Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Information Security > Chapter 13 > Flashcards

Chapter 13 Flashcards

1
Q

Your company is preparing to enter into a partner relationship with another organization. It will be necessary for the information systems used by each organization to connect and integrate with each other.

Which of the following is of primary importance as you take steps to enter into this partner relationship?

Ensure that all aspects of the relationship are agreed upon in writing

Ensure that the integration process maintains the security of each organization’s network

Identify how data ownership is to be determined

Ensure that both organizations have similar incident-response procedures

A

Ensure that the integration process maintains the security of each organization’s network

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Your organization entered into an interoperability agreement (IA) with another organization a year ago. As a part of this agreement, a federated trust was established between your domain and the partner domain.

The partnership has been in the ongoing operations phase for almost nine months now. As a security administrator, which tasks should you complete during this phase? (Select two.)

Draft an MOU document

Disable user and groups accounts used by the partner organization to access your organization’s data

Negotiate the BPO agreement

Conduct periodic vulnerability assessments

Verify compliance with the IA documents

A

Conduct periodic vulnerability assessments

Verify compliance with the IA documents

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

When you inform an employee that he or she is being terminated, which of the following is the most important activity?

Give him or her two weeks’ notice

Allow him or her to complete their current work projects

Allow him or her to collect their personal items

Disable his or her network access

A

Disable his or her network access

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Which of the following is defined as a contract that prescribes the technical support or business parameters a provider bestows to its client?

Certificate practice statement
Final audit report
Mutual aid agreement
Service level agreement

A

Service level agreement

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What is a service level agreement (SLA)?

A guarantee of a specific level of service.

An agreement to support another company in the event of a disaster.

A contract with an ISP for a specific level of bandwidth.

A contract with a legal entity to limit your asset-loss liability.

A

A guarantee of a specific level of service.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

In a high-security environment, which of the following is the most important concern when removable media is no longer needed?

Labeling
Reuse
Destruction
Purging

A

Destruction

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

How often should change-control management be implemented?

Only when a production system is altered greatly.

At regular intervals throughout the year.

Only when changes are made that affect senior management.

Any time a production system is altered.

A

Any time a production system is altered.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Which of the following is the primary purpose of change control?

Keep senior management apprised of the organization’s state of security

Increase security

Prevent unmanaged change

Create detailed documentation

A

Prevent unmanaged change

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Change control should be used to oversee and manage changes over which aspect of an organization?

Physical environment
Personnel and policies
Every aspect
IT hardware and software

A

Every aspect

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Your company has developed and implemented countermeasures for the greatest risks to their assets. However, there is still some risk left. What is the remaining risk called?

Loss
Residual risk
Risk
Exposure

A

Residual risk

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

You have conducted a risk analysis to protect a key company asset. You identify the following values:

Asset value = 400

Exposure factor = 75

Annualized rate of occurrence = .25

What is the annualized loss expectancy (ALE)?

25
75
100
175
475

A

75

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What is the average number of times that a specific risk is likely to be realized in a single year?

Annualized rate of occurrence
Estimated maximum downtime
Exposure factor
Annualized loss expectancy

A

Annualized rate of occurrence

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

When analyzing assets, which analysis method assigns financial values to assets?

Quantitative
Qualitative
Acceptance
Transfer

A

Quantitative

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Which of the following best defines single loss expectancy (SLE)?

The total monetary loss associated with a single occurrence of a threat.

The total cost of all countermeasures associated with protecting against a given vulnerability.

The monetary value of a single employee’s loss of productivity due to a successful attack.

The statistical probability of a malicious event.

A

The total monetary loss associated with a single occurrence of a threat.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

A file server with data is consider which of the following asset types?

Intangible
Neither tangible nor intangible
Tangible
Both tangible and intangible

A

Both tangible and intangible

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What is the primary goal of business continuity planning?

Protect an organization from major computer services failure

Minimize the organization’s risk of service delays and interruptions

Minimize decision-making during the development process

Maintain business operations with reduced or restricted infrastructure capabilities or resources

A

Maintain business operations with reduced or restricted infrastructure capabilities or resources

17
Q

A broken water pipe that floods the reception area would be considered which type of threat?

Disaster
Natural
External
Internal

18
Q

When should a hardware device be replaced in order to minimize downtime?

Only after its first failure
Just before its MTBF is reached
Once every year
When its performance drops below 75% efficiency

A

Just before its MTBF is reached

19
Q

Which of the following terms describes the actual time required to successfully recover operations in the event of an incident?

Maximum tolerable downtime (MTD)
Recovery time objective (RTO)
Recovery point objective (RPO)
Mean time to repair (MTTR)

A

Recovery time objective (RTO)

20
Q

You have been receiving a lot of phishing emails sent from the domain kenyan.msn.pl. Links within these emails open new browser windows at youneedit.com.pl.

You want to make sure that these emails never reach your inbox, but you also want to make sure that emails from other senders are not affected.

What should you do?

Add msn.pl to the email blacklist.

Add kenyan.msn.pl to the email blacklist.

Add pl to the email blacklist.

Add youneedit.com.pl to the email blacklist.

A

Add kenyan.msn.pl to the email blacklist.

21
Q

You install a new Linux distribution on a server in your network. The distribution includes a Simple Mail Transfer Protocol (SMTP) daemon that is enabled by default when the system boots. The SMTP daemon does not require authentication to send email messages.

Which type of email attack is this server susceptible to?

Viruses
Open SMTP relay
Phishing
Sniffing

A

Open SMTP relay

22
Q

Which of the following BEST describes an email security gateway?

It provides a form of identity verification.

It requires the use of a public key certificate.

It monitors emails that originate from an organization.

It accepts mail and forwards it to other mail servers.

A

It monitors emails that originate from an organization.

23
Q

Users in your organization receive email messages informing them that suspicious activity has been detected on their bank accounts. They are directed to click a link in the email to verify their online banking username and password. The URL in the link is in the .ru top-level DNS domain.

Which kind of attack has occurred?

Virus
Phishing
Buffer overflow
Open SMTP relay

24
Q

Which of the following BEST describes phishing?

Unwanted and unsolicited email sent to many recipients.

An email server that accepts mail and forwards it to other mail servers.

Malware that often uses email as its distribution mechanism.

A fraudulent email that claims to be from a trusted organization.

A

A fraudulent email that claims to be from a trusted organization.

25
Q

Which of the following mechanisms can you use to add encryption to email? (Select two.)

S/MIME
PGP
HTTPS
Reverse DNS
Secure Shell

A

S/MIME

PGP

26
Q

If an SMTP server is not properly and securely configured, it can be hijacked and used maliciously as an SMTP relay agent. Which activity could result if this happens?

Virus hoax
Salami attack
Spamming
Data diddling

27
Q

Which type of malicious activity can be described as numerous unwanted and unsolicited email messages sent to a wide range of victims?

Hijacking
Trojan horse
Spamming
Brute force

28
Q

An attacker sends an unwanted and unsolicited email message to multiple recipients with an attachment that contains malware.

Which kind of attack has occurred in this scenario?

Repudiation attack
Phishing
Open SMTP relay
Spam

Information Security (9 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2025 Bold Learning Solutions. Terms and Conditions