Study This Flashcards by Jillian Hhhhh

If risks were categorized as either critical or normal, what risk assessment method is being used?

Qualitative

How well did you know this?

Not at all

Perfectly

What risk assessment method produces number results

Quantitative

How well did you know this?

Not at all

Perfectly

What document is intended to help deal with potential issues and conflict among partners

BPA

Business partner agreement addresses things like ownership, profits, losses and partner contributions

How well did you know this?

Not at all

Perfectly

What does a more threat centered security program look like?

Focusing on understanding adversaries motivations and capabilities

How well did you know this?

Not at all

Perfectly

What is characterized as an attempt to gain access to a systems resource

Exploit

How well did you know this?

Not at all

Perfectly

What document defines the technical security requirements associated with two orgs and who are connecting their information systems /network?

Interconnection security agreement, ISA

How well did you know this?

Not at all

Perfectly

When do we normally build a risk matrix

Qualitative risk analysis

How well did you know this?

Not at all

Perfectly

A developer composes a document that details all the entry points through which an attacker could attempt to introduce code into the app environment, what does this document represent

Attack surface

How well did you know this?

Not at all

Perfectly

Single loss expectancy equals (=) assets values times (x) exposure factor

The percentage of an asset that is lost due to a threat event

How well did you know this?

Not at all

Perfectly

What is the minimum and customary practice of responsible protection of information assets is defined by which of the following terms?

Due care

How well did you know this?

Not at all

Perfectly

Of two people are working together and we are concerned about collusion, what is performed?

Rotation of duties

How well did you know this?

Not at all

Perfectly

What is a central characteristic of accountability

A systems ability to determine the actions and behavior a single individual within a system

How well did you know this?

Not at all

Perfectly

What is the opposite of the CIA triad

Disclosure, alteration and destruction

How well did you know this?

Not at all

Perfectly

Report assessing design, suitability and effectiveness for a service organization security controls over a period of time

SOC 2 type 2

How well did you know this?

Not at all

Perfectly

What term is primarily concerned with enumerating an understanding the various ways an adversary might negatively impact the security of an application slated for development

Threat modeling

How well did you know this?

Not at all

Perfectly

Policies standers guidelines in security awareness training fall under which of the following control categories

Directive controls

How well did you know this?

Not at all

Perfectly

What principal Requires multiple individuals authorization in order to carry out a particularly critical function

Separation of duties

How well did you know this?

Not at all

Perfectly

Security incident can be thought of in which of the following terms?

Confidentiality, integrity and availability

How well did you know this?

Not at all

Perfectly

Which of the following terms describes the right to protect the expression of ideas

How well did you know this?

Not at all

Perfectly

When calculating the cost of risk I need to look for two factors which of the following choices one of these factors

Single loss expectancy

How well did you know this?

Not at all

Perfectly

Your organization just discovered an incident in which PII looks to have been accessed But not ex filtrated. What should you do

Disclosure within 72 hours of the incident discovery

How well did you know this?

Not at all

Perfectly

What document would be used to ensure that the IT department meeting is contractual obligations with the audit team

Ola

Operating level agreement which is an internal agreement that supports the SLA

How well did you know this?

Not at all

Perfectly

And quantitative risk management single loss expectancy is used to quantify what

The amount of financial impact that would result if a breach occurred that impacted an asset

How well did you know this?

Not at all

Perfectly

Prior to excepting a risk what has most likely occurred

Risk mitigation
There will always be a residual risk even if mitigating counter measures are leveraged. Either this occurs explicitly and formally or risk is accepted implicitly by choosing not to employ additional avoidance, transfer, or mitigation measures

How well did you know this?

Not at all

Perfectly

Which ISO information security standard focuses on auditing

27001

Which type of technology would be best suited to help monitor and possibly even bolster the security of a SaaS Solutions being used by on premise employees

CASB Cloud access security brokers are on premise or cloud base security policy enforcement points, place between cloud service consumers and cloud service providers to combine an interject enterprise security policies as cloud base resources are accessed

Identifying and labeling all personally identifiable information would be example of what

Data classification

What process customizes a standard for an organization, beginning with scoping, then adding compensating controls with parameters ( security configuration settings)

Tailoring

What process determines the applicable portions of a standard that must be followed by organization

