TCMG exam 1 study
The tools for conducting a risk analysis can include the documents that define, categorize, and rank risks. A. True B. False
A. True
What is NOT one of the three tenets of information security? A. Confidentiality B. Integrity C. Safety D. Availability
C. Safety
Bob is preparing to dispose of magnetic media and wishes to destroy the data stored on it. Which method is NOT a good approach for destroying data?
Formatting
What term describes the risk that exists after an organization has performed all planned countermeasures and controls?
Residual risk
In what type of attack does the attacker send unauthorized commands directly to a database?
SQL injection
Which term describes an action that can damage or compromise an asset?
Threat
Unified messaging allows you to download both voice and email messages to a smartphone or tablet.
True
Kim is the risk manager for a large organization. She is evaluating whether the organization should purchase a fire suppression system. She consulted a variety of subject matter experts and determined that there is a 1 percent chance that a fire will occur in a given year. If a fire occurred, it would likely cause $2 million in damage to the facility, which has a $10 million value. Given this scenario, what is the single loss expectancy (SLE)?
$2,000,000
Matthew captures traffic on his network and notices connections using ports 20, 22, 23, and 80. Which port normally hosts a protocol that uses secure, encrypted connections?
22
Henry is creating a firewall rule that will allow inbound mail to the organization. What TCP port must he allow through the firewall?
25
Which one of the following is an example of a reactive disaster recovery control? A. Moving to a warm site B. Disk mirroring C. Surge suppression D. Antivirus software
A. Moving to a warm site The use of alternate processing facilities, such as warm sites, is a reactive control. Some parts of a disaster recovery plan (DRP) are preventive and intended to avoid the negative effects of a disaster in the first place. Preventive components of a DRP may include disk mirroring, surge suppression, and antivirus software.
What is NOT a symmetric encryption algorithm? A. Rivest-Shamir-Adelman (RSA) B. Data Encryption Standard (DES) C. International Data Encryption Algorithm (IDEA) D. Carlisle Adams Stafford Tavares (CAST)
A. Rivest-Shamir-Adelman (RSA): Symmetric Key Standards Explanation: DES, CAST, and IDEA are all symmetric algorithms. RSA is an asymmetric algorithm.
A Chinese wall security policy defines a barrier and develops a set of rules that makes sure no subject gets to objects on the other side. A. True B. False
A. True
A disaster recovery plan (DRP) directs the actions necessary to recover resources after a disaster. A. True B. False
A. True
The recovery point objective (RPO) is the maximum amount of data loss that is acceptable. A. True B. False
A. True
The Children's Online Privacy Protection Act (COPPA) restricts the collection of information online from children. What is the cutoff age for COPPA regulation? A. 11 B. 13 C. 15 D. 18
B. 13
Alice would like to send a message to Bob using a digital signature. What cryptographic key does Alice use to create the digital signature? A. Alice's public key B. Alice's private key C. Bob's public key D. Bob's private key
B. Alice's private key: Digital Signatures Explanation: The sender of a message uses his or her own private key to encrypt a hash of the message. This encrypted value is the digital signature.
DIAMETER is a research and development project funded by the European Commission. A. True B. False
B. False
Terminal Access Controller Access Control System Plus (TACACS+) is an authentication server that uses client and user configuration files. A. True B. False
B. False
True or False? Corrective controls are implemented to address a threat in place that does not have a straightforward risk-mitigating solution. A. True B. False
B. False Compensating controls are implemented to address a threat in place that does not have a straightforward risk-mitigating solution. Ahead: The Risk Management Process Complexity: Hard Subject: Chapter 3 Title: Risks, Threats, and Vulnerabilities
Passphrases are less secure than passwords. A. True B. False
B. False A passphrase is longer and generally harder to guess, so it's considered more secure than a password.
Which type of password attack attempts all possible combinations of a password in an attempt to guess the correct value?
Brute-force attack
Which audit data collection method helps ensure that the information-gathering process covers all relevant areas?
Checklist
Which one of the following is an example of a direct cost that might result from a business disruption? A. Damaged reputation B. Lost market share C. Lost customers D. Facility repair
D. Facility repair Direct costs are immediate expenditures that reduce profit, such as the cost to repair a facility. Indirect costs, such as damaged reputation, lost market share, and lost customers, affect revenue but are harder to calculate because there is no record of an expenditure.
What level of technology infrastructure should you expect to find in a cold site alternative data center facility? A. Hardware and data that mirror the primary site B. Hardware that mirrors the primary site, but no data C. Basic computer hardware D. No technology infrastructure
D. No technology infrastructure
The security of current encryption systems relies on the difficulty of one of two mathematical problems used to generate the encryption keys. These two problems are:
Discreet and logarithmic
IP addresses are eight-byte addresses that uniquely identify every device on the network.
False
True or False? A smart card is an example of a logical access control. True False
False A smart card is an example of a PHYSICAL access control.
True or False? Passphrases are less secure than passwords. True False
False Passphrases are MORE secure than passwords.
The auto industry has not yet implemented the Internet of Things (IoT).
False.
Which one of the following is NOT a market driver for the Internet of Things (IoT)?
Global adoption of non-IP networking
What type of function generates the unique value that corresponds to the contents of a message and is used to create a digital signature?
Hash
Which one of the following governs the use of Internet of Things (IoT) by health care providers, such as physicians and hospitals?
Health Insurance Portability and Accountability Act (HIPAA)
Which of the following would NOT be considered in the scope of organizational compliance efforts?
Laws(Company policy,Internal audit,Corporate culture)
Which of the following is NOT a benefit of cloud computing to organizations?
Lower dependence on outside vendors
A hospital is planning to introduce a new point-of-sale system in the cafeteria that will handle credit card transactions. Which one of the following governs the privacy of information handled by those point-of-sale terminals?
Payment Card Industry Data Security Standard (PCI DSS)
Which regulatory standard would NOT require audits of companies in the United States?
Personal Information Protection and Electronic Documents Act (PIPEDA)
Roger's organization received a mass email message that attempted to trick users into revealing their passwords by pretending to be a help desk representative. What category of social engineering is this an example of?
Phishing
Which group is the most likely target of a social engineering attack?
Receptionists and administrative assistants
Users throughout Alison's organization have been receiving unwanted commercial messages over the organization's instant messaging program. What type of attack is taking place?
Spim
A firewall is a basic network security defense tool.
True
True or False? Authentication by action is based on something you do, such as typing. True False
True
True or False? Authentication by knowledge is based on something the user knows, such as a password, passphrase, or personal identification number (PIN). True False
True
True or False? Common methods used to identify a user to a system include username, smart card, and biometrics. True False
True
True or False? Physically disabled users might have difficulty with biometric system accessibility, specifically with performance-based biometrics. True False
True
Application service providers (ASPs) are software companies that build applications hosted in the cloud and on the Internet.
True.
Cars that have Wi-Fi access and onboard computers require software patches and upgrades from the manufacturer.
True.
Devices that combine the capabilities of mobile phones and personal digital assistants (PDAs) are commonly called smartphones.
