All domains

Question 1

Kerckhoff’s principle

Answer 1

Crypto system must be secure even if crypto algorithm is public

Question 2

Which crypto principles does IPSEC provide?

Answer 2

Confidentiality
Integrity

Question 3

In what state does a processor’s scheduler place a process when it is prepared to execute but the CPU is not currently available?

Answer 3

Ready state

Question 4

Processor Running State

Answer 4

Process is executing on the CPU

Question 5

Process: Waiting State

Answer 5

Process is blocked waiting for an external event

Question 6

Process: Ready State

Answer 6

Process is prepared to execute but the CPU is not available

Question 7

Process: Stopped state

Answer 7

Used when a process terminates

Question 8

Maintenance hook

Answer 8

Backdoor created by developers

Question 9

Substitution cipher examples

Answer 9

AES, 3DES

Question 10

Transposition cipher

Answer 10

One for one replacement of letters. Defeated by frequency analysis.

Question 11

Data custodian

Answer 11

Implements security controls defined by policy and mgmt. Authority delegated from data owner.

Question 12

Data custodian responsibilities

Answer 12

Validating data integrity
Testing backups
Implementing controls defined by policy

Question 13

Data Purging

Answer 13

Removing data so it cannot be reconstructed. Ex. DBAN

Question 14

Device sanitization

Answer 14

All of the processes used to remove data.
“Defensible Destruction”

Question 15

4 Goals of Crypto

Answer 15

CAIN
Confidentiality
Authentication
Integrity
Non-repudiation

Question 16

C
A
I
N

Answer 16

Confidentiality
Authentication
Integrity
Non-repudiation

Question 17

Which backup type does not clear the archive bit?

Answer 17

Differential

Question 18

Incremental backup

Answer 18

Backs up all data since previous backup

Question 19

Differential backup

Answer 19

Backs up all data that changed since last full backup

Question 20

Which backup type uses fewer tapes to restore?

Answer 20

Differential

Question 21

Which backup type uses more tapes to restore?

Answer 21

Incremental

Question 22

Which backup type is faster to restore?

Answer 22

Differential

Question 23

Opposite of CIA

Answer 23

DAD
Disclosure
Alteration
Destruction

Question 24

Which law protects trade secrets?

Answer 24

Economic Espionage Act

Question 25

Covert timing attack

Answer 25

Modulating some aspect of system behavior over time.
Inference attack

Question 26

Confinement aka…

Answer 26

Sandbox

Question 27

Data steward

Answer 27

Ensures governance/compliance.
Manages data from business perspective.

Question 28

Audits provide…

Answer 28

Assurance

Question 29

Due Diligence

Answer 29

Assurance we’re doing the right thing.
Evidence that due care is working.

Question 30

Due care

Answer 30

Doing the right thing.

Question 31

Intangible asset valuation aka…

Answer 31

Intellectual property

Question 32

Copyright length for software

Answer 32

95 years

Question 33

Copyright length for creative expressions

Answer 33

70 years

Question 34

Wassenaar Agreement

Answer 34

Covers weapons or dual use technologies (high encryption, VPN, etc.)

Question 35

OECD

Answer 35

Oversees financial cooperation between nations

Question 36

ISC Code of ethics (4)

Answer 36

1. Protect society
   2 Act legally
2. Provide competent service
3. Advance the profession

Question 37

SPML purpose

Answer 37

Provides service, user, and resource provisioning between organizations

Question 38

Which is an OASIS standard markup language?

Answer 38

SPML

Question 39

SAML purpose

Answer 39

Exchange authentication and authorization data

Question 40

XACML purpose

Answer 40

Describe access controls

Question 41

What do digital signatures provide TLS?

Answer 41

Authentication

Question 42

Acceptable humidity levels

Answer 42

40%-60%

Question 43

What type of packet does ping flood use?

Answer 43

ICMP echo request

Question 44

RESTful, JSON-based authentication protocol

Answer 44

OpenID

Question 45

Which two protocols are paired to provide identity verification and basic profile information?

Answer 45

OpenID
OAuth

Question 46

Most effective defense against XSS attacks?

Answer 46

Input validation

Question 47

What does an incipient fire detection system use to identify fires?

Answer 47

Air ionization

Question 48

In what stage of the ISC2 incident response process does remediation occur?

Answer 48

Remediation

Question 49

Take-grant security model

Answer 49

Used to assign-revoke rights.

Confidentiality

Question 50

In what phase of the IR process are processes analyzed for potential improvements?

Answer 50

Lessons learned

Question 51

Misuse case testing

Answer 51

Testing how a system can be misused

Question 52

Can serial data over TCP/IP be encrypted?

Answer 52

Yes

Question 53

Fagan

Answer 53

Highly structured code inspections

Question 54

Pair programming

Answer 54

Two developers. One writes code while both discuss the coding process.

Question 55

Which has higher availability? Cloud or Hybrid cloud?

Answer 55

Hybrid Cloud

Question 56

SMURF attack traffic type

Answer 56

ICMP echo replies

Question 57

What can be used to prevent DOS attacks?

