Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

ITN260 > Chapter 13 > Flashcards

Chapter 13 Flashcards

1
Q

The second step in a vulnerability assessment is to determine the assets that need to be protected.

(T/F)

A

False

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Which item below is the standard security checklist against which systems are evaluated for a security posture?

a) control
b) baseline
c) profile
d) threat

A

b) baseline

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What security goal do the following common controls address: hashing, digital signatures, certificates, nonrepudiation tools?

a) safey
b) availability
c) confidentiality
d) integrity

A

d) integrity

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is the name of the process that basically takes a snapshot of the current security of an organization?

a) risk assessment
b) threat analysis
c) threat assessment
d) vulnerability appraisal

A

d) vulnerability appraisal

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

If a user uses the operating system’s “delete” command to erase data, what type of data removal procedure was used?

a) degaussing
b) purging
c) data sanitation
d) wiping

A

b) purging

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Which of the following is used to replicate attacks during a vulnerability assessment by providing a structure of exploits and monitoring tools?

a) replication image
b) penetration framework
c) assessment image
d) exploitation framework

A

d) exploitation framework

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

List at least four things that a vulnerability scanner can do.

A

four things:

1) alernt when new systems are added to the network
2) detect when an application is compromised or subverted
3) detect when an internal system begins to port scan other systems
4) maintain log of all interactive network sessions

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

A risk management assessment is a systematic and methodical evaluation of the security posture of the enterprise.

(T/F)

A

False

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

An administrator needs to view packets and decode and analyze their contents. What type of application should the adminstrator use?

a) protocol analyzer
b) threat profiler
c) application analyzer
d) system analyzer

A

a) protocol analyzer

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

A port in what state below implies that an applicatio or service assigned to that port is listening for any instructions?

a) open port
b) close port
c) interruptible system
d) empty port

A

a) open port

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

At what point in a vulnerability assessment would an attack tree be utilized?

a. Vulnerability appraisal
b. Risk assessment
c. Risk mitigation
d. Threat evaluation

A

d. Threat evaluation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Which of the following is NOT true about privacy?

a. Today, individuals can achieve any level of privacy that is desired.
b. Privacy is difficult due to the volume of data silently accumulated by technology.
c. Privacy is freedom from attention, observation, or interference based on your decision.
d. Privacy is the right to be left alone to the degree that you choose.

A

a. Today, individuals can achieve any level of privacy that is desired.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Which of the following is NOT a risk associated with the use of private data?

a. Individual inconveniences and identity theft
b. Associations with groups
c. Statistical inferences
d. Devices being infected with malware

A

d. Devices being infected with malware

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Which of the following is NOT an issue raised regarding how private data is gathered and used?

a. The data is gathered and kept in secret.
b. By law, all encrypted data must contain a “backdoor” entry point.
c. Informed consent is usually missing or is misunderstood.
d. The accuracy of the data cannot be verified.

A

b. By law, all encrypted data must contain a “backdoor” entry point.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Which of the following is a systematic and methodical evaluation of the exposure of assets to attackers, forces of nature, and any other entity that could cause potential harm?

a. Vulnerability assessment
b. Penetration test
c. Vulnerability scan
d. Risk appraisal

A

a. Vulnerability assessment

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Which of these should NOT be classified as an asset?

a. Business partners
b. Buildings
c. Employee databases
d. Accounts payable

A

d. Accounts payable

17
Q

Which of the following command-line tools tests a connection between two network devices?

a. Netstat
b. Ping
c. Nslookup
d. Ifconfig

A

b. Ping

18
Q

Which statement regarding vulnerability appraisal is NOT true?

a. Vulnerability appraisal is always the easiest and quickest step.
b. Every asset must be viewed in light of each threat.
c. Each threat could reveal multiple vulnerabilities.
d. Each vulnerability should be cataloged.

A

a. Vulnerability appraisal is always the easiest and quickest step.

19
Q

Which of the following constructs scenarios of the types of threats that assets can face to learn who the attackers are, why they attack, and what types of attacks may occur?

a. Vulnerability prototyping
b. Risk assessment
c. Attack assessment
d. Threat modeling

A

d. Threat modeling

20
Q

Which of the following tools is a Linux command-line protocol analyzer?

a. Wireshark
b. Tcpdump
c. IP
d. Arp

A

b. Tcpdump

21
Q

Which of the following is a command-line alternative to Nmap?

a. Netcat
b. Statnet
c. Mapper
d. Netstat

A

a. Netcat

22
Q

Which of these is NOT a state of a port that can be returned by a port scanner?

a. Open
b. Busy
c. Blocked
d. Closed

A

b. Busy

23
Q

Which of the following data sensitivity labels is the highest level of data sensitivity?

a. Ultra
b. Confidential
c. Private
d. Secret

A

b. Confidential

24
Q

Which of the following data sensitivity labels has the lowest level of data sensitivity?

a. Unrestricted
b. Public
c. Free
d. Open

A

b. Public

25
Q

Which of the following is NOT a function of a vulnerability scanner?

a. Detects which ports are served and which ports are browsed for each individual system
b. Alerts users when a new patch cannot be found
c. Maintains a log of all interactive network sessions
d. Detects when an application is compromised

A

b. Alerts users when a new patch cannot be found

26
Q

Which of the following must be kept secure as mandated by HIPAA?

a. PII
b. PHI
c. PHIL
d. PLILP

A

b. PHI

27
Q

Which statement regarding a honeypot is NOT true?

a. It is typically located in an area with limited security.
b. It is intentionally configured with security vulnerabilities.
c. It cannot be part of a honeynet.
d. It can direct an attacker’s attention away from legitimate servers.

A

c. It cannot be part of a honeynet.

28
Q

Which of the following sends “probes” to network devices and examines the responses to evaluate whether a specific device needs remediation?

a. Active scanner
b. Probe scanner
c. Passive scanner
d. Remote scanner

A

a. Active scanner

29
Q

If a tester is given the IP addresses, network diagrams, and source code of customer applications, the tester is using which technique?

a. Black box
b. White box
c. Gray box
d. Blue box

A

b. White box

30
Q

If a software application aborts and leaves the program open, which control structure is it using?

a. Fail-safe
b. Fail-secure
c. Fail-open
d. Fail-right

A

c. Fail-open

31
Q

NIDS is an advanced version of NIPS.

(T/F)

A

False

32
Q

The security administrator for a large organization receives numerous alerts from a network-biased intrusion detection system (NIDS) of a possible worm infection spreading through the network via network shares. Before taking any drastic action to solve this problem such as blocking file sharing, what should first be done?

a) call an emergency change management meeting to ensure the solution will not have unforeseen negative affects
b) block file sharing immediately because this is an emergency that could lead to a widespread data compromise
c) research best practices with respet to stopping the worm and implement the solution without delay
d) perform a pilot study of the solution and monitor for adverse affects
e) look for a less radical solution

A

a) call an emergency change management meeting to ensure the solution will not have unforeseen negative affects

33
Q

For what purpose should the network traffic log be analyzed?

a) to facilitate security management
b) to capture network packets
c) to check for suspicious traffic
d) to check processor performance
e) to store the dump file offsite

A

c) to check for suspicious traffic

ITN260 (17 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions