Fundamentals of Cybersecurity Final Study Guide
True or False? IP provides global addressing for internet hosts.
True
True or False? The ARP cache contains every MAC address and corresponding IP address the host will use.
True
Bob and Alice are typical users who share a computer. The computer has a file sharing policy, but Bob and Alice have implemented a tailored policy for shared updating. Which of the following are true? Multiple Choice A. Bob and Alice can share particular files (read and write) that others can't read. B. Alice can read and write application files. C. Bob can create, read, and modify his own files. D. Bob can modify typical files that Alice creates. E. Bob can read typical files that Alice creates.
A. Bob and Alice can Share Particular Files (Read and Write) That Others can't Read C. Bob can Create, Read, and Modify his Own Files E. Bob can Read Typical Files that Alice Creates
Which of the following software can encrypt individual files? Multiple Choice A. VeraCrypt B. PKZIP C. PGP D. Windows built-in encryption
B. PKZIP C. PGP D. Windows Built-in Encryption
All of the following are types of switching, except: A. message switching. B. package switching. C. packet switching. D. circuit switching.
B. Package Switching
Bob and Alice want to construct a shared secret key using RSA. Which of the following components must Bob use to share the secret with Alice? A. Bob's private key alone B. Alice's private key and Bob's public key C. Alice's public key alone D. Alice's public key and Bob's private key
C. Alice's Public Key Alone
What term describes the longest period of time that a business can survive without a particular critical system? A. Emergency operations center (EOC) B. Recovery point objective (RPO) C. Recovery time objective (RTO) D. Maximum tolerable downtime (MTD)
D. Maximum Tolerable Downtime (MTD)
What level of technology infrastructure should you expect to find in a cold site alternative data center facility? A. Basic computer hardware B. Hardware that mirrors the primary site, but no data C. Hardware and data that mirror the primary site D. No technology infrastructure
D. No Technology Infrastructure
In typical applications, does SSL provide application transparency? A. Yes, because all Internet protocol stacks include a separate layer that provides SSL. B. No, because SSL security is applied to data before it is packaged into an application-layer message. C. Yes, because it is implemented between the application's socket interface and the transport layer's socket interface. D. No, because the SSL software is traditionally integrated into the application software package and is not supported unless the application specifically provides it.
D. No, Because the SSL Software is Traditionally Integrated into the Application Software Package and is not Supported Unless the Application Specifically Provides it
True or False? If a certificate authority is not in a web browser's built-in list, then the browser cannot verify the certificate's digital signature and thus cannot tell if the certificate is legitimate.
True
True or False? If a host contains unprotected files, the files may be accessible to attackers. Because of this, many systems disable file sharing.
True
True or False? Protected health information (PHI) is any individually identifiable information about a person's health.
True
True or False? Regarding access permissions in Windows, the owner of a shared folder may read, modify, and delete other user's files.
True
True or False? The Federal Information Security Management Act (FISMA) of 2014 defines the roles, responsibilities, accountabilities, requirements, and practices that are needed to fully implement FISMA security controls and requirements.
True
True or False? The recovery point objective (RPO) can come from the business impact analysis or sometimes from a government mandate, such as banking laws.
True
True or False? The term risk management describes the process of identifying, assessing, prioritizing, and addressing risks.
True
True or False? We recover from attacks, incidences, and compromises by taking steps to recover. The recovery process is often called the DRP (Disaster Recovery Protocol).
False
The HTML tag that's required to create a hyperlink is: A. <html>. B. <h1>. C. <a>. D. <p>.
C. <a>.
True or False? Cipher block chaining (CBC) is a widely used cipher mode that requires plaintext to be a multiple of the cipher's block size.
True
True or False? Every executable file begins with a "file header" that describes the structure and format of the program.
True
True or False? Filtering for spam sometimes produces a false positive, in which legitimate email is identified as spam.
True
ASPX is: A. ASP scripting extended to support Microsoft's .NET framework. B. server-side scripts written in Java. C. a web-oriented version of Java. D. a web-specific scripting language that supports instructions in Visual Basic, Javascript, and ActiveX.
