Study with the several resources on Docsity
Earn points by helping other students or get them with a premium plan
Prepare for your exams
Study with the several resources on Docsity
Earn points to download
Earn points by helping other students or get them with a premium plan
Community
Ask the community for help and clear up your study doubts
Discover the best universities in your country according to Docsity users
Free resources
Download our free guides on studying techniques, anxiety management strategies, and thesis advice from Docsity tutors
A wide range of cybersecurity topics, including cloud implementation, intrusion detection and prevention systems, access control, cryptography, risk assessment, network security, and more. It provides answers to various security-related questions, highlighting key concepts and best practices in the field of information security. The content is structured in a question-and-answer format, making it a valuable resource for students, professionals, and lifelong learners interested in understanding the fundamentals of cybersecurity and how to apply them in real-world scenarios.
Typology: Exams
1 / 32
How can a symmetric key be securely exchanged over an insecure communication medium when both sides of the communication do not have key pair sets?
If information being protected is critical, which is the best course of action?
Which of the following is the most accurate statement?
Which of the following types of access control is preferred for its ease of administration when there are a large number of personnel with the same job in an organization? - ANSWER Role-based Access Control How does a network access control (NAC) system ensure that only systems with current configurations and the most recently approved updates are allowed to access the production network?
How is account provisioning commonly accomplished?
Which term refers to the security concept that proves a specific individual performed a task and prevents that individual from being able to claim that they did not perform that task? - ANSWER Non-repudiation The disaster recovery plan (DRP) is used to guide the re-creation of mission critical processes in the event of a disaster. Which of the following is a key element that is required as part of restoration planning to ensure that the most current version of the IT infrastructure is restored? - ANSWER Updated configuration documentation A disaster recovery plan (DRP) should focus on restoring mission critical services. Part of the DRP is to ensure that recent data is available for processing once mission critical services are restored. How is data loss addressed in DRP? - ANSWER Through understanding the RPO Which of the following media access methods features a node broadcasting a tone prior to transmitting? - ANSWER CSMA/CA When a client is located behind a firewall that does not allow inbound initiated contact, which of the following will need to be used to support file transfer? - ANSWER Passive FTP What form of monitoring involves the injection of packets into communications in order to measure performance of various elements in the network? - ANSWER Active monitoring Many Web sites use a digital certificate to prove their identity to visitors. Why is the use of digital certificates considered a reliable form of authentication? - ANSWER It is a form of trusted third-party authentication. Which option is not a cloud deployment model? - ANSWER Corporate cloud How is an incident response strategy triggered? - ANSWER By an event Which of the following would best describe the purpose of a trusted platform module? - ANSWER A dedicated microprocessor that offloads cryptographic processing from the CPU while storing cryptographic keys For optimal signal quality, which of the following is correct concerning wireless antenna placement? - ANSWER Place the antenna as high as possible in the center of the service area. Which answer is most accurate regarding a wireless intrusion prevention system? - ANSWER Rogue access points are detected. Which of the following best describes a security policy? - ANSWER Completely aligns with the mission, objectives, culture, and nature of the business
Where should backups be stored? - ANSWER Onsite and offsite The OSI model features how many layers? - ANSWER Seven What is the purpose of a baseline in relation to security monitoring? - ANSWER Notices trends away from normal What are the three main components of a smart lock or an electronic access control (EAC) lock? - ANSWER Credential reader, locking mechanism, door closed sensor The most redundancy and connection speed are offered by which of the following network typologies? - ANSWER Mesh What is the composition of a cryptographic key, whether symmetric or asymmetric? - ANSWER A binary value According to NIST SP 800-30 Revision 1, what is the first major step in risk assessment? - ANSWER Preparation How can an organization protect itself from compromise by accounts that were used by previous employees? - ANSWER Account deactivation Which of the following is most accurate concerning virtualization security? - ANSWER Virtual machine is developed under a hypervisor and utilizes the underlying physical hardware. Why is an enterprise risk management (ERM) program implemented? - ANSWER To establish a proactive risk response strategy The sensitivity adjustment on a biometric authentication device affects which of the following? - ANSWER False acceptance rate and false rejection rate What is the most critical document of the computer forensic process to ensure that evidence is admissible in court? - ANSWER Chain of custody One of the security challenges for big data is controlling access to the data stored within the massive data structure. Efforts to apply traditional access control and authorization settings to individual options within the data store have produced lack-luster results or unsatisfactory performance. A new technique being applied which shows promise. What is the new technique of controlling access to the content of big data information collections? - ANSWER Apply security controls to the output of data-mining operations. How can a user avoid being seriously harmed by ransomware? - ANSWER Have an offline backup.