Scoping

Which of the following is considered nonvolatile memory

ROM Read only memory is nonfilel storage where locations can be directly access in basic implementation. Data cannot be altered dynamically. Nonfiled storage retains this information even when the computer loses power, and can be used to boot the system. Both dynamic ram static ram are volatile memory

Senior manager has grown particularly concerned about the potential for breach of PII data. Which of the following controls is most directly applicable to their concern

DLP Data loss prevention tools and software filter data streams on networks, control and monitor and point activities, and monitor data in the cloud. DLP tools protect data and use data in motion and data at rest. Data loss prevention programs also feature reporting, which aids both and identifying anomalies and problems for forensic response and in meeting audit in routine compliance requirements

What is true about dynamic ram

DRAM Data is rewritten multiple times each second Hint, dynamic RAM It is always being rewritten hence dynamic

What are small extremely fast storage locations directly accessible to the CPU?

Registers

Which organization managers request for comments RFCs

IETF Request for comments RFC‘s are managed by the Internet engineering task force (IETF)

Which role sets that information security priorities and supports the mission of the organization

Business owner

Which of the following choices is also referred to as flash memory

Electronically erasable programmable read only memory(EEPROM)

Which method of media sanitation is performed the other local device interface, but could still potentially loud data recovery through other advanced recovery methods

Clear Clearing is done locally via the device interface (the operating system) . Data are not recoverable the other device in her face but I may be recoverable the advanced recovery methods

Which ISO information security standard focuses on best practices

27002

Electronic versions courseware from your favorite security training organization plays technology that limit your ability to add your own notes to the files. The files also incorporate a unique identifier that can assist in determining the source of copyrighted information having been pirated. What type of technology are they using

DRM Digital rights management is a sweet of technology designed to protect copyrighted digital media

All types of programmable read only memory are actually special cases of a more general sort of technology

Programmable logic device (PLD)

What I associate was formally known as ISO 17799

ISO 27002

What is the best way to remove data from right once read many (worm) media

Destruction

When comparing DRAM AND SRAM. Which of the following statements is true

Dram is slower than sram

What term describes writing data to an EEPPROM

flashing

What is the best method to secure lead astray data on a DVD – r

Destruction

What role crazy manager sensitive data

Data controller

What role is in charge of computer hardware and software design, plans, and updates

System owners

What is a set of memory addresses managed by the OS that do not correspond directly to physical memory

Virtual memory

What refers to the computer’s capability to execute instructions in parallel due to the usage multiple CPUs

Multi processing

Low level commands that a CPU knows how to execute and performs many operations per instructions

CISC

The RSA algorithm uses what kind of intractable problem as the basis of its crypto system

Factoring certain large integers into their two prime factors

Which of the following coordinates systems activities during execution of code

CPU control unit

What model deals with potential conflict of interested

Brewer nash

What is a real time alternative to using CRL

OCSP Online certificate status protocol

What term indicates the degrees of randomness

Entropy

Security model includes the no read up (simple security property) and no write down

Bell LaPadula

What security integrity model focuses on internal consistency, external consistency, will form transactions, separation of duties

Clark Wilson

Which of the following ensures that previously captured communications are not decrypted if a session key is comprised

Perfect forward secrecy

which of the following performs the calculations or operations based on programs calls

CPU arithmetic logic unit

Terms the deceives the CPUs ability to process more than one program at a time

Multitasking

What’s a cutie model includes no re-down and no right up Simples integrity

Biba

What is a common operating system protection that prevents one software application from affecting another software application if it crashes

Process isolation

What is the term for copying memory data to a bd from hard disk

Page fault

What is the terms when the OS Copies virtual memory from hard disk to main memory

Paging

What protocol do routers use to determine the path that should be taken by a packet

When you see 1E4DB3 they’re dealing with which numbering system

Hex

What network storage technology does not allow block level access, abut allows reading/arriving entering files via a network

NAS

What wireless protocol supports 54 mbps st 5 ghz

803.11 a

What allows you to uniquely identify a complete connection among all other connections on the internet

A socket pair

Which layer of the OSI model connects to the ohsucial part of the network with the Abstract pair

Data link

Which layer of the OSI mod converts. It’s i to electric signals or light impulses for transmissions

Physical layer

Which VOIP protocol is an application layer protocol used for communication signaling

