CISA Refresher 2 Flashcards Preview

CISA Stuff > CISA Refresher 2 > Flashcards

Flashcards in CISA Refresher 2 Deck (42):
1

A validity chekc would be the most useful for the verification of passwords because it would verify that the required format has been used

TRUE

2

a certificate always includes

public key, expiration date and owner's information

3

SSL provides end point authentication and communication privacy over internet using cryptography

TRUE

4

HTTPS uses prublic key certificates to verify the iddentity of end points

TRUE

5

SSL uses a hyprid of hesed, private and public key cryptographic processes to secure transactions over the inernet through a PKI

TRUE

6

The SSL handshake protocol is based on the application layer but provides for the security of the communication sessions too

TRUE

7

IP network layer packet security protocol establishes VPN via transport and tunnel mode encryption methods

TRUE

8

In establishing IPSec sessions in either mode

security associations are established

9

SA ( Security assosications)

define which security parameters should be applied between the communicating parties as encryption algorithms, Key , initialization vectors, life span of key etc

10

SSH is useful in securing telnet and FTP services, and it implemented as the application layer, as opposed to operating at network layer

TRUE

11

Secure multipurpose internet Mail Extensions (S/MIME)

A standard secure e-mail protocol that authenticates the identity of the sender and receiver

12

Secure electronic Transaction (SET)

is a protocol developed jointly by VISA and master card to secure payment transactions among all parties involved in credit card transactions on behalf of cardholders and merchants

13

SET is an application oriented protocal

TRUE

14

Worm

Variant of a virus frequently encountered, which unlike a virus, does not physically attach itself to another program. To propogate itself to host system. A work typically exploits security weaknesses in the operating systems configurations

15

Following are hardware tactics that can reduce the risk of infection

Use boot virus protection ( built in firmware based virus protections ), Use remote booting ( eg diskless workstations), Use hardware based password, Use write protected tabs on disc, Ensure that insecure protocols are blocked by firewall from external segment and internet

16

Antivirus softwars

are both preventive and detective tool

17

Scanners

Looks for sequence of bits called signatures that are typical of virus program

18

Two type scanners

Virus masked or signature based, Heuristic scanners

19

Heuristic scanners tend to generate a high level of false positive errors

TRUE

20

Heuristic scanners

analyse the code and decides on the basis of stastical probability whether it could contain malicous code

21

Active monitor

Interpret DOS andread onlymemory BIOS calls looking for virus like actions

22

Active monitors can be problematic because

they cannot distinguish between a user request and a program or virus request

23

Cyclic redundancy check

Compute a binary number on a known virus free program that is then stored in a database file. The number is called CRC

24

CRC check can be done only after infection is occured

TRUE

25

CRC check is infective againste new files that are virus infected and that are not recorded in the database

TRUE

26

Behaviour blockers

can ptentially detect a virus at a early stage

27

behaviour blocker

detects potentially abnormal behaviour such as writing to the boot sector or the master boot record, or making changes to the executable files

28

Immunizers

defend against viruses byappending section of themselves to files

29

Immunizers are not always practical sinceit is not possible to immunize files against all known viruses

TRUE

30

Virus wall

virus scanning software used a integrated part of firewall technology

31

Bloting door lock

These locks require the traditional metal key to gain entry

32

Deadman doors

This reduces the risk of piggybacking, when an unauthorized person follows an authorized person through a secured entry

33

Imaging is a process that allows one to obtain a bit for bit copy of dagt to avoid damage of original date or information, it is made to obtain reidual dat such as deleted files, fragments of deleted files and othere information present, from the disk for analysis

TRUE

34

Ingestion/ normalisation

THie process converts the information extracted to a format that can be understood by investigators.

35

short term interruptions such as sags, spikes and surges, which last from a few millionths to a few thousandths of a secons

can be preventeed by using properly placed surge protectors.

36

Intermediate term interruptions which last from few seconds to 30 minutes

can be controlled by UPS devices

37

Long term interruptions which last froma few hours to several days

require the use of alternate power generators

38

since water and electricity do not mix

these systems must be combined with a automaticswitch to shutdownthe electricity suplly to the area protected

39

Helon system

release pressurized Halon gases that remove ozygen from the air, thus starving the fire.

40

Halon substitute is FM 200, which is the most effective alternative

TRUE

41

Argonite

people have suffocagted by breathing argon by mistake

42

Electrical surge protectors

reduce the risk of damage to equipment due to power spikes, Such protectors are typically built into the UPS system