A. ASP Scripting Extended to Support Microsoft's .NET Framework
Which of the following provides special privileges for managing the system? A. Administrative groups B. Special groups C. User groups D. Owner groups
A. Administrative Groups
Which of the following are true of client-side scripts? Multiple Choice A. Appear as short procedures embedded in an HTML page B. Are interpreted by browsers C. Can be exploited by viruses and Trojans D. Are run by servers
A. Appear as short procedures embedded in an HTML page B. Are interpreted by browsers C. Can be exploited by viruses and Trojans
Which of the following certifications is considered the flagship Information Systems Security Certification Consortium, Inc. (ISC)2 certification and the gold standard for information security professionals? A. Certified Information Systems Security Professional (CISSP) B. Certified Authorization Professional (CAP) C. Systems Security Certified Practitioner (SSCP) D. Certified Cloud Security Professional (CCSP)
A. Certified Information Systems Security Professional (CISSP)
The items below describe different elements of a hypertext link as it appears in HTML. Which are especially true about the link's highlighted text, as opposed to other elements of the link? Multiple Choice A. Click on the text and the browser follows the link. B. The text is not displayed when the browser displays the page. C. Not inside the "a" tag in the HTML; instead, it is surrounded by the "a" tag and its "end" tag D. Contains the URL
A. Click on the text and the browser follows the link. C. Not inside the "a" tag in the HTML; instead, it is surrounded by the "a" tag and its "end" tag
Which of the following are risks associated specifically with running scripts in a user's browser? Multiple Choice A. Cross-site scripting B. Same-origin policy C. Malicious script that damages server-side resources D. Malicious script that damages client-side resources
A. Cross-Site Scripting D. Malicious Script That Damages Client-Side Resources
How have DDOS attacks affected DNS and hosts that rely on it? Multiple Choice A. DDOS attacks on DNS servers for specific hosts have made it difficult for some users to reach those hosts. B. DDOS attacks on DNS servers for specific hosts have redirected traffic to other hosts masquerading as the target of the attack. C. DDOS attacks on root DNS servers have brought the whole internet to a standstill. D. Botnets may have been used in some DNS DDOS attacks. E. Partially successful attacks on root DNS servers have had little effect on Internet traffic.
A. DDOS attacks on DNS servers for specific hosts have made it difficult for some users to reach those hosts. D. Botnets may have been used in some DNS DDOS attacks. E. Partially successful attacks on root DNS servers have had little effect on Internet traffic.
A firewall gateway for a household or small business LAN contains several of the following features. Select all that appear in a typical gateway. Multiple Choice A. DHCP protocol B. Root DNS server C. Domain name registrar D. Share a single IP address assigned by the ISP among multiple hosts inside the network
A. DHCP Protocol D. Share a Single IP Address Assigned by the ISP Among Multiple Hosts Inside the Network
Which of the following may be part of a phishing attack? Multiple Choice A. Drive-by download B. Connection hijacking C. A log in request that collects secret authentication credentials D. Social engineering
A. Drive-by download C. A log in request that collects secret authentication credentials D. Social engineering
While the first and last "Received" headers in an email might identify the ultimate source or destination, what type of information do other "Received" headers provide? A. Each identifies an MTA that retrieves the entire email message and forwards it to another MTA. B. Each identifies a DNS lookup that takes place during email delivery. C. Each identifies an internet router that directs the message during delivery. D. Each identifies a web server that takes part in the email's delivery.
A. Each Identifies an MTA That Retrieves the Entire Email Message and Forwards it to Another MTA
Which technology category would NOT likely be the subject of a standard published by the International Electrotechnical Commission (IEC)? A. Encryption B. Solar energy C. Semiconductors D. Consumer appliances
A. Encryption
The __________ controls the sending and receiving host address. A. host B. content C. service D. direction
A. Host
The language that's the foundation of most web pages is: A. Hypertext Markup Language (HTML) B. Hypertext Transfer Protocol (HTTP). C. Cascading Style Sheets (CSS). D. Extensible Markup Language (XML).
A. Hypertext Markup Language (HTML)
Gary is troubleshooting a security issue on an Ethernet network and would like to look at the Ethernet standard. What publication should he seek out? A. IEEE 802.3 B. ISO 17799 C. ANSI x.1199 D. NIST 800-53
A. IEEE 802.3
DNS by itself provides specific services, not including services that a domain registrar might provide to customers. Which of the following services are part of DNS as opposed to additional services provided by registrars? Multiple Choice A. Map a domain name to an IP address B. Redirect email for a particular domain to other email addresses C. Map a domain name to a specific website URL D. Map a domain name to an email server's IP address
A. Map a Domain Name to an IP Address D. Map a Domain Name to an Email Server's IP Address
Kevin is accused by a local company of unauthorized access to a company computer. The company reported it to the local police, and Kevin has been charged with criminal computer access under a state law. Which of the following are true about this legal process? Multiple Choice A. May require a third party to resolve the issue, like a mediator, judge, and/or jury B. May be resolved informally between the perpetrator and victim, or their legal representatives C. The perpetrator is charged with breaking a law. D. Based on a shared relationship, like employer and employee. E. Requires evidence admissible in court
A. May Require a Third Party to Resolve the Issue, like a Mediator, Judge, and/ or Jury C. The Perpetrator is Charged With Breaking a Law E. Requires Evidence Admissible in Court
An example of _________ security control is when you unplug a computer from the internet to protect it from malware. A. mechanical B. logical C. physical D. cryptographic
A. Mechanical
Which of the following security measures can detect a bit-flipping attack? Multiple Choice A. Message containing a keyed hash B. Encrypted message containing a checksum C. Encrypted message containing a check value computed from a one-way hash D. Message containing a digital signature
A. Message Containing a Keyed Hash D. Message Containing a Digital Signature
Another term for an SMTP email server is: A. message transfer agent (MTA). B. MIME. C. TCP server. D. None of these is correct.
