ITS415 EXAM REVIEW
A. Threat surface
A boundary that encapsulates objects that require a degree of protection to meet their information security needs is defined as which of the following?
C. Annualized rate of occurrence
ARO stands for which of the following with regards to a risk event?
A. ACL
Adam recently configured permissions on an NTFS filesystem to describe the access that different users may have on a file by listing each user individually. What did Adam create?
B. Privilege creep
After 10 years of working in her organization, Cassandra is moving into her fourth role, this time as a manager in the accounting department. What issue is likely to show up during an account review if her organization does not have strong account maintenance practices?
B. Risk transference
After conducting a qualitative risk assessment of her organization, Sally recommends purchasing cybersecurity breach insurance. What type of risk response behavior is she recommending?
C. Transposition
Alan intercepts an encrypted message and wants to determine what type of algorithm was used to create the message. He first performs a frequency analysis and notes that the frequency of letters in the message closely matches the distribution of letters in the English language. What type of cipher was most likely used to create this message?
C. Bob's public key
Alice and Bob would like to use an asymmetric cryptosystem to communicate with each other. They are located in different parts of the country but have exchanged encryption keys by using digital certificates signed by a mutually trusted certificate authority.If Alice wants to send Bob an encrypted message, what key does she use to encrypt the message?
D. Bob's private key
Alice and Bob would like to use an asymmetric cryptosystem to communicate with each other. They are located in different parts of the country but have exchanged encryption keys by using digital certificates signed by a mutually trusted certificate authority.When Bob receives the encrypted message from Alice, what key does he use to decrypt the message?
C. authentication.
Ana goes for the SSCP exam where she is made to go through the retina scan. The security coordinators of the examination are performing an act of:
A. Steganography
Ana is using a technique in which she is hiding a secret data within an ordinary, non-secret, file, or message for avoiding detection; the secret data is then extracted at its destination. This scenario describes which of the following?
D. Nonrepudiation
Ben is designing a messaging system for a bank and would like to include a feature that allows the recipient of a message to prove to a third party that the message did indeed come from the purported originator. What goal is Ben trying to achieve?
D. Hybrid cloud
Brian recently joined an organization that runs the majority of its services on a virtualization platform located in its own data center but also leverages an IaaS provider for hosting its web services and a SaaS email system. What term best describes the type of cloud environment this organization uses?
C. SSH scanning
Bruce is seeing quite a bit of suspicious activity on his network. It appears that an outside entity is attempting to connect to all of his systems using a TCP connection on port 22. What type of scanning is the outsider likely engaging in?
A. TCP 20 and 21
Chris is configuring an intrusion detection system to monitor for unencrypted FTP traffic. What ports should Chris use in his configuration?
A. Systems replacement and retirement
Due to the increased risk exposure, an organization chooses to stop using one set of systems and capabilities and change that set with something else. This scenario describes which stage of the waterfall model?
B. FTP and Telnet
During a port scan using nmap, Joseph discovers that a system shows two ports open that cause him immediate worry: 21/open and 23/open. What services are likely running on those ports?
C. PGP
Ed has been asked to send data that his organization classifies as confidential and proprietary via email. What encryption technology would be appropriate to ensure that the contents of the files attached to the email remain confidential as they traverse the Internet?
A. Confidentiality
Frank discovers a keylogger hidden on the laptop of his company's chief executive officer. What information security principle is the keylogger most likely designed to disrupt?
B. Clearance and need to know
Gary is preparing to create an account for a new user and assign privileges to the HR database. What two elements of information must Gary verify before granting this access?
A. 56 bits
How many bits of keying material does the Data Encryption Standard (DES) use for encrypting information?
C. 32
How many possible keys exist for a cipher that uses a key containing 5 bits?
B. Hypervisor
In a virtualized computing environment, what component is responsible for enforcing separation between virtual machines?
A. Transport layer
In the OSI model, when a data stream is converted to a segment or a datagram, what layer has it traversed?
A. Man-in-the-middle
In what type of attack do attackers manage to insert themselves into a connection between a user and a legitimate website?
A. Blind hijacking
Jack has sniffed an ample amount of traffic between the targeted victim and an authenticated resource. He has been able to correctly inject malicious command into the communications stream but cannot see results, such as error messages or system response directly. What does this scenario define?
A. Ethical penetration
Jack, a security administrator, wants to actively find and exploit vulnerabilities in an organization's information security posture, processes, procedures, and systems. Which testing should he perform to accomplish the task?