True.
E-commerce systems and applications demand strict confidentiality, integrity, and availability (CIA) security controls.
True.
Adam is evaluating the security of a web server before it goes live. He believes that an issue in the code allows an SQL injection attack against the server. What term describes the issue that Adam discovered?
Vulnerability
The ___________ is the central part of a computing environment's hardware, software, and firmware that enforces access control.
security kernel
The four central components of access control are users, resources, actions, and features. A. True B. False
B. False The four central components of access control are users, resources, actions, and relationships, not features.
Which type of password attack attempts all possible combinations of a password in an attempt to guess the correct value? A. Dictionary attack B. Rainbow table attack C. Social engineering attack D. Brute-force attack
D. Brute-force attack Brute force attacks involve trying every possible combination of characters. They test low entropy words first followed by passwords with higher entropy
Which practice is NOT considered unethical under RFC 1087 issued by the Internet Architecture Board (IAB)?
Enforcing the integrity of computer-based information(Seeking to gain unauthorized access to resources,Disrupting intended use of the Internet, Compromising the privacy of users)
What is the first step in a disaster recovery effort?
Ensure that everyone is safe
Another name for a border firewall is a DMZ firewall.
False
Which of the following allows a certificate authority (CA) to revoke a compromised digital certificate in real time?
Online Certificate Status Protocol (OCSP)
Which type of authentication includes smart cards? Location Action Knowledge Ownership
Ownership
Tony is working with a law enforcement agency to place a wiretap pursuant to a legitimate court order. The wiretap will monitor communications without making any modifications. What type of wiretap is Tony placing?
Passive wiretap
What is an example of a logical access control? Password Key for a lock Access card Fence
Password
Which one of the following is an example of a logical access control?
Password
David would like to connect a fibre channel storage device to systems over a standard data network. What protocol can he use?
Fibre Channel over Ethernet (FCoE)
What type of firewall security feature limits the volume of traffic from individual hosts?
Flood guard
With the use of Mobile IP, which device is responsible for keeping track of mobile nodes (MNs) and forwarding packets to the MN's current network?
Home agent (HA)
Which recovery site option provides readiness in minutes to hours?
Hot site
Terry is troubleshooting a network that is experiencing high traffic congestion issues. Which device, if present on the network, should be replaced to alleviate these issues?
Hub
Keisha is a network administrator. She wants a cloud-based service that will allow her to load operating systems on virtual machines and manage them as if they were local servers. What service is Keisha looking for? Remote Authentication Dial-In User Service (RADIUS) Software as a Service (SaaS) Platform as a Service (PaaS) Infrastructure as a Service (IaaS)
Infrastructure as a Service (IaaS)
Rachel is investigating an information security incident that took place at the high school where she works. She suspects that students may have broken into the student records system and altered their grades. If correct, which one of the tenets of information security did this attack violate?
Integrity
Which organization pursues standards for Internet of Things (IoT) devices and is widely recognized as the authority for creating standards on the Internet?
Internet Engineering Task Force
Which Internet of Things (IoT) challenge involves the difficulty of developing and implementing protocols that allow devices to communicate in a standard fashion?
Interoperability
Which network device is capable of blocking network connections that are identified as potentially malicious?
Intrusion prevention system (IPS)
Jacob is conducting an audit of the security controls at an organization as an independent reviewer. Which question would NOT be part of his audit?
Is the security control likely to become obsolete in the near future?
What term describes the longest period of time that a business can survive without a particular critical system?
Maximum Tolerable Downtime
Which one of the following measures the average amount of time that it takes to repair a system, application, or component?
Mean time to repair (MTTR)
Which approach to cryptography provides the strongest theoretical protection?
Quantum cryptography
Which of the following is NOT one of the four fundamental principles outlined by the Internet Society that will drive the success of Internet of Things (IoT) innovation?
Secure
Gina is preparing to monitor network activity using packet sniffing. Which technology is most likely to interfere with this effort if used on the network?
Secure Sockets Layer (SSL)
Which action is the best step to protect Internet of Things (IoT) devices from becoming the entry point for security vulnerabilities into a network while still meeting business requirements?
Applying security updates promptly
Which security control is most helpful in protecting against eavesdropping on wireless LAN (WLAN) data transmissions that would jeopardize confidentiality?
Applying strong encryption
During what phase of a remote access connection does the end user prove his or her claim of identity?
Authentication
Kim is the risk manager for a large organization. She is evaluating whether the organization should purchase a fire suppression system. She consulted a variety of subject matter experts and determined that there is a 1 percent chance that a fire will occur in a given year. If a fire occurred, it would likely cause $2 million in damage to the facility, which has a $10 million value. Given this scenario, what is the annualized loss expectancy (ALE)?
$2,000,000
Nancy performs a full backup of her server every Sunday at 1 A.M. and differential backups on Mondays through Fridays at 1 A.M. Her server fails at 9 A.M. Wednesday. How many backups does Nancy need to restore?
2
Bob received a message from Alice that contains a digital signature. What cryptographic key does Bob use to verify the digital signature? A. Alice's public key B. Alice's private key C. Bob's public key D. Bob's private key
A. Alice's public key: Digital Signatures Explanation: The recipient of a digitally signed message uses the sender's public key to verify that the digital signature is authentic.
Which security model does NOT protect the integrity of information? A. Bell-LaPadula B. Clark-Wilson C. Biba D. Brewer and Nash
A. Bell-LaPadula The Bell-LaPadula mode focuses on the confidentiality, not the integrity, of data and helps govern access to classified information.
Which cryptographic attack offers cryptanalysts the most information about how an encryption algorithm works? A. Chosen plaintext B. Ciphertext only C. Known plaintext D. Chosen ciphertext
A. Chosen plaintext: Cryptanalysis and Public Versus Private Keys Explanation: In a chosen-plaintext attack, the cryptanalyst can encrypt any information and observe the output. This is the best case for the cryptanalyst. It offers the most flexibility (and insight) into the encryption mechanism. An example is the encryption offered by older versions of Microsoft Office software applications. You could encrypt only the letter A, then B, and so on, to try to discern what the cipher is doing.
Gary would like to choose an access control model in which the owner of a resource decides who may modify permissions on that resource. Which model fits that scenario? A. Discretionary access control (DAC) B. Mandatory access control (MAC) C. Rule-based access control D. Role-based access control (RBAC)
A. Discretionary access control (DAC) In a DAC system, the owner of the resource decides who gets in and changes permissions as needed. The owner can delegate that responsibility to others.
What mathematical problem forms the basis of most modern cryptographic algorithms? A. Factoring large primes B. Traveling salesman problem C. Quantum mechanics D. Birthday problem
A. Factoring large primes: Symmetric and Asymmetric Key Cipher Resistance to Attack Explanation: Today, the basis of most commercial asymmetric key cryptography is the difficulty of factoring large numbers. For example, it is relatively easy with pen and paper to calculate 757 × 769 = 582,133. Yet, given the result 582,133, deriving its two factors is not as easy. The classic approach would involve trying 2, 3, 5, 7, 11, 13, etc., until a prime factor is found. That would take 134 guesses. Although this becomes much easier with a computer, imagine that the two prime factors are 100 digits each!
