Deck 1

Question 1

What are two types of risk analysis?

Answer 1

Quantitative, qualitative

Question 2

An attacker has placed a URL on a website that, if clicked, will cause malicious JavaScript to execute in victims’ browsers. This attack is known as a ___________ attack.

Answer 2

cross-site scripting

Question 3

What are the four basic control requirements identified in the Orange Book?

Answer 3

Discretionary access control, mandatory access control, object reuse, labels

Question 4

What is the purpose of a Business Impact Assessment (BIA)?

Answer 4

To describe the impact that an event or disaster will have on business operations

Question 5

The most extensive type of disaster recovery plan test is ______________.

Answer 5

an interruption test

Question 6

Most security policies are categorized as what type?

Answer 6

Advisory

Question 7

An IPsec SA consists of what three parameters to uniquely identify it in an IPsec session?

Answer 7

Destination IP address, Security Protocol ID (SPID), Security Parameter Index (SPI)

Question 8

Which U.S. government data classification level describes information that, if compromised, could cause grave damage to national security?

Answer 8

Top Secret

Question 9

____________ monitoring records every key press and mouse movement on a system.

Answer 9

Keystroke

Question 10

In a civil case, the court may issue an order, known as a _________________ , allowing a law-enforcement official to seize specific evidence.

Answer 10

writ of possession

Question 11

192.167.4.1 is an example of what class of IP address?

Answer 11

C

Question 12

Name three VPN protocol standards.

Answer 12

IPsec, PPTP, SSL/TLS

Question 13

A third-party inspection of a system is known as ________________ .

Answer 13

an audit

Question 14

Name three types of intrusion detection systems used for physical security.

Answer 14

Photoelectric sensors, dry contact switches, motion detectors

Question 15

What are the three elements of the C-I-A triad?

Answer 15

Confidentiality, integrity, availability

Question 16

A ___________ conveys information by altering a system resource’s performance or timing.

Answer 16

covert timing channel

Question 17

Who is the individual responsible for assigning information classification levels to assigned information assets?

Answer 17

Information owner

Question 18

A baseline is what type of governance?

Answer 18

Standard

Question 19

What is a primary technical concern with long-term audit log retention?

Answer 19

Whether any tape or disk drives will be available to read the media

Question 20

Name five types of attacks against voice communication systems.

Answer 20

Identity fraud, toll fraud, eavesdropping, denial-of-service (DoS), Spam over Internet Telephony (SPIT)

Question 21

Name three asymmetric key systems based on discrete logarithms.

Answer 21

Diffie-Hellman, Elliptic Curve, ElGamal

Question 22

Violation reports and audit trails are examples of what type of control?

Answer 22

Detective technical

Question 23

The two types of host or network intrusion detection are ______________ and ________________ .

Answer 23

signature-based systems, anomaly-based systems

Question 24

Name the three elements of the fire triangle necessary for a fire to burn.

Answer 24

Fuel, oxygen, heat

Question 25

Name three factors that are used to determine data classification.

Answer 25

Value, regulations, policy

Question 26

Name three types of general-purpose controls.

Answer 26

Detective, preventive, corrective

Question 27

What are the four main functions of the operating system?

Answer 27

Process management, I/O device management, memory management, file management

Question 28

A SYN flood is an example of what type of attack?

Answer 28

Denial-of-service (DoS)

Question 29

Name four Wi-Fi access point infrastructure modes of operation.

Answer 29

Root, repeater, bridge, mesh

Question 30

What type of water sprinkler system initially has no water present in the pipes and, at activation, delivers a large volume of water?

Answer 30

Deluge

Question 31

To be admissible in a court of law, evidence must be ________________________.

Answer 31

relevant

Question 32

The minimum number of SAs required for a two-way IPSec session between two communicating hosts using both AH and ESP is ____________.

Answer 32

four

Question 33

An alternative information-processing facility where all systems, patches, and data are mirrored from live production systems is known as a _______________.

Answer 33

hot site

Question 34

A ________________ model ensures that the actions of different objects and subjects aren’t seen by (and don’t interfere with) other objects and subjects on the same system.

