ITSY TEST 2 5-8

Ace your homework & exams now with Quizwiz!

Ed wants to make sure that his system is designed in a manner that allows tracing actions to an individual. Which phase of access control is Ed concerned about?

Accountability

What is NOT a principle for privacy created by the Organization for Economic Cooperation and Development (OECD)?

An organization should share its information.

In an accreditation process, who has the authority to approve a system for implementation?

Authorizing official (AO)

Which security model does NOT protect the integrity of information?

Bell-LaPadula

Which activity manages the baseline settings for a system or device?

Configuration control

Forensics and incident respons are examples of ___________ controls.

Corrective

Which characteristic of a biometric system measures the system's accuracy using a balance of different error types?

Crossover error rate (CER)

What information should an auditor share with the client during an exit interview?

Details on major issues

Gary would like to choose an access control model in which the owner of a resource decides who may modify permissions on that resource. Which model fits that scenario?

Discretionary access control (DAC)

Curtis is conducting an audit of an identity management system. Which question is NOT likely to be in the scope of his audit?

Does the firewall properly block unsolicited network connection attempts?

What is a key principle of risk management programs?

Don't spend more to protect an asset than it is worth.

A SOC 1 report primarily focuses on security.

False

A business impact analysis (BIA) details the steps to recover from a disruption and restore the infrastructure necessary for normal business operations

False

During the secure phase of a security review, you review and measure all controls to capture actions and changes on the system.

False

Jake has been asked to help test the business continuity plan at an offsite location while the system at the main location is shut down. He is participating in a parallel test.

False

Often an extension of a memorandum of understanding (MOU) , the blanket purchase agreement (BPA) serves as an agreement that documents the technical requirements of interconnected assets.

False

Risk refers to the amount of harm a threat exploiting a vulnerability can cause.

False

The four main types of logs that you need to keep to support security auditing include event, access, user and security.

False

What is a set of concepts and policies for managing IT infrastructure, development and operations?

IT Infrastructure Library (ITIL)

Adam's company recently suffered an attack where hackers exploited an SQL injection issue on their web server and stole sensitive information from a database. What term describes this activity?

Incident

What is a single sign-on (SSO) approach that relies upon the use of key distribution centers (KDCs) and ticket-granting servers (TGSs)?

Kerberos

Which of the following would NOT be considered in the scope of organizational compliance efforts?

Laws

Which of the following is an example of a hardware security control?

MAC Filtering

What term describes the longest period of time that a business can survive without a particular critical system?

Maximum tolerable downtime (MTD)

Which agreement type is typically less formal than other agreements and expresses areas of common interest?

Memorandum of understanding (MOU)

Which security testing activity uses tools that scan for services running on systems?

Network mapping

Marguerite is creating a budget for a software development project. What phase of the system lifecycle is she undertaking?

Project initiation and planning

If you are designing a security policy and want to list what and what they may not view

Prudent

Which data source comes first in the order of volatility when conducting a forensic investigation?

RAM

Which of the following does NOT offer authentication, authorization, and accounting (AAA) services?

Redundant Array of Independent Disks (RAID)

What is the correct order of steps in the change control process?

Request, impact assessment, approval, build/test, implement, monitor

What term describes the risk that exists after an organization has performed all planned countermeasures and controls?

Residual risk

If you are out speaking to a service provider trying to come to terms and what to ensure there is a final notification for any incidents that have occured

SLA service level agreement

Emily is the information security director for a large company that handles sensitive personal information. She is hiring an auditor to conduct an assessment demonstrating that her firm is satisfying requirements regarding customer private data. What type of assessment should she request?

SOC 3

In what type of attack does the attacker send unauthorized commands directly to a database?

SQL injection

Gina is preparing to monitor network activity using packet sniffing. Which technology is most likely to interfere with this effort if used on the network?

Secure Sockets Layer (SSL)

What is an XML-based open standard for exchanging authentication and authorization information and is commonly used for web applications?

Security Assertion Markup Language (SAML)

Biyu is making arrangements to use a third-party service provider for security services. She wants to document a requirement for timely notification of security breaches. What type of agreement is most likely to contain formal requirements of this type.

Service level agreement (SLA)

Which intrusion detection system strategy relies upon pattern matching?

Signature detection

Which one of the following is an example of two-factor authentication?

Smart card and personal identification number (PIN)

Which one of the following principles is NOT a component of the Biba integrity model?

Subjects cannot change objects that have a lower integrity level.

Joe is responsible for the security of the industrial control systems for a power plant. What type of environment does Joe administer?

Supervisory Control and Data Acquisition (SCADA)

What type of security monitoring tool would be most likely to identify an unauthorized change to a computer system?

System integrity monitoring

Aditya is attempting to classify information regarding a new project that his organization will undertake in secret. Which characteristic is NOT normally used to make these type of classification decisions?