What compliance regulation applies specifically to the educational records maintained by schools about students? A. Family Education Rights and Privacy Act (FERPA) B. Health Insurance Portability and Accountability Act (HIPAA) C. Federal Information Security Management Act (FISMA) D. Gramm-Leach-Bliley Act (GLBA)
A. Family Education Rights and Privacy Act (FERPA)
Which approach to cryptography provides the strongest theoretical protection? A. Quantum cryptography B. Asymmetric cryptography C. Elliptic curve cryptography D. Classic cryptography
A. Quantum cryptography: Cryptographic Functions and Ciphers Explanation: Quantum cryptography bases its algorithms on the properties of quantum mechanics. The basic difference between classic cryptography and quantum cryptography is in the difficulty in breaking the cipher. Breaking classic ciphers is extremely difficult; breaking quantum cryptography ciphers is theoretically impossible. Of course, quantum cryptography implementations are computationally expensive and more difficult to get "right."
Alan is developing a business impact assessment for his organization. He is working with business units to determine the maximum allowable time to recover a particular function. What value is Alan determining? A. Recovery time objective (RTO) B. Recovery point objective (RPO) C. Business recovery requirements D. Technical recovery requirements
A. Recovery time objective (RTO) The RTO expresses the maximum allowable time to recover a function. Time may be a critical factor and specifying the requirements for recovery time helps determine the best recovery options.
Which type of attack involves capturing data packets from a network and retransmitting them to produce an unauthorized effect? The receipt of duplicate, authenticated Internet Protocol (IP) packets may disrupt service or produce another undesired consequence. A. Replay B. Man-in-the-middle C. Hijacking D. IP spoofing
A. Replay Systems can be broken through replay attacks when attackers reuse old messages or parts of old messages to deceive system users. Breaking a system this way helps intruders to gain information that allows unauthorized access into the system. Ahead: What Is a Malicious Attack? Complexity: Medium Subject: Chapter 3 Taxonomy: Understand Title: Risks, Threats, and Vulnerabilities
George is the risk manager for a U.S. federal government agency. He is conducting a risk assessment for that agency's IT risk. What methodology is best suited for George's use? A. Risk Management Guide for Information Technology Systems (NIST SP800-30) B. CCTA Risk Analysis and Management Method (CRAMM) C. Operationally Critical Threat, Asset, and Vulnerability Evaluation (OCTAVE) D. ISO/IEC 27005, "Information Security Risk Management"
A. Risk Management Guide for Information Technology Systems (NIST SP800-30) NIST SP800-30, "Risk Management Guide for Information Technology Systems," is a widely used guide for IT security assessments. It contains specific guidance for U.S. government agencies and would be the most appropriate methodology for use in a federal government setting
What is an XML-based open standard for exchanging authentication and authorization information and is commonly used for web applications? A. Security Assertion Markup Language (SAML) B. Secure European System for Applications in a Multi-Vendor Environment (SESAME) C. User Datagram Protocol (UDP) D. Password Authentication Protocol (PAP)
A. Security Assertion Markup Language (SAML) SAML is an open standard used for exchanging both authentication and authorization data. SAML is based on XML and was designed to support access control needs for distributed systems. SAML is often used in web application access control.
Which one of the following is an example of two-factor authentication? A. Smart card and personal identification number (PIN) B. Personal identification number (PIN) and password C. Password and security questions D. Token and smart card
A. Smart card and personal identification number (PIN) Authentication using smart cards and PINs is two-factor authentication because it combines ownership and knowledge. Using PINs, passwords, and security questions in any combination is single-factor authentication because all three are knowledge-based. Tokens and smart cards are both ownership-based.
Which of the following is a type of denial of service (DoS) attack? A. Synchronize (SYN) flood B. Structured Query Language (SQL) injection C. Cross-site scripting (XSS) D. Logic bomb
A. Synchronize (SYN) flood One popular technique for DoS attacks is called a SYN flood. In a SYN flood, the attacker uses Internet Protocol (IP) spoofing to send a large number of packets requesting connections to the victim computer. Ahead: The Main Types of Malware Complexity: Easy Subject: Chapter 8 Taxonomy: Remember Title: Malicious Software and Attack Vectors
Which type of virus targets computer hardware and software startup functions? A. System infector B. File infector C. Hardware infector D. Data infector
A. System infector There are three primary types of viruses. System infectors target computer hardware and software startup functions. File infectors attack and modify executable programs (such as COM, EXE, SYS, and DLL files in Microsoft Windows). Data infectors attack document files containing embedded macro programming capabilities. Ahead: The Main Types of Malware Complexity: Medium Subject: Chapter 8 Taxonomy: Remember Title: Malicious Software and Attack Vectors
A degausser creates a magnetic field that erases data from magnetic storage media. A. True B. False
A. True
A dictionary attack works by hashing all the words in a dictionary and then comparing the hashed value with the system password file to discover a match. A. True B. False
A. True
A smart card is a token shaped like a credit card that contains one or more microprocessor chips that accept, store, and send information through a reader. A. True B. False
A. True
A surge protector is an example of a preventative component of a disaster recovery plan (DRP). A. True B. False
A. True
A trusted operating systems (TOS) provides features that satisfy specific government requirements for security. A. True B. False
A. True
An example of a threat to access control is in a peer-to-peer (P2P) arrangement in which users share their My Documents folder with each other by accident. A. True B. False
A. True
Authentication controls include passwords and personal identification numbers (PINs). A. True B. False
A. True
Common methods used to identify a user to a system include username, smart card, and biometrics. A. True B. False
A. True
Content-dependent access control requires the access control mechanism to look at the data to decide who should get to see it. A. True B. False
A. True
Fingerprints, palm prints, and retina scans are types of biometrics. A. True B. False
A. True
In a Bring Your Own Device (BYOD) policy, the user acceptance component may include separation of private data from business data. A. True B. False
A. True
Log files are records that detail who logged on to a system, when they logged on, and what information or resources they used. A. True B. False
A. True
Remote wiping is a device security control that allows an organization to remotely erase data or email in the event of loss or theft of the device. A. True B. False
A. True
Screen locks are a form of endpoint device security control. A. True B. False
A. True
Single sign-on (SSO) can provide for stronger passwords because with only one password to remember, users are generally willing to use stronger passwords. A. True B. False
A. True
The Government Information Security Reform Act (Security Reform Act) of 2000 focuses on management and evaluation of the security of unclassified and national security systems. A. True B. False
A. True
The Gramm-Leach-Bliley Act (GLBA) addresses information security concerns in the financial industry. A. True B. False
A. True
The business impact analysis (BIA) identifies the resources for which a business continuity plan (BCP) is necessary. A. True B. False
A. True
The term risk management describes the process of identifying, assessing, prioritizing, and addressing risks. A. True B. False
A. True
True or False? In a browser or uniform resource locator (URL) hijacking attack, users are directed to websites other than what they requested, usually to fake pages that attackers have created. A. True B. False
A. True Ahead: What Is a Malicious Attack? Complexity: Medium Subject: Chapter 3 Title: Risks, Threats, and Vulnerabilities
True or False? Anti-malware programs and firewalls cannot detect most phishing scams because the scams do not contain suspect code. A. True B. False
A. True Ahead: What Is a Malicious Attack? Complexity: Medium Subject: Chapter 3 Title: Risks, Threats, and Vulnerabilities
True or False? A man-in-the-middle attack takes advantage of the multihop process used by many types of networks. A. True B. False
A. True Ahead: What Is a Malicious AttackComplexity: Medium Subject: Chapter 3 Title: Risks, Threats, and Vulnerabilities
Which one of the following is NOT a commonly accepted best practice for password security? A. Use at least six alphanumeric characters. B. Do not include usernames in passwords. C. Include a special character in passwords. D. Include a mixture of uppercase characters, lowercase characters, and numbers in passwords.