C. Change Control Board
Jasper Diamonds is a jewelry manufacturer that markets and sells custom jewelry through its website. Bethany is the manager of Jasper's software development organization, and she is working to bring the company into line with industry standard practices. She is developing a new change management process for the organization and wants to follow commonly accepted approaches.Jasper would like to establish a governing body for the organization's change management efforts. What individual or group within an organization is typically responsible for reviewing the impact of proposed changes?
D. Incident response plan
Jasper Diamonds is a jewelry manufacturer that markets and sells custom jewelry through its website. Bethany is the manager of Jasper's software development organization, and she is working to bring the company into line with industry-standard practices. She is developing a new change management process for the organization and wants to follow commonly accepted approaches.Which of the following elements is not a crucial component of a change request?
C. Set up a one-way trust.
Jim wants to allow a partner organization's Active Directory forest (B) to access his domain forest's (A)'s resources but doesn't want to allow users in his domain to access B's resources. What should he do?
A. Acceptance
Joe is conducting a test for evaluating the system's compliance with the business requirements and verifying if it has met the required criteria for delivery to the end-users. Which testing is he performing?
D. No Access
Joe is the security administrator for an ERP system. He is preparing to create accounts for several new employees. What default access should he give to all of the new employees as he creates the accounts?
A. Availability
John's network begins to experience symptoms of slowness. Upon investigation, he realizes that the network is being bombarded with the TCP SYN packets and believes that his organization is the victim of a denial-of-service attack. What principle of information security is being violated?
A. 22
Kara used Nmap to perform a scan of a system under her control and received the results shown here. If Kara's primary concern is preventing administrative connections to the server, which port should she block?
B. 80
Kara used Nmap to perform a scan of a system under her control and received the results shown here. If Kara's primary concern is preventing eavesdropping attacks, which port should she block?
A. Brute-force
Kim is studying about different attacks. While going through the topic, she came to know about an attack in which an attacker relies on guessing possible combinations of a targeted password until the correct password is discovered for decoding sensitive data. Which attack is Kim studying about?
A. Need to know
Lydia is processing access control requests for her organization. She comes across a request where the user does have the required security clearance, but there is no business justification for the access. Lydia denies this request. What security principle is she following?
D. Richard's private key
Matthew and Richard are friends located in different physical locations who would like to begin communicating with each other using cryptography to protect the confidentiality of their communications. They exchange digital certificates to begin this process and plan to use an asymmetric encryption algorithm for the secure exchange of email messages.When Richard receives the message from Matthew, what key should he use to decrypt the message?
C. HIDS
Melanie suspects that someone is using malicious software to steal computing cycles from her company. Which security tool would be in the best position to detect this type of incident?
C. CA's public key
Mike and Renee would like to use an asymmetric cryptosystem to communicate with each other. They are located in different parts of the country but have exchanged encryption keys by using digital certificates signed by a mutually trusted certificate authority (CA). The certificate authority has created Renee's digital certificate.When Mike receives Renee's digital certificate, what key does he use to verify the authenticity of the certificate?
D. CA's private key
Mike and Renee would like to use an asymmetric cryptosystem to communicate with each other. They are located in different parts of the country but have exchanged encryption keys by using digital certificates signed by a mutually trusted certificate authority (CA).When the certificate authority created Renee's digital certificate, what key did it use to digitally sign the completed certificate?
A. Renee's public key
Mike and Renee would like to use an asymmetric cryptosystem to communicate with each other. They are located in different parts of the country but have exchanged encryption keys by using digital certificates signed by a mutually trusted certificate authority. The certificate authority (CA) has created Renee's digital certificate, which was received by Mike.Now, Mike would like to send Renee a private message after verifying the authenticity of the certificate. To provide confidentiality, what key should he use to encrypt the message?
A. Renee's public key
Mike and Renee would like to use an asymmetric cryptosystem to communicate with each other. They are located in different parts of the country but have exchanged encryption keys by using digital certificates signed by a mutually trusted certificate authority.When the certificate authority (CA) created Renee's digital certificate, what key was contained within the body of the certificate?
D. Risk Acceptance
Rolando is a risk manager with a large-scale enterprise. The firm recently evaluated the risk of California mudslides on its operations in the region and determined that the cost of responding outweighed the benefits of any controls it could implement. The company chose to take no action at this time. What risk strategy did Rolando's organization pursue?