Organization policies are generally created in response to the requirement to meet certain criteria. Which of the following best details these requirements? - ANSWER Standards The threat evaluation process performed when designing a business continuity plan (BCP) or disaster recovery plan (DRP) evaluates risk in light of work process and is similar in nature to the technique used when designing security policies. What is this threat evaluation process called? - ANSWER Business impact analysis Why is account or identity proofing necessary? - ANSWER It verifies that only the authorized person is able to use a specific user account. How is a baseline used in compliance management? - ANSWER By comparing the current configuration of a system with the required configuration Which of the following offers the highest bandwidth and fiber-optic transmissions? - ANSWER Single-mode What type of technical control can be used in the process of assessing compliance? - ANSWER Auditing What form of social engineering tricks a victim into contacting the attacker to ask for technical support? - ANSWER Reverse social engineering What is the term used to describe the process of a certificate authority extending the expiration date of a digital certificate? - ANSWER Renewal Which malware attempts to embed itself deeply into a system in order to hide itself and other items, such as files, folders, or even executable processes? - ANSWER Rootkit Which cryptography concept is based on trap-door, one-way functions? - ANSWER Asymmetric Which of the following options best describes the concept of hiding information in plain sight? - ANSWER Steganography What is the name of a physical security mechanism that is used to eliminate piggybacking and tailgating and includes two locked doorways? - ANSWER Mantrap Which type of network device is used to create a virtual local area network? - ANSWER A switch What standards-based technology is supported on most platforms and is used as a remote authentication service? - ANSWER RADIUS
Which choice is not a common means of gathering information when performing a risk analysis? - ANSWER Interviewing fired employees Which term is used to describe the role of the person who takes physical control of a crime scene in order to preserve evidence and prevent tampering before the full forensics team arrives? - ANSWER First responder Which of the following is the third canon of the (ISC)2 Code of Ethics? - ANSWER Provide competent and diligent service Which term is used when limiting the amount of network traffic a specific protocol or application is allowed to generate or consume, with the goal of keeping the remainder of the network's capacity free for other communications? - ANSWER Bandwidth throttling What is a service pack? - ANSWER An executable program that loads a number of fixes and system upgrades Which technique best describes a one-to-one search to verify an individual's claim of identity? - ANSWER Authentication In which of the following attacks does an attacker use a previously unknown attack technique or exploit a previously unknown vulnerability? - ANSWER Zero-day attack Which disaster recovery/emergency management plan testing type is considered the most cost-effective and efficient way to identify areas of overlap in the plan before conducting a more demanding training exercise? - ANSWER Structured walk-through test Which term is used when an event triggers an IDS alert, but the event was not malicious? - ANSWER False positive Which statement most accurately describes a virus? - ANSWER It requires an outside action in order to replicate. Properly managing user accounts is an essential element in maintaining security. How should the process of identity management be implemented? - ANSWER Policies and procedures - privileged accounts have significant access capability; define the parameters of use with authorized use policies, nondisclosure agreements, and confidentiality agreements to reduce risk. Which of the following best describes a disaster recovery plan? - ANSWER Documents procedures to restore equipment and facilities to the condition they were in prior to the disaster Which item is not part of the primary security categories? - ANSWER Encryption
