CISSP Trouble Areas Flashcards
(180 cards)
1
Q
What protocol manages security associations used by IPSec?
A
ISAKMP
2
Q
What is a Smurf attack?
A
Large number of ICMP packets are broadcasted to a network
3
Q
A tunnel is normally used to connect what types of systems?
A
Hosts and networks
4
Q
For a process, can it operate as a subject, object, both, or neither?
A
Both subject or object
5
Q
How many rounds of encryption are required for Rijandael for a key of 192 bits?
A
11
6
Q
What are some VoIP security issues?
A
Caller ID falsification, vishing, SPIT
7
Q
Personal Area Network (PAN) is associated with what wireless standard?
A
802.15 Bluetooth
8
Q
What security protocol automatically performs reauthentication of the client throughout a session to detect session hijacking?
A
CHAP
9
Q
For port addresses, what are considered the “well-know” ports?
A
0-1,023
10
Q
What is a teardrop attack?
A
Attacker exploits a bug in the OS related to re-sequencing packets. Attacker sends numerous specially crafted packets to the system, which causes the system to freeze or crash.
11
Q
Once a system is compromised, what type of access control is used to restore the system to a previous known good state?
A
Corrective access control
12
Q
What symmetric encryption protocol does WPA2 use?
A
AES
13
Q
What symmetric encryption protocol does WPA use?
A
TKIP
14
Q
What symmetric encryption protocol does WEP use?
A
RC4
15
Q
What standard does all public email comply with?
A
X.400
16
Q
What approach uses math algorithms to analyze data and develop models that may be used to predict future activities?
A
Data mining
17
Q
What is the difference between anti-virus removal and cleaning?
A
Removal only deletes the malicious software, whereas cleaning will try to restored changes made by the malicious software
18
Q
What control is used to guide the security implementations of an organization?
A
Directive control
19
Q
What is the cardinality of a table?
A
How many entries (rows) in the table
20
Q
According to standard, what is the largest ICMP packet allowed?
A
65,536
21
Q
What network device can be described as a protocol translator?
A
Gateway
22
Q
On what port does DHCP operate?
A
Port 68
23
Q
What database principle ensures that data is written in an all-or-nothing manner?
A
Atomicity
24
Q
What access control is used to repair or restore capability, functionality, or resources following a violation of security policy?
A
Recovery access control
25
What standard prescribes IT security best practices crafted by ISACA and ITGI?
COBIT
26
What database security feature prevents simultaneous edits to a cell?
Concurrency provides locks so that two users cannot edit a cell at the same time
27
What package provides secure replacement for common Internet utilities such as FTP?
SSH
28
What phase of Electronic Discovery performs a rough of irrelevant data?
Processing
29
What are the private IP ranges according RFC 1918?
10.0.0.0-10.255.255.255, 172.16.0.0-172.31.255.255, and 192.168.0.0-192.168.255.255
30
What access control is used to physically deter unwanted or unauthorized activity and access?
Preventative access control
31
What are considered third generation programming languages?
Compiled languages such as C++ and Java
32
In what IPSec mode is the content of the packet encrypted but not the header?
Transport mode
33
What type of malicious code uses a filename similar to that of a legitimate system file?
Companion viruses
34
In what IPSec mode is the content and header of the packet encrypted?
Tunnel mode
35
How soon after an incident should a postmortem take place?
Within a week
36
How long does a trademark last?
10 years and can be renewed unlimited number of times for 10 years
37
Describe differential backups
Backups only files that have been changed since previous full backup. Only affects files that have archive bit turned on
38
What is the primary benefit of using images to deploy new systems?
Provides a baseline for configuration management
39
What is OCSP?
Online Certificate Status Protocol is a way to check real-time whether a certificate is invalid. Replaces Certificate Revocation Lists (CRL)
40
What rule of evidence states that a written agreement is assumed to contain all the terms of the agreement?
Parol evidence rule
41
What law requires that communications carriers complies with federal agencies conducting wiretaps?
Communications Assistance to Law Enforcement Act (CALEA)
42
What is a hot site, warm site, and cold site?
Hot site - operational within 6 hours Warm site - operational after ... Cold site - ???
43
What is the practice of establishing emergency response actions following a business-related disaster?
Disaster recovery planning
44
What symmetric encryption protocols does S/MIME support?
DES, 3DES, RC2, ???
45
What type of alarm signals a monitoring station?
Centralized alarm system
46
What is the effective key length of 3DES?