SIP

What technology separates a routers control plane from the data plane

Software defined networking

Data encapsulation and the protocol stack work on which of the following ways

Each protocol or service at each layer in the OSI models adds its own information to the data as it is passed down the protocol stack

Which of the following network devices blocks (ip) limited broadcast traffic by default

Router

What encryption method should be used to secure a wireless connection

WPA2

Which wireless technology leverages battery powered radios and it’s commonly used for building automation and control

Zigbee

What IPsec method offers integrity and authentication but not confidentiality

Ah Authentication header

Which wireless technology could be employees when there are concerns about significant electromagnetic interference

Li-fi

What authentication mechanism exposes the password in plain text

PAP Password authentication protocol

Which layer of the OSI model converts bitch into electrical signals or light impulses for transmission

Physical layer

Which of the following layers of the OSI model handles establishment maintenance of connections between systems

Session layer

Which protocol to Rellis used to Termine the path that should be taken by a packet

Which network component should be used with there’s a concern about internal network sniffing

Switch

It is desire to have one layer to lan available on multiple switches in different countries so that each system can communicate directly using frames LA or two. What technology…

Vlan

What technology separates routers control plane from the data forwarding plane

Software defined networking

Which of the following is hopeful that work patchable soon to that shows each of the notes on a path between the local machine and a destination

Traceroute

Which of the following is popular LAN based technology

Ethernet

Which plaintext VOIP IP protocol is frequently used to transfer audio or video data

RTP

What network storage technology does not allow black level access, but allows reading and writing entire files via network

NAS

What is the measure of the when the system will be available to begin processing recovery work before being put back into a normalized production mode

Recovery time objective

RTO

Also means when the hardware, software and infrastructure are capable to start doing any necessary recovery work required before operations are resumed properly

What is it called when the amount of data loss that is acceptable for a business function called?

RPO recovery point objective The dictates the amount of data that can be lost for a critical function

What is useful at protecting custom applications from common vulnerabilities (SQL injection, cross site scripting etc )

WAF | Web application firewall

What are the deployments available for WAF

Reverse proxy Server install Cloud hosted

What are WAF used for

Protection of an org public facing web apps

Can WAF be used to increase the security of off the shelf web app?

True

What is an IPS used for

Blocks traffic Rather than alerting, the IPS will block suspicious traffic Can have false pos which can be a self imposed DoS condition

Does a false positive on an IDS cause an availability issue?

What is the main emphasis of malware sandboxing?

Trying to render or execute files before passing the on, or personals providing a report after analysis

What prevents unknown/unlisted binaries from executing

application whitelisting

Antivirus software attempts to block what

Various forms of malware

What are some examples of malware

Virus Worms Trojan Spyware

What involves simply making use of data about adversaries to improve security operations

IOC | Indicators of compromise

Is an IDS a passive system?

Yes It sends alerts when malicious act is an occur

NIDS has three fundamental designs

Signature based Protocol Analysis Anomaly based

IDS Can operate in which two modes

Passive and active Passive sends alerts but does not stop the attack Active stops the attack usually be sending resets

Where does an IDS sit

On a network and sniffs traffic

RFCs

Request for comments

When are anomaly detection models used for

Small, well designed networks and in specific high risk cases It alerts on anomalous behavior and is prone to false positives when behavior changes

What monitoring focuses on data leaving the org, system or interface

Engross monitoring

Monitoring oncoming traffic to an org or target system

Ingress

What does SIEm stand for

Security information and event management

What’s does a SEIM do

To deal with the volume and ease analysis of all the security related information and audit logs, a SEIM will go through all the logs and detect adversary tactics and problems.

What builds a behavior oriented profile of activity for both users and systems

UEBA user and entity behavior analytics

What are some key monitoring tools?

IDS and SEIM

What type of logs can a SEIM Monitor

System/event logs Web server logs Firewall and proxy logs And etc

What can be employed to ensure integrity of data remains

Digital signature

By default do syslogs provide integrity features that can confirm authenticity of the logs

No it does not A third party utility like syslogw-NG does

Layer of OSI closest to the users and programs Layer 7 Identification of communication partners Determines security aspects of communication

Application layer

Layer 6 Provides representation of information to be processed by the application Provides translations services such as EBCDIC and ASCII Performs data encoding, compression and decompression

Presentation layer

``` Layer 5 Organizes communication Management of data exchange Maintains the session Allows half duplex and full duplex ```

Session layer

