Secruity + ( ALL QUIZ mistake) – Flashcards
Unlock all answers in this set
Unlock answersquestion
The Authorize step of the NIST six-step approach to the risk management framework involves all but which of the following tasks? determine if the cost/benefit ratio is acceptable assemble the security authorization package prepare the plan of action and develop milestones determine the risk to organizational operations
answer
determine if the cost/benefit ratio is acceptable
question
Network firewall entry and exit points are called ____. proxies gateways sockets ports
answer
ports
question
Which statement represents a packet-filtering best practice? Any inbound packet must have a source address that is in your internal network Keep all packets that use the IP header source routing feature. If your Web server is located behind the firewall, you need to allow HTTP or HTTPS (S-HTTP) data through for the Internet at large to view it. Any outbound packet must not have a source address that is in your internal network.
answer
If your Web server is located behind the firewall, you need to allow HTTP or HTTPS (S-HTTP) data through for the Internet at large to view it.
question
Which statement represents a packet-filtering best practice? Any inbound packet must have a source address that is in your internal networkKeep all packets that use the IP header source routing feature.If your Web server is located behind the firewall, you need to allow HTTP or HTTPS (S-HTTP) data through for the Internet at large to view it. Any outbound packet must not have a source address that is in your internal network.
answer
If your Web server is located behind the firewall, you need to allow HTTP or HTTPS (S-HTTP) data through for the Internet at large to view it.
question
What protocol breaks a message into numbered segments so that it can be transmitted? IP UDP ICMP NAT
answer
UDP
question
Which of the following functions of Information Security Management seeks to dictate certain behavior within the organization through a set of organizational guidelines? programs planning policy people
answer
policy
question
The use of ____ is required to achieve RSN compliance. WPA2 EAP TKIP CCMP
answer
CCMP ( Counter Mode with Cipher Block Chaining Message Authentication Code Protocol)
question
Which of the following is a C.I.A. characteristic that ensures that only those with sufficient privileges and a demonstrated need may access certain information? Confidentiality Availability Integrity Authentication
answer
Confidentiality
question
Which wireless modulation technique addresses the transmission of the data stream that has been properly encoded onto the radio signal? BPSK Spread-spectrum transmission QPSK QAM
answer
Spread-spectrum transmission
question
____ is an attack that sends unsolicited messages to Bluetooth-enabled devices. Bluecracking Bluesnarfing Bluetalking Bluejacking
answer
Bluejacking
question
Which law requires mandatory periodic training in computer security awareness and accepted computer security practice for all employees who are involved with the management, use, or operation of each federal computer system? National Information Infrastructure Protection Act Computer Fraud and Abuse Act The Computer Security Act The Telecommunications Deregulation and Competition Act
answer
The Computer Security Act
question
Known as the ping service, use of ____ traffic is a common method for hacker reconnaissance and should be turned off to prevent snooping. UDP ICMP IPconfig SMTP
answer
ICMP
question
Who is responsible for maintaining control of the field evidence log and locker? Incident manager Imager Scribe Forensic examiner
answer
Scribe
question
In large organizations, ____ are skilled in the operations of particular tools used to gather the analysis information. forensic analysts forensic examiners incident managers application programmers
answer
forensic examiners
question
Which of the following InfoSec measurement specifications makes it possible to define success in the security program? establishing targets prioritization and selection development approach measurements templates
answer
establishing targets
question
Which type of security policy is intended to provide a common understanding of the purposes for which an employee can and cannot use a resource? user-specific issue-specific system-specific enterprise information
answer
issue-specific
question
EAP request packets are issued by the ____. proxy authenticator supplicant authentication server
answer
authenticatior
question
Which type of planning is used to organize the ongoing, day-to-day performance of tasks? Tactical Strategic Organizational Operational
answer
Operational
question
A risk assessment is performed during which phase of the SecSDLC? investigation implementation design analysis
answer
analysis
question
____ is a framework for transporting authentication protocols instead of the authentication protocol itself. PEAP TKIP SSL EAP
answer
