Chapter 5 - Protection of information assets Flashcards Preview

CISA > Chapter 5 - Protection of information assets > Flashcards

Flashcards in Chapter 5 - Protection of information assets Deck (23)
Loading flashcards...

What is PBX (Private Branch Exchange)?

Private Branch Exchange is a sophisticated computer based switch that can be thought of as essentially a small, in house phone company for the organisation that operates it.


What are the risks associated with PBX?

Theft of service
disclosure of information(Eavesdropping)
Data modification
Unauthorised access
Traffic Ananlysis


what is an EER (Equal Error Rate)?

EER is used to determine the performance of a biometric control device. It is the overall measurements of the false acceptance rate and false rejection rate.

The lower the EER, the more effective the biometric measurement is.


what is the objective of Data lead prevention?

DLP is designed to locate,monitor, and protect sensitive information fro the risks of unauthosied disclosure.

The objectives of DLP are:
1. Locate and catalog sensitive information stored throughout the enterprise
2. Monitor and control the movement of sensitive information across the enterprise nentworks and on end-user systems


What is a signnature-based IDS is most useful for?

To protect against known signature intrution patterns (privided by the vendor).IDS needs to be placed behind the firewall so it can monitor intriders that breach the firewall.


What is the benefit of using callback devices?

A callback feature provide an audit trail.It hooks into the access control software and logs all authorised and unauthorised access attempts, permitting the follow-up and further review of potential breaches.

Call forwarding is a means to bypass callback control


What is Secure Socket Layer (SSL)?

SSL is a standard security technology for establishing an encrypted Lin between a server and a client - typically a web server (website) and a browser, or a mail server and a mail client (e.g. Outlook).

A protocol that is used to transmit private documents thorough the Internet. The SSL protocol uses a private key to encrypt the data that is to be transferred through the SSL connection.

SSL uses a symmetric key for message encryption


The shortening of URL can increase which type of attack?



What is the advantage of the Elliptical curve cryptography?

Limited bandwidth resources suitable for encrypting mobile devices

Much higher speed of encryption with shorter keys compare to the RSA encryption


What is the best way to ensure the complete encryption and authentication protocols exist for protecting information while transmitted?

Tunnel mode with IP security using the nested services of authentication header (AH) and encapsulating security payload (ESP). This is known as IPSecurity (IPSec).


What is Kerberos?

Kerberos is a network authentication protocol for client-server application that can be used to restrict access to the database to authorised users


What could cause eavesdropping of VoIP traffic?

Corruption of the Address Resolution Protocol (ARP) cache in Ethernet switches.

On an Ethernet switch there is a data table known as the ARP cache, which stores mappings between Media Access Controls (MAC) and IP addresses. During normal operations, Ethernet switches only allow directed traffic to flow between the ports involved in the conversation and no other ports can see that traffic However, if the ARP cache is intentionally corrupted with an ARP poisoning attack, some Ethernet switches simply "flood" the directed traffic to all ports of the switch which could allow an attacker to monitor traffic not normally visible to the port where the attacker was connected, and thereby eavesdrop on VoIP Protocol traffic


What is common gateway interface?

CGI scripts are an executable, machines-independent software program run on the server that can be called and executed y a web server.

A bug in the scripts may allow a user to get authorised access to the server and, from there, eventually to the organisation's network


What is the role of a directory server in PKI?

Makes other users' certificates available to application


What is chain of custody policy?

Chain of custody involves documentation of how digital evidence is acquired, processed, handled, stored and protected, and who handled the evidences and why. If there is no policy in place, it is unlikely that employees will ensure that the chain of custody is maintained during any data breach investigation


What is the differences between MAC (mandatory Access Control) and DAC (discretionary access control)

Mandatory Access control cannot be controlled or modified by normal users.

Discretionary Access Control allow controls to be configured or modified by the users or data owners


What is Check Digit?

A check digit is a form of redundancy check used for error detection on identification numbers, such as bank account numbers, which are used in an application where they will at least sometimes be input manually. It is analogous to a binary parity bit used to check for errors in computer-generated data.


What is a hash value?

A hash value is a numeric value of a fixed length that uniquely identifies data. Hash values represent large amounts of data as much smaller numeric values, so they are used with digital signatures. You can sign a hash value more efficiently than signing the larger value.

It is the best way to ensure that the data in a file have not been changed during transmission. Therefore it is the best way to ensure authentication and integrity.

Hashing is irreversible. It works one way.


What is a Platform as a service?

PaaS is a category of cloud computing services that provides a platform allowing customers to develop, run and manage applications without the complexity of building and maintaining the infrastructure typically associated with developing and launching an app.


What is the functionality of VPN?

Hide information from sniffers on the net. It works based on encapsulation and encryption of sensitive traffic


What is Session boarder controller (SBC)?

SBC provides security features for VoIP traffic similar to that provided by firewalls.SBCs can be configured to filter specific VoIP protocols, monitor for denial-of-service attacks, and provide network address and protocol translation features.


What is a Telnet?

It is a network protocol that allows a user on one computer to log into another computer that is part of the same network.

The use of a point-to-point leased line is the best way to ensure proper security controls.


What is the main feature of Mobile Communication (GSM) technology?

The inherent security features of global systems for mobile communications (GSM) technology combines with the use of a virtual private network (VPN) are appropriate. The confidentiality of the communication on the GSM radio link is ensured by the use of encryption and the use of a VPN signified that an encrypted session is established between the laptop and the corporate network.

GSM is a global standard for cellular telecom that can be used for both voice and data. Currently deployed commercial GSM technology has multiple overlapping security features which prevent eavesdropping, session hijacking or unauthorised use of the GSM carrier network. While other wireless technologies such as 802.11b wireless LAN technologies have been designed to allow the user to adjust or even disable security settings, GSM does not allow any devices to connect to the system unless all relevant security features are active and enabled.