info sec Chapter 3,4,5 (Midterm)

Ace your homework & exams now with Quizwiz!

Ed wants to make sure that his system is designed in a manner that allows tracing actions to an individual. Which phase of access control is Ed concerned about?

Accountability

During which phase of the access control process does the system answer the question,"What can the requestor access?"

Authorization

The four central components of access control are users, resources, actions, and features. (T/F)

False

Which term describes an action that can damage or compromise an asset?

Threat

Failing to prevent an attack all but invites an attack. (T/F)

True

Which password attack is typically used specifically against password files that contain cryptographic hashes?

Birthday attacks

Tom is the IT manager for an organization that experienced a server failure that affected a single business function. What type of plan should guide the organization's recovery effort?

Business continuity plan (BCP)

Which item in a Bring Your Own Device (BYOD) policy helps resolve intellectual property issues that may arise as the result of business use of personal devices?

Data ownership

Earl is preparing a risk register for his organization's risk management program. Which data element is LEAST likely to be included in a risk register?

Description of the risk

What is the first step in a disaster recovery effort?

Ensure that everyone is safe.

Barry discovers that an attacker is running an access point in a building adjacent to his company. The access point is broadcasting the security set identifier (SSID) of an open network owned by the coffee shop in his lobby. Which type of attack is likely taking place?

Evil twin

Which type of attack involves the creation of some deception in order to trick unsuspecting users?

Fabrication

A rootkit uses a directed broadcast to create a flood of network traffic for the victim computer. (T/F)

False

An attacker uses exploit software when wardialing. (T/F)

False

Continuity of critical business functions and operations is the first priority in a well-balanced business continuity plan (BCP). (T/F)

False

Most enterprises are well prepared for a disaster should one occur. (T/F)

False

Passphrases are less secure than passwords. (T/F)

False

Regarding data center alternatives for disaster recovery, a mobile site is the least expensive option but at the cost of the longest switchover time. (T/F)

False

Spam is some act intended to deceive or trick the receiver, normally in email messages. (T/F)

False

The first step in creating a comprehensive disaster recovery plan (DRP) is to document likely impact scenarios. (T/F)

False

The number of failed logon attempts that trigger an account action is called an audit logon event. (T/F)

False

You should use easy-to-remember personal information to create secure passwords. (T/F)

False

What compliance regulation applies specifically to the educational records maintained by schools about students?

Family Education Rights and Privacy Act (FERPA)

Which of the following is NOT a benefit of cloud computing to organizations?

Lower dependence on outside vendors

Which of the following is an example of a hardware security control?

MAC filtering

Which one of the following is an example of a reactive disaster recovery control?

Moving to a warm site

Which one of the following is an example of a disclosure threat?

NOT Alteration

What is NOT a commonly used endpoint security technique?

Network firewall

Holly would like to run an annual major disaster recovery test that is as thorough and realistic as possible. She also wants to ensure that there is no disruption of activity at the primary site. What option is best in this scenario?

Parallel test

Tony is working with a law enforcement agency to place a wiretap pursuant to a legitimate court order. The wiretap will monitor communications without making any modifications. What type of wiretap is Tony placing?

Passive wiretap

Which one of the following is NOT an advantage of biometric systems?

Physical characteristics may change

Which group is the most likely target of a social engineering attack?

Receptionists and administrative assistants

Which of the following does NOT offer authentication, authorization, and accounting (AAA) services?

Redundant Array of Independent Disks (RAID)

George is the risk manager for a U.S. federal government agency. He is conducting a risk assessment for that agency's IT risk. What methodology is best suited for George's use?

Risk Management Guide for Information Technology Systems (NIST SP800-30)

What is NOT one of the three tenets of information security?

Safety

In which type of attack does the attacker attempt to take over an existing connection between two systems?

Session hijacking

As a follow-up to her annual testing, Holly would like to conduct quarterly disaster recovery tests that introduce as much realism as possible but do not require the use of technology resources. What type of test should Holly conduct?

Simulation test

Which one of the following is an example of two-factor authentication?

