Deck 1 Flashcards

1
Q

What are two types of risk analysis?

A

Quantitative, qualitative

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

An attacker has placed a URL on a website that, if clicked, will cause malicious JavaScript to execute in victims’ browsers. This attack is known as a ___________ attack.

A

cross-site scripting

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What are the four basic control requirements identified in the Orange Book?

A

Discretionary access control, mandatory access control, object reuse, labels

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is the purpose of a Business Impact Assessment (BIA)?

A

To describe the impact that an event or disaster will have on business operations

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

The most extensive type of disaster recovery plan test is ______________.

A

an interruption test

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Most security policies are categorized as what type?

A

Advisory

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

An IPsec SA consists of what three parameters to uniquely identify it in an IPsec session?

A

Destination IP address, Security Protocol ID (SPID), Security Parameter Index (SPI)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Which U.S. government data classification level describes information that, if compromised, could cause grave damage to national security?

A

Top Secret

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

____________ monitoring records every key press and mouse movement on a system.

A

Keystroke

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

In a civil case, the court may issue an order, known as a _________________ , allowing a law-enforcement official to seize specific evidence.

A

writ of possession

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

192.167.4.1 is an example of what class of IP address?

A

C

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Name three VPN protocol standards.

A

IPsec, PPTP, SSL/TLS

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

A third-party inspection of a system is known as ________________ .

A

an audit

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Name three types of intrusion detection systems used for physical security.

A

Photoelectric sensors, dry contact switches, motion detectors

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What are the three elements of the C-I-A triad?

A

Confidentiality, integrity, availability

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

A ___________ conveys information by altering a system resource’s performance or timing.

A

covert timing channel

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Who is the individual responsible for assigning information classification levels to assigned information assets?

A

Information owner

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

A baseline is what type of governance?

A

Standard

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

What is a primary technical concern with long-term audit log retention?

A

Whether any tape or disk drives will be available to read the media

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

Name five types of attacks against voice communication systems.

A

Identity fraud, toll fraud, eavesdropping, denial-of-service (DoS), Spam over Internet Telephony (SPIT)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

Name three asymmetric key systems based on discrete logarithms.

A

Diffie-Hellman, Elliptic Curve, ElGamal

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

Violation reports and audit trails are examples of what type of control?

A

Detective technical

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

The two types of host or network intrusion detection are ______________ and ________________ .

A

signature-based systems, anomaly-based systems

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

Name the three elements of the fire triangle necessary for a fire to burn.

A

Fuel, oxygen, heat

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

Name three factors that are used to determine data classification.

A

Value, regulations, policy

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

Name three types of general-purpose controls.

A

Detective, preventive, corrective

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q

What are the four main functions of the operating system?

A

Process management, I/O device management, memory management, file management

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
28
Q

A SYN flood is an example of what type of attack?

A

Denial-of-service (DoS)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
29
Q

Name four Wi-Fi access point infrastructure modes of operation.

A

Root, repeater, bridge, mesh

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
30
Q

What type of water sprinkler system initially has no water present in the pipes and, at activation, delivers a large volume of water?

A

Deluge

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
31
Q

To be admissible in a court of law, evidence must be ________________________.

A

relevant

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
32
Q

The minimum number of SAs required for a two-way IPSec session between two communicating hosts using both AH and ESP is ____________.

A

four

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
33
Q

An alternative information-processing facility where all systems, patches, and data are mirrored from live production systems is known as a _______________.

A

hot site

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
34
Q

A ________________ model ensures that the actions of different objects and subjects aren’t seen by (and don’t interfere with) other objects and subjects on the same system.

A

noninterference

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
35
Q

Name five protocols that can be used to secure email communication.

A

SMTP over TLS, S/MIME, MOSS, PEM, PGP

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
36
Q

The Ethernet protocol is defined at what layer of the OSI model and in which IEEE standard?

A

Data Link, 802.3

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
37
Q

A prolonged drop in voltage describes what electrical anomaly?

A

Brownout

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
38
Q

True or false: Failure to implement a safeguard may result in legal liability if the cost of implementing the safeguard is less than the cost of the associated loss.

A

True

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
39
Q

What term describes the legal evidence-gathering technique of luring an individual toward certain evidence after that individual has already committed a crime?

A

Enticement

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
40
Q

Authentication can be based on any combination of what three factors?

A

Something you know, something you have, something you are

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
41
Q

The process of wrapping protocol information from one layer in the data section of another layer describes .

A

encapsulation

42
Q

An address used as the origin for calculating other addresses describes ________________.

A

base addressing

43
Q

The total combination of protection mechanisms within a computer system (including hardware, firmware, and software) that’s responsible for enforcing a security policy defines a ______________.

A

Trusted Computing Base

44
Q

Name four types of intellectual property.

A

Patents, trademarks, copyrights, trade secrets

45
Q

Antimalware software that watches for anomalous behavior uses what technique?

A

Heuristics

46
Q

What is the formula for calculating Annualized Loss Expectancy (ALE)?

A

SLE x ARO = ALE, where SLE is the Single Loss Expectancy and ARO is the Annualized Rate of Occurrence

47
Q

The practice of regularly transferring personnel to different positions or departments within an organization is known as ___________.

A

job rotation

48
Q

Which U.S. government data classification level describes information that, if compromised, could cause serious damage to national security?

A

Secret

49
Q

Name three types of possible damages in a civil case.

A

Compensatory, punitive, statutory

50
Q

A data network that operates across a large geographic area defines what type of network?