A. Use at least six alphanumeric characters. Best practices for passwords dictate the use of passwords containing at least eight alphanumeric characters. Six-character passwords are insufficient to defeat modern attacks.
What tool might be used by an attacker during the reconnaissance phase of an attack to glean information about domain registrations? A. Whois B. Simple Network Management Protocol (SNMP) C. Ping D. Domain Name System (DNS)
A. Whois Whois is a tool that provides information on domain registrations, including the registrar, name servers, and the name of the registering organization. Ahead: Anatomy of an Attack Complexity: Medium Subject: Chapter 8 Taxonomy: ApplyTitle: Malicious Software and Attack Vectors
The ___________ is the central part of a computing environment's hardware, software, and firmware that enforces access control. A. security kernel B. CPU C. memory D. co-processor
A. security kernel The security kernel provides a central point of access control and implements the reference monitor concept. It mediates all access requests and permits access only when the appropriate rules or conditions are met.
Devaki is evaluating different biometric systems. She understands that users might not want to subject themselves to retinal scans due to privacy concerns. Which concern of a biometric system is she considering? Acceptability Dynamism Accuracy Reaction time
Acceptability
Mark is considering outsourcing security functions to a third-party service provider. What benefit is he most likely to achieve?
Access to a high level of expertise
Alice would like to send a message to Bob using a digital signature. What cryptographic key does Alice use to create the digital signature?
Alice's private key
Norm recently joined a new organization. He noticed that the firewall technology used by his new firm opens separate connections between the devices on both sides of the firewall. What type of technology is being used?
Application proxying
Janet is identifying the set of privileges that should be assigned to a new employee in her organization. Which phase of the access control process is she performing?
Authorization
Most enterprises are well prepared for a disaster should one occur. A. True B. False
B. False : Most enterprises remain unprepared or underprepared for disaster. Despite recurrent reminders, many companies do not have a disaster recovery plan (DRP) at all.
A security policy is a comparison of the security controls you have in place and the controls you need in order to address all identified threats. A. True B. False
B. False A gap analysis is a comparison of the security controls you have in place and the controls you need in order to address all identified threats. A security policy defines a risk-mitigating definition or solution for your organization
Authorization controls include biometric devices. A. True B. False
B. False Authorization controls include access control lists, physical access control, and network traffic filters. A biometric device is an authentication control.
Removable storage is a software application that allows an organization to monitor and control business data on a personally owned device. A. True B. False
B. False Mobile device management (MDM) includes a software application that allows organizations to monitor, control, data wipe, or data delete business data from a personally owned device.
You should use easy-to-remember personal information to create secure passwords. A. True B. False
B. False Passwords must never use an employee's ID number, Social Security number, birth date, telephone number, or any personal information that can be easily guessed.
Continuity of critical business functions and operations is the first priority in a well-balanced business continuity plan (BCP). A. True B. False
B. False Safety and well-being of people is the first priority in a well-balanced BCP.
Temporal isolation is commonly used in combination with rule-based access control. A. True B. False
B. False Temporal isolation restricts access to specific times and is commonly used in combination with role-based access control, not rule-based access control.
The number of failed logon attempts that trigger an account action is called an audit logon event. A. True B. False
B. False The number of failed logon attempts that trigger an account action is called the threshold. Audit logon events provide you with a record of when every user logs on or off a computer.
The first step in creating a comprehensive disaster recovery plan (DRP) is to document likely impact scenarios. A. True B. False
B. False The steps involved in creating a comprehensive DRP should be completed in this order: define potential threats, document likely impact scenarios, and document the business and technical requirements to initiate the implementation phase.
User-based permission levels limit a person to executing certain functions and often enforces mutual exclusivity. A. True B. False
B. False User-based permission levels are where the permissions granted to a user are often specific to that user. In this case, the rules are set according to a user ID or other unique identifier. Task-based access control limits a person to executing certain functions and often enforces mutual exclusivity.
Regarding data center alternatives for disaster recovery, a mobile site is the least expensive option but at the cost of the longest switchover time. A. True B. False
B. False A mobile site is very flexible, has a fairly short switchover time, and has widely varying costs based on size and capacity. A cold site is the least expensive option but at the cost of the longest switchover time, since all hardware, software, and data must be loaded at the new site.
The term risk methodology refers to a list of identified risks that results from the risk-identification process. A. True B. False
B. False Risk methodology is a description of how you will manage risk. The risk register is a list of identified risks that results from the risk-identification process.
Voice pattern biometrics are accurate for authentication because voices can't easily be replicated by computer software. A. True B. False
B. False Voice pattern is NOT accurate for authentication because voices can be too easily replicated by computer software
Gary is sending a message to Patricia. He wants to ensure that nobody tampers with the message while it is in transit. What goal of cryptography is Gary attempting to achieve? A. Confidentiality B. Integrity C. Authentication D. Nonrepudiation
B. Integrity Explanation: Integrity ensures that no one, not even the sender, changes information after transmitting it. If a message doesn't decrypt properly, someone or something probably changed the ciphertext in transit.
Which of the following is an example of a hardware security control? A. NTFS permission B. MAC filtering C. ID badge D. Security policy
B. MAC filtering Hardware controls include equipment that checks and validates IDs, such as MAC filtering on network devices, smart card use for two-step authentication, and security tokens such as radio frequency identification (RFID) tags.
What is NOT a commonly used endpoint security technique? A. Full device encryption B. Network firewall C. Remote wiping D. Application control
B. Network firewall A network firewall is not an endpoint control because it is deployed on a network connection. Full device encryption, remote wiping, and application control are all examples of endpoint device security controls.
Which type of authentication includes smart cards? A. Knowledge B. Ownership C. Location D. Action
B. Ownership Ownership authentication methods fit the criteria of "something you have." These include smart cards, keys, badges, and tokens.
Which one of the following is an example of a logical access control? A. Key for a lock B. Password C. Access card D. Fence
B. Password Logical access controls restrict access to a computer system or network and a password is the most common example. Physical keys, access cards, and fences are all examples of physical access controls.