``` Layer 4 Optimizes network service usage Uniquely identifies end points Maintain communication integrity Error detection ```

Transportation layer

``` Layer 3 Provides network addressing Performs touring and flow control Establishes network connection Provides network path IPv4 ```

Network layer

Layer 2 Formats messages to allow for transfer of physical media Provides addressing for physical hardware Ethernet or MAC addresses

Data link layer

Layer 1 Provides mechanical and electric activation, maintenance and deactivation oh physical connections for transmissions Defines the ohh oak means of communication Determines requirements for signal transmission. Over physical medium

Physical layer

What may be used to provide layer 2 authentication

802.1x

What layer of the OSI model connects the physical part of the network with the abstract

Data link

What DNS security protocol typically leverages browsers as the DNS client and provides increased confidentiality of DNS requests?

DoH

What layer of the OSI model interacts with informs and prepares it to be transmitted across the network

Transport layer

Dedicated security mode, this is not one

Systems handle multiple classification. Levels

What is two phase commit

Distributed database architecture that ensures that no transactions are finalized until all connected systems have successfully synchronize

Non violate storage that prevents existing data from being overwritten

Worm

What function Verifies the security of system, resources and test the effectiveness of the controls implemented and helps determine where more controls might be needed

Auditing

Which technique do layer to switch his employee to speed up forwarding data across ports

Cut through

On what environment are updates to the OSPF protocol handled by the co trip plane rather than a routers data plane

Software defined networking

Created a rule in the IDS to prevent attack. Anatomist wants to verify it tower and machine is protected. What tool would they use?

Metasploit

191.10.1.1-191.10.11.255

Class b

Class b ip range

128.0.0.0 though 191.255.255.255

Who should write up the lessons learned?

The on-site handler

When smart cards replace passwords as authentication, to access a system what is now a problem?

Lost tokens

The minimum and customary practice of responsible protection of information assets is defined by what

Due care

What pen test activities would be effective in validating TEMPTEST effectiveness

Radiation monitoring

The CMMI targets what specific aspect of software development

Processes

What can be used by developers to proved additional protection Against buffer overflow’s

Canaries

What causes chrome to have many processes instances when there are multiple tabs open

Sandboxing Google uses sandboxing in it a chrome browser. Each tab is separate process, each sandboxes from each other

What is the strategy behind the BIA

Maximum allowable downtime

A NDA is used to enforce which part of a security program

Data classification

What is the downside of selecting twisted pair cabling with more twists per segment

Higher costs

What type of security testing would be most likely to be performed on a monthly basis by a security team

Vulnerability scanning

Application fuzzing is a form of what

Pen testing

How does Linux NX protect against buffer overflows attacks?

It marks pages of the stack as non executable

In a pen test, what is used to exploit services

Core impact

What is the advantage of a 200 gigabyte rainbow table over a 100 huge byte rainbow table covering the same key space

Faster password cracking

A web application is provided a redirect URL information it that the subject has been successfully authenticated. What is being used?

Openid | Openid provides claims about a user identity and authentication

What is the principal of SSO

Authentication

What does the VNC payload in an attack with Metasploit give the attacker

Remote GUI

When involved in the US legal proceedings under what condition is ESI considers non discoverable

If deleted as part of previously established business process

Which of the following is an approved replacement for Halon?

Fm 200

What is a hash

A one way mathematical function

How many bits are in an IPv6

128

Early sign of a DoS

A packet with source IP/port matching the destination IP/port

What is context based access control

When access to something in the network is unavailable or available depending on the time of day or week

What is likely to be treated as PII by both company policy and law

A document that contains names and addresses of customers

What is the first step to be accomplished in a preliminary legal investigation

Determine if a crime has occurred

How is the annualize loss expectancy calculated

Single loss expectancy times annualize rate of occurrence

A helpdesk ticket regarding slow server response is escalated for investigation. The assigned administrator determines at the activities due to the running of a legitimate business application and closes a ticket. What phase of incident response does this occur during?

Detection Terrifying weather event report activity is infected in certain happens during the detection face

The following statement can best be described as what type of secure documentation? All and user systems on the network must be protected at the host level against malware and unauthorized access attempts

Policy

How many bits is IPV4

Which protocol Heather would be shown in screen shot when it has resignation port 443

TCP

What are key TCP header fields

Source in destination ports flags and sequence number

What is a relaying party

The party that uses the login credentials when using open ID

What is the main difference between a third-party audit and an internal audit

Objectivity

Which of the following access control techniques require the use her to follow a transformation procedure to access protected data

