AIO book review questions Flashcards
- Use the following scenario to answer Questions 1–3. Josh has discovered that an organized hacking ring in China has been targeting his company’s research and development department. If these hackers have been able to uncover his company’s research finding, this means they probably have access to his company’s intellectual property. Josh thinks that an e-mail server in their DMZ may have been successfully compromised and a rootkit loaded.
Based upon this scenario, what is most likely the biggest risk Josh?s company needs to be concerned with?
A. Market share drop if the attackers are able to bring the specific product to market more quickly than Josh?s company.
B. Confidentiality of e-mail messages. Attackers may post all captured e-mail messages to the Internet.
C. Impact on reputation if the customer base finds out about the attack.
D. Depth of infiltration of attackers. If attackers have compromised other systems, more confidential data could be at risk.
A
- Use the following scenario to answer Questions 1–3. Josh has discovered that an organized hacking ring in China has been targeting his company’s research and development department. If these hackers have been able to uncover his company’s research finding, this means they probably have access to his company’s intellectual property. Josh thinks that an e-mail server in their DMZ may have been successfully compromised and a rootkit loaded.
The attackers in this situation would be seen as which of the following?
A. Vulnerability
B. Threat
C. Risk
D. Threat agent
D
- Use the following scenario to answer Questions 1–3. Josh has discovered that an organized hacking ring in China has been targeting his company’s research and development department. If these hackers have been able to uncover his company’s research finding, this means they probably have access to his company’s intellectual property. Josh thinks that an e-mail server in their DMZ may have been successfully compromised and a rootkit loaded.
If Josh is correct in his assumptions, which of the following best describes the vulnerability, threat, and exposure, respectively?
A. e-mail server is hardened, an entity could exploit programming code flaw, server is compromised and leaking data.
B. e-mail server is not patched, an entity could exploit a vulnerability, server is hardened.
C. e-mail server misconfiguration, an entity could exploit misconfiguration, server is compromised and leaking data.
D. DMZ firewall misconfiguration, an entity could exploit misconfiguration, internal e-mail server is compromised.
C
- Aaron is a security manager who needs to develop a solution to allow his company?s mobile devices to be authenticated in a standardized and centralized manner using digital certificates. The applications these mobile clients use require a TCP connection. Which of the following is the best solution for Aaron to implement?
A. SESAME using PKI
B. RADIUS using EAP
C. Diameter using EAP
D. RADIUS using TTLS
C
- Terry is a security manager for a credit card processing organization. His company uses internal DNS servers, which are placed within the LAN, and external DNS servers, which are placed in the DMZ. The company also relies upon DNS servers provided by their service provider. Terry has found out that attackers have been able to manipulate several DNS server caches, which point employee traffic to malicious websites. Which of the following best describes the solution this company should implement?
A. IPSec
B. PKI
C. DNSSEC
D. MAC-based security
C
- It is important to deal with the issue of ?reasonable expectation of privacy? (REP) when it comes to employee monitoring. In the U.S. legal system the expectation of privacy is used when defining the scope of the privacy protections provided by _____________________.
A. Federal Privacy Act
B. PATRIOT Act
C. The Fourth Amendment of the Constitution
D. The Bill of Rights
C
- Jane is suspicious that an employee is sending sensitive data to one of the company?s competitors. The employee has to use these data for daily activities, thus it is difficult to properly restrict the employee?s access rights. In this scenario, which best describes the company?s vulnerability, threat, risk, and necessary control?
A. Vulnerability is employee access rights, threat is internal entities misusing privileged access, risk is the business impact of data loss, and the necessary control is detailed network traffic monitoring.
B. Vulnerability is lenient access rights, threat is internal entities misusing privileged access, risk is the business impact of data loss, and the necessary control is detailed user monitoring.
C. Vulnerability is employee access rights, threat is internal employees misusing privileged access, risk is the business impact of confidentiality, and the necessary control is multifactor authentication.
D. Vulnerability is employee access rights, threat is internal users misusing privileged access, risk is the business impact of confidentiality, and the necessary control is CCTV.