A hospital is planning to introduce a new point-of-sale system in the cafeteria that will handle credit card transactions. Which one of the following governs the privacy of information handled by those point-of-sale terminals? A. Health Insurance Portability and Accountability Act (HIPAA) B. Payment Card Industry Data Security Standard (PCI DSS) C. Federal Information Security Management Act (FISMA) D. Federal Financial Institutions Examination Council (FFIEC)
B. Payment Card Industry Data Security Standard (PCI DSS) PCI DSS applies to all merchants and service providers who handle credit card information.
The chief executive officer (CEO) of a company recently fell victim to an attack. The attackers sent the CEO an email that appeared to come from the company's attorney. The email informed the CEO that his company was being sued and he needed to view a subpoena at a court website. When visiting the website, malicious code was downloaded onto the CEO's computer. What type of attack took place? A. Pharming B. Spear phishing C. Command injection D. Ransomware
B. Spear phishing This scenario is a classic example of a spear phishing attack, highly targeted at an individual and including information about the company. Ahead: The Main Types of Malware Complexity: Medium Subject: Chapter 8 Taxonomy: Understand Title: Malicious Software and Attack Vectors
Which one of the following principles is NOT a component of the Biba integrity model? A. Subjects cannot read objects that have a lower level of integrity than the subject. B. Subjects cannot change objects that have a lower integrity level. C. Subjects at a given integrity level can call up only subjects at the same integrity level or lower. D. A subject may not ask for service from subjects that have a higher integrity level.
B. Subjects cannot change objects that have a lower integrity level. The Biba integrity model does not allow subjects to change objects that have a higher integrity level than the subject.
What is NOT an effective key distribution method for plaintext encryption keys? A. Paper B. Unencrypted email C. CD D. Smart card
B. Unencrypted email: Key Distribution Explanation: When using email as a key transport mechanism, the email itself must be encrypted using a strong key; otherwise, an attacker could intercept the key and use it to eavesdrop on future communications.
What is the only unbreakable cipher when it is used properly? A. Rivest-Shamir-Adelman (RSA) B. Vernam C. Elliptic Curve Diffie-Hellman in Ephemeral mode (ECDHE) D. Blowfish
B. Vernam: Cryptanalysis and Public Versus Private Keys Explanation: The Vernam cipher, also known as a one-time pad, is unbreakable provided that the key is at least as long as the message and that each key is only used one time.
Dawn is selecting an alternative processing facility for her organization's primary data center. She would like to have a facility that balances cost and switchover time. What would be the best option in this situation? A. Hot site B. Warm site C. Cold site D. Primary site
B. Warm site A warm site balances cost and switchover time. It is less expensive than a hot site but can activate more quickly than a cold site.
Fran is conducting a security test of a new application. She does not have any access to the source code or other details of the application she is testing. What type of test is Fran conducting?
Black-box test
Ron is the IT director at a medium-sized company and is constantly bombarded by requests from users who want to select customized mobile devices. He decides to allow users to purchase their own devices. Which type of policy should Ron implement to include the requirements and security controls for this arrangement?
Bring Your Own Device (BYOD)
Which one of the following is the best example of an authorization control? A. Biometric device B. Digital certificate C. Access control lists D. One-time password
C. Access control lists Once you have authenticated a user, access controls help ensure that only authorized users can access the protected resources. Authorization controls include access control lists, intrusion prevention systems, and network traffic filters.
During which phase of the access control process does the system answer the question, "What can the requestor access?" A. Identification B. Authentication C. Authorization D. Accountability
C. Authorization During the authorization phase of access control, the system answers the questions: "What, exactly, can the requestor access?" and "What can they do?"
Alice would like to send a message to Bob securely and wishes to encrypt the contents of the message. What key does she use to encrypt this message? A. Alice's public key B. Alice's private key C. Bob's public key D. Bob's private key
C. Bob's public key: Cryptography's Role in Information Security Explanation: If you were encrypting a message to protect its confidentiality and integrity, you would use the recipient's public key. Only the recipient would be able to decrypt the message using the corresponding private key.
Tom is the IT manager for an organization that experienced a server failure that affected a single business function. What type of plan should guide the organization's recovery effort? A. Disaster recovery plan (DRP) B. Business impact analysis (BIA) C. Business continuity plan (BCP) D. Service level agreement (SLA)
C. Business continuity plan (BCP) BCPs specify how an organization can recover from an interruption, as opposed to a disaster that would be covered by the DRP. In general, an interruption is a minor event that may disrupt one or more business processes for a short period. In contrast, a disaster is an event that affects multiple business processes for an extended period. Disasters often also cause substantial resource damage that you must address before you can resolve the business process interruption.
Which information security objective allows trusted entities to endorse information? A. Validation B. Authorization C. Certification D. Witnessing
C. Certification: Cryptographic Principles, Concepts, and Terminology Explanation: Certification allows for the endorsement of information by a trusted party. Witnessing is a similar concept, but it is verifying the action used to create an object or verify an object's existence and does not imply endorsement.
Which characteristic of a biometric system measures the system's accuracy using a balance of different error types? A. False acceptance rate (FAR) B. False rejection rate (FRR) C. Crossover error rate (CER) D. Reaction time
C. Crossover error rate (CER) The CER is the point at which the FAR and FRR are equal. It provides a balanced look at the accuracy of a biometric system
Betty receives a ciphertext message from her colleague Tim. What type of function does Betty need to use to read the plaintext message? A. Encryption B. Hashing C. Decryption D. Validation
C. Decryption: What Is Cryptography? Explanation: Decryption is the process of unscrambling ciphertext into plaintext. Encryption is the process of scrambling plaintext into ciphertext.
Betsy recently assumed an information security role for a hospital located in the United States. What compliance regulation applies specifically to health care providers? A. FFIEC B. FISMA C. HIPAA D. PCI DSS
C. HIPAA Health Insurance Portability and Accountability Act (HIPAA) governs the way doctors, hospitals, and other health care providers handle personal medical information. HIPAA requires that all medical records, billing, and patient information be handled in ways that maintain the patient's privacy.
Holly would like to run an annual major disaster recovery test that is as thorough and realistic as possible. She also wants to ensure that there is no disruption of activity at the primary site. What option is best in this scenario? A. Checklist test B. Full interruption test C. Parallel test D. Simulation test
C. Parallel test The parallel test evaluates the effectiveness of the disaster recovery plan (DRP) by enabling full processing capability at an alternate data center without interrupting activity at the primary data center.
Which of the following does NOT offer authentication, authorization, and accounting (AAA) services? A. Remote Authentication Dial-In User Service (RADIUS) B. Terminal Access Controller Access Control System Plus (TACACS+) C. Redundant Array of Independent Disks (RAID) D. DIAMETER
C. Redundant Array of Independent Disks (RAID) RAID is a business continuity technology, not an authentication, authorization, and accounting service. RADIUS, TACACS+, and DIAMETER are all AAA services.