Answer 34

noninterference

Question 35

Name five protocols that can be used to secure email communication.

Answer 35

SMTP over TLS, S/MIME, MOSS, PEM, PGP

Question 36

The Ethernet protocol is defined at what layer of the OSI model and in which IEEE standard?

Answer 36

Data Link, 802.3

Question 37

A prolonged drop in voltage describes what electrical anomaly?

Answer 37

Brownout

Question 38

True or false: Failure to implement a safeguard may result in legal liability if the cost of implementing the safeguard is less than the cost of the associated loss.

Answer 38

True

Question 39

What term describes the legal evidence-gathering technique of luring an individual toward certain evidence after that individual has already committed a crime?

Answer 39

Enticement

Question 40

Authentication can be based on any combination of what three factors?

Answer 40

Something you know, something you have, something you are

Question 41

The process of wrapping protocol information from one layer in the data section of another layer describes .

Answer 41

encapsulation

Question 42

An address used as the origin for calculating other addresses describes ________________.

Answer 42

base addressing

Question 43

The total combination of protection mechanisms within a computer system (including hardware, firmware, and software) that’s responsible for enforcing a security policy defines a ______________.

Answer 43

Trusted Computing Base

Question 44

Name four types of intellectual property.

Answer 44

Patents, trademarks, copyrights, trade secrets

Question 45

Antimalware software that watches for anomalous behavior uses what technique?

Answer 45

Heuristics

Question 46

What is the formula for calculating Annualized Loss Expectancy (ALE)?

Answer 46

SLE x ARO = ALE, where SLE is the Single Loss Expectancy and ARO is the Annualized Rate of Occurrence

Question 47

The practice of regularly transferring personnel to different positions or departments within an organization is known as ___________.

Answer 47

job rotation

Question 48

Which U.S. government data classification level describes information that, if compromised, could cause serious damage to national security?

Answer 48

Secret

Question 49

Name three types of possible damages in a civil case.

Answer 49

Compensatory, punitive, statutory

Question 50

A data network that operates across a large geographic area defines what type of network?

Answer 50

WAN

Question 51

The Advanced Encryption Standard (AES) is based on what symmetric key algorithm?

Answer 51

Rijndael

Question 52

What is the longest period of time that a business can survive without a critical function?

Answer 52

Maximum tolerable downtime

Question 53

The process of reviewing and approving proposed changes to systems is known as ________________.

Answer 53

change management

Question 54

Viruses, rootkits, and Trojan horses are broadly defined as ______________.

Answer 54

malware

Question 55

Which ITSEC classification level is equivalent to TCSEC level B3?

Answer 55

E5

Question 56

The LLC and MAC are sublayers of which OSI model layer?

Answer 56

Data Link

Question 57

The ____________ protocol is used to facilitate user authentication across systems and among organizations through the exchange of authentication and authorization information among organizations.

Answer 57

Security Assertion Markup Language (SAML)

Question 58

Name two protocols that can be used to implement one-time passwords.

Answer 58

S/Key and Diameter

Question 59

The Clark-Wilson integrity model is based on the concept of a ___________, in which a transaction is sufficiently ordered and controlled that it maintains internal and external consistency.

Answer 59

well-formed transaction

Question 60

Portable CO2 fire extinguishers are classified as what type of extinguishing system?

Answer 60

Gas-discharge

Question 61

Name the four CPU operating states.

Answer 61

Operating (or run), problem (or application), supervisory, wait

Question 62

What type of cabling should be used below raised floors and above drop ceilings?

Answer 62

Plenum

Question 63

Sensitivity labels are a fundamental component of which type of access control system?

Answer 63

Mandatory

Question 64

When should management be notified of a computer crime?

Answer 64

As soon as the crime is detected

Question 65

A developer, suspecting that he may be fired soon, modifies an important program that will corrupt payroll files long after he is gone. The developer has created a _________________.

Answer 65

logic bomb

Question 66

Which Internet specification provides secure e-commerce by using symmetric key systems, asymmetric key systems, and dual signatures?