168 bits (56 bits x 3)
47
What transport layer protocol does SNMP use?
UDP
48
Where is a good location for turnstiles?
Secondary or side exits where there is no guard personnel
49
Describe incremental backups
Backups only files that have been changed since last full backup OR last incremental backup. Only affects files that have archive bit turned on
50
From which pool of keys are primary keys selected from?
Candidate keys
51
What department administers the EU Safe Harbor provisions in the US?
Department of Commerce
52
What are the reasons for change management?
To ensure that any changes do not lead to reduced or compromised security and also to make it possible for rollback of changes to a previous secured state
53
What is the first step in business impact assessment process?
Identification of priorities
54
A momentary loss of power is called what?
A fault
55
What is another name for ROT3?
Caesar cipher
56
Alarms, CCTV, and monitoring devices fall under what type of access control category?
Technical access control
57
In addition to job rotation, what is another way for security peer reviews?
Mandatory vacations
58
Explain the XOR function
True when one, and only one bit is true
59
What law amended the Computer Fraud and Abuse Act (CFAA) to include for portions of the national infrastructure?
National Information Infrastructure Protection Act (NIIPA)
60
What is a MAA site?
A Mutually Agreed Assistance site is a site where two business have agreed to help each other in case of a business-related disaster
61
What type of scan tries to simulate an already open connection?
TCP ACK scan
62
What layer of ring protection includes programs that run in supervisory mode?
Layer 0
63
What regulation enforces the prudent man rule, which requires that senior executives take personal responsibility for ensuring due care?
Federal Sentencing Guidelines
64
What two principles of encryption makes it so that attackers can not look for patterns in the plaintext and resulting ciphertext to determine the key?
Confusion and diffusion
65
What state was the first to pass the data breach notification law?
California
66
Insurance is a way to do what in terms of risk?
Risk assignment/transference
67
What type of backup does not alter the archive bit no backup files?
Differential backups
68
What software development methodology allows the process to only return to the previous phase?
Waterfall
69
What are the responsibilities of the data owner?
Responsible for classifying information for storage and protection. Typically high-level manager
70
What are the responsibilities of the data custodian?
Responsible for implementing prescribed protection defined by security policy and management. Activities include backups, validating data integrity, deploying security solutions, and managing storage based on classification.
71
What is the responsibility of the data user?
Nothing really, just be able to access and perform actions on object
72
What legal protection is best for software whose source code or internal workings you want released to the public?
Trade secret
73
How many rounds of encryption does DES employ?
16
74
What is MTD?
Maximum tolerable downtime is the max amount of time a business can be inoperable without causing irreparable harm to the company
75
What type of language is least prone to a third party inserting malicious code?
Interpreted code such as VBScript
76
What amendment protects citizens from wiretaps and invasion of privacy?
Fourth Amendment
77
What law makes it illegal to cause malicious damage to "federal interest" computer systems?
Computer Fraud and Abuse Act (CFAA)
78
What is residual risk?
The risk that management has decided to accept rather than mitigate
79
What is the Delphi technique?
Form of qualitative risk analysis that uses anonymous feedback-and-response process to arrive at group consensus
80
What is the typical activation time for a warm site
Within 12 hours
81
What is the security protocol designed by Visa and Mastercard to protect e-commerce transactions?
Secure Electronic Transaction (SET)
82
DES operates on what size of blocks?
64 bits
83
What is the length of patents in the US?
20 years
84
What are the numerical types for each type of authentication?
Type 1 - something you know (password) Type 2 - something you have (smartcard) Type 3 - something you are (biometrics)
85
What type of alarm system will notify local police, fire, or emergency services when triggered?
Auxiliary alarm system
86
What are the five elements of AAA services?
Identification, Authentication, Authorization, Auditing, and Accounting
87
What is another name for layering?
Defense in depth
88
What is another name for defense in depth?
Layering
89
Describe abstraction in terms of security
Similar elements are put into groups, classes, or roles that are assigned security controls, restrictions, or permissions as a collective
90
What is strategic planning?
Long term plan that is fairly stable and defines org's security purpose. Timeline is around 5 years
91
What is tactical planning?
Mid term planning to provide more details on goals in strategic plan. Timeline is around 1 year
92
What is operational planning?
Short term planning that is highly detailed based on strategic and tactical plans. Timeline is less than 1 year
93
What are the data classification/levels for government/military?