Karen is a hacker. She wants to access a server and control it remotely. The tool she plans to use is a type of Trojan. What tool will Karen use for this purpose? A. Ping B. Network mapper (Nmap) C. Remote Access Tool (RAT) D. Simple Network Management Protocol (SNMP) agent
C. Remote Access Tool (RAT) RAT is a Trojan that, when executed, enables an attacker to remotely control and maintain access to a compromised computer. Ahead: Anatomy of an Attack Complexity: Medium Subject: Chapter 8 Taxonomy: Apply Title: Malicious Software and Attack Vectors
Earl is preparing a risk register for his organization's risk management program. Which data element is LEAST likely to be included in a risk register? A. Description of the risk B. Expected impact C. Risk survey results D. Mitigation steps
C. Risk survey results The risk register can contain many different types of information but should contain at a minimum: a description of the risk, the expected impact if the associated event occurs, the probability of the event occurring, steps to mitigate the risk, steps to take should the event occur, and the rank of the risk. Risk survey results are not typically included in a risk register.
As a follow-up to her annual testing, Holly would like to conduct quarterly disaster recovery tests that introduce as much realism as possible but do not require the use of technology resources. What type of test should Holly conduct? A. Checklist test B. Parallel test C. Simulation test D. Structured walk-through
C. Simulation test A simulation test is more realistic than a structured walk-through. In a simulation test, the DRP team uses role playing and follows through with as many of the effects of a simulated disaster as possible without affecting live operations.
Which set of characteristics describes the Caesar cipher accurately? A. Asymmetric, block, substitution B. Asymmetric, stream, transposition C. Symmetric, stream, substitution D. Symmetric, block, transposition
C. Symmetric, stream, substitution: Substitution Cipher Explanation: The Caesar cipher is an example of a substitution cipher because it changes the letters in a message. It is not a transposition cipher because it does not rearrange the letters. It is also a stream cipher rather than a block cipher because it works on one character at a time. It is a symmetric, not an asymmetric cipher, because both the sender and receiver use the same key.
Which type of cipher works by rearranging the characters in a message? A. Substitution B. Steganographic C. Transposition D. Asymmetric
C. Transposition: Transposition Ciphers Explanation: A transposition cipher does not alter the characters in a message. Instead, it rearranges them using a complex pattern and requires that the receiver unscramble them following the reverse pattern.
Jody would like to find a solution that allows real-time document sharing and editing between teams. Which technology would best suit her needs?
Collaboration
In Mobile IP, what term describes a device that would like to communicate with a mobile node (MN)?
Correspondent node (CN)
Which characteristic of a biometric system measures the system's accuracy using a balance of different error types?
Crossover error rate (CER)
What is NOT a valid encryption key length for use with the Blowfish algorithm? A. 32 bits B. 64 bits C. 256 bits D. 512 bits
D. 512 bits: Symmetric Key Standards Explanation: The Blowfish algorithm uses a symmetric encryption key with any length between 32 and 448 bits. A 512-bit key is too long for use with Blowfish.
Alan is evaluating different biometric systems and is concerned that users might not want to subject themselves to retinal scans due to privacy concerns. Which characteristic of a biometric system is he considering? A. Accuracy B. Reaction time C. Dynamism D. Acceptability
D. Acceptability The measure of user comfort is the acceptability of the system. Certain biometric measurements, such as retinal scans, are more objectionable to some users than other biometric measurements, such as signature dynamics. It's important to note that if users are not comfortable using a system, they may refuse to submit to it.
Ed wants to make sure that his system is designed in a manner that allows tracing actions to an individual. Which phase of access control is Ed concerned about? A. Identification B. Authentication C. Authorization D. Accountability
D. Accountability The process of associating actions with users for later reporting and research is known as accountability. It ensures that a person who access or makes changes to data or systems can be identified.
Which item in a Bring Your Own Device (BYOD) policy helps resolve intellectual property issues that may arise as the result of business use of personal devices? A. Support ownership B. Onboarding/offboarding C. Forensics D. Data ownership
D. Data ownership
Alice and Bob would like to communicate with each other using a session key but they do not already have a shared secret key. Which algorithm can they use to exchange a secret key? A. Rivest, Shamir, Adelman (RSA) B. Message digest algorithm (MD5) C. Blowfish D. Diffie-Hellman
D. Diffie-Hellman: 20th-Century Cryptography Explanation: Using the Diffie-Hellman algorithm, the sender and receiver use asymmetric encryption to securely exchange symmetric keys. After the initial key exchange, each party can then use symmetric encryption to encrypt and decrypt data.
What is the first step in a disaster recovery effort? A. Respond to the disaster. B. Follow the disaster recovery plan (DRP). C. Communicate with all affected parties. D. Ensure that everyone is safe.
D. Ensure that everyone is safe. The first critical step in a disaster recovery plan is to ensure that everyone is safe. The second step is responding to the disaster before pursuing recovery, and the final step is following the DRP, which includes communicating with all affected parties.
What type of function generates the unique value that corresponds to the contents of a message and is used to create a digital signature? A. Elliptic curve B. Decryption C. Encryption D. Hash
D. Hash: Hash Functions Explanation: Hash functions create a unique, fixed-length output for any given input. This hash value, also known as a message digest, is used to create a digital signature.
What is a single sign-on (SSO) approach that relies upon the use of key distribution centers (KDCs) and ticket-granting servers (TGSs)? A. Secure European System for Applications in a Multi-Vendor Environment (SESAME) B. Lightweight Directory Access Protocol (LDAP) C. Security Assertion Markup Language (SAML) D. Kerberos
D. Kerberos Kerberos uses both KDCs and TGSs in the authentication and authorization process to provide legitimate users with access to systems appropriate to their authorization level.
Which of the following is NOT a benefit of cloud computing to organizations? A. On-demand provisioning B. Improved disaster recovery C. No need to maintain a data center D. Lower dependence on outside vendors
D. Lower dependence on outside vendors Cloud computing increases the need to rely upon outside vendors. Releasing private data to a cloud service provider requires some level of trust in that provider.
. When Patricia receives a message from Gary, she wants to be able to demonstrate to Sue that the message actually came from Gary. What goal of cryptography is Patricia attempting to achieve? A. Confidentiality B. Integrity C. Authentication D. Nonrepudiation
D. Nonrepudiation Explanation: Nonrepudiation enables you to prevent a party from denying a previous statement or action. Using asymmetric key cryptography, you can prove mathematically—usually to the satisfaction of a judge or jury—that a particular party did indeed originate a specific message at a specific time.
Which of the following allows a certificate authority (CA) to revoke a compromised digital certificate in real time? A. Certificate revocation list (CRL) B. International Data Encryption Algorithm (IDEA) C. Transport Layer Security (TLS) D. Online Certificate Status Protocol (OCSP)
D. Online Certificate Status Protocol (OCSP): Asymmetric Key Solutions Explanation: OCSP provides certificate authorities with the means necessary to revoke digital certificates in real-time.