Threat

A functional policy declares an organization's management direction for security in such specific functional areas as email, remote access, and Internet surfing.

True

A successful business impact analysis (BIA) maps the context, the critical business functions, and the processes on which they rely.

True

A successful change control program should include the following elements to ensure the quality of the change control process: peer review, documentation and back-out plans.

True

Classification scope determines what data you should classify; classification process determines how you handle classified data.

True

Which control is NOT an example of a fault tolerance technique designed to avoid interruptions that would cause downtime?

Warm site

In what software development model does activity progress in a lock-step sequential process where no phase begins until the previous phase is complete?

Waterfall

What are the different ways to determine data secret / top secret/ confidential

We determine these based on how sensitive and critical the data is

Sql injection attack on a web server in which they stole sensitive information from the data base - How would you class this?

an incident

When updating a server we set basic security settings that are applied to all systems

baseline

incident

compromises security policies and is significant

A structured walk through test

get all the parties involved and discuss what will be done

On windows file persmissions are established

gives permissions as the parent

Event

not as much as a threat ^

If you are auditing an identity management system what are some things you would audit?

password strength / enforce security policies /

When we create users and assign users to domains and use an administrator to authenticate what are we creating ?

Access control lists These allow people to get access to certain aspects

During which phase of the access control process does the system answer the question, "What can the requestor access?"

Authorization

Janet is identifying the set of privileges that should be assigned to a new employee in her organization. Which phase of the access control process is she performing?

Authorization

Company-related classifications are not standard, therefore, there may be some differences between the terms "private" and "confidential" in different companies.

True

Regarding an intrusion detection system (IDS), stateful matching looks for specific sequences appearing across several packets in a traffic stream rather than just in individual packets.

True

By default windows will inherant the parent permissions

T

The recovery point objective (RPO) can come from the business impact analysis or sometimes from a government mandate, such as banking laws.

True

Kim is the risk manager for a large organization. She is evaluating whether the organization should purchase a fire suppression system. She consulted a variety of subject matter experts and determined that there is a 1 percent chance that a fire will occur in a given year. If a fire occurred, it would likely cause $2 million in damage to the facility, which has a $10 million value. Given this scenario, what is the single loss expectancy (SLE)?

$2,000,000

A structured walk-through test is a review of a business continuity plan to ensure that contact numbers are current and that the plan reflects the company's priorities and structure.

False

Certification is the formal agreement by an authorizing official to accept the risk of implementing a system.

False

Deterrent controls identify that a threat has landed in your system.

False

Christopher is designing a security policy for his organization. He would like to use an approach that allows a reasonable list of activities but does not allow other activities. Which permission level is he planning to use?

Prudent

Nancy performs a full backup of her server every Sunday at 1 A.M. and differential backups on Mondays through Fridays at 1 A.M. Her server fails at 9 A.M. Wednesday. How many backups does Nancy need to restore?

Qualitative

Isaac is responsible for performing log reviews for his organization in an attempt to identify security issues. He has a massive amount of data to review. What type of tool would best assist him with this work?

Security information and event management (SIEM)

Karen is designing a process for issuing checks and decides that one group of users will have the authority to create new payees in the system while a separate group of users will have the authority to issue checks to those payees. The intent of this control is to prevent fraud. Which principle is Karen enforcing?

Separation of duties

Tomahawk Industries develops weapons control systems for the military. The company designed a system that requires two different officers to enter their access codes before allowing the system to engage. Which principle of security is this following?

Separation of duties

Active directory - makes the process of accessing machines that arnt on the domain easier

TRUE

Functional policy declares management direction for security in specific area such as email and internet access.

TRUE

The _____________ is the central part of a computing environment's hardware, software, and firmware that enforces access control.

security kernel

Purchasing an insurance policy is an example of the _____________________ risk management strategy.

transfer

Best kind of risk assessment after being hacked

Quanitative

Kim is the risk manager for a large organization. She is evaluating whether the organization should purchase a fire suppression system. She consulted a variety of subject matter experts and determined that there is a 1 percent chance that a fire will occur in a given year. If a fire occurred, it would likely cause $2 million in damage to the facility, which has a $10 million value. Given this scenario, what is the annualized loss expectancy (ALE)?

$20,000

Ann is creating a template for the configuration of Windows servers in her organization. It includes the basic security settings that should apply to all systems. What type of document should she create?

Baseline

Fran is conducting a security test of a new application. She does not have any access to the source code or other details of the application she is testing. What type of test is Fran conducting?

Black-box test


Related study sets

Cardiac output, heart rate, stroke volume, factors affecting heart rate,

View Set

Module 2 interactive questions Pop Health

View Set

Chapter 24 The Age of Nationalism

View Set

Biology 110 Practice Exam - Chapter 5 - Biological Membranes

View Set