporting and research is known as

Separation of duties

Tomahawk Industries develops weapons control systems for the military. The company designed a system that requires two different officers to enter their access codes before allowing the system to engage. Which principle of security is this following?

Virtual LAN (VLAN)

Val would like to isolate several systems belonging to the product development group from other systems on the network, without adding new hardware. What technology can she use?

Kerberos

What is a single sign-on (SSO) approach that relies upon the use of key distribution centers (KDCs) and ticket-granting servers (TGSs)?

Role-Based Access Control (RBAC)

What name is give to an access control method that bases access control approvals on the jobs the user is assigned?

Qualitative Risk Analysis

What name is given to a risk-analysis method that uses relative ranking to provide further definition of the identified risks in order to determine responses to them?

demilitarized zone (DMZ)

What name is given to an exterior network that acts as a buffer zone between the publicInternet and an organizations IT infrastructure (i.e., LAN-to-WAN Domain)?

Report writing

Which activity is an auditor least likely to conduct during the information-gathering phase of an audit?

Checklist

Which audit data collection method helps ensure that the information-gathering process covers all relevant areas?

Keystroke Dynamics

Which of the following biometric trait is very accurate?

Community cloud

___________cloud is a type of infrastructure, which provides services for several organizations

Brewer & Nash

_________model makes sure conflicts of interest are recognized and that people are prevented from taking advantage of data to which they should not have access.

Passphrase

_______is an authentication credential that is generally longer and more complex than a password.

Router

A _____________ examines the network layer address and routes packets based on routing protocol path determination decisions

Business continuity plan (BCP)

A _________________ gives priorities to the functions an organization needs to keep going.

BIA

A ________determines the extent of the impact that a particular incident would have on business operation over time.

Risk avoidance

A company can discontinue or decide not to enter a line of business if the risk level is too high. This is categorized as _____________.

False

A digitized signature is a combination of a strong hash of a message and a secret key.

True

A firewall is a basic network security defense tool.

False

A SOC 1 report primarily focuses on security.

disaster recovery plan (DRP)

A ___________ defines how a business gets back on its feet after a major disaster like a fire or hurricane.

Password Cracker

A ___________ is a software program that performs one of two functions: brute-force password attack to gain unauthorized access to a system, or recovery of passwords stored in a computer system.

True

A degausser creates a magnetic field that erases data from magnetic storage media.

port scanner

A_______is a tool used to scan IP host devices for open ports that have been enabled.

Diffie-Hellman

Alice and Bob would like to communicate with each other using a session key but they do not already have a shared secret key. Which algorithm can they use to exchange a secret key?

Bobs public key

Alice would like to send a message to Bob securely and wishes to encrypt the contents of the message. What key does she use to encrypt this message?

True

An example of a threat to access control is in a peer-to-peer (P2P) arrangement in which users share their My Documents folder with each other by accident.

Symmetric, stream, substitution

Which set of characteristics describes the Caesar cipher accurately?

True

A network protocol governs how networking equipment interacts to deliver data across the network.

True

A person demonstrates anonymity when posting information to a web discussion site without authorities knowing who he or she is.

True

A physical courier delivering an asymmetric key is an example of in-band key exchange.

False positive error

Anthony is responsible for tuning his organization's intrusion detection system. He notices that the system reports an intrusion alert each time that an administrator connects to a server using Secure Shell (SSH). What type of error is occurring?

$200

Assume that there are 100 users in an organization who use desktop PC's. The value of each PC is $1,000, which has an exposure factor or 2. If you expect an event to occur only once every 10 years, what will be the value of ALE for this organization.

SLE is $500: ALE is $10,000

Assume that there are 250 users in an organization who use mobile phones.The value of each phone is $500. In the past 2 years the organization has lost an average of 20 phones a year. Which of the following is correct

Smurf

Barbara is investigating an attack against her network. She notices that the Internet Control Message Protocol (ICMP) echo replies coming into her network far exceed the ICMP echo requests leaving her network. What type of attack is likely taking place?

Online Certificate Status Protocol (OCSP)

Which of the following allows a certificate authority (CA) to revoke a compromised digital certificate in real time?

An authentication token used to process challenge-response authentication with a server. It takes the server's challenge value and calculates a response. The user enters the response to authenticate a connection.

Which of the following describes an asynchronous token?

The practice of using computing services that are delivered over a network.

Which of the following is an accurate description of cloud computing?

identification

Which of the following is not a type of authentication?

Ownership

Which type e of authentication includes smart cards?

Transposition

Which type of cipher works by rearranging the characters in a message?

Exposure Factor (EF)

_______ is the proportion of value of a particular asset likely to be destroyed by a given risk,expressed as a percentage.

Stateful matching

__________ looks for specific sequences appearing across several packets in a traffic stream rather than just in individual packets.


Related study sets

NCLEX Practice Health Assessment 2

View Set

504 Absolutely Essential Words - English defenition

View Set

Network+ Objective 1.1 Explain purposes & uses of ports & protocols

View Set

(Week 4) - Lesson 7D - Network Application & Storage Services

View Set

Fundamentals of Nursing Exam 1 NUR 112

View Set

Financial Transactions and Fraud Schemes 2

View Set

Chapter 10: Principles of Fluid and Electrolytes

View Set