Which one of the following is NOT an advantage of biometric systems? A. Biometrics require physical presence. B. Biometrics are hard to fake. C. Users do not need to remember anything. D. Physical characteristics may change.
D. Physical characteristics may change. The fact that physical characteristics of a user may change is a disadvantage of biometric systems because significant changes that affect the access profile will result in false rejections that require reenrollment of the user.
Tomahawk Industries develops weapons control systems for the military. The company designed a system that requires two different officers to enter their access codes before allowing the system to engage. Which principle of security is this following? A. Least privilege B. Security through obscurity C. Need to know D. Separation of duties
D. Separation of duties Separation of duties is the process of dividing a task into a series of unique activities performed by different people, each of whom is allowed to execute only one part of the overall task.
Which technology can be used to protect the privacy rights of individuals and simultaneously allow organizations to analyze data in aggregate?
Deidentification
What is a key principle of risk management programs?
Don't spend more to protect an asset than it is worth.
What protocol is responsible for assigning IP addresses to hosts on most networks?
Dynamic Host Configuration Protocol (DHCP)
Which one of the following is NOT an area of critical infrastructure where the Internet of Things (IoT) is likely to spur economic development in less developed countries?
E-commerce
Lincoln is a network security specialist. He is updating the password policy for his company's computing infrastructure. His primary method of improving password policy involves lowering the chance that an attacker can compromise and use the password before it expires. What does he do? Requires all passwords to contain at least eight alphanumeric characters Mandates that no password includes words common in an English dictionary Enables a 30-day password change policy Forbids a password being changed to any of the previous 10 passwords listed in the password history
Enables a 30-day password change policy
What mathematical problem forms the basis of most modern cryptographic algorithms?
Factoring large primes
A border router can provide enhanced features to internal networks and help keep subnet traffic separate.
False
A subnet mask is a partition of a network based on IP addresses.
False
Implicit deny is when firewalls look at message addresses to determine whether a message is being sent around an unending loop.
False
Internet Control Message Protocol (ICMP) is a method of IP address assignment that uses an alternate, public IP address to hide a system's real IP address.
False
The Transport Layer of the OSI Reference Model creates, maintains, and disconnects communications that take place between processes over the network.
False
True or False? The four central components of access control are users, resources, actions, and features. True False
False The four central components of access control are users, resources, actions, and RELATIONSHIP.
True or False? An authentication, authorization, and accounting (AAA) server, such as Remote Authentication Dial-In User Service (RADIUS), is a type of decentralized access control. True False
False An authentication, authorization, and accounting (AAA) server, such as Remote Authentication Dial-In User Service (RADIUS), is a type of CENTRALIZED access control.
True or False? Authentication by characteristics/biometrics is based on something you have, such as a smart card, a key, a badge, or either a synchronous or asynchronous token. True False
False Authentication by OWNERSHIP is based on something you have, such as a smart card, a key, a badge, or either a synchronous or asynchronous token.
True or False? The number of failed logon attempts that trigger an account action is called an audit logon event. True False
False The number of failed logon attempts that trigger an account action is called the THRESHOLD. Audit logon events provide you with a record of when every user logs on or off a computer.
True or False? Voice pattern biometrics are accurate for authentication because voices cannot easily be replicated by computer software. True False
False Voice patterns biometrics are not accurate for authentication because voices can be too easily replicated by computer software and accuracy can be further diminished by background noise.
IoT devices cannot share and communicate your IoT device data to other systems and applications without your authorization or knowledge.
False.
Regarding the Internet of Things (IoT), a business involved in utilities, critical infrastructure, or environmental services can benefit from traffic-monitoring applications.
False. City and public service traffic-monitoring applications—Smart cities can monitor and report on real-time traffic conditions and redirect traffic flow during rush-hour conditions with near real-time updates to mobile applications accessible to smart cars. City parking garages can pinpoint available parking spots.
Connectivity is one of the five critical challenges that the Internet of Things (IoT) has to overcome.
False. Security, Privacy, Interoperability, Legal and Regulatory Compliance, Emerging Social and Economic issues.
Bricks-and-mortar stores are completely obsolete now.
False. They have global reach
Store-and-forward communications should be used when you need to talk to someone immediately.
False. Use a Telephone or VoIP
A bricks-and-mortar strategy includes marketing and selling goods and services on the Internet.
False. While they can adapt and use these strategies, the original intent of brick-and-mortar stores are to sell at location.
A packet-filtering firewall remembers information about the status of a network communication.
Falsle
Which compliance obligation includes security requirements that apply specifically to federal government agencies in the United States?
Federal Information Security Management Act (FISMA)
Which one of the following governs the use of Internet of Things (IoT) by healthcare providers, such as physicians and hospitals?
Health Insurance Portability and Accountability Act(HIPAA)
Which one of the following is an example of a business-to-consumer (B2C) application of the Internet of Things (IoT)?
Health Monitoring
What are the different layers involved in cyber-physical attacks, as illustrated in the article "To Kill a Centrifuge"?
IT layer, Control System, Physical
What is NOT a commonly used endpoint security technique?
Network Firewall
What level of technology infrastructure should you expect to find in a cold site alternative data center facility?
No technology infrastructure
When Patricia receives a message from Gary, she wants to be able to demonstrate to Sue that the message actually came from Gary. What goal of cryptography is Patricia attempting to achieve?
Non Repudiation
Hilda is troubleshooting a problem with the encryption of data. At which layer of the OSI Reference Model is she working?
Presentation
Violet deploys an intrusion prevention system (IPS) on her network as a security control. What type of control has Violet deployed?
Preventative
What is NOT a goal of information security awareness programs?
Punish users who violate policy
Which of the following does NOT offer authentication, authorization, and accounting (AAA) services?
Redundant Array of Independent Disks (RAID)
What firewall approach is shown in the figure?
Screened subnet
From a security perspective, what should organizations expect will occur as they become more dependent upon the Internet of Things (IoT)?
Security risks will increase.
Which scenario presents a unique challenge for developers of mobile applications?
Selecting multiple items from a list
Karen is designing a process for issuing checks and decides that one group of users will have the authority to create new payees in the system while a separate group of users will have the authority to issue checks to those payees. The intent of this control is to prevent fraud. Which principle is Karen enforcing?
Separation of duties
Tomahawk Industries develops weapons control systems for the military. The company designed a system that requires two different officers to enter their access codes before allowing the system to engage. Which principle of security is this following?
Separation of duties
What is an example of two-factor authentication (2FA)? Token and smart card PIN and password Smart card and personal identification number (PIN) Password and security questions
Smart card and personal identification number (PIN)
Kaira's company recently switched to a new calendaring system provided by a vendor. Kaira and other users connect to the system, hosted at the vendor's site, using a web browser. Which service delivery model is Kaira's company using?
Software as a Service (SaaS)
Which element of the IT security policy framework provides detailed written definitions for hardware and software and how they are to be used?
Standard
What type of network device normally connects directly to endpoints and uses MAC-based filtering to limit traffic flows?
Switch
Which set of characteristics describes the Caesar cipher accurately?