Which of the following is the most correct in a digitally signed message transmission using a hash function? - ANSWER The sender's private key encrypts the hash. Which of the following is the most likely to attack using an advanced persistent threat? - ANSWER Nation state B - ANSWER DES - Data Encryption standard has a 128 bit key and is very difficult to break. A. True B. False B - ANSWER What is the main difference between computer abuse and computer crime? A. Amount of damage B. Intentions of the perpetrator C. Method of compromise D. Abuse = company insider; crime = company outsider C - ANSWER A standardized list of the most common security weaknesses and exploits is the __________. A. SANS Top 10 B. CSI/FBI Computer Crime Study C. CVE - Common Vulnerabilities and Exposures D. CERT Top 10 C - ANSWER A salami attack refers to what type of activity? A. Embedding or hiding data inside of a legitimate communication - a picture, etc. B. Hijacking a session and stealing passwords C. Committing computer crimes in such small doses that they almost go unnoticed D. Setting a program to attack a website at11:59 am on New Year's Eve D - ANSWER Multi-partite viruses perform which functions? A. Infect multiple partitions B. Infect multiple boot sectors C. Infect numerous workstations D. Combine both boot and file virus behavior B - ANSWER What security principle is based on the division of job responsibilities - designed to prevent fraud? A. Mandatory Access Control B. Separation of Duties
C. Information Systems Auditing D. Concept of Least Privilege A - ANSWER ________ is the authoritative entity which lists port assignments A. IANA B. ISSA C. Network Solutions D. Register.com E. InterNIC B - ANSWER Cable modems are less secure than DSL connections because cable modems are shared with other subscribers? A. True B. False D - ANSWER ____________ is a file system that was poorly designed and has numerous security flaws. A. NTS B. RPC C. TCP D. NFS E. None of the above Log files - ANSWER Trend Analysis involves analyzing historical ___________ files in order to look for patterns of abuse or misuse. D - ANSWER HTTP, FTP, SMTP reside at which layer of the OSI model? A. Layer 1 - Physical B. Layer 3 - Network C. Layer 4 - Transport D. Layer 7 - Application E. Layer 2 - Data Link D - ANSWER Layer 4 in the DoD model overlaps with which layer(s) of the OSI model? A. Layer 7 - Application Layer B. Layers 2, 3, & 4 - Data Link, Network, and Transport Layers C. Layer 3 - Network Layer D. Layers 5, 6, & 7 - Session, Presentation, and Application Layers
B - ANSWER A Security Reference Monitor relates to which DoD security standard? A. LC B. C C. D D. L2TP E. None of the items listed D - ANSWER The ability to identify and audit a user and his / her actions is known as ____________. A. Journaling B. Auditing C. Accessibility D. Accountability E. Forensics A,B,C - ANSWER There are 5 classes of IP addresses available, but only 3 classes are in common use today, identify the three: (Choose three) A. Class A: 1- 126 B. Class B: 128- 191 C. Class C: 192- 223 D. Class D: 224- 255 E. Class E: 0.0.0.0 - 127.0.0. B - ANSWER The ultimate goal of a computer forensics specialist is to ___________________. A. Testify in court as an expert witness B. Preserve electronic evidence and protect it from any alteration C. Protect the company's reputation D. Investigate the computer crime A - ANSWER One method that can reduce exposure to malicious code is to run applications as generic accounts with little or no privileges. A. True B. False Risk assessment - ANSWER ______________ is a major component of an overall risk management program. Cryptanalysis - ANSWER An attempt to break an encryption algorithm is called _____________.