The Clark Wilson model introduces the concept of transformation procedure that defines how changes can be made to objects in the system

Which of the following can be used for distributed denial of service attack

Sending TCP packets with the SYN flags set

Which of the following describes the purpose of LDAP

A centralized repository for user in system resources on a network

Operational security change control is a process that manages changes to which of the following

Hardware, software Netwerk

What technology would help a business that streams movies to customers worldwide ensure consistent performance

Content distribution network

Antivirus Blocked an executable and sent a notice to a security vendor information management system. What kind of control does antivirus represent

Preventative

What standard was introduced by the IEEE to address the issue of authentication

802.1x

At which critical step in the system development process should a risk assessment be performed

Project initiation

What is a mandatory component of a single sign-on system

Centralize credential storage

All the following statement can best be described as what type of security documentation While the company strongly recommends again sending sensitive or confidential data via email the data owner may authorize this method of communication of the center uses company provided email Christian to transmit data

Guideline

Who ultimately has ownership of the business continuity plan in an enterprise

Chief executive officer It belongs to the business

Media sanitation instruction prevent

Object reuse

How are processing task carried out in asymmetrical multiprocessing system

System processes will run on one CPU and the other CPUs will run the applications

During which phase of the fetch decode execute cycle does the CPU determine what actions the instructions to take

Decode

Which software development Methodist driven by the possible failure of the software project to achieve stated goals

Spiral It is driven by risk

With respect to the data classification wall which of the following is a responsibility of the system on her

Assist in the identification implementation assessment Of the common security controls

Which of the following is not an advantage of a centralized access control administration

Flexibility

And organization maintains a plan for emergency response, employee communications, back up operations, and post disaster recovery that will ensure that availability of critical resources and procedures to return to full production an existing office facilities. What type of plan is being described

Business continuity plan

What is likely to be done at five through an assessment of core security processes

The root cause of security failures

A programmer received an application error message that a requested Record was being accessed by another process. The programmer is the only person with access to the test database. After Rebooting her computer, she was able to access the record. What caused the error message

Deadlock condition has been put in place

What is the meterpreter on the Metasploit framework

A payload

Which component of an account a management process is most likely to limit an attack

Scheduling retiring of inactive accounts

What uses a NOP sled

Bidder overflow

Which of the following is used for day to day protection of business critical resources and controlling access to computer facilities

Operational controls

When making online purchases what can a user easily check to see if the Information they are going to submit will not be observed by eavesdroppers

Using websites with HTTPS

A system is built so there is redundancy, but there are no dedicated hard drives for data, back up or parity. What system Is this

RAID 5

What does NSlookup command do

See the host name and The IP address and DNS

Which software development methodology is not primary code centric

DEVOPS

Which of the following development phases would be closer to the end of the process

Installment and implementation

Which component of IPsec uses a verification function similar to signing an email with a digital signature

Authentication header

What is a benefit of using Kerberos for authentication

Password remain encrypted during transfer

Which of the following is most likely to result in shell access to a users workstation

Social engineering Not port scanning or not war dialing

What type of security testing is being performed when a programmer compiles an application with all warnings enabled

Static Analysis

A single disk in a RAID array fails and data is lost. What kind of RAID was this

During an incident in what phase should the decision be made to pull an affected system off the network?

Response

What is the total number of UDP PORTS that could be open on a system

65,536

What must be included for a success exploitation

Payload

What security model requires every user of the system and every object in the system to be assigned a security label and allow access based solely on these labels

Lattice

Which security document would contain technical details about how a specific application must be configured

Baseline

Determining an individual is who they claim to be

Authentication

Which topology used two rings for fault tolerance

FDDI

What part of the file contains Info about the user and App that created the file

Metadata

Security model focuses on confidentiality of info

Bell lapadula

Security cameras are what type of control

Compensating

What term is used for programs stored on read only memory devices

Firmware

Why is computer generated documentation usually considered non reliable evidence

Too difficult to detect prior mods

What indicates a server side attack

The attack is launched against a network service that is listening on the victim host

What does the Advanced Encryption Standard AES, use s boxes for during the encryption process

Substitution

What part of security assessment does pair programming belong to?