Answer 66

Secure Electronic Transaction (SET)

Question 67

A ______________ conveys information by altering stored system data.

Answer 67

covert storage channel

Question 68

Name four examples of packet-switched WAN protocols.

Answer 68

IP, X.25, Frame Relay, SMDS

Question 69

Electrical fires are classified as what type of fire and use what extinguishing methods?

Answer 69

Class C; CO2 or FM-200

Question 70

Wardriving and port scanning are examples of ___________ tests.

Answer 70

penetration

Question 71

A computer system that alternates execution of multiple subprograms on a single processor describes what type of system?

Answer 71

Multitasking

Question 72

What type of firewall architecture employs external and internal routers, as well as a bastion host?

Answer 72

Screened-subnet

Question 73

A system used to monitor and control end -user access to cloud-based services is known as a ________________.

Answer 73

cloud access security broker (CASB)

Question 74

The simple integrity property and star integrity property are defined in which integrity model?

Answer 74

Biba

Question 75

Name three methods of attack against access control systems.

Answer 75

Brute-force, dictionary, buffer overflow

Question 76

Filling a system’s hard drive so that it can no longer record data is a type of __________ attack.

Answer 76

denial-of-service (DOS)

Question 77

In biometric systems, what is a False Accept Rate (Type II) error?

Answer 77

Unauthorized users are incorrectly granted access.

Question 78

To deter casual trespassers, fencing should be a minimum height of ______________ feet.

Answer 78

3 feet

Question 79

Masquerading is a ___________ technique.

Answer 79

social engineering

Question 80

Which PPP authentication protocol transmits passwords in clear text?

Answer 80

Password Authentication Protocol (PAP)

Question 81

The decision whether to purchase an emergency generator should be based on the _________________ of electrical power outages.

Answer 81

average and worst-case duration

Question 82

Name the four layers of the TCP/IP Protocol Model.

Answer 82

Application, Transport, Internet, Link (or Network)

Question 83

A type of cipher that replaces bits, characters, or character blocks with alternate bits, characters, or character blocks to produce cipher text is known as a ______________.

Answer 83

substitution cipher

Question 84

Name the four main components of a Public Key Infrastructure (PKI).

Answer 84

Certificate Authority (CA), Registration Authority (RA), Repository, Archive

Question 85

“A user cannot deny an action” describes the concept of _____________

Answer 85

nonrepudiation

Question 86

The restricted environment that Java applets occupy is known as a _______________.

Answer 86

sandbox

Question 87

What is the main reason for establishing an asset classification program?

Answer 87

It isn’t practical to protect all data equally.

Question 88

True or false: Risk avoidance is considered to be a general remedy for risk.

Answer 88

False

Question 89

What is the required operating state of a network interface on a system running a sniffer?

Answer 89

Promiscuous mode

Question 90

The logic present in an object is known as a ____________ .

Answer 90

method

Question 91

PCI DSS is applicable to organizations that ______________________.

Answer 91

transmit, process, or store payment card information

Question 92

A ________________ is useful in safeguard selection for determining cost-effectiveness.

Answer 92

cost-benefit analysis

Question 93

A system that continues to operate following the failure of a network component describes which type of system?

Answer 93

Fault-tolerant

Question 94

A system that accumulates knowledge by observing events’ inputs and outcomes is known as a ________________.

Answer 94

neural network

Question 95

What type of network attack sends TCP packets from a spoofed source address with the SYN bit set?

Answer 95

SYN Flood

Question 96

The purpose of session management in a web application is to ________________.

Answer 96

protect sessions from unauthorized access

Question 97

True or false: Bell-LaPadula, Biba, and Clark-Wilson all address availability issues.

Answer 97

False

Question 98

Data on backup media being sent by courier to an off-site storage location is known as what?

Answer 98

Data in transit

Question 99

Name a type of extinguishing agent that fights fires by separating the elements of the fire triangle rather than simply removing one element.

Answer 99

FM-200

Question 100

True or false: A signature-based IDS generally reports a high number of false positives.

Answer 100

False