C - ANSWER The act of intercepting the first message in a public key exchange and substituting a bogus key for the original key is an example of which style of attack? A. Spoofing B. Hijacking C. Man In The Middle D. Social Engineering E. Distributed Denial of Service (DDoS) Cramming - ANSWER If Big Texas telephone company suddenly started billing you for caller ID and call forwarding without your permission, this practice is referred to as __________________. Disable - ANSWER When an employee leaves the company, their network access account should be __________? 90 - ANSWER Passwords should be changed every ________ days at a minimum. 90 days is the recommended minimum, but some resources will tell you that 30-60 days is ideal. C - ANSWER IKE - Internet Key Exchange is often used in conjunction with what security standard? A. SSL B. OPSEC C. IPSEC D. Kerberos E. All of the above A - ANSWER Wiretapping is an example of a passive network attack? A. True B. False A,C,E - ANSWER What are some of the major differences of Qualitative vs. Quantitative methods of performing risk analysis? (Choose all that apply) A. Quantitative analysis uses numeric values B. Qualitative analysis uses numeric values C. Quantitative analysis is more time consuming D. Qualitative analysis is more time consuming E. Quantitative analysis is based on Annualized Loss Expectancy (ALE) formulas F. Qualitative analysis is based on Annualized Loss Expectancy (ALE) formulas
A - ANSWER Which of the concepts best describes Availability in relation to computer resources? A. Users can gain access to any resource upon request (assuming they have proper permissions) B. Users can make authorized changes to data C. Users can be assured that the data content has not been altered D. None of the concepts describes Availability properly E - ANSWER Which form of media is handled at the Physical Layer (Layer 1) of the OSI Reference Model? A. MAC B. L2TP C. SSL D. HTTP E. Ethernet E - ANSWER Instructions or code that executes on an end user's machine from a web browser is known as __________ code. A. Active X B. JavaScript C. Malware D. Windows Scripting E. Mobile B - ANSWER Is the person who is attempting to log on really who they say they are? What form of access control does this questions stem from? A. Authorization B. Authentication C. Kerberos D. Mandatory Access Control A,B,C - ANSWER Information Security policies should be __________________? (Choose all that apply) A. Written down B. ClearlyCommunicated to all system users C. Audited and revised periodically D. None of the choices listed are correct A - ANSWER Which layer of the OSI model handles encryption?
A. Presentation Layer - L B. Application Layer - L C. Session Layer - L D. Data Link Layer - L A - ANSWER EDI (Electronic Data Interchange) differs from e-Commerce in that ___________________. A. EDI involves only computer to computer transactions B. E-Commerce involves only computer to computer transactions C. EDI allows companies to take credit cards directly to consumers via the web D. None of the items listed accurately reflect the differences between EDI and e- Commerce Macro - ANSWER A type of virus that resides in a Word or Excel document is called a ___________ virus? C - ANSWER Vulnerability x Threat = RISK is an example of the _______________. A. Disaster Recovery Equation B. Threat Assessment C. Risk Equation D. Calculation of Annual Loss Expectancy B - ANSWER Only law enforcement personnel are qualified to do computer forensic investigations. A. True B. False A,B,C - ANSWER Countermeasures have three main objectives, what are they? (Choose all that apply) A. Prevent B. Recover C. Detect D. Trace E. Retaliate ISO - ANSWER ___________________ is responsible for creating security policies and for communicating those policies to system users. D - ANSWER An intrusion detection system is an example of what type of countermeasure?
