Help
Options
Didn't know it?
click below
click below
Knew it?
click below
click below
Don't Know
Remaining cards (0)
Know
retry
shuffle
restart
0:00
Embed Code - If you would like this activity on your web page, copy the script below and paste it into your web page.
Normal Size Small Size show me how
Normal Size Small Size show me how
Risk_MGMT
Security and Risk Management Midterm
| Question | Answer |
|---|---|
| A ________ is a small program that, after installed, downloads a larger attack program. | Downloader |
| A botmaster can remotely ________. | Both A and B |
| A(n) ________ attack attempts to make a server or network unavailable to serve legitimate users by flooding it with attack packets. | DoS |
| A(n) ________ attack requires a victim host to prepare for many connections, using up resources until the computer can no longer serve legitimate users. | SYN Flooding |
| Another name for safeguard is ________. | countermeasure |
| Following someone through a secure door for access without using an authorized ID card or pass code is called ________. | piggybacking |
| ICMP Echo messages are often used in ________. | IP address scanning |
| If TJX had met the PCI-DSS control objectives, it would have ________ avoided the data breach. | probably |
| If a company wishes to prosecute people or companies that steal its trade secrets, it must take ________ precautions to protect those trade secrets. | reasonable |
| In ________, the perpetrator tries to obtain money or other goods by threatening to take actions that would be against the victim's interest. | extortion |
| In a virus, the code that does damage is called the ________. | payload |
| Mobile code usually is delivered through ________. | webpages |
| Most traditional external attackers were heavily motivated by ________. | the thrill of breaking in |
| Penalties for hacking are ________. | irrelevant of the amount stolen |
| Sending packets with false IP source addresses is called ________. | IP address spoofing |
| Some ________ can jump directly between computers without human intervention. | worms |
| Stealing credit card numbers is also known as ________. | carding |
| Terrorists can use IT to ________. | Both A and B |
| The TJX data breach was due to ________. | multiple security weaknesses |
| The dominant type of attacker today is the ________. | career criminal |
| The fastest propagation occurs with some types of ________. | worms |
| The three common core goals of security are ________. | confidentiality, integrity, and availability |
| To obtain IP addresses through reconnaissance, an attacker can use ________. | a chain of attack computers |
| Watching someone type their password in order to learn the password is called ________. | shoulder surfing |
| When a threat succeeds in causing harm to a business, this is a(n) ________. | breach |
| When a threat succeeds in causing harm to a business, this is called a ________. | All of the above |
| Which of the following CIA security goals did TJX fail to meet? | confidentiality |
| Which of the following are examples of social engineering? | All of the above |
| Which of the following are types of countermeasures? | All of the above |
| Which of the following are ways that trade secret espionage occur? | All of the above |
| Which type of program can hide itself from normal inspection and detection? | rootkit |
| You receive an e-mail that seems to come from your bank. Clicking on a link in the message takes you to a website that seems to be your bank's website. However, the website is fake. This is called a ________ attack. (Pick the most precise answer) | phishing |
| ________ are programs that attach themselves to legitimate programs. | Viruses |
| ________ attacks take advantage of flawed human judgment by convincing the victim to take actions that are counter to security policies. (Choose the best answer) | Social engineering |
| ________ consists of activities that violate a company's IT use policies or ethics policies. | Abuse |
| ________ is a form of online fraud when bogus clicks are performed to charge the advertiser without creating potential new customers. | Click fraud |
| ________ is a generic term for "evil software." | Malware |
| ________ may engage in commercial espionage against a firm. | Both A and B |
| ________ threaten to do at least temporary harm to the victim company's IT infrastructure unless the victim pays the attacker. | Extortionists |
| A ________ occur(s) when a single security element failure defeats the overall security of a system. | weakest link failure |
| A governance framework specifies how to do ________. | All of the above. |
| A technical security architecture should be created ________. | before a firm creates individual countermeasures |
| Before doing a vulnerability test, a security employee must ensure that ________. | he or she has a specific contract to do a specific test |
| COSO focuses on ________. | corporate internal and financial controls |
| CobiT focuses on ________. | controlling the entire IT function |
| Conducting stings on employees ________. | Both A and B |
| In manual procedures, the segregation of duties ________. | reduces risk |
| It is acceptable for an employee to reveal ________. | None of the above. |
| Once a company's resources are enumerated, the next step is to ________. | classify them according to sensitivity |
| Placing security within IT ________. | is likely to give security stronger backing from the IT department |
| Policies drive ________. | Both A and B |
| Policies should be written by ________. | corporate teams involving people from multiple departments |