Smart card and personal identification number (PIN)

Users throughout Alison's organization have been receiving unwanted commercial messages over the organization's instant messaging program. What type of attack is taking place?

Spim

Which one of the following principles is NOT a component of the Biba integrity model?

Subjects cannot change objects that have a lower integrity level.

A surge protector is an example of a preventative component of a disaster recovery plan (DRP). (T/F)

True

Fingerprints, palm prints, and retina scans are types of biometrics. (T/F)

True

Log files are records that detail who logged on to a system, when they logged on, and what information or resources they used. (T/F)

True

The Government Information Security Reform Act (Security Reform Act) of 2000 focuses on management and evaluation of the security of unclassified and national security systems. (T/F)

True

The Gramm-Leach-Bliley Act (GLBA) addresses information security concerns in the financial industry. (T/F)

True

The business impact analysis (BIA) identifies the resources for which a business continuity plan (BCP) is necessary. (T/F)

True

The recovery point objective (RPO) is the maximum amount of data loss that is acceptable. (T/F)

True

The term risk management describes the process of identifying, assessing, prioritizing, and addressing risks. (T/F)

True

The tools for conducting a risk analysis can include the documents that define, categorize, and rank risks. (T/F)

True

An attacker attempting to break into a facility pulls the fire alarm to distract the security guard manning an entry point. Which type of social engineering attack is the attacker using?

Urgency

Dawn is selecting an alternative processing facility for her organization's primary data center. She would like to have a facility that balances cost and switchover time. What would be the best option in this situation?

Warm site

Yuri is a skilled computer security expert who attempts to break into the systems belonging to his clients. He has permission from the clients to perform this testing as part of a paid contract. What type of person is Yuri?

White-hat hacker

Which security model does NOT protect the integrity of information?

?

Which one of the following is the best example of an authorization control?

Access control lists

Which control is not designed to combat malware?

Firewalls

Which type of authentication includes smart cards?

Ownership

Which type of attack against a web application uses a newly discovered vulnerability that is not patchable?

Zero-day attack

The Children's Online Privacy Protection Act (COPPA) restricts the collection of information online from children. What is the cutoff age for COPPA regulation?

13

Which type of password attack attempts all possible combinations of a password in an attempt to guess the correct value?

Brute-force attack

Which characteristic of a biometric system measures the system's accuracy using a balance of different error types?

Crossover error rate (CER)

Gary would like to choose an access control model in which the owner of a resource decides who may modify permissions on that resource. Which model fits that scenario?

Discretionary access control (DAC)

Which one of the following is an example of a direct cost that might result from a business disruption?

Facility repair

Terminal Access Controller Access Control System Plus (TACACS+) is an authentication server that uses client and user configuration files. (T/F)

False

The anti-malware utility is one of the most popular backdoor tools in use today. (T/F)

False

The term risk methodology refers to a list of identified risks that results from the risk-identification process. (T/F)

False

Voice pattern biometrics are accurate for authentication because voices can't easily be replicated by computer software. (T/F)

False

Wardialers are becoming more frequently used given the rise of Voice over IP (VoIP). (T/F)

False

Betsy recently assumed an information security role for a hospital located in the United States. What compliance regulation applies specifically to healthcare providers?

HIPAA

Which one of the following is an example of a logical access control?

Password

A hospital is planning to introduce a new point-of-sale system in the cafeteria that will handle credit card transactions. Which one of the following governs the privacy of information handled by those point-of-sale terminals?

Payment Card Industry Data Security Standard (PCI DSS)

Which tool can capture the packets transmitted between systems over a network?

Protocol analyzer

Alan is developing a business impact assessment for his organization. He is working with business units to determine the maximum allowable time to recover a particular function. What value is Alan determining?

Recovery time objective (RTO)

What is an XML-based open standard for exchanging authentication and authorization information and is commonly used for web applications?

Security Assertion Markup Language (SAML)

What type of malicious software masquerades as legitimate software to entice the user to run it?

Trojan horse

A DoS attack is a coordinated attempt to deny service by occupying a computer to perform large amounts of unnecessary tasks. (T/F)

True

A birthday attack is a type of cryptographic attack that is used to make brute-force attack of one-way hashes easier. (T/F)

True

A degausser creates a magnetic field that erases data from magnetic storage media. (T/F)

True

A dictionary attack works by hashing all the words in a dictionary and then comparing the hashed value with the system password file to discover a match. (T/F)

True

A dictionary password attack is a type of attack in which one person, program, or computer disguises itself as another person, program, or computer to gain access to some resource. (T/F)

True

A disaster recovery plan (DRP) directs the actions necessary to recover resources after a disaster. (T/F)

True

A phishing email is a fake or bogus email intended to trick the recipient into clicking on an embedded URL link or opening an email attachment. (T/F)

True

A smart card is a token shaped like a credit card that contains one or more microprocessor chips that accept, store, and send information through a reader. (T/F)

True

A trusted operating system (TOS) provides features that satisfy specific government requirements for security. (T/F)

True

An alteration threat violates information integrity. (T/F)

True

Rootkits are malicious software programs designed to be hidden from normal methods of detection. (T/F)

True

Single sign-on (SSO) can provide for stronger passwords because with only one password to remember, users are generally willing to use stronger passwords. (T/F)

True

When servers need operating system upgrades or patches, administrators take them offline intentionally so they can perform the necessary work without risking malicious attacks. (T/F)

True

Florian recently purchased a set of domain names that are similar to those of legitimate websites and used the newly purchased sites to host malware. Which type of attack is Florian using?

Typosquatting

Which one of the following is NOT a commonly accepted best practice for password security?

Use at least six alphanumeric characters.

Bob is using a port scanner to identify open ports on a server in his environment. He is scanning a web server that uses Hypertext Transfer Protocol (HTTP). Which port should Bob expect to be open to support this service?

80

Alan is evaluating different biometric systems and is concerned that users might not want to subject themselves to retinal scans due to privacy concerns. Which characteristic of a biometric system is he considering?

Acceptability

Brian notices an attack taking place on his network. When he digs deeper, he realizes that the attacker has a physical presence on the local network and is forging Media Access Control (MAC) addresses. Which type of attack is most likely taking place?

Address Resolution Protocol (ARP) poisoning

A security policy is a comparison of the security controls you have in place and the controls you need in order to address all identified threats. (T/F)

False

DIAMETER is a research and development project funded by the European Commission. (T/F)

False

Denial of service (DoS) attacks are larger in scope than distributed denial of service (DDoS) attacks. (T/F)

False

What level of technology infrastructure should you expect to find in a cold site alternative data center facility?

No technology infrastructure

Which formula is typically used to describe the components of information security risks?

Risk = Threat X Vulnerability

Tomahawk Industries develops weapons control systems for the military. The company designed a system that requires two different officers to enter their access codes before allowing the system to engage. Which principle of security is this following?

Separation of duties

The ___________ is the central part of a computing environment's hardware, software, and firmware that enforces access control.

security kernel

Common methods used to identify a user to a system include username, smart card, and biometrics. (T/F)

True

What is a single sign-on (SSO) approach that relies upon the use of key distribution centers (KDCs) and ticket-granting servers (TGSs)?

Kerberos

Which type of denial of service attack exploits the existence of software flaws to disrupt a service?

Logic attack

Maria's company recently experienced a major system outage due to the failure of a critical component. During that time period, the company did not register any sales through its online site. Which type of loss did the company experience as a result of lost sales?

Opportunity cost


Related study sets

Lesson 1 Wordly Wise 3000 Book 8

View Set

Federal Statutes, State Enactments and Subsidiary Legislation

View Set

152 Questions to Summarize* AP Human Geo Unit 2: Population and Migration

View Set

Blood Gas Electrodes and Quality Assurance Ch 4 RES 121

View Set

CST REVIEW: AST Practice Exams 1-6

View Set

Populations virtual sim quizzes (modules 1, 6, 5)

View Set