A. Message Transfer Agent (MTA)
What was the first web browser to use public key certificates? A. Netscape Navigator B. WorldWideWeb C. Netscape Communicator D. Internet Explorer
A. Netscape Navigator
Which of the following qualities of a good encryption algorithm apply to AES today? Multiple Choice A. No practical weaknesses B. Explicitly designed for encryption C. Available for analysis D. Subjected to analysis E. Security does not rely on its secrecy
A. No practical weaknesses B. Explicitly designed for encryption C. Available for analysis D. Subjected to analysis E. Security does not rely on its secrecy
Bob has purchased a self-encrypting hard drive that always encrypts everything stored on the drive. Bob wants to install a bootable operating system on it and use it on an older computer. The old computer does not allow him to install pre-boot authentication in the BIOS. Will he be able to use the drive? A. No, because there is no way to add a plaintext partition to this drive. B. No, because a separate drive partition is only used in software-based drive encryption systems. C. Yes, because he can add a plaintext partition to the drive and install the pre-boot authentication software on that partition. D. Yes, because he can run an application on his operating system that unlocks the drive.
A. No, Because There is No Way to Add a Plaintext Partition to This Drive
Digital signatures may be used to provide: A. nonrepudiation. B. protection against denial of service attacks. C. file availability. D. None of these is correct.
A. Nonrepudiation
There are three types of tokens; which of the following is not a correct type? A. Offensive tokens B. One-time password tokens C. Challenge-response tokens D. Passive tokens
A. Offensive tokens
Spam is prevalent because it makes money for its authors. Which of the following are typical ways that spam makes money? Multiple Choice A. Offers products that cannot be advertised in more-legitimate channels B. Prevents users from reading legitimate emails C. Lures readers to participate in financial frauds D. Phishing
A. Offers products that cannot be advertised in more-legitimate channels C. Lures readers to participate in financial frauds D. Phishing
Holly would like to run an annual major disaster recovery test that is as thorough and realistic as possible. She also wants to ensure that there is no disruption of activity at the primary site. What option is best in this scenario? A. Parallel test B. Simulation test C. Checklist test D. Full interruption test
A. Parallel Test
Which of the following is not included in the acronym, LAMP? A. Perl B. Linux C. MySQL D. Apache
A. Perl
Spam is prevalent because it makes money for its authors. Which of the following are typical ways that spam makes money? Multiple Choice A. Phishing B. Offers products that cannot be advertised in more-legitimate channels C. Prevents users from reading legitimate emails D. Lures readers to participate in financial frauds
A. Phishing B. Offers products that cannot be advertised in more-legitimate channels D. Lures readers to participate in financial frauds
What is the role of the FAT in a FAT-formatted file system? A. Provides status on every cluster on the drive, indicating if it is free or part of a file B. Provides pointers to the boot blocks C. Provides the root directory to all files D. Stores the data for the files
A. Provides Status on Every Cluster on the Drive, Indicating if it is Free or Part of a File
A basic network packet contains which of the following? Multiple Choice A. A checksum B. A header C. Data D. Virus protection
A. a Checksum B. a Header C. Data
Alice is using a system that uses very simple file and directory access rights. The system doesn't have directory-specific access rights. Instead, it uses simple read and write permissions to restrict what users can do to a directory. Alice has read-only access to the "project" directory. Select which of the following operations Alice can perform on that directory. Multiple Choice A. Read files in the directory for which she has "read" access B. Delete files for which she has "write" access C. List files in the directory D. Seek files in that directory E. Create files to which she will have "write" access
A. Read Files in the Directory for Which She Has "Read" Access C. List Files in the Directory D. Seek Files in That Directory
Random access memory (RAM) access choices include which of the following? Multiple Choice A. read and write access. B. no access. C. write access only. D. read access only.
A. Read and Write Access, B. No Access, and D. Read Access Only
The Fourth Amendment prevents arbitrary searches of areas where users expect their privacy to be protected. This is referred to as: A. reasonable expectation of privacy. B. consent to search. C. search and seizure. D. admissibility.
