INFO SEC CHAPTER 01-04
True
A Trojan horse is an example of malicious software.
False
A common problem that makes password attacks effective is that many people use complex phrases as their password.
False
A drawback to public key infrastructure (PKI) is that the two parties must have prior knowledge of one another in order to establish a relationship.
True
A fence should limit an intruder's access to a facility as well as provide a psychological barrier.
False
A frame is the mechanism that performs data management.
True
A link state routing protocol calculates the best path to a target network by one or more metrics, such as delay, speed, or bandwidth.
code of ethics to which each subscribes
A major difference between a malicious hacker and an ethical hacker is the _________.
True
A man-in-the-middle (MitM) attack is carried out when an attacker gets between two users with the goal of intercepting and modifying packets.
false acceptance rate (FAR)
A measurement of the percentage of individuals who have gained access to a system via biometrics but should not have been granted such access is called ________.
false rejection rate (FRR)
A measurement of the percentage of individuals who should have been granted to a system via biometrics but were not allowed access is called the ________.
lock
A mechanical or electronic device designed to secure, hold, or close items operated by a key, combination, or keycard is a ________.
True
A one-way hash function is also known as a fingerprint.
relatively easy to compute one way but hard to undo or reverse
A one-way hashing function is designed to be ________.
gate
A point where all traffic must enter or exit a facility is called a ________.
False
A retina pattern system is an eye recognition system that matches the person's blood vessels on the back of the eye.
mantrap
A structure that replaces a normal single door with a phone booth-sized space with a door on each side is called a ________.
False
A system can be considered completely secure once it passes an IT audit.
True
A vulnerability assessment is a survey of a system to identify as many vulnerabilities as possible.
Confidentiality
Acme Widgets recently experienced an attack in which the attacker broke into a file server and stole product plans. Which of the following is a goal of information security that was violated?
Nonrepudiation
Alice sends a message to Bob. She uses cryptography to ensure that Bob will be able to prove to another person that the message in his possession actually came from Alice. What goal of cryptography is Alice attempting to achieve?
False
An advantage to brute-force password attacks is that they take little time to perform even as key lengths increase.
True
An ethical hacker must strive to maintain the integrity of the Confidentiality, Integrity, and Availability (C-I-A) triad.
True
As the information moves up from the Physical Layer to the Data Link Layer of the OSI Reference Model, the ability to handle physical addresses, framing, and error handling and messaging is added.
True
Asymmetric encryption addresses the key distribution problem inherent with symmetric encryption.
True
At the Presentation Layer of the OSI Reference Model, data is put into a format that programs operating at the Application Layer can understand.
True
Because Voice over IP (VoIP) data is transmitted over a network as data packets much like any other data, it is susceptible to most of the attacks that affect regular data transmission.
80
Beth would like to eavesdrop on network traffic resulting from users browsing the Web. Which port would provide her with the most information about user web activity?
the deny-all principle
Blocking all ports by default and allowing only those ports that are needed is known as ________.
False
Bluetooth, which is a short-range communication technology, has been shown to be very difficult to attack.
False
Bollards must be permanent structures to prevent vehicles from ramming buildings.
questioning of other details, such as the results of the test
Breaking the trust a client has placed in an ethical hacker can lead to the ________.
30
Brian is designing an asymmetric encryption scheme that will be used by 15 people. How many encryption keys are required to implement this system?
Spyware
Carrie is examining a piece of malware and determines that it was gathering information about the user of a system. Which of the following terms can she use to describe this malware?
True
Ciphers utilize single letters or short sequences of letters to perform encryption.
Bollards
Courtney is designing a physical security program for a store she manages. She would like to prevent vehicles from driving through the front doors of the store but not restrict pedestrian access. What is the most appropriate control?
False
Criminal hackers are typically information security (InfoSec) professionals who engage in hacking activities to uncover vulnerabilities in hopes of fixing them and making systems more secure.
True
Criminals tend to pick locks because it is a stealthy way to bypass a lock and can make it harder for the victim to determine what has happened.
the ability to hack into systems and remain undetected
Cryptography provides all of the following except ________.
UDP header**
Dhruv is conducting network traffic analysis and is examining a suspicious HTTP packet using the Wireshark protocol analyzer. He would like to examine the destination port of the packet. Where in the packet should he look for this information?