EAP (Extensible Authentication Protocol)
question
Two examples of security best practices include: "Decision paper on use of screen warning banner", and "Sample warning banner from the NLRB". Under which best security practice area do these two examples fall? policy and procedures identification and authentication personnel security logical access controls
answer
Logical access controls
question
The IEEE 802.15.1-2005 Wireless Personal Area Network standard was based on the ____ specifications. Bluetooth v 1.0 Bluetooth v1.2 Bluetooth v 1.1 Bluetooth v2.1
answer
Bluetooth v1.2
question
The basic outcomes of InfoSec governance should include all but which of the following? Time management by aligning resources with personnel schedules and organizational objectives Value delivery by optimizing InfoSec investments in support of organizational objectives Performance measurement by measuring, monitoring, and reporting information security governance metrics to ensure that organizational objectives are achieved Resource management by utilizing information security knowledge and infrastructure efficiently and effectively
answer
Resource management by utilizing information security knowledge and infrastructure efficiently and effectively
question
____ involves horizontally separating words, although it is still readable by the human eye. GIF layering Geometric variance Layer variance Word splitting
answer
Word splitting
question
Application ____ are control devices that can restrict internal users from unlimited access to the Internet. appliances programs proxies gateways
answer
proxies
question
A collection of BSSs connected by one or more DSs is referred to as an ____ service set (ESS). eccentric electric elaborate extended
answer
extended
question
Which of the following is Tier 3 (indicating tactical risk) of the tiered risk management approach? organization mission/business process information system accounting/logistics
answer
information system
question
Which of the following is the study of the rightness or wrongness of intentions and motives as opposed to the rightness or wrongness of the consequences and is also known as duty- or obligation-based ethics? Meta-ethics Applied ethics Deontological ethics Normative ethics
answer
Denotological ethics
question
What do audit logs that track user activity on an information system provide? authentication accountability authorization identification
answer
accountability
question
A ____ virus infects program executable files. program macro companion boot sector
answer
Program
question
____ builds on the encoding format of the MIME protocol and uses digital signatures based on public-key cryptosystems to secure e-mail. SSH PGP S/MIME SSL
answer
s/MIME
question
The most basic type of cryptographic algorithm is a ____ algorithm. hash block digest key
answer
Hash
question
Which cipher simply rearranges the values within a block to create the ciphertext? Vigenère Square Substitution Caesar Transposition
answer
Transposition
question
The____ is a symmetric cipher that was approved by the NIST in late 2000 as a replacement for DES. Twofish RSA 3DES AES
answer
AES ( Advanced Encryption Standard)
question
In large organizations, ____ know operating systems and networks as well as how to interpret the information gleaned by the examiners. forensic analysts application programmers incident managers forensic examiners
answer
forensic analysts
question
Symmetric encryption is also called ____ cryptography. private key shared key symmetric key public key
answer
private key
question
The most common hybrid cryptography system is based on the ____ key exchange, which is a method for exchanging private keys using public-key encryption. DES MAC RSA Diffie-Hellman
answer
Diffie-Hellman
question
When deploying ciphers, users have to decide on the ____ of the cryptovariable or key. symmetry size transportability security
answer
Size
question
The algorithm ____ is a block cipher that operates on 64-bit blocks and can have a key length from 32 to 448 bits. 3DES RSA Blowfish AES
answer
Blowfish
question
The ____ provides recommended baseline security requirements for the use and operation of CA, RA, and other PKI components. CP AP DP LP
answer
CP (Certificate Policy)
question
A(n) ____ is used to sniff network traffic. scribe write blocker Ethernet tap cartwheeler
answer
Ethernet tap
question
At the ____ stage of the certificate life cycle, the certificate is no longer valid. suspension creation expiration revocation
answer
revocation
question
Which symmetric encryption cryptosystems was developed to replace both DES and 3DES? AES WEP DES RSA
answer
AES (Advanced Encryption Standard)
question
Which audience is interested in analysis report issues in terms of compliance with organizational policies? Forensic experts Upper management Attorneys Auditors
answer
Auditors
question
____ is text that has no formatting (such as bolding or underlining) applied. Simpletext Plain text Plaintext Simple text
answer