A. Reasonable Expectation of Privacy
Alan is the security manager for a mid-sized business. The company has suffered several serious data losses when mobile devices were stolen. Alan decides to implement full disk encryption on all mobile devices. What risk response did Alan take? A. Reduce B. Accept C. Transfer D. Avoid
A. Reduce
What type of publication is the primary working product of the Internet Engineering Task Force (IETF)? A. Request for comment (RFC) B. Special Publication (SP) C. ISO standard D. Public service announcement (PSA)
A. Request For Comment (RFC)
Which decryption procedure requires two inputs? Select all that apply. A. A key B. Ciphertext C. An algorithm D. Plaintext
A. a Key B. Ciphertext
People who interpret event logs do not like administrators to use privileged accounts with a fixed name, like "root." Which of the following is the best explanation for this? A. The "root" user ID is shared by many people; the event log can't easily tell which user really performed a logged action B. Auditors who review event logs believe they should have the same access rights as other administrative personnel C. The "root" user ID can modify event logs, while other privilege mechanisms, like "sudo," can't modify event logs D. Overuse of the "root" user ID increases the risk that someone will execute malicious software by mistake
A. The "Root" User ID is Shared by Many People; the Event Log can't Easily Tell which User Really Performed a Logged Action
A CPU implements "execute" access on RAM. We have restricted the control sections to "execute" access, while allowing full access to data sections. Which of the following are thus allowed? Multiple Choice A. The CPU can retrieve bytes from data sections while executing the instruction. B. The CPU can store bytes in the control section while executing the instruction. C. The CPU can store bytes in data sections while executing the instruction. D. The CPU can retrieve bytes from the control section while executing the instruction.
A. The CPU Can Retrieve Bytes From Data Sections While Executing the Instruction C. The CPU Can Store Bytes in Data Sections While Executing the Instruction D. The CPU Can Retrieve Bytes From the Control Section While Executing the Instruction
Bob is trying to hide some secret information by using an undersized file system to set aside space for his secrets. Which of the following are true? Multiple Choice A. The hidden storage uses space taken from the regular file system: The regular system is told to only use part of the available space in the partition, and the remaining space is used by the hidden data. B. The hidden storage uses extra space on the drive that is made available by special low-level formatting. C. The hidden section uses storage that the operating system ignores, except when Bob uses special software. D. The hidden section may be wiped out accidentally if the normal operating system tries to use too much space on the drive.
A. The Hidden Storage Uses Space Taken From the Regular File System: The Regular System is Told to Only Use Part of the Available Space in Partition, and the Remaining Space is Used by the Hidden Data C. The Hidden Storage Uses Storage That the Operating System Ignores, Except When Bob Uses Special Software
A major obstacle to becoming an ISP today is: A. the shortage of internet addresses. B. both the shortage of routers and the shortage of internet addresses. C. the shortage of routers. D. None of these is correct.
A. The Shortage of Internet Addresses
The HTML format allows a web page to refer to other files, including text and multimedia files like images and video. The following statements suggest different ways a browser may handle these references. Multiple Choice A. The web server may open multiple connections to retrieve other files while building the current web page. B. If a file resides on a server other than the one hosting the web page, the browser ignores that file. C. Other files may reside on other servers and be referenced using URLs. D. If the browser needs to retrieve multiple files from the same server, it may use the same HTTP connection.
A. The web server may open multiple connections to retrieve other files while building the current web page. C. Other files may reside on other servers and be referenced using URLs. D. If the browser needs to retrieve multiple files from the same server, it may use the same HTTP connection.
What is the role of device drivers in an operating system? A. To adapt different kinds of hardware to a standard interface provided by the operating system B. To provide a standard interface for implementing a file system C. To provide a way for third-party developers to write privileged software D. To adapt different sized storage devices to the standard I/O system
A. To Adapt Different Kinds of Hardware to a Standard Interface Provided By the Operating System
Secure Sockets Layer (SSL) has been replaced by: A. Transport Layer Security (TLS). B. IP Security (IPsec). C. Pretty Good Privacy (PGP). D. Wireless Protected Access, version 2 (WPA2).
A. Transport Layer Security (TLS)
A tool that captures packets on a network and helps you analyze the packets is: A. Wireshark. B. DHCP. C. ARP. D. nmap.
A. Wireshark
The Children's Online Privacy Protection Act (COPPA) restricts the collection of information online from children. What is the cutoff age for COPPA regulation? A. 15 B. 13 C. 18 D. 11
B. 13
ASPX is: A. server-side scripts written in Java. B. ASP scripting extended to support Microsoft's .NET framework. C. a web-oriented version of Java. D. a web-specific scripting language that supports instructions in Visual Basic, Javascript, and ActiveX.
B. ASP Scripting Extended to Support Microsoft's .NET Framework
Which one of the following is the best example of an authorization control? A. Biometric device B. Access control lists C. One-time password D. Digital certificate
B. Access Control Lists
A firewall is trying to block all unauthorized traffic and services. What type of filtering will provide the most thorough restrictions? A. Session filtering to block all connections made to unauthorized services B. Application filtering to block all applications except those allowed, plus any application traffic that appears to implement tunneling C. Application filtering to block all applications except those allowed D. Packet filtering to block all packets directed at services on unauthorized ports
B. Application Filtering to Block All Applications Except Those Allowed, Plus Any Application Traffic That Appears to Implement Tunneling
Colin is a software developer. He would like to earn a credential that demonstrates to employers that he is well educated on software security issues. What certification would be most suitable for this purpose? A. Certified Information Systems Security Professional (CISSP) B. Certified Secure Software Lifecycle Professional (CSSLP) C. Certified Cyber Forensics Professional (CCFP) D. HealthCare Certified Information Security Privacy Practitioner (HCISPP)
B. Certified Secure Software Lifecycle Professional (CSSLP)
Which of the following may be part of a phishing attack? Multiple Choice A. Connection hijacking B. Drive-by download C. Social engineering D. A log in request that collects secret authentication credentials
B. Drive-by download C. Social engineering D. A log in request that collects secret authentication credentials
Packet filtering looks at any packet header and filters on all of the following values, except: A. IP protocol. B. email address. C. MAC address. D. IP address.