Answer 57

Filtering

Question 58

What do PPTP and L2F have in common?

Answer 58

They are IP protocols

Question 59

Protocol for non-IP based VPN’s

Answer 59

L2TP

Question 60

Civilian classification levels (3)

Answer 60

Confidential/Proprietary
Private
Sensitive

Question 61

What testing methods are used in static analysis?

Answer 61

Walkthroughs
Sanity checks
Syntax checks
Logical code reviews

Question 62

vlan hopping attack

Answer 62

Jumping vlans via the trunk by double tagging 802.1q frames

Question 63

IR Phases (7)

Answer 63

Detection
Response
Mitigation
Reporting
Recovery
Remediation
Lessons Learned

Question 64

What are code words for?

Answer 64

Shorten, hide, or clarify a message.

Question 65

Characteristic of circuit switched networks

Answer 65

Dedicated between two endpoints

Question 66

Cell switched network example

Answer 66

ATM

Question 67

TGS: Ticket Granting Service

Answer 67

Receives TGT. Validates TGT and user rights. Then issues a ticket and session keys.

Question 68

Difference between sampling and clipping in log review.

Answer 68

Sampling uses statistical techniques.
Clipping uses thresholds

Question 69

Cognitive passwords

Answer 69

Passwords that are answers to a series of questions

Question 70

Multistate systems

Answer 70

Handle data from different security classifications

Question 71

Incremental backup backs up…

Answer 71

Files changed since last backup

Question 72

Identity as a service

Answer 72

Third party identity service

Question 73

OpenID vs. OAuth

Answer 73

OpenID: Authentication
OAuth: Authorization

Question 74

Netflow records

Answer 74

Contain every network communication session

Question 75

What does IDS record?

Answer 75

Detections

Question 76

What two logical network topologies can be physically implemented as a star topology?

Answer 76

Bus
Ring

Question 77

Preaction steps

Answer 77

Fill with water when fire is detected
Dispense water when heat sensors trigger

Question 78

What does ESP encrypt?

Answer 78

IP packet data, but not the header

Question 79

Exposure factor is…

Answer 79

Percentage of asset loss

Question 80

Exposure factor calculation

Answer 80

SLE x Asset Value=Exposure Factor

Question 81

ARO less than one

Answer 81

Percentage less than 1. 1 represents 100%.

Question 82

ALE calculation

Answer 82

SLE * ARO = ALE

Question 83

First step in the User provisioning process…

Answer 83

Enrollment (registration)

Question 84

Which security framework is an “appraisal”

Answer 84

CMMI

Question 85

Clark-Wilson goal

Answer 85

Prevent fraud

Question 86

Security model that uses transformation procedures and integrity verification procedures

Answer 86

Clark-Wilson

Question 87

Security model that uses access-control triple

Answer 87

Clark-Wilson

Question 88

Brewer-Nash Confidentiality model purpose

Answer 88

Conflicts of Interest
Separation of Duties

Question 89

Lipner model

Answer 89

Bell & Biba combined

Question 90

Bell LaPadula

Answer 90

Write Up, Read Down
Confidentiality

Question 91

Protection Profile

Answer 91

Common Criteria Term

Question 92

Evaluation Assurance Level

Answer 92

Common Criteria Term

Question 93

Target of Evaluation

Answer 93

Common Criteria Term

Question 94

Security Target

Answer 94

Common Criteria Term

Question 95

Security kernel protects…

Answer 95

The TCB

Question 96

Stream cipher

Answer 96

Encrypts data-in-transit

Question 97

Block ciphers encrypt…

Answer 97

Data in transit and data at rest

Question 98

What type of encryption upholds all 4 goals of crypto?

Answer 98

Assymetric

Question 99

IAAA Order

Answer 99

Identify
Authenticate
Authorize

Auditing (always happens)

Question 100

AAA
EAP
PKI
Enterprise

Are all characteristics of…

Answer 100

802.1x

Question 101

How many ISAKMP SA’s are created per protocol per connection?

Answer 101

2 (Initiator and responder)

Total 4 for ESP and AH

Question 102

Product certification requirements

Answer 102

Tested by certification authority
Proven to fit security requirements of product owner

Question 103

Product accredited

Answer 103

Data owner has chosen to implement system, even if there are vulnerabilities and risks.

Question 104

Obfuscation type that makes code obscure to computer

Answer 104

Prevention obfuscation

Question 105

Junk Bytes
Converting branches to jsr instructions
Combining try blocks with catch blocks

Answer 105

Prevention obfuscation techniques

Question 106

Lexical obfuscation

Answer 106

Renaming classes, fields, and methods with new identifiers that lack intuitive meaning

Question 107

Control flow obfuscation

Answer 107

Making the application harder to understand/decompile

Question 108

Separating related structures and operations
Grouping unrelated structures and operations
Inserting unused or irrelevant code
Parallel code

Answer 108

Control flow obfuscation techniques

Question 109

Variable modification
Array splitting
Bit shifting

Answer 109

Data obfuscation techniques

Question 110

What type of BC/DR plan includes checklists?