B
- Which of the following best describes what role-based access control offers companies in reducing administrative burdens?
A. It allows entities closer to the resources to make decisions about who can and cannot access resources.
B. It provides a centralized approach for access control, which frees up department managers.
C. User membership in roles can be easily revoked and new ones established as job assignments dictate.
D. It enforces an enterprise-wide security policy, standards, and guidelines.
C
- Mark needs to ensure that the physical security program he develops for his company increases performance, decreases risk in a cost-effective manner, and allows management to make informed decisions. Which of the following best describes what he needs to put into place?
A. Performance-based program
B. Defense-in-depth program
C. Layered program
D. Security through obscurity
A
- A software development company released a product that committed several errors that were not expected once deployed in their customers? environments. All of the software code went through a long list of tests before being released. The team manager found out that after a small change was made to the code, the program was not tested before it was released. Which of the following tests was most likely not conducted?
A. Unit
B. Compiled
C. Integration
D. Regression
D
- It is important to choose the right risk analysis methodology to meet the goals of the organization?s needs. Which of the following best describes when the risk management standard AS/NZS 4360 should be used?
A. When there is a need to assess items of an organization that are directly related to information security.
B. When there is a need to assess items of an organization that are not just restricted to information security.
C. When a qualitative method is needed to prove the compliance levels as they pertain to regulations.
D. When a qualitative method is needed to prove the compliance levels as they pertain to laws.
B
- Companies should follow certain steps in selecting and implementing a new computer product. Which of the following sequences is ordered correctly?
A. Evaluation, accreditation, certification
B. Evaluation, certification, accreditation
C. Certification, evaluation, accreditation
D. Certification, accreditation, evaluation
B
- Use the following scenario to answer Questions 13–15. Jack has just been hired as the security officer for a large hospital. The organization develops some of its own proprietary applications. The organization does not have as many layers of controls when it comes to the data processed by these applications, since external entities will not understand the internal logic of the applications. One of the first things that Jack wants to carry out is a risk assessment to determine the organization’s current risk profile. He also tells his boss that the hospital should become ISO certified to bolster its customers’ and partners’ confidence.
Which of the following approaches has been implemented in this scenario?
A. Defense-in-depth
B. Security through obscurity
C. Information security management system
D. BS 17799
B
- Use the following scenario to answer Questions 13–15. Jack has just been hired as the security officer for a large hospital. The organization develops some of its own proprietary applications. The organization does not have as many layers of controls when it comes to the data processed by these applications, since external entities will not understand the internal logic of the applications. One of the first things that Jack wants to carry out is a risk assessment to determine the organization’s current risk profile. He also tells his boss that the hospital should become ISO certified to bolster its customers’ and partners’ confidence.
Which ISO/IEC standard would be best for Jack to follow to meet his goals?
A. ISO/IEC 27002
B. ISO/IEC 27004
C. ISO/IEC 27005
D. ISO/IEC 27006
C
- Use the following scenario to answer Questions 13–15. Jack has just been hired as the security officer for a large hospital. The organization develops some of its own proprietary applications. The organization does not have as many layers of controls when it comes to the data processed by these applications, since external entities will not understand the internal logic of the applications. One of the first things that Jack wants to carry out is a risk assessment to determine the organization’s current risk profile. He also tells his boss that the hospital should become ISO certified to bolster its customers’ and partners’ confidence.
Which standard should Jack suggest to his boss for compliance?
A. BS 17799
B. ISO/IEC 27004
C. ISO/IEC 27799
D. BS 7799:2011
C
- An operating system maintains several processes in memory at the same time. The processes can only interact with the CPU during its assigned time slice since there is only one CPU and many processes. Each process is assigned an interrupt value to allow for this type of time slicing to take place. Which of the following best describes the difference between maskable and nonmaskable interrupts?
A. A maskable interrupt is assigned to a critical process, and a nonmaskable interrupt is assigned to a noncritical process.
