






Study with the several resources on Docsity
Earn points by helping other students or get them with a premium plan
Prepare for your exams
Study with the several resources on Docsity
Earn points to download
Earn points by helping other students or get them with a premium plan
Various security measures and best practices for ensuring the security of an organization's systems and data. It covers topics such as authentication methods, access control mechanisms, security monitoring and visualization, network security, cloud security, and incident response. Detailed explanations and recommendations for implementing effective security controls to protect against common threats and vulnerabilities. It is likely intended for it professionals, security analysts, and decision-makers responsible for designing and implementing an organization's security strategy. The information presented could be useful for university students studying cybersecurity, information security, or related fields, as it covers a broad range of security concepts and techniques that are commonly encountered in the industry.
Typology: Exams
1 / 10
This page cannot be seen from the preview
Don't miss anything!







How does IPSec verify that data arrived at the destination without intentional or accidental corruption? - ANS By using a randomized hashing operation How is quantitative risk analysis performed? - ANS Using calculations Your company adopts a new end-user security awareness program. This training includes malware introduction, social media issues, password guidelines, data exposure, and lost devices. How often should end users receive this training? - ANS upon new hire and once a year thereafter Your organization experienced an impersonation attack recently that compromised the network administrator's user account. In response, new security measures are being implemented throughout the organization. You have been assigned the task of improving authentication. You want a new authentication system that ensures the following: Eavesdropped passwords cannot be used by an attacker. Passwords are only able to be used once. Password predication must be prevented. Passwords are only valid for a short period of time. How can you accomplish these goals? - ANS Implement a synchronized, one-time password token-based authentication system. How can a user be assured that a file downloaded from a vendor's Web site is free from malicious code? - ANS Check the file's signature and hash calculation. Why do many security monitoring systems produce a visualization of the collected results? - ANS It represents complex or bulky data in an easy to understand format. What is the name of a cryptographic attack based on a database of pre-computed hash values and the original plaintext values? - ANS Rainbow table attack In addition to having at least one year of relevant experience in a domain of SSCP, what is another requirement to be qualified to take the SSCP exam? - ANS Agreeing to abide by the (ISC)2 Code Of Ethics What is the definition of the principle of least privilege? - ANS Users are assigned minimal privileges sufficient to accomplish job responsibilities. A common attack against converged network communications is eavesdropping. How can this attack be prevented? - ANS Use a VPN.
What is the term used to describe an entry in a database describing a violation or exploit which is used to match real-time events in order to detect and record attacks by the continuous monitoring solution? - ANS Signature What would the most successful means of attacking an environment relying upon guest OSes that would result in the destruction or loss of use of the guest OSes be? - ANS Compromise the host OS. What is the technology that enables a user to authenticate to a company network from their assigned workstation and then be able to interact with resources throughout the private network without needing to enter additional credentials? - ANS Single sign-on What is a means to ensure that endpoint devices can interact with the Internet while minimizing risk of system compromise? - ANS Use a virtualized OS. When designing end-user training to teach employees about using cryptography within business tasks, which of the following is an important element to include? - ANS The consequences of failing to encrypt Which of the following is not considered an example of a non-discretionary access control system? - ANS ACL John works in an organization. He is trying to insert a password to log in his account on the organization's login website. Which of the following best describes the use of passwords for access control? - ANS Authentication What virtual environment tool allows for testing and experimentation within a guest OS while providing a means to roll-back to a previous stable state in just seconds? - ANS Snapshots What is the cost benefit equation? - ANS [ALE1 - ALE2] - CCM When network access control (NAC) determines that a system lacks specific configuration settings or is missing a required update, what should occur? - ANS Quarantine What is a common means to discover a violating event? - ANS Intrusion detection system (IDS) When performing system hardening, what are the two primary phases or operations to be performed? - ANS Remove what is unnecessary, and lock down whatever remains. Performing essential business processes in a cloud solution is an attractive concept for many organizations. What needs to be crafted and reviewed carefully to ensure that a cloud service provides the necessarily level of service and security demanded by your organization and which is legally enforceable? - ANS SLA
