CISA Review

Question 1

DDOS

Answer 1

Such attacks are contreally initiated and involve the use of multiple compromised computers. The attacks work by fuloding the target site with spurious data, thereby overwhelming the network and other related resources.

Question 2

Cheif information security officer

Answer 2

A senior level corporate official responsible for articulating and enforcingthe policies that companies uses to protect their information assets.

Question 3

CISO is a much broader roll than a chief security officer (CSO ) who is normally only responsible fro pysical security within the organization

Answer 3

TRUE

Question 4

DAC ( descritionary access control ) cannot override MAC ( Mandatory access control ) , DAC is an additional filter, prohibiting still more access wtih the same exclusionary principle

Answer 4

TRUE

Question 5

cyber criminals take advantage of existing gap in the legislation of different countries when planning syber attacks in order to avoid posecution

Answer 5

TRUE

Question 6

Crackers

Answer 6

Person who try to break the security of and gain access to somone else system without being invited to do so

Question 7

DOS, Haking

Answer 7

Target of attack - Specfiic computer, Source of attack Computer is the object of crime. Prepetrator uses another computer to launch attack

Question 8

Fraud, Unauthorized access, Phishing, Installing key loggers

Answer 8

Computer is the tool of crime. Target is data or information stored in the computer

Question 9

Social engineering methods

Answer 9

Computer symbolizes the crime.Target is the user of the computers.

Question 10

Social Engineering methods

Answer 10

Phishing, Fake websites, scam mails, Spam mails and Fake resumes for employement

Question 11

Alteration attack

Answer 11

Occurs when unothorzied modification affect the integrity of the data or code. Cryptographic hash is a primary defense against alteration attacks

Question 12

Botnets

Answer 12

Comprise a collection of compromised computers ( called zombie computers) running software, usually installed vaia worms, Torjan horses or back doors.

Question 13

DOS Attack

Answer 13

Examples: Smurt attack, Ping flood, SYS Flood, Teadrop attack, peer to peer attack, Permanant Denial of service attack, Application level flood attack, Nuke, DDOS, Reflected attack,

Question 14

Smurf attack

Answer 14

Occurs when misconfigured network devices allow packets to be sent toall hosts on a particular network viea the broadcast address of the network

Question 15

Ping flood

Answer 15

Occurs when the target system is overwhelmed with ping packets

Question 16

SYS Flood

Answer 16

send a flood of TCP/SYN packts with forged sender address, causing half open connections and saturates available connections cpacity of the target machine

Question 17

Teadrop attack

Answer 17

Involves sending mangled IP fragments with overlapping, oversized payloads to the target machine

Question 18

Banana attack

Answer 18

Redirects outgoaing messages from the client back onto the client, preventing outside access, as well as flooding the client with the sent packets

Question 19

Reflected attack

Answer 19

Involves sending forged requests to a large number of computers that will reply to the request. Thesource IP address is spoofed to that of the targeted victime, causing the replies to flood

Question 20

Email spoofing

Answer 20

A user receives an email message that appears tohae originated from one source but actually was sent from another source.

Question 21

Flooding

Answer 21

A denial of service attack gthat brings down network or service by folloding it with large amount of traffic

Question 22

Trap doors

Answer 22

Commonly called back doors. Bit of code embedded in program by programmers to quickly gain access during the testing or debugging phase.

Question 23

Masquerading

Answer 23

An active attack in which the intruder present an identity other than the original identity. Impersonation both by people and machines fall under this category. Masquerading by machine ( also called as IP spoofing ) - A forged IP address is presented

Question 24

Packet replay

Answer 24

A combination of passive and active mode of attack. This form of attack is effective particularly where the receiving end of the communicationchannel is automated and will act on receipt and interpretation of the information packets without human intervention

Question 25

Phishing

Answer 25

The criminally fraudulent process of attempting to acquire sensitive information, such as usernames, passwords and credit card details by masquerading as a trustworthy entity in an electronic communication

Question 26

Spear Phishing

Answer 26

A pinpoint attack against a subset of people to undermine a company or organization

Question 27

Pharming

Answer 27

An attack that aminsn to redirect the traffic of a web site to a bogus web site. It can be conducted either by changing the hoset file on a victims computer or by exploiting a vulnerability in DNS server software.

Question 28

Social engineering

Answer 28

The human side of breaking into computer system

Question 29

Piggybacking

Answer 29

act of following authorized person through a secured door or electronically attaching to authorized telecommunication link.

Question 30

Piggybacking is considered a physical access exposure

Answer 30

TRUE

Question 31

Race conditions

Answer 31

Also knows as Time of Check (TOC). Time of Use (TOU) attack. Exploit a small windo of time between the time that security control is applied and time that the service is used.

Question 32

carfule programming and good administration practices help to reduce race conditions

Answer 32

TRUE

Question 33

Resource Enumeration and Browsing

Answer 33

When the attacker lists the various resources on targeted hosts and networks. Browsing a form of rresource enumeration attack and is preformed by a manual search.