Technical security testing

Regarding OS protection mechanisms which is false about the ring

Wearing allows users processes to interact with a kernel as peer processes

Which statement correctly describes a relevant consideration when defending against client-side versus server-side attacks

Client side are usually harder to defend against

MTD = what

RTO+wrt

How to protect trade secrets

Auditing file access and controlling copying of intellectual property

What is covered by an SLA

Vendors agreed response time to a system outage

Writing a company’s security policy is what type of control

Administrative

Access control model is primarily which type of control

Preventative

What problem was TEMPEST designed to encounter

Data leakage through Electromagnetic radiation

Which type of access control and pops all users having a clearance

MAC

What is a business continuity plan

And overarching plan includes A collection of other plans

What type of packages tracert Receive a reply that used to determine the route

Time exceed

Which plan provides procedures for minimal loss of life

Occupant emergency plan

What is the least important item to be capture an audit logs

System performance output data

And organization hired a third-party to contact monthly vulnerability assessment. In which phase of business continuity plan does this belong

Current state assessment

Which process will reveal a buffer overflow vulnerability in an application

Fuzzing

Which extensible authentication protocol method authenticate a client at the server but is not manually authenticate the server to the client

EAP-MD5

What is the goal of technical security testing

To remediate vulnerabilities

What part of the waterfall model ensures that a product meets the specifications

Verification

What are used to care for CrossSite scripting attack to be successful

The victims computer must execute a Malicious script

Increasing availability of a service components of the cheap by implementing which of the following

Fault tolerance

DNS is what

Protocol for translating IP address is to names and Back again

What is a typical length of an extended unique identifier

What is a fundamental principle of the waterfall model

Each development phase must be completed before the next begins

Due to differing privacy laws between countries a company uses a separate never to handle and stores data in each country it operates in. What is this an example of an terms of risk handling methods

Mitigation

Security analyst sends a scan packet to a live host wire open ports on the same network segment but the packets receives no response. Which protocol is the analyst using

UDP

Which of the following is not a high-level single sign-on access method

Public kiosks

In the process of employee termination which access management Activity most effectively controls access

Account revocation

And what pieces does a router for network traffic

IP address

Which model has an explicit practice of sending unexpected input into applications for the development cycle

Microsoft threat modeling

Oh what will trigger false positives on network that uses anomaly detection

Behavior changes

What is recommended cable that will allow for 100 MBPSD data rate

Category 5

What statement about biometrics is not true

Users can be authenticated by what they know

What risk Estimation approach uses establish practices and calculations

Quantitative risk analysis

Which of the following is an example of context dependent access control

File system quota

How does water suppress fire

Reduces temperature

What passengers your accountability for your actions taken within a system or domain

User Identification and authentication

What must be configured for an incident responded to review successful and field login attempts

Accounting Accounting is a system ability to determine the actions of a single individual

What data classification role responsible retaining records as per approve policy

Data custodian

What needs to be done for FW2 to be able to take the pivot from you use a workstation to server SRv2

SW2 Must be on later to only and have the server in a different VLAN

What type of testing used tools to LA source code vulnerabilities

Static Analysis

What is a characteristic of a MAC address on a network interface card

Remains the same regardless of the location

What IPSEC of protocols provides integrity but Not encryption

And attackers preach to companies perimeter and penetrated her system. She’s attempting to maintain her access using tools that are already installed on the system. She creates a job that opens a port on the system every night at midnight. Which of the following is most likely to detect the creation of attackers back door

Baseline monitoring

If an attacker wanted to run their own program in the colonel what attack with the use

Privileged escalation

What collision avoidance of those Internet use

CSMA/CD

Which type of fallen this off to discover through dynamic analysis

Authentication bypass

How can triple your help in the Recovery process

Determine which files in the system were compromised

Which of the following is a set of low level commands a CPU knows how to execute

CISC

Which of the following address is it gonna be claimed, proper authentication, and authorization with users across different organizations

SAML

What web vulnerability exploit say system at the database layer allowing attacker to create read modifier delete sensitive data

SQL injection

What date it would be most useful in a situation where someone’s credentials may have been compromised

Successful logins

What is not a Common OS mechanism

Paging Current OS protection mechanisms include layering, extraction, process isolation and hardware segmentation

A DBMS should possess a number of characteristics to be considered secure. One characteristic that it should always maintain a stable state even after hardware/software failure. What is this