| SLE times APO gives the ________. | expected annual loss |
| The FTC can ________. | Both A and B |
| The first step in developing an IT security plan is to ________. | assess the current state of the company's security |
| The key to security being an enabler is ________. | getting it involved early within the project |
| The worst problem with classic risk analysis is that ________. | we cannot estimate the annualized rate of occurrence |
| This book focuses on ________. | defense |
| When risk analysis deals with costs and benefits that vary by year, the computations should use ________. | Either A or B |
| When someone requests to take an action that is potentially dangerous, what protection should be put into place? | Limit the number of people that may request an approval. |
| Which companies do PCI-DSS affect? | companies that accept credit card payments |
| Which of the following gives the best estimate of the complete cost of a compromise? | TCI |
| Which of the following is a formal process? | Both A and B |
| Which of the following is a way of responding to risk with active countermeasures? | risk reduction |
| Which of the following is an example of a conflict of interest? | All of the above |
| Which of the following specifies how to do certification by external parties? | ISO/IEC 27000 |
| ________ are prescriptive statements about what companies should do and are put together by trade associations and government agencies. | Recommended practices |
| ________ entails investigating the IT security of external companies and the implications of close IT partnerships before implementing interconnectivity. | Due diligence |
| ________ examines IT processes for efficiency, effectiveness, and adequate controls. | IT auditing |
| ________ examines financial processes for efficiency, effectiveness, and adequate controls. | Financial auditing |
| ________ is preferred by U.S. auditors. | CobiT |
| ________ is the plan-based creation and operation of countermeasures. | Protection |
| ________ means implementing no countermeasures and absorbing any damages that occur. | Risk acceptance |
| ________ means responding to risk by not taking a risky action. | Risk avoidance |
| ________ means responding to risk by taking out insurance. | Risk transference |
| ________ requires multiple countermeasures to be defeated for an attack to succeed. | Defense in depth |
| ________ specifically addresses data protection requirements at financial institutions. | GLBA |
| ________ specifically addresses data protection requirements at health care institutions. | HIPAA |
| ________ specify the low-level detailed actions that must be taken by specific employees. | Procedures |
| A DES key is ________ bits long. | 56 |
| A ________ is a cryptographic system that provides secure communication over an untrusted network. | virtual private network |
| Companies transmit over the Internet because the Internet ________. | is inexpensive |
| Digital signatures are used for ________ authentication. | message-by-message |
| Electronic signatures usually provide ________. | Both A and B |
| HMACs provide the cryptographic protection of ________. | authentication |
| Hashing is ________. | repeatable |
| In MS-CHAP, the ________ creates the response message. | supplicant |
| In SSL/TLS, a ________ is a specific set of security methods and options. | cipher suite |
| In SSL/TLS, a specific set of protocols that a particular cryptographic system will use to provide protection is called a ________. | cipher suite |
| In checking the digital signature, the verifier ________. | hashes the plaintext message with the same algorithm used by the sender to get the message digest |
| In codes, code symbols may represent ________. | All of the above |
| In mutual authentication between two parties, ________. | there are two verifiers and two supplicants |
| In order to be considered strong today, a symmetric encryption key must be at least ________ bits long. | 100 |
| In public key encryption for authentication, the supplicant must prove that it knows ________, which nobody else should be able to know. | the true party's private key |
| Nonces can be used in ________. | client/server applications |
| SSL/TLS is used for ________ VPNs. | Both A and B |
| SSL/TLS was developed for ________ VPNs. | host-to-host |
| Someone who breaks encryption is called a ________. | cryptanalyst |
| Someone who pretends to be someone else is ________. | an impostor |
| The best way to thwart exhaustive searches by cryptanalysts is ________. | to make the key very long |
| To check a certificate's revocation status, the verifier can ________. | send an OCSP message to the CA |
| To ensure that a digital certificate is valid, the receiver of the certificate must check ________. | Both A and B |
| To meet national export limitation in many countries, RC4 often uses a key length of ________ bits. | 40 |
| What protection do cryptographic systems provide on a message-by-message basis? | All of the above |
| What usually is the longest stage in a cryptographic system dialogue? | ongoing communication |
| When Joshua sends a message to Larry, Joshua will use ________ to encrypt the message. | Larry's public key |
| When you make a purchase over the Internet, your sensitive traffic is almost always protected by ________ VPN transmission. | SSL/TLS |
| Which encryption method does MS-CHAP use? | Neither A nor B |
| Which of the following can be used as a keying method? | public key encryption for confidentiality |
| Which of the following fields are contained on a digital certificate? | All of the above |