Question 34

The difference between the rounding down technique and salami technicuq is that in rounding down, the program rounds off by the smallest money fraction, whereas salami technique truncate last few digits

Answer 34

TRUE

Question 35

War chalking

Answer 35

The practice of marking a series of symbols on sidewalks and wall to indicate nearby wireless access points

Question 36

War walking

Answer 36

Similar to war driving, but a vehicle is not used. The potential hackers walk around the vicinity with handheld device or PDA

Question 37

War driving

Answer 37

The practice of driving around businesses or residential neighborhoods while scanning with a notebook computer, hacking toold software and sometimes with a global positioning system to serarch for wireless netowrk names

Question 38

Another risk of peer to peer computing is that users may expose there IP addresses, which can lead to IP spoofing

Answer 38

TRUE

Question 39

THe postincident review phase shoudl determine which vulnerabilities were not addressed and why and input provieded for improvment to the policies and procedures implemented to address vulnerabilities

Answer 39

TRUE

Question 40

wire tapping

Answer 40

involves eavesdroppingon information being transmitted over telecommunication lines

Question 41

Authentication is typically categorized as “something you know” PASSWORD. Somthing you have “TOKEN CARD” and something you are “BIOMETRIC FEATURES”

Answer 41

TRUE

Question 42

Initial password may be allocated by security administrator or generated by the system itself

Answer 42

TRUE

Question 43

Firecall ID

Answer 43

Practices such as keeping the administrator passoword in a sealed envelope, kept in a locked cobinate and available only to top managers, should be implemented

Question 44

The main disadvantage comparerd to other biometris methods is the lackof uniqueness of hand geometry data

Answer 44

TRUE

Question 45

Advantage of Iris identification

Answer 45

the contact with the device is not needed

Question 46

Disadvantage of Iris identification

Answer 46

high cost of system, as compared to other biometric technologies and the high amount of storage requirements needed to uniquely identify a user

Question 47

Retina scan is extremely reliable and it has the lowest fales-acceptance rate among the current biometric methods

Answer 47

TRUE

Question 48

Disadvantage of retina scanning

Answer 48

includes the need for fairly close physical conact with scanning device, which impairs user acceptance, and the high cost

Question 49

The main disadvantage of face recongintion is the lack of uniqueness, which means that people who look like may fool the device

Answer 49

TRUE

Question 50

The main disadvantage is capturing the uniqueness of a signature particularly when a user does not sighn his / her name in a consistent manner

Answer 50

TRUE

Question 51

Disadvantage of VPN

Answer 51

lack of central authority and can be difficult to troubleshoot

Question 52

A good practice will terminate all VPN to the same end point in a so called VPN concentrator, and will not accept VPNs directed at other parts of the network

Answer 52

TRUE

Question 53

The drawback of an IPS is that it may inadvertently block legitimate traffic

Answer 53

TRUE

Question 54

Which of the following attacks targets the Secure Socket Layer SSL

Answer 54

Man in the middle

Question 55

which of the following virus prevention techniques can be implemented through hardware

Answer 55

remote booting

Question 56

Example of deterrance

Answer 56

installation of firewalls for information systems

Question 57

while reviewing the business continuity plan of an organization, an IS auditor observed taht the organization data and software files are backed up on a periodic basis which characteristic of an effective plan does this demonstrate

Answer 57

mitigation

Question 58

MAO is the maximum amount of system downtime that is tolerable. It is used as synanym for RTO. However RTO denotes an objectiv/target, while MAO constitutes a vital necessity for an organisations survival

Answer 58

TRUE

Question 59

A redundancy check

Answer 59

detect transmission errors by appending calculated bit on to the end of each segment of data

Question 60

A resonableness check

Answer 60

compares data to predefined reasonability limit or occurrence rates established for the data

Question 61

A parity check

Answer 61

is a hardware control that detects data errors when data are read from one computer to another, from memory or during transmission

Question 62

check digit

Answer 62

detects transpostion or transcription errors

Question 63

WEP has been shown to be a very weak encryption technique and can be cracked within a minute

Answer 63

TRUE

Question 64

which of the following encryption techniques will best protect a wireless network froma man in the middle attack

Answer 64

Randomly generated pre shared key PSK

Question 65

system logs are automated reports which identify most of the activities performed on the computer

Answer 65

TRUE

Question 66

operation problem reports are used by operator to log computer operation problems

Answer 66

TRUE

Question 67

order or DRP

Answer 67

1 BIA 2 develop recovery strategies 3 Develop specific plan 4 tested and implemented

Question 68

Applying a cryptographic hashing algorithm the entire message addresses the message integrity issue. Enciphering the message digest using the senders private key address non repidiation. Encrypting the message with a symmetric key, thereafter allowing the key to be enciphered using the receivers public key most efficiently address the confidentiality of the message as well as the receiver’s non repudiation

Answer 68

TRUE