Fault tolerant

A network bridge learns which systems reside on a network segment by building a table that consist of which of the following

MAC addresses

What should security procedures be based off of

Organizational policies

In the context of Clark Wilson model of data integrity, maintaining external consistency and chairs which of the following

The system state is consistent with the data outside the system

Where are hash passwords stored on A Linux system

/etc/shadow

Which task within the excess provision Lifecycle should take place one employee Changes apartments

Maintenance

What would most effectively be used to block a malicious ACK packet sent to pour it doesn’t matter initials SYN packet

Stateful firewall

What technique used by malicious it’s too overly one frame on top of another, thereby tricking the user to perform an action they did not intend

Click jacking

What do the UDP and TCP protocol Have in common

Operates at the transport layer

What encryption algorithm is not using single key Encryption

Diffie Hellman

What intra Company document helps an organization meets service commitments to customers

OLA

Frame-relay is simplified version of which of the following

X.25

What are sprinkler systems and allow large volumes of water to be released in a short period of time

Deluge

The concept of subject/program binding aside to which of the following security models

Clark Wilson

What is a common problem about my truck access controls

False acceptance rate

What is the key difference between an internal audit in an external audit

Testing team members

What rate level uses byte level parity

After forensic investigator Caesars a computer drive time investigation what is the next step

Make a bit level image copy of the desks

After reviewing your file service catalog a system admin notice is there a know if it’s locked for any type of file access. What type of issue is this

Accountability

What type of control can automatically initiate creative control

Detective

What is the primary disadvantage of a VPN

Unpredictable performance

What is not a characteristic of a distributed system

Rigid

Why would a company provide employees from using client to cite VPNs

Three use reduces effectiveness of subnetwork monitoring devices

What is the purpose of a network protocol like radius and tacacs

Authenticate users on behalf of other services

What approach insures new users initially have no access to sensitive application information

Secure by default

What is the most crucial piece of developing access recovery plan

Management support

Which maturity level of the CMMI model is this offer process characterizes as ad hoc

Initial

What software testing method can be used against compile code with no access to source

Fuzzing

What is caused by applications that request in later and properly release resources

Memory leak

Company has restricted options in the user interface for us users, preventing them from opening command line interface. What type of control this

Preventative

Which entity provides formal authorization on a system access decisions

Data owner

Which metric should be considered in the purchase of preventative control

tco

The spiral model of project management is primarily driven by what factor

Risk

What has can an untrusted Java apple perform on a client machine when run from the browser

Make network connection to the original host

When talking about data classification rolls a custodian is concerned with all the following except what

Determine the datas value to the organization in the threshold be on which absolutely does purged

Which protocols describe his best effort protocol

UDP

A system admin find the unknown user account they have been created several months prior to discovery. What process should be improved and evil more timely medication of the future

Log monitoring

Which component of the operating system includes an interrupt handler that handles all request that are competing for system service

The kernel

Battling weather patterns requires a computer design to execute a small set of instructions for efficiently. What type of computer is best for this

RISC | Reduce instructions set computer

What is assumed with a trusted computing base (TCB)

System components are securely designed and configured

What is a phishing attack and I was it, they carried out

Danity theft scheme that takes place to email in a bogus website

What software is both gratis and libre

Freeware

What is a symmetric key algorithm

Blowfish

What can be attacked with a rainbow table

Hash

What access control measures a directive

Background check

When planning for physical security threats how can I smoke detector help

spell detetric and sense smoke by interference of light or ionization

What common network Troubleshooting told makes use of Internet control message protocol packets with particular time to live values

Traceroute

With regards to access controls what differentiates a passphrase from a password

Passphrase is typically longer and more difficult to get guess

What tool would best be used to record and send to use his password of an Internet

Keylogger

What is considered a potential Vulnerability specifically for hardware based thin clients

Lack of timely patching

How can organization share a single document repository were each company retains control over his authentication credentials

FIM

What functionality do open ID and Saml provide

Open ID performance authentication, while SAML encodes authentication related information

Worms have the ability to Joe directly to which type of the attack process by tutoring payloads to high numbers of IP addresses

Exploit vulnerable services

Under open ID which of the following are sites that can use identity information from sites that are sources of identity information

Relaying parties

Study This Flashcards

(328 cards)