Quiz1 hw1/hw2 review

Ace your homework & exams now with Quizwiz!

processing overhead

A prime disadvantage of an application gateway is the ___________

presentation layer

In which layer of the OSI model would encryption take place?

Detect

The NIST _______ function enables timely discovery of cybersecurity events

Source routing attacks

The source station specifies the route that a packet should take as it crosses the Internet

detailed

Which of the following approaches is often mandated by government organizations for IT risk management?

availability

You are in the process of implementing a backup server for a critical application.

NIST800-53

cyber risk management

denial of service

prevents or inhibits the normal use or management of communications facilities

transport layer

reliability

Internetwork

A network of networks using multiple technologies forming a large global network is known as

Wide Area Network

A network that connects multiple local area networks spanning large area is________________

attack

An assault on system security that derives from an intelligent act that is a deliberate attempt to evade security services and violate the security policy of a system is a(n) __________.

spoofing

An intruder transmitting packets from the outside with a source IP address field is known as IP address _________.

Encapsulation

Attempt to prevent people from being able to see information is ____________

Formulating policies

CSIRT is not responsible for ___________.

Security Policy, Implementation, Evaluation and Assurance

Computer Security Strategy comprises of

Statistical anomaly

Develops baselines of normal traffic activity and throughput, and alerts on deviations from those baselines.

Anomaly

Host based IPS looking ________ for that indicate malware

Network Layer

IP and IPSec reside on what layer of the OSI model?

Data Link Layer

In OSI model, _______________ performs frame boundary checks.

External Firewall

In a DMZ, the ___________ adds less stringent filtering capability

n-1

In the layered OSI model, the data portion of a packet at level _____ encapsulates the entire Packet Data Unit from N level as payload

Network Layer

Layer handles congestion in the network

Protocol anomaly

Looks for deviation from standards set forth in RFCs

cost-benefit analysis

Management should conduct a ________ to identify those controls that are most appropriate and provide the greatest benefit for the given resources

Packet-switched

No dedicated path is established between source and destination before sending data in a ________________ network:

IP address, ports, protocol

Packet Filtering Firewall applies rules to each incoming and outgoing IP packet based on

active attacks

Replay, masquerade, modification of messages, and denial of service are example of ________.

cost impact to organization

Risk = (Probability that threat occurs) x _________.

Pattern matching

Scans incoming packets for specific byte sequences (the signature) stored in a database of known attacks.

Accountability

Security awareness programs can serve as a deter disgruntled employees by increasing the awareness of their ________ and of potential penalties

Session Hijacking

Stateful firewalls keep track of TCP sequence number to prevent attacks such as ____________.

Application Layer

Telnet, FTP, and SMTP reside on what layer of the OSI model?

End to End network data flow

The bottom four OSI layers deal with _______________

Corporate security policy

The intent of the ________ is to provide a clear overview of how an organization's IT infrastructure supports its overall business objectives

Tiny fragment attacks

The intruder uses the IP fragmentation option to create extremely small fragments and force the TCP header information into a separate packet fragment.

fraud

The principal problems associated with employee behavior related to security are errors and omissions, _______, and actions by disgruntled employees

establishing the context

The purpose of ________ is to determine the basic parameters within which the risk assessment will be conducted

Risk Register

The results of the risk analysis should be documented in a _________

attack surface

The scope that the hacker can use to break into a system is also called as ____________

attack surface reduction

The use of layering, or defense in depth, and ________________ complement each other in risk mitigation

Traffic anomaly

Watches for unusual traffic activities, such as a flood of UDP packets or a new service appearing on the network.

network

Which of the following involves finding the best route for Protocol Data Unit towards its destination?

Bootup

Which of the following is NOT a part of the connection-oriented protocol session?

A. Red Hat Ansible

Which of the following is NOT an automated tool used for incident detection?

capability maturity model

Which of the following is not a model listed in NIST 800-50 for communicating the security awareness program implementation plan?

Data link, transport, application, session, and network

Which of the following shows the layer sequence as layers 2, 4, 7, 5, and 3?

fingerprint

_______ is a type of biometric authentication for identifying a person to access confidential data

Detection and recovery

________ controls focus on the response to a security breach, by warning of violations of security policies.

Triage

________ is the process of receiving, initial sorting, and prioritizing of information to facilitate its appropriate handling.

executives

________ need training on the development of risk management goals, and the need to lead by example in the area of security awareness

Control information

_________ can be found in the Header and Footer of a Network Protocol Data Unit (PDU) packet.

integrity

_________ makes sure that data is not changed when it is not supposed to be

privacy

__________ assures that individuals influence what information related to them may be collected and stored

risk

__________ describes the probability that a threat to an IT system can materialize

Stateful matching

__________ scans for attack signatures in the context of a traffic stream rather than individual packets.

presentation layer

_______________ layer in the OSI model is responsible for data compression.

attack tree

________________ is hierarchical data structure representing techniques for exploiting security vulnerabilities

Packet flood

adverse event

countermeasure

an action, device, procedure, or technique that reduces a threat by preventing it or by minimizing the harm it can cause

UDP

connectionless

Residual Risk

is the amount of risk associated remaining after natural or inherent risks have been reduced by new risk controls

circuit switching

pstn


Related study sets

Principles of Economics 2e Chapters 1-8 Test Bank

View Set

Introductory Sociology 1101 - Lesson 8 Quiz (100%)

View Set

AP HUMAN GEOGRAPHY POPULATION UNIT TEST

View Set

Irritable Bowel Syndrome buttaro ch. 139

View Set

PSYC 3200 Exam 2 Questions (ch. 5, 6, 10)

View Set

Listening Guide Quiz 4: Farmer: Fair Phyllis

View Set

N101 final - Professionalism and Accountability

View Set