B. Email Address
Which one of the following is an example of a direct cost that might result from a business disruption? A. Lost market share B. Facility repair C. Damaged reputation D. Lost customers
B. Facility Repair
How many years of post-secondary education are typically required to earn a bachelor's degree in a non-accelerated program? A. Two B. Four C. Three D. Six
B. Four
An attack that forges the sender's IP address is called a(n): A. ping flood. B. IP spoofing attack. C. SYN flood attack. D. smurf attack.
B. IP Spoofing Attack
Which of the following is a formal review of the systems integrity and of the data it maintains regarding the organization's business. A. Event logging B. Information systems audit C. None of these is correct. D. Security event log
B. Information Systems Audit
In practice, computer-based access control begins by making each process into its own: A. house. B. island. C. apartment. D. planet.
B. Island
What term describes the risk that exists after an organization has performed all planned countermeasures and controls? A. Total risk B. Residual risk C. Business risk D. Transparent risk
B. Residual Risk
Modern internet technology evolved from research on: A. DHCP. B. the ARPANET. C. the Royal Radar Establishment. D. the OSI model.
B. The ARPANET
Highway systems of driveways, local roads, and national roads are networks for automobiles, much like the internet is a network for data traffic. Both types of network share some similarities. Select the most appropriate similarities from those listed below. Multiple Choice A. Private individuals cannot construct their own network to connect to the shared network. B. The networks may be used for private, public service, and commercial traffic. C. The network structures are strictly hierarchical. D. There is no single organization responsible for all network elements. E. The networks connect their elements across many different types of links.
B. The Networks may be Used for Private, Public Service, and Commercial Traffic D. There is No Single Organization Responsible for all Network Elements E. The Networks Connect Their Elements Across Many Different Types of Links
Bob connects to his bank's SSL-protected website. The browser reports that the certificate was not issued by a certificate authority known to the browser. Which of the following may be true? Multiple Choice A. The certificate's contents have been damaged and cannot be trusted. B. The certificate was issued by an untrustworthy certificate authority. C. A hacker may have set up a site that is masquerading as the bank. D. The bank forgot to renew its certificate, or at least failed to renew and replace it before it expired.
B. The certificate was issued by an untrustworthy certificate authority. C. A hacker may have set up a site that is masquerading as the bank.
_________ is another name applied to IDE connections. A. PCIe (Peripheral Component Interconnect Express) B. IDE (Integrated Drive Electronics) C. ATA (Advanced Technology Attachment) D. SATA (Serial ATA)
C. ATA (Advanced Technology Attachment)
True or False? Browsers often store the cookies in individual files, each named for the server that owns the cookie. Whenever the browser visits a particular server, it includes the cookies received from that server.
True
The inode is the data structure on a drive that describes each file and is used in: A. NTFS. B. UFS. C. HFS+. D. MFT.
B. UFS
Dawn is selecting an alternative processing facility for her organization's primary data center. She would like to have a facility that balances cost and switchover time. What would be the best option in this situation? A. Cold site B. Warm site C. Hot site D. Primary site
B. Warm Site
Which of the following is a list of access rights for each file, where each entry identifies a specific user and contains a list of access rights granted to that user. A. Group rights B. Reader rights C. Access control list (ACL) D. All of these are correct.
C. Access Control List (ACL)
Moore's Law observed that computing power doubled every: A. 12 months. B. 24 months. C. 18 months. D. None of these is correct.
C. 18 Months
Nancy performs a full backup of her server every Sunday at 1 A.M. and differential backups on Mondays through Fridays at 1 A.M. Her server fails at 9 A.M. Wednesday. How many backups does Nancy need to restore? A. 1 B. 4 C. 2 D. 3
C. 2
A DVD's key is encrypted with how many player keys? A. 1,000 keys B. 15 keys C. 409 keys D. 150 keys
C. 409 Keys
A firewall is trying to block all unauthorized traffic and services. What type of filtering will provide the most thorough restrictions? A. Session filtering to block all connections made to unauthorized services B. Application filtering to block all applications except those allowed C. Application filtering to block all applications except those allowed, plus any application traffic that appears to implement tunneling D. Packet filtering to block all packets directed at services on unauthorized ports
C. Application filtering to block all applications except those allowed, plus any application traffic that appears to implement tunneling
1111 1111 - 1111 1111 - 1111 0000 - 0000 0000 is an example of a(n): A. MAC address. B. IPv6 address. C. binary network mask. D. IPv4 address.