A. Trojan horse
Ryan's system is acting strangely since he downloaded a program. After examining the program and comparing it to the source on the vendor's Website, he finds that the program is not legitimate. Which type of malware probably infected his system in the given scenario?
A. Quantitative
Sally has been asked to determine the impact of a risk due to the tornado occurrence. Which risk assessment technique will she use to calculate the cost and monetary values to identify the impact of the risk?
A. Transport layer
Segmentation and error checking all occur at what layer of the OSI model that is associated with SSL, TLS, and UDP?
A. DNS
The company employees on a network can ping resources using IP addresses. However, they are not able to connect to those resources through their domain names. The failure of which of the following may be the cause of the issue?
B. NTP
The company that Jennifer works for has implemented a central logging infrastructure, as shown in the following figure. What technology should an organization use for each of the devices shown in the figure to ensure that logs can be time-sequenced across the entire infrastructure?
A. Identity proofing
The financial services company that Susan works for provides a web portal for its users. When users need to verify their identity, the company uses information from third-party sources to ask questions based on their past credit reports, such as "Which of the following streets did you live on in 2007?" What process is Susan's organization using?
A. Data, Segment, Packet, Frame
The information is packaged in which of the following orders during encapsulation?
B. Segmentation
The process of breaking a large network into smaller ones is known as which of the following?
A. Exfiltration
The unauthorized movement by copying data from within an information system, whether by an authorized user or an external, unauthorized attacker is defined as which of the following?
B. Privilege escalation
The unauthorized users are able to obtain access to additional resources of an organization that they are normally not allowed to access. Which type of attack is being described in the given scenario?
B. Risk Appetite
The willingness of an organization to accept the risk, and on how leadership makes decisions about risk is referred to as ___________.
D. 0.01
Tom is considering locating a business in the downtown area of Miami, Florida. He consults the FEMA flood plain map for the region and determines that the area he is considering lies within a 100-year flood plain. What is ARO of a flood in this area?
D. Revoking electronic access rights
Tom is planning to terminate an employee this afternoon for fraud and expects that the meeting will be somewhat hostile. He is coordinating the meeting with human resources and wants to protect the company against damage. Which of the following steps is most important to coordinate in time with the termination meeting?
B. 68
What UDP port is used by the Dynamic Host Configuration Protocol?
A. Reflects the need to counter the more advanced persistent threats and the increasing risk of data exfiltration associated with many of them B. Shifts the security focus from the perimeter to step-by-step, node-by-node movement and action within the organization's information infrastructure D. Promises to more effectively contain a threat, whether an outsider or insider and thus limit the possibility of damage or loss
What are the roles of the zero trust network design and access control in organizational information security?Each correct answer represents a complete solution. Choose all that apply.
A. Authentication B. Accounting C. Authorization
What are the services provided by Remote Authentication Dial-In User Service (RADIUS)?Each correct answer represents a complete solution. Choose all that apply.
D. Physical hardware
What component is identified by C in the figure?
A. Creates one or more packets by wrapping payload with source and destination IP addresses
What is the function of the Network layer in the OSI model?
B. Salt
What name is given to the random value added to a password in an attempt to defeat rainbow table attacks?
D. SSH
What protocol is preferred over Telnet for remote server administration via the command line?
B. Privilege creep
What term is used to describe the problem that occurs when users change jobs in an organization but never have the access rights associated with their old jobs removed?
D. Administrative
What type of access control is composed of policies and procedures that support regulations, requirements, and the organization's own policies?
B. Recovery
What type of access control is deployed to repair or restore resources, functions, and capabilities after a violation of security policies?
C. Authorization
Which access management concept defines what rights or privileges a subject has?
B. Data Link
Which layer of the OSI model is associated with frames?
C. BYOD
Which mobile device strategy is most likely to result in the introduction of vulnerable devices to a network?
A. DAC
Which of the following access control systems allows individual users to determine the security characteristics of objects, such as files, folders, or even entire systems, within their IT workspaces?
A. Information Classification
Which of the following administrative processes assists organizations in assigning appropriate levels of security control to sensitive information?
A. SSO
Which of the following allows one user identity with one set of authenticated credentials to access multiple, disparate systems to meet organizational needs?
A. HTTPS-Everywhere B. TOR
Which of the following are required for private and secure browsing?Each correct answer represents a complete solution. Choose all that apply.