B. A maskable interrupt is assigned to a process in ring 0, and a nonmaskable interrupt is assigned to a process in ring 3.
C. A maskable interrupt is assigned to a process in ring 3, and a nonmaskable interrupt is assigned to a process in ring 4.
D. A maskable interrupt is assigned to a noncritical process, and a nonmaskable interrupt is assigned to a critical process.
D
- Cable telecommunication networks used to provide a security risk in that neighbors could commonly access each other?s Internet-based traffic because the traffic was not encrypted and protected. Which of the following is an international telecommunications standard that addresses these issues?
A. Safe Harbor Encryption Requirements
B. Data-Over-Cable Service Interface Specifications
C. Privacy Service Requirements
D. Telecommunication Privacy Protection Standard
B
- There are different categories for evidence depending upon what form it is in and possibly how it was collected. Which of the following is considered supporting evidence?
A. Best evidence
B. Corroborative evidence
C. Conclusive evidence
D. Direct evidence
B
- _____________ is the graphical representation of data commonly used on websites. It is a skewed representation of characteristics a person must enter to prove that the subject is a human and not an automated tool, as in a software robot.
A. Anti-spoofing
B. CAPTCHA
C. Spam anti-spoofing
D. CAPCHAT
B
- Mark has been asked to interview individuals to fulfill a new position in his company. The position is a chief privacy officer (CPO). What is the function of this type of position?
A. Ensuring that company financial information is correct and secure
B. Ensuring that customer, company, and employee data are protected
C. Ensuring that security policies are defined and enforced
D. Ensuring that partner information is kept safe
B
- A risk management program must be developed properly and in the right sequence. Which of the following provides the correct sequence for the steps listed?
i. Developed a risk management team
ii. Calculated the value of each asset
iii. Identified the vulnerabilities and threats that can affect the identified assets
iv. Identified company assets to be assessed
A. i, iii, ii, iv
B. ii, i, iv, iii
C. iii, i, iv, ii
D. i, iv, ii, iii
D
- Jack needs to develop a security program for a medical organization. He has been instructed by the security steering committee to follow the ISO/IEC international standards when constructing and implementing this program so that certification can be accomplished. Which of the following best describes the phases Jack should follow?
A. ?Plan? by defining scope and policy. ?Do? by managing identified risks. ?Check? by carrying out monitoring procedures and audits. ?Act? by implementing corrective actions.
B. ?Plan? by defining scope and policy. ?Do? by creating an implementation risk mitigation plan and implementing controls. ?Check? by carrying out monitoring procedures and audits. ?Act? by implementing corrective actions.
C. ?Plan? by identifying controls. ?Do? by creating an implementation risk mitigation plan. ?Check? by carrying out monitoring procedures and audits. ?Act? by implementing corrective actions.
D. ?Plan? by defining scope and policy. ?Do? by creating an implementation risk mitigation plan and implementing controls. ?Check? by carrying out monitoring procedures and audits. ?Act? by implementing risk management.
B
- Which of the following best describes the core reasons the Department of Defense Architecture Framework and the British Ministry of Defense Architecture Framework were developed?
A. Data need to be captured and properly presented so that decision makers understand complex issues quickly, which allows for fast and accurate decisions.
B. Modern warfare is complex and insecure. Data need to be properly secured against enemy efforts to ensure decision makers can have access to it.
C. Critical infrastructures are constantly under attack in warfare situations. These frameworks are used to secure these types of environments.
D. Weapon systems are computerized and must be hardened and secured in a standardized manner.
A
- George is the security manager of a large bank, which provides online banking and other online services to its customers. George has recently found out that some of their customers have complained about changes to their bank accounts that they did not make. George worked with the security team and found out that all changes took place after proper authentication steps were completed. Which of the following describes what most likely took place in this situation?
A. Web servers were compromised through cross-scripting attacks.
B. SSL connections were decrypted through a man-in-the-middle attack.
C. Personal computers were compromised with Trojan horses that installed keyloggers.
D. Web servers were compromised and masquerading attacks were carried out.
C