Plain text
question
Digital ____ authenticate the cryptographic key that is embedded in the certificate. certificates signatures hashes logs
answer
Certificate
question
A ____ cipher rearranges letters without changing them. loop block substitution transposition
answer
transportion
question
____ is an open-source protocol framework for security development within the TCP/IP family of protocol standards. IPSec RSA SSL SSH
answer
IPSec (Internet Protocol Security )
question
The ____ protocol is used for public-key encryption to secure a channel over the Internet. RSA SSL IPSec SSH
answer
SSL (Secure Sockets Layer)
question
A disadvantage of hardware imaging platforms is that they are ____. time consuming costly unreliable fragmented
answer
costly
question
At the ____ stage of the certificate life cycle, the certificate can no longer be used. creation revocation suspension expiration
answer
expiration
question
____ accepts spoken words for input as if they had been typed on the keyboard. Speech recognition Linguistic recognition Speech differentiation Text recognition
answer
Speech recognition
question
Microsoft is Windows ____ is a feature of Windows that is intended to provide users with control of their digital identities while helping them to manage privacy. CryptoAPI CAPI MAPI CardSpace
answer
CardSpace
question
____ holds the promise of reducing the number of usernames and passwords that users must memorize. ISO SSL SSO IAM
answer
SSO (Single Sign-ON)
question
____ allows clients and the server to negotiate independently encryption, authentication, and digital signature methods, in any combination, in both directions. Telnets HTTPS SFTP SHTTP
answer
SHTTP
question
Encryption methodologies that require the same secret key to encipher and decipher the message are using ____ encryption or symmetric encryption. monoalphabetic private key monolithic public key
answer
private key
question
The primary function of a(n) ____ is to verify the identity of the individual. PA RA DA CA
answer
RA (registration authority)
question
____ is using a single authentication credential that is shared across multiple networks. Risk management Authorization management Access management Identity management
answer
Identity management
question
Which of the following biometric authentication systems is the most accepted by users? signature recognition keystroke pattern recognition fingerprint recognition retina pattern recognition
answer
Keystroke pattern recognition
question
____ is related to the perception, thought process, and understanding of the user. Reactive biometrics Standard biometrics Cognitive biometrics Affective biometrics
answer
Cognitive biometrics
question
Due to the limitations of online guessing, most password attacks today use ____. token replay hash replay online cracking offline cracking
answer
offline cracking
question
Which of the following is true about symmetric encryption? uses a secret key to encrypt and decrypt it requires four keys to hold a conversation uses a private and public key it is also known as public key encryption
answer
uses a secret key to encrypt and decrypt
question
A ____ silently captures and stores each keystroke that a user types on the computer's keyboard. worm rootkit backdoor keylogger
answer
keylogger
question
What is most commonly used for the goal of nonrepudiation in cryptography? PKI secret key digital signature block cipher
answer
digital signature
question
Which of the following is a criteria used to compare and evaluate biometric technologies? false reject rate crossover correction rate valid reject rate valid accept rate
answer
False reject rate
question
A ____ is an independently rotating large cups affixed to the top of a fence prevent the hands of intruders from gripping the top of a fence to climb over it. top hat bollard roller barrier fence
answer
roller barrier
question
Which type of IDPS is also known as a behavior-based intrusion detection system? host-based anomaly-based signature-based network-based
answer
anomaly-based
question
If a user typically accesses his bank's Web site from his home computer on nights and weekends, then this information can be used to establish a ____ of typical access. computer footprint system usage map beachhead
answer
Computer footprint
question
____ is a general term that refers to a wide variety of damaging or annoying software programs. Harmware Trashware Malware Bloatware
answer
Malware
question
____ is a system of security tools that is used to recognize and identify data that is critical to the organization and ensure that it is protected. ADP LLP DLP IDS
answer
DLP
question
A botnet consisting of thousands of zombies enables an attacker to send massive amounts of spam. Some botnets can also harvest e-mail addresses. This is known as ____. spamming spreading malware denying services manipulating online polls
answer
spamming
question