A. Preventative B. Corrective C. Subjective D. Detective E. Postulative A - ANSWER So far, no one has been able to crack the IDEA algorithm with Brute Force. A. True B. False Confidentiality - ANSWER ______________ relates to the concept of protecting data from unauthorized users. B - ANSWER Which auditing practice relates to the controlling of hardware, software, firmware, and documentation to insure it has not been improperly modified? A. System Control B. Configuration Control C. Consequence Assessment D. Certification / Accreditation A - ANSWER MD5 is a ___________ algorithm A. One way hash B. 3DES C. 192 bit D. PKI A,B - ANSWER Which of the following is an example of One-Time Password technology? (Choose all that apply) A. S/Key B. OPIE C. LC D. MD C - ANSWER How often should virus definition downloads and system virus scans be completed? A. Daily B. Monthly C. Weekly D. Yearly
B - ANSWER S/MIME was developed for the protection of what communication mechanism(s)? A. Telephones B. Email C. Wireless devices D. Firewalls B - ANSWER Unclassified, Private, Confidential, Secret, Top Secret, and Internal Use Only are levels of
A. Security Classification B. Data Classification C. Object Classification D. Change Control Classification C - ANSWER Contracting with an insurance company to cover losses due to information security breaches is known as risk __________. A. Avoidance B. Reduction C. Assignment D. Acceptance C - ANSWER ______________ is a Unix security scanning tool developed at Texas A&M university. A. COPS B. SATAN C. TIGER D. AGGIE E. SNIFFER Environmental - ANSWER Security incidents fall into a number of categories such as accidental, deliberate, and ____________. A - ANSWER Decentralized access control allows ______________________. A. File owners to determine access rights B. Help Desk personnel to determine access rights C. IT personnel to determine access rights D. Security Officers to determine access rights
E. Security Officers to delegate authority to other users Data Hiding - ANSWER Intentionally embedding secret data into a picture or some form of media is known as Steganographyor data ___________. F - ANSWER From a security standpoint, the product development life cycle consists of which of the following? A. Code Review B. Certification C. Accreditation D. Functional Design Review E. System Test Review F. All of the items listed B - ANSWER Only key members of the staff need to be educated in disaster recovery procedures. A. True B. False B - ANSWER A virus is considered to be "in the ______ " if it has been reported as replicating and causing harm to computers. A. Zoo B. Wild C. Cage D. Jungle E. Fire A - ANSWER ____________ is used in mission critical systems and applications to lock down information based on sensitivity levels (Confidential, Top Secret, etc.. A. MAC - Mandatory Access Control B. DAC - Discretionary Access Control C. SAC - Strategic Access Control D. LAC - Limited Access Control E - ANSWER ___________________ viruses change the code order of the strain each time they replicate to another machine. A. Malicious
B. Zenomorphic C. Worm D. Super E. Polymorphic D - ANSWER Which major vendor adopted TACACS into its product line as a form of AAA architecture? A. Microsoft B. Dell C. Sun D. Cisco E. All of the above A,B,C - ANSWER Name three types of firewalls __________, _______________, and
(Choose three) A. Packet Filtering B. Application Proxy C. Stateful Inspection D. Microsoft Proxy E. SonicWall F. Raptor Firewall D - ANSWER This free (for personal use) program is used to encrypt and decrypt emails. A. SHA- 1 B. MD C. DES D. PGP E. 3DES F. None of the above B - ANSWER __________ attacks capitalize on programming errors and can allow the originator to gain additional privileges on a machine. A. SYN Flood B. Buffer Overflow C. Denial of Service D. Coordinated E. Distributed Denial of Service
C D - ANSWER A good password policy uses which of the following guidelines? (Choose all that apply) A. Passwords should contain some form of your name oruserid B. Passwords should always use words that can be found in a dictionary C. Passwords should be audited on a regular basis D. Passwords should never be shared or written down B - ANSWER What is the main goal of a risk management program? A. To develop a disaster recovery plan B. To help managers find the correct cost balance between risks and countermeasures C. To evaluate appropriate risk mitigation scenarios D. To calculate ALE formulas E. None of the above B - ANSWER The __________ is the most dangerous part of a virus program. A. Code B. Payload C. Strain D. Trojan E. None of the above B - ANSWER A one way hash converts a string of random length into a _______________ encrypted string. A. 192 bit B. fixed length C. random length D. 56 bit E. SHA F. MD5 C - ANSWER Although it is considered a low tech attack ____________ is still a very effective way of gaining unauthorized access to network systems. A. Sniffing B. Eavesdropping C. Social Engineering D. Shoulder Surfing E. None of the items are correct B - ANSWER Diffie Hellman, RSA, and ___________ are all examples of Public Key cryptography?