IP header
Dhruv is conducting network traffic analysis and is examining a suspicious network packet using the Wireshark protocol analyzer. He would like to examine the source Internet Protocol (IP) address of the packet. Where in the packet should he look for this information?
provide a form of identification on the Internet and in other areas
Digital certificates ________.
True
Digital signatures combine public key cryptography and hashing.
determine why a penetration test and its associated tasks are necessary
During the planning phase of a penetration test, the aim should be to ________.
True
Encapsulation is the process of "packaging" information prior to transmitting it from one location to another.
True
Encryption can be applied on a file, a folder, or an entire hard disk.
False
Ethical hacking does not always require the explicit permission of the owner of the target.
False
Examining the Physical Layer of the OSI Reference Model will reveal understanding of the information being transmitted.
True
Flow control is responsible for ensuring that what is being sent does not overwhelm or exceed the capabilities of a given physical connection.
True
For both symmetric and asymmetric cryptography, data is encrypted by applying the key to an encryption algorithm.
False
For security purposes, a facility can never have too much lighting.
Hollow core
From a security standpoint, which of the following is NOT desirable in a door?
True
Glare can be an issue with lighting used as a security control.
Standby
Greg is designing the lighting scheme for a building. He would like the lights to be randomly turned on to create an impression of activity. Which lighting scheme should he use?
Exfiltration
Gwen is investigating a security incident. She discovered evidence that the attacker obtained a sensitive file and sent it to a cloud service. What stage of the attack does this evidence address?
False
Hacking has always been motivated by causing damage or stealing information.
False
Hacktivism is considered an ethical form of hacking.
Black box
Harry is planning to hire a consultant to perform a penetration test. He would like the test to simulate a real attack as closely as possible. What test type should he use?
verify the integrity of the message
Hashing is involved with digital signatures. A hashing algorithm creates a hash to ________.
False
If a company invests in an intrusion detection system (IDS), other security controls will be unnecessary.
True
If an ethical hacker breaks a limit placed upon a penetration test, there may be sufficient cause for a client to take legal action against the ethical hacker.
False
In black-box penetration testing, advanced knowledge is provided to the testing team.
True
In information security, the concept of defense in depth is based on the concept of layering more than one control. These controls can be physical, administrative, or technical in design.
be put in promiscuous mode
In order to realize the full potential of a sniffer, the network card must ________.
False
In symmetric encryption, one key is used for encryption and a separate key is used for decryption.
True
In symmetric encryption, the length of the key and the quality of the algorithm will determine how secure the encryption system is.
False
In the ethical hacking and security process, all assets are considered to have equal value for an organization.
False
Information in faxes is generally transmitted in a protected manner.
True
Infrared intrusion detection systems can detect activity outside the normal visual range.
False
Inside attacks against an organization do not cause a serious threat because users do not have adequate system access.
True
Internet Protocol (IP) addresses are nonpersistent addresses.
False
Intrusion detection systems (IDSs) and intrusion prevention systems (IPSs) are considered physical controls.
True
It is possible for a penetration test to result in systems or services shutting down and completely stopping a company's operations.
Degaussing
Kyle is responsible for sanitizing hard drives that contain sensitive information before they may be reused. Which of the following provides the strongest level of protection?
Grade 1
Lin is designing the locks for a sensitive data center facility. She would like to choose the strongest possible lock that is appropriate for use in a commercial facility. What type of lock should she choose?
False
Mantraps encourage piggybacking, which is the practice of one individual opening the door to let several others enter.
Motive
Maria is conducting a security investigation and has identified a suspect. The suspect is an employee of the organization who had access to a file share containing sensitive information. The employee routinely accesses that share during the normal course of business but is suspected of stealing sensitive information from it and sending it to a competitor. Which element of a crime has Maria NOT yet established?
10%
Mateo is testing a new biometric security control. In his testing, 10 authorized users attempted to access the facility; 9 of them were granted access while 1 was denied access. Ten unauthorized users also attempted to access the facility but all were turned away. What is the false rejection rate (FRR) of this control?
False
Most encryption cannot be broken.
False
Over the past few years, the hacking community has engaged in more "lone wolf" types of hacking activities as opposed to working as teams.