You are working hard to complete a major project before the deadline, which is next Monday. Three days before the deadline, you discover that the final task of the project requires a specific software product which you do not have. After searching for a version to purchase either from a local store or over the Internet, you discover that there are no copies of the software available for immediate access and use. The only version you can locate for purchase is through an overseas retailer. However, even with expedited shipping, it will not arrive until next Wednesday. During your search, you notice that there is a pirated copy available for download available immediately. How should you handle this situation according to (ISC) guidance? - ANS Purchase the legitimate product, and ask for a deadline extension. Which security service or benefit is NOT provided by a digital signature? - ANS Confidentiality How can multiple distinct physical network topologies be combined into a single network structure? - ANS Deploy a tree topology. Which type of network segment is created by a switch, but requires a routing function to be present to interact between network segments? - ANS VLAN Which action should be avoided when collecting evidence of a cybercrime? - ANS Rebooting the suspect's computer Which of the following is NOT a means to implement a Denial of Service (DoS) attack? - ANS Send dozens of email solicitation messages to an organization. Why are the audit findings presented to senior management? - ANS Only with approval can a response plan be implemented. What is the name of the process used to replace an old asymmetric key pair set with a new key pair set? - ANS Key rotation Which procedure is NOT a valid mechanism for performing account proofing when users are attempting to log into their account? - ANS Have the user type in the username and password a second time. Which type of cloud deployment involves several businesses working together to create a cloud system which they can each use? - ANS Community How does salting passwords reduce the likelihood that a password cracking attack will be successful? - ANS It increases the work load required to become successful.
How can account provisioning be configured so that the assignment of rights and privileges is nearly automatic once the account is created? - ANS Use an RBAC mechanism where a new user's role is set by an HR admin. If an organization is able to process credit card transactions because they have entered into an arrangement to comply with the Payment Card Industry Data Security Standard (PCI-DSS), how is this arrangement integrated into the organization's incident handling scheme? - ANS Contractual obligations are included in the Standards policy. Which of the following is the best example of a threat agent? - ANS A disgruntled employee Remote control malware was found on a client device, and an unknown attacker was manipulating the network from afar. The attack resulted in the network switches reverting to flooding mode, thereby enabling the attacker to eavesdrop on a significant portion of network communications. After reviewing IDS and traffic logs, you determine that this was accomplished by an attack utility which generated a constant Ethernet frames with random source MAC addresses. What can be done to prevent this attack from occurring in the future? - ANS Use MAC limiting on the switch ports. An IT security manager is struggling to keep the organization's computers in working order. He is testing updates and configuring them to be installed onto systems and making tweaks to the configuration settings to various systems as business tasks require. However, he often discovers systems which do not have the necessary updates or which are using out-of-date settings. This may be caused by systems being disconnected from the company network when taken into the field or when used for special offline projects. What technology should the IT security manager implement to help handle this complex issue? - ANS NAC How is accountability typically enforced? - ANS Through AAA services Why is a security impact assessment performed as part of a change management process? - ANS To determine the likelihood of downtime or security reduction caused by a potential change When is it appropriate to contact law enforcement when an organization experiences a security breach? - ANS If a violation is more severe than just breaking company policy rules When using a cloud solution as a component of a backup strategy, what is the most important concern? - ANS Encryption of transfer and storage How is role-based access control implemented? - ANS By assigning a job name label to subjects