____ are combination locks that use buttons which must be pushed in the proper sequence to open the door. Cipher locks Reaction locks Multifactor locks Biometric locks
answer
Cipher locks
question
A ____ is a secret combination of letters, numbers, and/or characters that only the user should know. biometric detail password token challenge
answer
password
question
____ accepts spoken words for input as if they had been typed on the keyboard. Speech recognition Linguistic recognition Speech differentiation Text recognition
answer
Speech recognition
question
____ are hardware devices or software modules that perform encryption to secure data, perform authentication to make sure the host requesting the data is an approved user of the VPN, and perform encapsulation to protect the integrity of the information being sent. Access points Tunnels Concentrators Endpoints
answer
Endpoints
question
____ holds the promise of reducing the number of usernames and passwords that users must memorize. SSL ISO IAM SSO
answer
SSO (Single Sign On)
question
____ attack is where every possible combination of letters, numbers, and characters is used to create encrypted passwords. Brute force Space division Known plaintext Known ciphertext
answer
Brute force
question
Which access control principle is most frequently associated with data classification? Need to know Separation of duties Least privilege Role based controls
answer
Need to know
question
Which of the following is a Kerberos service that initially exchanges information with the client and server by using secret keys? Authentication Client Key Distribution Center Ticket Granting Service Authentication Server
answer
Key Distribution Center
question
____ can use fingerprints or other unique characteristics of a person's face, hands, or eyes (irises and retinas) to authenticate a user. Affective biometrics Reactive biometrics Cognitive biometrics Standard biometrics
answer
Standard biometrics
question
Once an information asset is identified, categorized, and classified, what must also be assigned to it? relative value location ID asset tag threat risk
answer
Relative Value
question
Which of the following is NOT among the typical columns in the ranked vulnerability risk worksheet? risk-rating factor uncertainty percentage vulnerability likelihood asset impact
answer
uncertainty percentage
question
Which of the following provides an identification card of sorts to clients who request services in a Kerberos system? Authentication Server Authentication Client Key Distribution Center Ticket Granting Service
answer
Ticket Granting Service
question
Which of the following affects the cost of a control? liability insurancemaintenance CBA report asset resale
answer
maintenance
question
Once a control strategy has been selected and implemented, what should be done on an ongoing basis to determine their effectiveness and to estimate the remaining risk? monitoring and measurement analysis and adjustment review and reapplication evaluation and funding
answer
monitoring and measurement
question
Which of the following is a network device attribute that may be used in conjunction with DHCP, making asset-identification using this attribute difficult? MAC address part number IP address serial number
answer
IP address
question
Asset classification schemes should categorize information assets based on which of the following? value and uniqueness cost and replacement value sensitivity and security needs ease of reproduction and fragility
answer
Sensitivity and Security needs
question
In which phase of the SecSDLC does the risk management task occur? physical design implementation analysis investigation
answer
analysis
question
Which of the following determines acceptable practices based on consensus and relationships among the communities of interest. operational feasibility technical feasibility political feasibility organizational feasibility
answer
Political feasibility
question
Which technology employs sockets to map internal private network addresses to a public address using a one-to-many mapping? private address mapping screened subnet firewall port-address translation network-address translation
answer
port-address translation
question
The identification and assessment of levels of risk in an organization describes which of the following? Risk analysis Risk reduction Risk assessment Risk identification
answer
Risk analysis
question
Which of the following is a network device attribute that is tied to the network interface? IP address serial number MAC address model number
answer
MAC address
question
Which tool can identify active computers on a network? trap and trace packet sniffer port scanner honey pot
answer
port scanner
question
An estimate made by the manager using good judgement and experience can account for which factor of risk assessment? assessing potential loss risk determination uncertainty likelihood and consequences
answer
Uncertainty
question