A

WAN

51
Q

The Advanced Encryption Standard (AES) is based on what symmetric key algorithm?

A

Rijndael

52
Q

What is the longest period of time that a business can survive without a critical function?

A

Maximum tolerable downtime

53
Q

The process of reviewing and approving proposed changes to systems is known as ________________.

A

change management

54
Q

Viruses, rootkits, and Trojan horses are broadly defined as ______________.

A

malware

55
Q

Which ITSEC classification level is equivalent to TCSEC level B3?

A

E5

56
Q

The LLC and MAC are sublayers of which OSI model layer?

A

Data Link

57
Q

The ____________ protocol is used to facilitate user authentication across systems and among organizations through the exchange of authentication and authorization information among organizations.

A

Security Assertion Markup Language (SAML)

58
Q

Name two protocols that can be used to implement one-time passwords.

A

S/Key and Diameter

59
Q

The Clark-Wilson integrity model is based on the concept of a ___________, in which a transaction is sufficiently ordered and controlled that it maintains internal and external consistency.

A

well-formed transaction

60
Q

Portable CO2 fire extinguishers are classified as what type of extinguishing system?

A

Gas-discharge

61
Q

Name the four CPU operating states.

A

Operating (or run), problem (or application), supervisory, wait

62
Q

What type of cabling should be used below raised floors and above drop ceilings?

A

Plenum

63
Q

Sensitivity labels are a fundamental component of which type of access control system?

A

Mandatory

64
Q

When should management be notified of a computer crime?

A

As soon as the crime is detected

65
Q

A developer, suspecting that he may be fired soon, modifies an important program that will corrupt payroll files long after he is gone. The developer has created a _________________.

A

logic bomb

66
Q

Which Internet specification provides secure e-commerce by using symmetric key systems, asymmetric key systems, and dual signatures?

A

Secure Electronic Transaction (SET)

67
Q

A ______________ conveys information by altering stored system data.

A

covert storage channel

68
Q

Name four examples of packet-switched WAN protocols.

A

IP, X.25, Frame Relay, SMDS

69
Q

Electrical fires are classified as what type of fire and use what extinguishing methods?

A

Class C; CO2 or FM-200

70
Q

Wardriving and port scanning are examples of ___________ tests.

A

penetration

71
Q

A computer system that alternates execution of multiple subprograms on a single processor describes what type of system?

A

Multitasking

72
Q

What type of firewall architecture employs external and internal routers, as well as a bastion host?

A

Screened-subnet

73
Q

A system used to monitor and control end -user access to cloud-based services is known as a ________________.

A

cloud access security broker (CASB)

74
Q

The simple integrity property and star integrity property are defined in which integrity model?

A

Biba

75
Q

Name three methods of attack against access control systems.

A

Brute-force, dictionary, buffer overflow

76
Q

Filling a system’s hard drive so that it can no longer record data is a type of __________ attack.

A

denial-of-service (DOS)

77
Q

In biometric systems, what is a False Accept Rate (Type II) error?

A

Unauthorized users are incorrectly granted access.

78
Q

To deter casual trespassers, fencing should be a minimum height of ______________ feet.

A

3 feet

79
Q

Masquerading is a ___________ technique.

A

social engineering

80
Q

Which PPP authentication protocol transmits passwords in clear text?

A

Password Authentication Protocol (PAP)

81
Q

The decision whether to purchase an emergency generator should be based on the _________________ of electrical power outages.

A

average and worst-case duration

82
Q

Name the four layers of the TCP/IP Protocol Model.

A

Application, Transport, Internet, Link (or Network)

83
Q

A type of cipher that replaces bits, characters, or character blocks with alternate bits, characters, or character blocks to produce cipher text is known as a ______________.

A

substitution cipher

84
Q

Name the four main components of a Public Key Infrastructure (PKI).

A

Certificate Authority (CA), Registration Authority (RA), Repository, Archive

85
Q

“A user cannot deny an action” describes the concept of _____________

A

nonrepudiation

86
Q

The restricted environment that Java applets occupy is known as a _______________.

A

sandbox

87
Q

What is the main reason for establishing an asset classification program?

A

It isn’t practical to protect all data equally.

88
Q

True or false: Risk avoidance is considered to be a general remedy for risk.

A

False

89
Q

What is the required operating state of a network interface on a system running a sniffer?

A

Promiscuous mode

90
Q

The logic present in an object is known as a ____________ .

A

method

91
Q

PCI DSS is applicable to organizations that ______________________.

A

transmit, process, or store payment card information

92
Q

A ________________ is useful in safeguard selection for determining cost-effectiveness.

A

cost-benefit analysis

93
Q

A system that continues to operate following the failure of a network component describes which type of system?

A

Fault-tolerant

94
Q

A system that accumulates knowledge by observing events’ inputs and outcomes is known as a ________________.

A

neural network

95
Q

What type of network attack sends TCP packets from a spoofed source address with the SYN bit set?

A

SYN Flood

96
Q

The purpose of session management in a web application is to ________________.

A

protect sessions from unauthorized access

97
Q

True or false: Bell-LaPadula, Biba, and Clark-Wilson all address availability issues.

A

False

98
Q

Data on backup media being sent by courier to an off-site storage location is known as what?

A

Data in transit

99
Q

Name a type of extinguishing agent that fights fires by separating the elements of the fire triangle rather than simply removing one element.

A

FM-200

100
Q

True or false: A signature-based IDS generally reports a high number of false positives.

A

False