Which item within an organization makes the determination as to which attributes of a subject or object determine whether access is granted or denied? - ANS Authorization policy What is the condition of an IDS security assessment reporting that an event of concern has taken place, but when later analyzed it is determined that the event was benign and should not have caused an IDS alert? - ANS False positive You are starting a new website. You want to quickly allow users to begin using your site without having the hassle of creating a new user account. You set up a one-way trust federated access link from your website to the three major social networks. Why should you use a one-way trust in this configuration rather than a two-way trust in this scenario? - ANS A one-way trust allows your website to trust the user accounts of the social networks without requiring the social networks to trust your website. How does a Trojan horse get past security mechanisms to harm a victim? - ANS By seeming to be a benign item How can a vulnerability be reduced or eliminated? - ANS By improving the asset Which of the following is a symmetric algorithm? - ANS AES Which of the following actions will have the LEAST benefit in relation to securing a wireless network? - ANS Disabling DHCP What is the term used to describe the risk management strategy of an organization altering a business task to work around a specific event or activity in order to prevent compromise? - ANS Avoidance What is the primary benefit of a security camera for physical security? - ANS Detective What is the logical network topology of Ethernet when deployed in a physical star wiring layout? - ANS Bus According to the TCP/IP model, at which layer does the establishment and management of a communication link between end-points take place? - ANS Host-to- host WAN optimization is the collection of technologies used to maximize efficiency of network communications across long distance links. WAN optimization can include data deduplication, compression, and what other technology? - ANS Traffic shaping How can files be easily exchanged between systems whether local or remote, when various operating systems are involved, and when all systems support the TCP/IP protocol stack? - ANS FTP
What is the term used to refer to an activity, occurrence, or event which could cause damage or harm to an organization? - ANS Incident Which of the following clearance levels or classification labels is not generally used in a government- or military-based MAC scheme? - ANS Proprietary What is a security procedure? - ANS Detailed steps for performing specific tasks Your organization is using Kerberos for private network authentication. How does Kerberos demonstrate to a resource host that the identity of a user is valid? - ANS An ST is issued to the user, which is then sent to the resource host. What is the purpose of sharing threat intelligence? - ANS Equip other organizations to handle a looming security concern. When is a search warrant required? - ANS When evidence is located within a private location How is a digital certificate created? - ANS A subject's public key is signed by a CA's private key. What is the bit-length, hash-digest output of the SHA-1 hashing algorithm? - ANS 160 How does a change management system ensure that updates to software do not cause unexpected downtime or reduction of security? - ANS By testing patches thoroughly before deployment What is the primary concern for any situation involving the triggering of a disaster recovery plan (DRP)? - ANS Preservation of human life Which malicious activity countermeasure is most effective at removing vulnerable elements from an organization's IT infrastructure? - ANS Patch management Which of the following types of activities is NOT commonly performed in preparation for a security assessment? - ANS Apply patches. When should security be implemented or included in the asset life cycle? - ANS As early as possible What is the purpose or benefit of an after-action report in an incident response strategy?
How can operational controls be used to improve security compliance? - ANS Set procedures for work tasks and provide training. What is the term used to refer to anything that can potentially cause harm to an asset? - ANS Threat Why should the risks of an organization be reported as defined by enterprise risk management (ERM)? - ANS It helps with internal transparency, risk assessment, risk response, and risk monitoring. What is the term used to describe the event of a certificate authority canceling an issued digital certificate? - ANS Revocation What are the four primary components of a public key infrastructure implementation? - ANS Symmetric encryption, asymmetric encryption, hashing, and digital certificates In what phase of incident response are new countermeasures implemented? - ANS Recovery What component of IPSec provides for the support of multiple simultaneous VPNs? - ANS ISAKMP Why is a continuous monitoring scheme implemented in a typical organization? - ANS To take notice of events of interest How are the access control schemes of MAC and RBAC distinguished from DAC? - ANS They are not based on user decisions. How should countermeasures be implemented as part of the recovery phase of incident response? - ANS As determined by the violation that occurred What is the company security policy that allows workers to use their own personal equipment to interact with company resources? - ANS BYOD What is the purpose of a Security Information and Event Management (SIEM) product?