What should you be armed with to adequately assess potential weaknesses in each information asset? list of known threats audited accounting spreadsheet properly classified inventory intellectual property assessment
answer
properly classified inventory
question
What is the first phase of the SecSDLC (Security System Developemtn LIfe Cycle) ? logical design analysis investigation physical design
answer
investigation
question
Which of the following is a key advantage of the bottom-up approach to security implementation? a. coordinated planning from upper management b. strong upper-management support c. a clear planning and implementation process d. utilizes the technical expertise of the individual administrators
answer
utilizes the technical expertise of the individual administrator
question
Each manager in the organization should focus on reducing risk. This is often done within the context of one of the three communities of interest, which includes all but which of the following? IT management must serve the IT needs of the broader organization Executive management must develop corporate-wide policies General management must structure the IT and InfoSec functions InfoSec management must lead the way with skill, professionalism, and flexibility
answer
Executive management must develop corporate-wide policies
question
Strategies to limit losses before and during a disaster is covered by which of the following plans in the mitigation control approach? incident response plan damage control plan business continuity plan disaster recovery plan
answer
disaster recovery plan
question
The basic outcomes of InfoSec governance Value delivery by optimizing InfoSec investments in support of organizational objectives Time management by aligning resources with personnel schedules and organizational objectives Performance measurement by measuring, monitoring, and reporting information security governance metrics to ensure that organizational objectives are achieved Resource management by utilizing information security knowledge and infrastructure efficiently and effectively
answer
Time management by aligning resources with personnel schedules and organizational objectives
question
Which of the following is true about planning? Strategic plans are used to create tactical plans Operational plans are used to create tactical plans Operational plans are used to create strategic plans Tactical plans are used to create strategic plans
answer
Strategic plans are used to create tactical plans
question
Which of the following explicitly declares the business of the organization and its intended areas of operations? vision statement mission statement values statement business statement
answer
mission statement
question
The ISO 27005 Standard for Information Security Risk Management includes five stages including all but which of the following? risk determination risk communication risk treatment risk assessment
answer
risk determination
question
The National Association of Corporate Directors (NACD) recommends four essential practices for boards of directors. Which of the following is NOT one of these recommended practices? Ensure the effectiveness of the corporation's InfoSec policy through review and approval Hold regular meetings with the CIO to discuss tactical InfoSect planning Assign InfoSec to a key committee and ensure adequate support for that committee Identify InfoSec leaders, hold them accountable, and ensure support for them
answer
Hold regular meetings with the CIO to discuss tactical InfoSect planning
question
Which of the following is used in conjunction with an algorithm to make computer data secure from anybody except the intended recipient of the data? cipher plaintext key cryptosystem
answer
key
question
Which of the following can be described as the quantity and nature of risk that organizations are willing to accept as they evaluate the trade-offs between perfect security and unlimited accessibility? risk assurance risk appetite risk termination residual risk
answer
risk appetite
question
Which of the following set the direction and scope of the security process and provide detailed instruction for its conduct? managerial controls system controls technical controls operational controls
answer
managerial controls
question
What is the result of subtracting the post-control annualized loss expectancy and the ACS from the pre-control annualized loss expectancy? exposure factor annualized rate of occurrence cost-benefit analysis single loss expectancy
answer
Cost-benefit analysis
question
The Microsoft Risk Management Approach includes four phases. Which of the following is NOT one of them? implementing controls measuring program effectiveness InfoSec community analysis conducting decision support
answer
InfoSec community analysis
question
The Microsoft Risk Management Approach includes four phases. Which of the following is NOT one of them? implementing controls measuring program effectiveness InfoSec community analysis conducting decision support
answer
InfoSec community analysis