C. Binary Network Mask
____________ flaws in the software, such as finger service, are often exploited. A. Windows B. Shell shock C. Buffer overflow D. Blue screen of death
C. Buffer Overflow
Which of the following circumstances would NOT trigger mandatory security training for a federal agency under Office of Personnel Management (OPM) guidelines? A. Change in security environment B. Change in employee responsibilities C. Change of senior leadership D. Change in security procedures
C. Change of Senior Leadership
Most Microsoft Windows fatal errors (blue screen of death) are caused by: A. hardware failure. B. applications. C. device drivers. D. security violations.
C. Device Drivers
What is the highest level of academic degree that may be earned in the field of information security? A. Bachelor of science (BS) B. Master of science (MS) C. Doctor of philosophy (PhD) D. Master of business administration (MBA)
C. Doctor of Philosophy (PhD)
While the first and last "Received" headers in an email might identify the ultimate source or destination, what type of information do other "Received" headers provide? A. Each identifies a web server that takes part in the email's delivery. B. Each identifies an internet router that directs the message during delivery. C. Each identifies an MTA that retrieves the entire email message and forwards it to another MTA. D. Each identifies a DNS lookup that takes place during email delivery.
C. Each identifies an MTA that retrieves the entire email message and forwards it to another MTA.
Erin is a system administrator for a federal government agency. What law contains guidance on how she may operate a federal information system? A. Sarbanes-Oxley (SOX) Act B. Gramm-Leach-Bliley Act (GLBA) C. Federal Information Security Management Act (FISMA) D. Family Educational Rights and Privacy Act (FERPA)
C. Federal Information Security Management Act (FISMA)
The Enigma was used by the _________ in World War II. A. British B. Japanese C. Germans D. Americans
C. Germans
The language that's the foundation of most web pages is: A. Hypertext Transfer Protocol (HTTP). B. Cascading Style Sheets (CSS). C. Hypertext Markup Language (HTML) D. Extensible Markup Language (XML).
C. Hypertext Markup Language (HTML)
Juan comes across documentation from his organization related to several information security initiatives using different standards as their reference. Which International Organization for Standardization (ISO) standard provides current guidance on information security management? A. ISO 14001 B. ISO 9000 C. ISO 27002 D. ISO 17799
C. ISO 27002
The well-known port number 80 is used for: A. sending keyboard commands to a host. B. sending and receiving email. C. the World Wide Web via HTTP. D. setting up a file transfer.
C. The World Wide Web via HTTP
Mailbox protocols include all of the following, except: A. Internet Message Access Protocol (IMAP). B. Simple Mail Transfer Protocol (SMTP). C. Internet Control Message Protocol (ICMP). D. Post Office Protocol 3 (POP3).
C. Internet Control Message Protocol (ICMP)
A protocol that establishes security associations (SAs) between a pair of hosts is: A. Pretty Good Privacy (PGP). B. Internet Control Message Protocol (ICMP). C. Internet Key Exchange (IKE). D. Transport Layer Security (TLS).
C. Internet Key Exchange (IKE)
A block cipher algorithm operates more slowly if we change the key every time we use it. Which of the following concepts is most responsible for this delay? A. Permutations B. Rounds C. Key expansion D. S-boxes
C. Key Expansion
Which of the following uses TCP as the transport protocol? A. ARP B. DHCP C. Mailbox and delivery D. Ping
C. Mailbox and Delivery
Another term for an SMTP email server is: A. TCP server. B. MIME. C. message transfer agent (MTA). D. None of these is correct.
C. Message Transfer Agent (MTA)
Mailbox protocols include all of the following, except: A. Internet Message Access Protocol (IMAP). B. Post Office Protocol 3 (POP3). C. Simple Mail Transfer Protocol (SMTP). D. Internet Control Message Protocol (ICMP).
D. Internet Control Message Protocol (ICMP)
Which formula is typically used to describe the components of information security risks? A. Risk = Likelihood X Vulnerability B. Risk = Vulnerability X Cost C. Risk = Threat X Vulnerability D. Risk = Threat X Likelihood
C. Risk = Threat x Vulnerability
A primary use of event logs is to: A. All of these are correct. B. identify file ownership. C. serve as an audit trail. D. determine when software should be upgraded.
C. Serve as an Audit Trail
On Unix-based systems, users type commands into a program to handle keyboard commands called a: A. Typewriter. B. CMD. C. Shell. D. Linux.