A. SSL - Secure Sockets Layer B. DSS - Digital Signature Standard C. Blowfish D. AES - Advanced Encryption Standard B - ANSWER ___________, generally considered "need to know" access is given based on permissions granted to the user. A. MAC - Mandatory Access Control B. DAC - Discretionary Access Control C. SAC - Strategic Access Control D. LAC - Limited Access Control B C D - ANSWER What are the main goals of an information security program? (Choose all that apply) A. Complete Security B. Confidentiality C. Availability D. Integrity of data E. Ease of Use B - ANSWER The ability to adjust access control to the exact amount of permission necessary is called ______________. A. Detection B. Granularity C. Separation of Duties D. Concept of Least Privilege C - ANSWER Which one of these formulas is used in Quantitative risk analysis? A. SLO - Single Loss Occurrence B. ARE - Annual Rate of Exposure C. SLE - Single Loss Expectancy D. ALO - Annual Loss Occurrence Answer: C A - ANSWER Integrity = ______________ A. Data being delivered from the source to the intended receiver without being altered B. Protection of data from unauthorized users C. Data being kept correct and current
D. Ability to access data when requested E. All answers are correct A - ANSWER A true network security audit does include an audit for modems? A. True B. False A B - ANSWER What is the main difference between a logic bomb and a stealth virus? (Choose all that apply) A. Stealth viruses supply AV engines with false information to avoid detection B. Stealth viruses live in memory while logic bombs are written to disk C. Stealth viruses "wake up" at a pre-specified time in the code, then execute payload D. Logic Bombs supply AV engines with false information to avoid detection D - ANSWER What is the minimum recommended length of a security policy? A. 200 pages B. 5 pages C. 1 page D. There is no minimum length - the policy length should support the business needs B - ANSWER There are ______ available service ports A. 65535 B. 65536 C. 1024 D. 1- 1024 E. Unlimited B - ANSWER Each of the following is a valid step in handling incidents except
A. Contain B. Prosecute C. Recover D. Review E. Identify F. Prepare Certificate - ANSWER A ______________ is an electronically generated record that ties a user's ID to their public key. C - ANSWER Which of the following is NOT and encryption algorithm?
B - ANSWER Which range defines "well known ports?" A. 0- 1024 B. 0- 1023 C. 1- 1024 D. 1024- 49151 B - ANSWER What does RADIUS stand for? A. Remote Access Dialup User Systems B. Remote Access Dial-in User Service C. Revoke Access Deny User Service D. Roaming Access Dial-in User System A - ANSWER In the past, many companies had been hesitant to report computer crimes. A. True B. False C - ANSWER If you the text listed below at the beginning or end of an email message, what would it be anindication of? mQGiBDfJY1ERBADd1lBX8WlbSHj2uDt6YbMVl4Da3O1yG0exQnEwU3sKQARzspNB zB2BF+ngFiy1+RSfDjfbpwz6vLHo6zQZkT2vKOfDu1e4/LqiuOLpd/6rOrmH/Mvk A. A virus B. A worm C. A PGP Signed message D. A software error A - ANSWER Although they are accused of being one in the same, hackers and crackers are two distinctly different groups with different goals pertaining to computers. A. True B. False A C D - ANSWER Select three ways to deal with risk.
A. Acceptance B. Avoid / Eliminate C. Transfer D. Mitigate E. Deny C - ANSWER Digital Certificates use which protocol? A. X.400 B. X.500 C. X.509 D. X.511 E. X.525 F. None of the above B - ANSWER A. L2TP B. LDAP C. L2F D. PPTP encrypting, depcrypting - ANSWER Public keys are used for ___________ messages and private keys are used for __________ messages. B - ANSWER In a Public Key Infrastructure (PKI), what is the role of a directory server? A. To issue certificates to users B. To make user certificates available to others C. Authorizes CA servers to issue certificates to users D. Is the root authority for thePKI D - ANSWER RSA has all of the following characteristics except? A. Can produce a digital signature B. Relies on large prime number factoring C. Uses third party key distribution centers D. Is based on a symmetric algorithm C - ANSWER What distinguishes a hacker / cracker from a phreak? A. Hackers and crackers specifically target telephone networks B. Phreaks specifically target data networks C. Phreaks specifically target telephone networks D. Phreaks cause harm, hackers and crackers do not