| Which of the following is one of the key lengths offered by AES? | 192 bits |
| Which of the following measures do HMACs use? | hashing |
| Which of the following statements accurately describes RC4? | RC4 is extremely fast |
| Which of the following statements accurately describes RC4? | RC4 can use a broad range of key lengths |
| Which types of VPNs use VPN gateways? | remote access VPNs |
| ________ are proofs of identity. | Credentials |
| ________ is the use of mathematical operations to protect messages travelling between parties or stored on a computer. | Cryptography |
| ________ offers transparent protection. | IPsec |
| ________ thwart replay attacks by ensuring "freshness" using cutoff values. | Time stamps |
| A ________ attack is when a victim is flooded with ICMP packets that appear to be normal supervisory traffic. | Ping flood |
| A network administrator notices extensive damage to wireless packets. This might indicate a ________ attack. | DoS flood attack |
| An EAP response message may contain ________. | a negative acknowledgement |
| An attacker controlling bots in a coordinated attack against a victim is known as a ________. | DDoS attack |
| Eavesdropping usually is more of a concern for ________ LANs than for ________ LANs. | wireless, wired |
| In a man-in-the-middle attack, ________. | Both A and B |
| In regards to network security, ________ is the policy-driven control of access to systems, data, and dialogues. | access control |
| Most central authentication servers are governed by the ________ standard. | RADIUS |
| Rerouting traffic using ARP poisoning is an attack on ________ of a network. | Both A and B |
| The authenticator is the ________. | workgroup switch |
| The most common attack against a wireless network is a(n) ________. | unauthorized network access |
| The original 802.11 core security protocol, ________, was deeply flawed. | WEP |
| The ultimate goal of a DoS attack is to ________. | cause harm |
| WEP stands for ________. | wired equivalent privacy |
| WEP typically takes ________ to crack today. | minutes |
| When a new EAP authentication is added, software has to be changed on the ________. | central authentication server |
| Which of the following measures offers strong security? | None of the above |
| ________ are an additional layer of compromised hosts that are used to manage large groups of bots. | Handlers |
| ________ are compromised hosts running malware controlled by the hacker. | Bots |
| ________ is a good option if an attack is aimed at a single server because it keeps transmission lines at least partially open for other communication. | Rate limiting |
| ________ is one method of thwarting DoS attacks by dropping all IP packets from an attacker. | Black holing |
| ________ is the process of obscuring an attackers source IP address. | Spoofing |
| ________ is used by ________ for authentication. | EAP, RADUS |
| ________ is/are effective method(s) to preventing ARP poisoning attacks. | Both A and B |
| ________ security uses 128-bit AES encryption for confidentiality and AES-CCMP for automatic rekeying. | 802.11i |
| A security assertion may contain ________. | Both A and B |
| A(n) ________ is a statement from Firm A that Firm B should accept as true if Firm B trusts Firm A. | assertion |
| Directory servers from different vendors are synchronized through ________. | None of the above |
| Hand geometry recognition is used heavily for ________. | door access |
| If Directory Server A trusts Directory Server Band Directory Server B trusts Directory Server A, this is ________ trust. | mutual |
| If a laptop needs to be taken off premises, ________. | All of the above |
| In Kerberos, the ________ is an encrypted session key that only the verifier can decrypt. | service ticket |
| In directory servers, information is organized ________. | hierarchically |
| In the context of PKI, ________ is the process of accepting public keys and providing new digital certificates to the users. | provisioning |
| LDAP can be used ________. | Both A and B |
| Long passwords that use several types of keyboard characters are called ________ passwords. | complex |
| The book recommends that passwords be at least ________ characters long. | 8 |
| The most widely used form of biometrics is ________. | fingerprint scanning |
| The principle of ________ states that each person should only get the permissions that he or she absolutely needs to do his or her job. | least permissions |
| The strongest form of authentication is ________. | cryptographic authentication |
| Two-factor authentication can be defeated if ________. | Both A and B |
| When an attacker deliberately attempts to fool the system, this is called ________. | deception |
| Which of the following is one of the four bases for authentication credentials? | Both A and B |
| Which of the following is not one of the AAA controls? | accuracy |
| Which of the following is not one of the devices in RADIUS central authentication? | the verifier |
| Which of the following statements accurately describes fingerprint recognition? | fingerprint recognition is easily deceived |
| Which of the following statements is true about log files? | All of the above |
| ________ is the process of assessing the identity of each individual claiming to have permission to use a resource. | Authentication |
| ________ is the process of collecting information about the activities of each individual in log files for immediate and later analysis. | Auditing |
| ________ often get their authentication information from ________. | Central authentication servers, directory servers |
Created by:
ITSec_guy
Popular Computers sets