C. Shell
Joe is responsible for the security of the industrial control systems for a power plant. What type of environment does Joe administer? A. Mainframe B. Mobile C. Supervisory Control and Data Acquisition (SCADA) D. Embedded
C. Supervisory Control and Data Acquisition (SCADA)
Which of the following best describes the basic format of an HTML tag? A. Text enclosed in quotation marks B. Text delimited by start and end tags C. Text surrounded by angle brackets D. Text enclosed in colons
C. Text Surrounded by Angle Brackets
Bob connects to his bank's SSL-protected website. The browser reports that the certificate has been revoked. Which of the following may directly cause this? A. The bank forgot to renew its certificate, or at least failed to renew and replace it before it expired. B. A hacker may have set up a site that is masquerading as the bank. C. The bank's private key was stolen by a hacker, and the theft was reported to the certificate authority. D. The certificate was issued by an untrusted certificate authority.
C. The Bank's Private Key was Stolen by a Hacker, and the Theft was Reported to the Certificate Authority
Bob connects to his bank's SSL-protected website. The browser reports that the certificate has been revoked. Which of the following may directly cause this? A. A hacker may have set up a site that is masquerading as the bank. B. The bank forgot to renew its certificate, or at least failed to renew and replace it before it expired. C. The bank's private key was stolen by a hacker, and the theft was reported to the certificate authority. D. The certificate was issued by an untrusted certificate authority.
C. The bank's private key was stolen by a hacker, and the theft was reported to the certificate authority.
The field that identifies one record so that others may link to it is often called a: A. field identifier. B. unique key. C. key syntax. D. key field.
D. Key Field
What DoD directive requires that information security professionals in the government earn professional certifications? A. 8540 B. 8270 C. 8088 D. 8140
D. 8140
We need to create a three-factor authentication system. The system already uses a USB device that is unlocked with the user's fingerprint. Which of the following can we add to implement three separate factors? A. A file of secret information stored on the user's authorized computers B. Signature recognition C. A process that requires the user's cell phone D. A PIN entered via a built-in PIN pad
D. A PIN entered via a built-in PIN pad
DNS provides records to look up email servers. The records are called: A. ML records. B. A records. C. ESMTP records. D. MX records.
D. MX Records
An example of a capability-based system is: A. Kerberos. B. public-key certificates. C. a process page table that provides capabilities to use specific areas of RAM. D. All of these are correct.
D. All of These are Correct
The term _________ was used in operating systems research to describe the access rights a particular subject or process had for a particular object or resource. A. permission B. cluster C. objects D. capability
D. Capability
The security framework that replaced the U.S. DOD Orange Book is called: A. Red Book. B. Common Conduct. C. PCI DSS. D. Common Criteria.
D. Common Criteria
A type of security control that takes measures to help restore a system is referred to as: A. detective. B. preventative. C. All of these are correct. D. corrective.
D. Corrective
What is a key principle of risk management programs? A. Apply controls in ascending order of risk. B. Security controls should be protected through the obscurity of their mechanisms. C. Risk avoidance is superior to risk mitigation. D. Don't spend more to protect an asset than it is worth.
D. Don't Spend More to Protect an Asset Than it is Worth
The main purpose of a software patch is to: A. test the functionality of a program. B. enhance the functionality of a program. C. alert users to an error in a program. D. fix a bug in a program.
D. Fix a Bug in a Program
Which of the following is NOT an advantage to undertaking self-study of information security topics? A. Self-motivation B. Low cost C. Flexible materials D. Fixed pace
D. Fixed Pace
What certification organization began as an offshoot of the SANS Institute training programs? A. Certified Internet Webmaster (CIW) B. CompTIA C. International Information Systems Security Certification Consortium, Inc. (ISC)2 D. Global Information Assurance Certification (GIAC)
D. Global Information Assurance Certification (GIAC)
The law that establishes security measures that must be taken on health-related information is: A. FISMA. B. SOX. C. GLBA. D. HIPAA.
D. HIPAA
Access control protects data on a computer against: A. recycling. B. Trojans. C. theft. D. hostile users.
D. Hostile Users
Bob wants to send and receive packets reliably without ever worrying about duplicate packets. He has set up a protocol that never sends multiple packets at once—it always waits for the previous packet's ACK before it transmits the next packet. Will this work? A. Yes, the implementation omits duplicates and is reliable. B. Yes, but the implementation must number all packets. C. Yes, but only if the implementation includes a timeout to detect and retransmit lost packets. D. No, transmission will stop as soon as a packet is lost.
D. No, Transmission Will Stop as Soon as a Packet is Lost
Which of the following is not included in the acronym, LAMP? A. Apache B. MySQL C. Linux D. Perl
D. Perl
A security awareness program that focuses on an organization's Bring Your Own Device (BYOD) policy is designed to cover the use of what type of equipment? A. Printers B. Servers C. Workstations D. Personally owned devices
D. Personally Owned Devices
A typical hard drive has an arm, a read/write head, and: A. All of these are correct. B. a CPU. C. tape reels. D. platters.