True
Penetration testing involves simulating an attack in order to determine what would happen to an organization if an actual attack occurs.
True
Penetration testing requires rules to be agreed upon in advance.
penetration testing steps
Planning, discovery, attack, and reporting are considered _________.
True
Polycarbonate acrylic windows are much stronger than standard glass, offering superior protection.
True
Pretty Good Privacy (PGP) offers strong protection for email.
hacking steps
Reconnaissance, scanning, infiltration and escalation, exfiltration, access extension, assault, and obfuscation are considered ________.
Physical or Network Access Layer
Repeaters, hubs, bridges, and switches are typically part of which layer of the TCP/IP model?
Enhance an existing policy.
Ryan received a security audit that included a finding that the organization lacked sufficient administrative controls in their security program. What action could he take to address this finding?
common cryptographic systems
Secure Shell (SSH), Transport Layer Security (TLS), and Challenge Handshake Authentication Protocol (CHAP) are ________.
True
Security guards can be very real deterrents in addition to being able to make decisions and think through situations.
False
Sniffers are physical devices used to record everything a person types on the keyboard.
True
Sniffers are useful and problematic at the same time because network traffic that might include sensitive data can be viewed through the use of a sniffer.
False
Static routing is used mainly on large networks because it is easy to keep up to date.
True
Substitution, transposition, stream, and block are common forms of ciphers.
True
Symmetric encryption algorithms are inherently faster than asymmetric algorithms.
False
Symmetric encryption is also called public key cryptography.
False
The Application Layer of the OSI Reference Model is responsible for the creation, termination, and management of a given connection.
True
The Media Access Control (MAC) address is also sometimes known as the physical address of a system.
True
The OSI Reference Model functions in a predictable and structured fashion designed to ensure compatibility and reliability.
True
The Physical Layer of the OSI Reference Model dictates how the information is to be sent.
True
The Robin Hood ideal is a hacker justification for stealing software and other media from "rich" companies and delivering them to "poor" consumers.
True
The Transport Layer is responsible for communication between host computers.
wiretapping
The act of a third party covertly monitoring Internet and telephone conversations is called ________.
False
The environment in which a new facility is constructed has little impact on the level and type of security needed.
Disclosure
The ethical hacker is tasked with evaluating the overall state of the foundational tenets of InfoSec security. The core principles involve preserving all of the following except ________.
True
The first phase of penetration testing is to plan the test.
False
The goals of confidentiality and integrity are basically the same.
generate key pairs and bind a user's identity to the public key
The main function or capability of certificate authorities (CAs) is to ________.
False
The more secure a system becomes, the more convenient it tends to be.
True
The primary piece of equipment located at the Network or Internet Layer of the OSI Reference Model is the router.
True
The public key infrastructure (PKI) framework exists to manage, create, store, and distribute keys and digital certificates safely and securely.
True
The terms algorithm and cipher describe the formula or process used to perform encryption.
True
Through the use of protocols, dissimilar systems can communicate quickly, easily, and efficiently.
Kellie's private key
Tim sent a confidential, encrypted message to Kellie using asymmetric cryptography. What key should Kellie use to decrypt the message?
Kellie's public key
Tim would like to send a confidential, encrypted message to Kellie using asymmetric cryptography. What key should Tim use to create the message?
A shared secret key
Tim would like to send a confidential, encrypted message to Kellie using symmetric cryptography. What key should Tim use to create the message?
True
U.S. laws regulate the exportation of cryptographic systems.
False
User Datagram Protocol (UDP) provides reliable communication through the use of handshaking, acknowledgments, error detection, and session teardown.
True
Vandalism is a type of human security threat.
Reverse Address Resolution Protocol (RARP)
Vic is investigating a suspicious system on his network and would like to determine the Internet Protocol (IP) address associated with a known Media Access Control (MAC) address. What protocol can provide him with this information?
User Datagram Protocol (UDP)
What is a connectionless protocol that offers speed and low overhead as its primary advantage?
Transport Layer Security (TLS)
What is a mechanism used to encrypt communication between two parties?
SYN flood
What is a type of denial of service (DoS) attack?
Ethernet
What is the most common type of network, which is also referred to as IEEE 802.3?