A. Fingerprint B. Retinal vein pattern C. Voice pattern
Which of the following are the examples of biometric characteristics?Each correct answer represents a complete solution. Choose all that apply.
A. They should properly fund, staff, and support for risk mitigation strategies, as well as the chosen risk countermeasures and controls. B. They should go through regular reports shared by the information security team, which should consist of good news and bad news. C. They should ensure that the company's legal and regulatory reporting requirements should meet security systems event and incident data.
Which of the following are the responsibilities of senior management and leadership?Each correct answer represents a complete solution. Choose all that apply.
B. Community cloud
Which of the following can be established to provide cloud services to a group of users that can be defined as users requiring access to the same information to be used for a similar purpose?
A Impact Assessment
Which of the following characterizes how important and vital some kinds of information are to the organization?
A. SLA
Which of the following defines privacy requirements that keep the identity, usage patterns, and contract terms of one customer private from other customers?
A. Data on a backup tape
Which of the following does not describe data in motion?
A. Inform, guide, and shape risk management decisions by senior leadership. B. Provide the insight to choose a balanced, prudent mix of risk mitigation tactics and techniques. C. Guide the organization in accepting residual risk to goals, objectives, processes, or assets in areas where this is appropriate.
Which of the following information should be reflected in the business impact analysis?Each correct answer represents a complete solution. Choose all that apply.
A. SLA
Which of the following is a formal document that contains expectations about the availability and other performance parameters between a service provider and a customer?
A. Telemetry
Which of the following is defined as the data generated by a system or subsystem that is used to monitor its performance or state of health?
A. Data remanence
Which of the following is defined as the data that remains on or in a device or system after it has been shut down, powered off, or even physically removed from the larger information system it is a part of?
D. Policy Document
Which of the following is not an example of technical control?
D. ZIP code
Which of the following is not considered PII under U.S. federal government regulations?
C. Signature-based detection
Which of the following is not typically used to verify that a provisioning process was followed in a way that ensures that the organization's security policy is being followed?
A. Systems analysis, systems design, development and test, acceptance testing, operational deployment, systems replacement and retirement
Which of the following is the correct order of stages for the waterfall software development lifecycle model?
A. Key revocation
Which of the following is the key management process of informing all users that a particular key is no longer valid and that it should not continue to be used?
A. Bluesnarfing
Which of the following is the theft of information from a wireless device through a Bluetooth connection?
A. SNMP
Which of the following protocols is used by network administrators as a method of network management and can monitor, configure, and control network devices?
A. RARP
Which of the following protocols lets a machine request its IP address from other machines on the LAN segment?
A. IPSec
Which of the following protocols provides an open and extensible architecture that consists of a number of protocols and features used to provide greater levels of message confidentiality, integrity, authentication, and nonrepudiation protection?
A. RADIUS
Which of the following provides the central repository of access control information and the protocols by which access control and management systems can authenticate, authorize, and account for access requests?
B. SYN, SYN/ACK, ACK
Which of the following sequences properly describes the TCP three-way handshake?
A. Meets some specific business needs but is not as integrated into organizational systems planning, management, and control as other systems are B. May be kept apart for valid reasons, such as to achieve a more cost-effective solution to data protection needs or to support product, software, or systems development and testing C. Based on obsolete technologies, have been inherited from earlier business ventures or organizational structure
Which of the following statements are true about a standalone system?Each correct answer represents a complete solution. Choose all that apply.
A. Tries to keep sensitive information always encrypted, even when it is being used or displayed B. Dictates extensive changes to information systems architectures from central systems to end-user devices
Which of the following statements are true of pervasive encryption?Each correct answer represents a complete solution. Choose all that apply.
A. Keeps the user's identity, browsing history, and user-entered data confidential when interacting with webpages B. Provides ways for users to open a new window C. Uses add-ons such as HTTPS-Everywhere for secure browsing
Which of the following statements are true of private browsing?Each correct answer represents a complete solution. Choose all that apply.
A. The sender and the receiver go through a sequence of steps. D. The sender and the receiver have to keep track of which step the other has initiated, successfully completed.
Which of the following statements are true of the stateful communication process?Each correct answer represents a complete solution. Choose all that apply.
B. An attack previously unknown to the security community
Which of the following statements describes a zero-day vulnerability?
A. Firewall
Your organization needs to install a device that restricts unauthorized access to a network or computer. What type of hardware device will help in accomplishing the task?