Answer 110

DRP`

Question 111

MTD

Answer 111

Maximum tolerable downtime

Question 112

Circuit-level proxy firewall OSI Layer

Answer 112

Layer 5

Question 113

Packet filter firewall OSI Layer

Answer 113

Layer 3 and Layer 4

Question 114

ALE Caluclation

Answer 114

SLE x ARO

Question 115

Who receives BCP training?

Answer 115

Everyone

Question 116

Best method to sanitize SSD’s

Answer 116

Destruction

Question 117

What is a concern with degausing?

Answer 117

Data remanence

Question 118

zzuf

Answer 118

Fuzzer

Question 119

Nikto

Answer 119

Web server scanner

Question 120

Identification

Answer 120

Claiming an identity

Question 121

802.1g Ad-hoc mode

Answer 121

P2P. Directly connects two clients (not through a AP)

Question 122

Wireless stand-alone mode

Answer 122

Wireless network not connected to wired network.

Question 123

Wireless Infrastructure mode

Answer 123

Connect endpoints to a central network. (Normal home wireless setup)

Question 124

Wired extension mode

Answer 124

Connects wired networks via WAPs

Question 125

PAT

Answer 125

NAT with Port numbers

Question 126

Best protection for buffer overflow

Answer 126

Input validation

Question 127

Microsoft SDL Design Phase

Answer 127

Decide how to implement security requirements.
Begin to identify threats.
Attack surface analysis and reduction
Threat modeling

Question 128

CHAP periodically…

Answer 128

reauthenticates users

Question 129

Encryption modes that don’t propagate errors

Answer 129

CTR, OFB

Question 130

Weakest encryption mode

Answer 130

ECB

Question 131

Best Encryption modes

Answer 131

1. CTR
2. OFB

Question 132

When should risk transfer occur?

Answer 132

When the cost of insurance is less than the cost of the insured item.

Question 133

Which is slower and cheaper? SRAM or DRAM?

Answer 133

DRAM

Question 134

RAM type that stores more information

Answer 134

DRAM

Question 135

What does SRAM use to store information?

Answer 135

Flip-flops

Question 136

Minutiae refers to…

Answer 136

fingerprints

Question 137

A digital signature encrypts…

Answer 137

the hash of a message

Question 138

Which key is used to sign a message?

Answer 138

Senders private key

Question 139

Which key is used to decrypt email?

Answer 139

Recipients private key

Question 140

Corrective access control

Answer 140

Repair damage after a malicious event

Question 141

CVSS Scoring order

Answer 141

Base
Temporal
Environmental

Question 142

Who issues CVE numbers?

Answer 142

MITRE

Question 143

Determining the cost-effectiveness of mitigating the potential harm or loss to a company

Answer 143

Risk Management

Question 144

RTO

Answer 144

Amount of time to restore without unacceptable impact

Question 145

Type 1 error

Answer 145

Valid subject is not authenticated

Question 146

Type 2 error

Answer 146

Invalid subject is incorrectly authenticated

Question 147

FISMA applies to…

Answer 147

Government contractors

Question 148

Generational fuzzing aka…

Answer 148

Intelligent fuzzing

Question 149

Generational fuzzing relies on…

Answer 149

Data models

Question 150

What must the client perform before it can use the TGT?

Answer 150

Install the TGT
Decrypt the symmetric key using a hash of the users password

Question 151

Database key that corresponds to a key in another table…

Answer 151

Foreign key

Question 152

TCP PSH flag

Answer 152

Used to clear the buffer

Question 153

Keyspace bit calculation

Answer 153

2 to the power of the number of bits

Question 154

AAA protocol that provides authentication to remote devices

Answer 154

RADIUS

Question 155

Access control model with “meaningful” permissions

Answer 155

RBAC

Question 156

What are the two types of physical intrusion detection systems?

Answer 156

Electromechanical
Volumetric

Question 157

Volumetric systems detect…

Answer 157

change to space of an environment

Question 158

Security marking uses…

Answer 158

Human readable security attributes

Question 159

What refers to security attributes for internal data structures?

Answer 159

Security labeling

Question 160

Primary objective of physical security

Answer 160

Protecting peoples safety

Question 161

Which side generates a high number port for a network connection? (Client or Server)

Answer 161

Client

Question 162

MD5 and SHA-1 hash values

Answer 162

MD5: 128
SHA-1 160

Question 163

Negative testing

Answer 163

Sending invalid information to an application

Question 164

Positive testing

Answer 164

Tests if an app is working the way it should

Question 165

CRUD testing

Answer 165

Test that database objects are creted correctly

Question 166

Layer 5 protocols (2)

Answer 166

RPC
PAP

Question 167

Exigent circumstances

Answer 167

Seize evidence without a warrant to protect it

Question 168

Remote journaling

Answer 168

Remote database log

Question 169

Capacitance

Answer 169

Monitors electromagnetic field

Question 170

Abstraction

Answer 170

Hide implantation details for an object from the users of that object

Question 171

Dirty Read

Answer 171

Reading a transaction that did not commit