Public key infrastructure (PKI)
What provides a framework through which two parties can establish a trusted relationship even if the parties have no prior knowledge of one another?
Symmetric encryption
What type of encryption uses the same key to encrypt and to decrypt information?
The camera's effectiveness in viewing objects from a horizontal and vertical view
When considering closed circuit TV as a security measure, the focal length must be considered. What is focal length?
False
When it comes to fencing, 2-inch mesh is more secure than 3/8-inch mesh.
different but complementary skills
When performing a penetration test, the team should generally include members with _______.
Diffie-Hellman
Which asymmetric algorithm, based on modular logarithms, is used to establish and exchange asymmetric keys over an insecure medium?
Voice over IP (VoIP)
Which of the following allows the placing of telephone calls over computer networks and the Internet?
A pry bar is used to pry the lock away from the door.
Which of the following is NOT a step in the common lock picking method of scraping?
Distribution
Which of the following is NOT considered one of the three types of controls you can use to mitigate risk?
It is one of the highest-cost security controls that can be implemented by an organization.
Which of the following is NOT true of lighting?
They direct traffic using physical addresses as opposed to logical addresses.
Which of the following is NOT true of routers?
False alarms tied to the police may result in fines.
Which of the following is a disadvantage of alarms?
IPv6 addresses are 128-bit numbers.
Which of the following is true of IPv6?
Cipher
Which of the following lock types are smart and programmable?
Wi-Fi Protected Access (WPA)**
Which of the following offers the greatest level of security for wireless networks?
Exploit
Which of the following refers to a piece of software, a tool, or a technique that targets or takes advantage of a vulnerability?
Hacktivism
Which of the following refers to hacking that is carried out to bring attention to a cause or to achieve ideological goals?
Penetration testing
Which of the following refers to the structured and methodical means of investigating, uncovering, attacking, and reporting on a target system's strengths and vulnerabilities?
If the holder of the private key encrypts something with the private key, only other individuals with access to the private key can decrypt.
Which of the following statements is NOT true regarding asymmetric encryption?
Ethical hackers engage in their activities only with the permission of the asset owner.
Which of the following statements is true regarding ethical hackers?
Biometrics
Which of the following types of authentication is based on a behavioral or physiological characteristic that is unique to an individual?
Brute-force password attack
Which password attack method tries every possible sequence of keys until the correct one is found?
Dictionary password attack
Which password attack method uses long lists of words that have been predefined and can be quickly downloaded for use to break a password that is a word or a name?
Address Resolution Protocol (ARP)
Which protocol resolves an Internet Protocol v4 (IPv4) address to an unknown Media Access Control (MAC) address?
Neighbor Discovery Protocol (NDP)
Which protocol runs on IPv6 networks and provides services similar to Address Resolution Protocol (ARP)?
Nonrepudiation
Which term refers to the ability to ensure that a message originated from a specific party?
Integrity
Which term refers to the ability to verify that information has not been altered and has remained in the form originally intended by the creator?
Authentication
Which term refers to the process of positively identifying a party as a user, computer, or service?
Transmission Control Protocol (TCP) and User Datagram Protocol (UDP)
Which two protocols are associated with the Host-to-Host Layer of the TCP/IP model?
Physical attack
Which type of penetration test includes anything that targets equipment or facilities and can also include actions against people, such as social engineering-related threats?
Administrative attack
Which type of penetration test is designed to find loopholes or shortcomings in how tasks and operational processes are performed?
Technical attack
Which type of penetration test is designed to simulate an attack against technology from either the inside or the outside depending on the goals and intentions of the client?
Turnstile
Which type of physical control device is commonly used at sporting events, subways, and amusement parks to slow the flow of foot traffic into areas and allow screening and authentication of individuals prior to entering an area?
Contactless
Which type of token does NOT require that the card be inserted or slid through a reader?
True
White-hat hackers are sometimes referred to as ethical hackers.
True
With asymmetric encryption, information is encrypted by the sender with the receiver's public key and the information is decrypted by the receiver with the private key.
Domain Name System (DNS)
________ is designed to convert fully qualified domain names (FQDNs) into numeric Internet Protocol (IP) addresses or IP addresses into FQDNs.