D. Platters
The term for recovering from computer-related attacks, incidents, and compromises is: A. digital forensics. B. premeditation. C. investigation. D. remediation.
D. Remediation
One of the vulnerabilities the Morris worm used was a networking service called finger. The purpose of the finger service is to: A. determine which ports are open on a computer. B. report which device drivers a computer uses. C. determine which operating system is running on a computer. D. report the status of individual computer users.
D. Report the Status of Individual Computer Users
In a hierarchical file system directory, the topmost directory is called the: A. top. B. child. C. base. D. root.
D. Root
Helen has no experience in security. She would like to earn a certification that demonstrates that she has the basic knowledge necessary to work in the information security field. What certification would be an appropriate first step for her? A. Certified Information Systems Security Professional (CISSP) B. CompTIA Advanced Security Practitioner (CASP) C. GIAC Security Expert (GSE) D. Security+
D. Security+
A rootkit is: A. a type of Ethernet connection. B. a member of a botnet. C. a type of mechanical threat. D. software that hides on a computer and provides a back door for an attacker.
D. Software That Hides on a Computer and Provides a Back Door for an Attacker
What is NOT an area where the Internet Architecture Board (IAB) provides oversight on behalf of the Internet Engineering Task Force (IETF)? A. Editorial and publication procedures for requests for comments (RFCs) B. Confirmation of IETF chairs C. Architecture for Internet protocols and procedures D. Subject matter expertise on routing and switching
D. Subject Matter Expertise on Routing and Switching
General security access controls refer to objects, rights, and: A. files. B. content. C. activity. D. subjects.
D. Subjects
Every vendor that sells devices complying with the 802 standard, which includes modern Ethernet and Wi-Fi devices, is assigned a separate 24-bit identifier. The vendor's identifier forms the first 24 bits in the MAC address of the devices they sell. The vendor assigns a separate and unique 24-bit identifier to each device it builds. We form the MAC address by combining the vendor's identifier with the device's individual identifier. This allows a vendor to produce over 16 million devices with unique MAC addresses. How should a vendor assign addresses after using up the addresses already assigned to it? A. The vendor keeps using the same 24-bit identifier and starts the device numbering over at zero. B. The vendor's 24-bit identifier is incremented by one and device numbering starts over at zero. C. The vendor widens the device number by one bit to allow for device number overflow. D. The vendor is assigned a new 24-bit identifier and starts the device numbering over at zero.
D. The Vendor is Assigned a New 24-Bit Identifier and Starts the Device Numbering Over at Zero
When we receive an email message, in what order do the "Received" headers appear? A. The first "Received" header comes from the MTA that placed the message in the recipient's mailbox, and the remaining "Received" headers appear in order of oldest to newest. B. The "Received" headers appear in an arbitrary order. C. The first "Received" header comes from the MTA that first received the message, and the remaining "Received" headers appear from oldest to newest. D. The first "Received" header comes from the MTA that placed the message in the recipient's mailbox, and the remaining "Received" headers appear in order of newest to oldest.
D. The first "Received" header comes from the MTA that placed the message in the recipient's mailbox, and the remaining "Received" headers appear in order of newest to oldest.
Which of the following items would generally NOT be considered personally identifiable information (PII)? A. Social Security number B. Name C. Driver's license number D. Trade secret
D. Trade Secret
Adam is evaluating the security of a web server before it goes live. He believes that an issue in the code allows an SQL injection attack against the server. What term describes the issue that Adam discovered? A. Risk B. Threat C. Impact D. Vulnerability
D. Vulnerability
True or False? A network attack in which someone forges network traffic would be considered an active attack.
True
True or False? A personnel safety plan should include an escape plan.
True
True or False? A bit-flipping attack is not knowing what the message says and changing it bit by bit.
False
True or False? A browser cookie, usually just called a "browser," is a piece of data stored by a browser on behalf of a web server.
False
True or False? A business impact analysis (BIA) details the steps to recover from a disruption and restore the infrastructure necessary for normal business operations.
False
True or False? A disadvantage of message switching is that the message is divided along its journey.
False
True or False? A script kiddy is sharing with someone who visits our living or working space, getting physical access to the computer.
False
True or False? All forgeries can be detected by examining the oldest Received header.
False
True or False? An operating system provides six access rights for files.
False
True or False? Both Windows and Unix include permission flags in their file security mechanisms.
False
True or False? Continuity of critical business functions and operations is the first priority in a well-balanced business continuity plan (BCP).
False
True or False? Under the Gramm-Leach-Bliley Act (GLBA), a customer is any person who gets a consumer financial product or service from a financial institution.
False
True or False? A DVD player handles all key managements.
True
True or False? A compromised computer is no longer trustworthy because it may have been subverted.
True
True or False? A computer's basic input/output system (BIOS) is a computer program stored in read-only memory (ROM).
True
True or False? A disaster recovery plan (DRP) directs the actions necessary to recover resources after a disaster.
True