Unclassified, sensitive, confidential, secret, top secret
94
What are the data classification/levels for civilian orgs?
Public, sensitive, confidential/private
95
What are the elements of STRIDE?
Spoofing (identification) Tampering (integrity) Repudiation (non-repudiation) Information disclosure (confidentiality) Denial of service (availability) Elevation of privilege (authorization)
96
Describe the DREAD system
Way to risk model: Damage potential Reproducibility Exploitability Affected users Discoverability
97
What is the purpose of business continuity planning?
Maintain continuous operation in the event of an emergency situation
98
What is the difference between business continuity planning and disaster recovery planning?
BCP comes first and if BCP fails, then DRP steps in
99
Who is involved in business continuity planning?
Representatives from different depts responsible for core services IT reps Security reps Legal reps Senior management reps (but usually doesn't include CEO)
100
What are the four main steps in business continuity planning?
Project scope and planning Business impact assessment Continuity planning Approval and implementation
101
What are the steps in Project Scope and Planning in BCP?
Business organization analysis Team selection Resource requirements Legal and regulatory requirements
102
What are the steps in Business Impact Assessment?
Identify priorities Risk identification Likelihood assessment Impact assessment Resource prioritization
103
What is another name for Identifying Priorities in Business Impact Assessment in BCP?
Criticality prioritization
104
What is the purpose of Identifying Priorities/criticality prioritization?
Creating comprehensive list of business processes and ranking them in order of importance
105
What is RTO?
Recovery time objective is the amount of time which you can feasibly recover from a disruption in service. Should be less than maximum tolerable downtime.
106
What is the purpose of Risk Identification in Business Impact Assessment in BCP?
To identify risks posed to the org
107
What is the purpose of Likelihood Assessment in Business Impact Assessment in BCP?
To determine the likelihood that a event may occur
108
What is the purpose of Impact Assessment in Business Impact Assessment in BCP?
To determine the impact that each of the risks identified would cause to the org if the risks were realized
109
What is Resource Prioritization in Business Impact Assessment in BCP?
To prioritize allocation of business continuity resources to the various risks as a result of the impact assessment
110
What is AV?
Asset value (AV) is the quantified monetary value of an asset
111
What is ARO?
Annualized rate of occurence (ARO) is the probability that a disaster event may occur in a year
112
What is EF?
Exposure factor (EF) is the estimated percentage loss of an asset if a risk was realized
113
What is SLE?
Single loss expectancy (SLE) is the predicted monetary loss for an asset if a particular disaster event were to occur. Note that this is not for an annual rate, just the total loss amount.
114
What is ALE?
Annualized loss expectancy (ALE) is the monetary loss that org expects to occur as a result of a risk being realized in ONE year
115
What are the steps in Continuity Planning?
Strategy development Provisions and processes Plan approval Plan implementation Training and education
116
What are the different ways to deal with risk?
Mitigate Accept (residual) Transfer
117
What are the different categories of US law?
Criminal - possible prison time, fines, and community service Civil - for when an impartial arbiter is required to settle matters between individuals and orgs Administrative - laws created by executive branch agencies to guide agency in operating
118
What is the property of Biba that prevents a subject from accessing an object at a lower integrity level?
Simple Integrity Property prevents subjects from READING DOWN
119
What is it called when a pentest team knows substantial information about a target including hardware/software, and config details?
Partial knowledge team
120
What is a divestiture?
A reduction in assets or employees
121
What common vulnerabilities have little direct countermeasures and safeguards?
Omission and errors
122
What is the formal term for assigning responsibility to individuals or groups?
Ownership
123
What is the final step in the lifecycle of backup media?
Destruction
124
What is access in terms of subjects and objects?
The transfer of information from objects to subjects
125
What security services are provided by Kerberos for authentication traffic?
Provides confidentiality and integrity for authentication traffic
126
What is the purpose of security impact analysis in the context of change management?
To review changes and evaluate them for potential negative impacts
127
What process ensures that all necessary and required elements of a security solution are implemented as expected?
Compliance checking
128
What are examples of deterrent access control?
Security policies, cameras, awareness training, physical controls such as fences, and security badges
129
What are the benefits of VLANs?
Traffic isolation, traffic management, reducing vulnerabilities to sniffers
130
What is the frequency of IT infrastructure security audit or review based on?
Level of risk
131
What is purging?
Erasing the data so that the media is not vulnerable to data remnant recovery techniques
132
What is the Clark-Wilson model also known as?