Symmetric, stream, substitution
What is NOT generally a section in an audit report?
System configurations
What type of security monitoring tool would be most likely to identify an unauthorized change to a computer system?
System integrity monitoring
Which one of the following is an advantage that the Internet of Things (IoT) brings to economic development for countries?
Technical and industry development
Which one of the following is NOT an example of store-and-forward messaging?
Telephone call
Which term describes any action that could damage an asset?
Threat
A network protocol governs how networking equipment interacts to deliver data across the network.
True
A wireless access point (WAP) is the connection between a wired and wireless network.
True
Internet Small Computer System Interface (iSCSI) is a storage networking standard used to link data storage devices to networks using IP for its transport layer.
True
Network access control (NAC) works on wired and wireless networks.
True
TCP/IP is a suite of protocols that operates at both the Network and Transport layers of the OSI Reference Model.
True
The Data Link Layer of the OSI Reference Model is responsible for transmitting information on computers connected to the same local area network (LAN).
True
The OSI Reference Model is a theoretical model of networking with interchangeable layers.
True
The Physical Layer of the OSI Reference Model must translate the binary ones and zeros of computer language into the language of the transport medium.
True
The term "router" describes a device that connects two or more networks and selectively interchanges packets of data between them.
True
Each 4G device has a unique Internet Protocol (IP) address and appears just like any other wired device on a network.
True.
In e-business, secure web applications are one of the critical security controls that each organization must implement to reduce risk.
True.
IoT technology has a significant impact on developing economies, given that it can transform countries into e-commerce-ready nations.
True.
Metadata of Internet of Things (IoT) devices can be sold to companies seeking demographic marketing data about users and their spending habits.
True.
One of the first industries to adopt and widely use mobile applications was the health care industry.
True.
Some vending machines are equipped with a cellular phone network antenna for secure credit card transaction processing.
True.
Using Mobile IP, users can move between segments on a local area network (LAN) and stay connected without interruption.
True.
Bob has a high-volume virtual private network (VPN). He would like to use a device that would best handle the required processing power. What type of device should he use?
VPN concentrator
Val would like to isolate several systems belonging to the product development group from other systems on the network, without adding new hardware. What technology can she use?
Virtual LAN (VLAN)
Dawn is selecting an alternative processing facility for her organization's primary data center. She would like to have a facility that balances cost and switchover time. What would be the best option in this situation?
Warm site
Gary is configuring a Smartphone and is selecting a wireless connectivity method. Which approach will provide him with the highest speed wireless connectivity?
Wi-Fi
What type of network connects systems over the largest geographic area?
Wide area network (WAN)
What wireless security technology contains significant flaws and should never be used?
Wired Equivalent Privacy (WEP)
What is NOT a service commonly offered by unified threat management (UTM) devices?
Wireless network access
Which type of attack involves the creation of some deception in order to trick unsuspecting users?
fabrication
Quantum computers will make obsolete many current encryption systems designed based on classical computers, because:
faster efficiency
Kim is the risk manager for a large organization. She is evaluating whether the organization should purchase a fire suppression system. She consulted a variety of subject matter experts and determined that there is a 1 percent chance that a fire will occur in a given year. If a fire occurred, it would likely cause $2 million in damage to the facility, which has a $10 million value. Given this scenario, what is the exposure factor?
20 percent
What is the maximum value for any octet in an IPv4 IP address?
255
Henry's last firewall rule must allow inbound access to a Windows Terminal Server. What port must he allow?
3389
Henry would like to create a different firewall rule that allows encrypted web traffic to reach a web server. What port is used for that communication?
443 HTTP over SSL
What is NOT a valid encryption key length for use with the Blowfish algorithm?
512 bits
Juan's web server was down for an entire day last September. It experienced no other downtime during that month. Which one of the following represents the web server uptime for that month?
96.67%
What standard is NOT secure and should never be used on modern wireless networks? A. Wired Equivalent Privacy (WEP) B. Wi-Fi Protected Access (WPA) C. Wi-Fi Protected Access version 2 (WPA2) D. 802.11ac
A. Wired Equivalent Privacy (WEP): A Reference: Wireless Security Explanation: The WEP algorithm is cryptographically insecure and should no longer be used. WPA and its successor WPA2 are both strong, secure wireless encryption algorithms. 802.11ac is a modern Wi-Fi transmission protocol and is acceptable for use.
Alan is evaluating different biometric systems and is concerned that users might not want to subject themselves to retinal scans due to privacy concerns. Which characteristic of a biometric system is he considering?
Acceptability
Which formula is typically used to describe the components of information security risks? A. Risk = Likelihood X Vulnerability B. Risk = Threat X Vulnerability C. Risk = Threat X Likelihood D. Risk = Vulnerability X Cost
B. Risk = Threat X Vulnerability The risk equation is Risk = Threat X Vulnerability. A threat is the frequency of any event. In most cases, the events in the threat equation are negative or adverse events. Vulnerability is the likelihood that a specific threat will successfully be carried out. Multiplying the probability of a threat and the likelihood of a vulnerability yields the risk of that particular event
Karen would like to use a wireless authentication technology similar to that found in hotels where users are redirected to a webpage when they connect to the network. What technology should she deploy?
Captive portal
Which type of password attack is used on weak passwords and compares a hashed value of the passwords to the system password file to find a match? Brute-force attack Dictionary attack Social engineering attack Rainbow table attack
Dictionary attack
Gwen's company is planning to accept credit cards over the Internet. Which one of the following governs this type of activity and includes provisions that Gwen should implement before accepting credit card transactions?
Payment Card Industry Data Security Standard (PCI DSS)
Marguerite is creating a budget for a software development project. What phase of the system lifecycle is she undertaking?
Project initiation and planning
Christopher is designing a security policy for his organization. He would like to use an approach that allows a reasonable list of activities but does not allow other activities. Which permission level is he planning to use?
Prudent
Barbara is investigating an attack against her network. She notices that the Internet Control Message Protocol (ICMP) echo replies coming into her network far exceed the ICMP echo requests leaving her network. What type of attack is likely taking place?
Smurf
Which classification level is the highest level used by the U.S. federal government?
Top Secret
Which type of cipher works by rearranging the characters in a message?
Transposition
The three main categories of network security risk are reconnaissance, eavesdropping, and denial of service.
True
Bring Your Own Device (BYOD) opens the door to considerable security issues.
True.
Wen is a network engineer. For several months, he has been designing a system of controls to allow and restrict access to network assets based on various methods and information. He is currently configuring the authentication method. What does this method do? Determines how actions can be traced to an individual Grants or denies a requestor access and what they can do on a network Answers the question "who is asking to access the asset?" Verifies that requestors are who they claim to be
Verifies that requestors are who they claim to be
What is the only unbreakable cipher when it is used properly?
Vernam
The ___________ is the central part of a computing environment's hardware, software, and firmware that enforces access control. CPU security kernel memory coprocessor
security kernel
In a blockchain, once the transaction is validated, how are the records of the transaction kept?
within seconds across all nodes