Restricted interface model because it uses classification-based restrictions to offer subject-restricted functions and information
133
According to PCI-DSS, what can you use in place of an annual web app vulnerability assessment?
Web app firewall
134
What is due care?
Preserving and protecting assets and interests for a given org as exercised through a formalized security structure comprising of baselines, guidelines, policies, procedures, and rules
135
What software development method allows for multiple iterations of development process, resulting in multiple prototypes?
Spiral
136
What are security targets (ST) in Common Criteria?
Specifies he claims of security from the vendor that are built into the target of evaluation
137
What are the features/disadvantages of packet switching?
Bursty traffic
Supports any type of traffic
Sensitive to data loss
138
What are the requirements for an invention to be patented?
Must be new
Must be useful
Must be non-obvious
139
What is a hybrid risk assessment?
Use of both quantative and qualitative assessment
140
What encryption algorithm was used for the Clipper chip?
Skipjack
141
What is critical path analysis?
The logical sequencing of a series of events such that planners and integrators possess consider information for decision making processes
Useful to map out org needs to transfer or establishment of a new facility
142
What is the formula to determine the number of keys required for symmetric encryption communications between *n* individuals?
(*n* \* (*n*-1)) / 2
143
What organization creates RFCs for the Internet?
Internet Advisary Board
144
What does the modified waterfall model offer over the traditional waterfall model?
Validation and verification phases
145
What industry does Gramm-Leach-Bliley Act affect?
Financial industries
146
What subset of SQL can you use to create and modify databases?
Data Definition Language (DDL)
147
What advanced malware technique uses more than one progagation method?
Multipartitism
148
What document should state where critical business information should be stored?
Vital records program
149
What is the cause of common mode noise?
Generated by the voltage difference between the hot wire and ground wire
150
What is the digest size for MD5?
128 bits
151
What government agency is responsible for protecting the security of government systems that process sensitive/classified information?
NSA
NIST protects all other non-sensitive government computers
152
What is whaling?
A type of phishing that targets high-level employees of an organization
153
What is spear phishing?
A type of phishing targeting a particular organization
154
What is vishing?
Simlar to phishing but using phone calls or voice messages
155
What is the cause of traverse mode noise?
Generated by voltage difference between hot and neutral wires
156
What port does DHCP use?
Port 67 and 68
157
What is the size of the MBR?
The Master Boot Record is 512 bytes in size
158
What is software escrow?
Tool used to protect a company against unsupportive or out of business vendors
159
What are companion viruses?
Self contained executables that have names that are similar/same to existing system/program programs
160
What is control signing?
Utilitizes a system of digital signatures to ensure that the code originates from a trusted source
161
In agile development, how often should the business users be involved in development?
Daily
162
What is a service bureau in the context of recovery?
A company that provides time-leased computer services for a fee
163
What is the block size of Triple DES?
64 bits
164
What is the key and block size of DES?
Key - 56 effective bits
Block - 64 bits
165
What is a closed system?
A system designed to work well with a narrow range of other systems, generally all from the same manufacturer
166
What is the maximum digest length of SHA-2?
512 bits
167
What is the biggest risk associated with web or mobile applets?
Executing code from external sources
168
The Clark-Wilson model is mainly focused on which component of the CIA triad?
Integrity
169
What is sanitization in the context of secure disposal?
Any number of processes that prepares media for for destruction
170
What is purging in disposal?
To sufficiently cleanse remenants of data on a MAGNETIC storage drive so that it can be reused in an unsecure environment
171
What type of chip is usually used in printers and other hardware devices to store firmware data?
EEPROm
172
What are administrative access controls?
Also known as management controls and include policies and procedures such as hiring/firing, data classification, and security training/awareness
173
What are logical access controls?
Also known as technical access controls, are the software and hardware that controls access
174
What are technical controls?
Also known as logical controls, are the software and hardware used to control access
175
What are physical access controls?
Physical controls used to prevent direct contact with systems or areas within a facility
176
What is clearing?
A method to sufficiently delete data on media by overwriting with unclassified data for later reuse in the SAME secured environment
177
What is a meet-in-the-middle attack?
A known plaintext attack that only affects otherwise one rounder symmetric algorithms that go through multiple rounds, such as Double DES and 3DES
178
What is degaussing?
Restoring magnetic media to its original "unused" state
179
What is erasing?
Simple operation which only performs a delete operation against the media and thus still leaves the underlying information on the disk
Least secure way of disposal
180
