Final Exam Flashcards
Final Assessment
Steve is a security practitioner assigned to come up with a protective measure for ensuring cars don’t collide with pedestrians.
What is probably the most effective type of control for this task?
Physical
Fill in the missing word:
Chad is a security practitioner tasked with ensuring that the information on the organization’s public website is not changed by anyone outside the organization.
This task is an example of ensuring _________.
Integrity
Which of the following is an example of a “Something you know” authentication factor?
Password
Which of the following is an example of a “Something you are” authentication factor?
A photograph of your face
Fill in the missing word:
A system that collects transactional information and stores it in a record in order to show which users performed which actions are an example of providing ________.
Non-repudiation
What is the European Union (EU) law that grants legal protections to individual human privacy?
The General Data Protection Regulation
For which of the following systems would the security concept of availability probably be most important?
Medical systems that monitor patient condition in an intensive-care unit
For which of the following assets is integrity probably the most important security aspect?
The file that contains passwords used to authenticate users
Fill in the missing word:
In risk management concepts, a(n) _________ is something a security practitioner might need to protect.
Asset
Fill in the missing word:
In risk management concepts, a(n) ___________ is something or someone that poses a risk to an organization or asset.
Threat
Of the following, which would probably not be considered a threat?
Which of the following probably poses the most risk?
A high-likelihood, high-impact event
Within the organization, who can identify risk?
Anyone
Fill in the missing word:
Kerpak works in the security office of a medium-sized entertainment company. Kerpak is asked to assess a particular threat, and he suggests that the best way to counter this threat would be to purchase and implement a particular security solution.
This is an example of _______.
Mitigation
Fill in the missing word:
Sophia is visiting Las Vegas and decides to put a bet on a particular number on a roulette wheel.
This is an example of _________.
Acceptance
Fill in the missing word:
Phrenal is selling a used laptop in an online auction. Phrenal has estimated the value of the laptop to be $100 but has seen other laptops of similar type and quality sell for both more and less than that amount. Phrenal hopes that the laptop will sell for $100 or more, but is prepared to take less for it if nobody bids that amount.
This is an example of ___________.
Risk tolerance
Fill in the missing word:
A software firewall is an application that runs on a device and prevents specific types of traffic from entering that device.
This is a type of ________ control.
Technical
Fill in the missing word:
At the airport, there are red lines painted on the ground next to the runway, which prohibits traffic from crossing it.
This is an example of a(n)______ control.
Physical
Fill in the missing word:
A bollard is a post set securely in the ground in order to prevent a vehicle from entering an area or driving past a certain point.
Bollards are an example of ______ controls.
Physical
Druna is a security practitioner tasked with ensuring that laptops are not stolen from the organization’s offices. Which sort of security control would probably be best for this purpose?
Physical
Triffid Corporation has a policy that all employees must receive security awareness instruction before using email; the company wants to make employees aware of potential phishing attempts that the employees might receive via email.
What kind of control is this instruction?
Administrative
ISC2 publishes a Common Body of Knowledge (CBK) that IT security practitioners should be familiar with; this is recognized throughout the industry as a set of material that is useful for practitioners to refer to. Certifications can be issued for demonstrating expertise in this Common Body of Knowledge.
What kind of document is the Common Body of Knowledge?
Standard
The city of Grampon wants to ensure that all of its citizens are protected from malware, so the city council creates a rule that anyone caught creating and launching malware within the city limits will receive a fine and go to jail.
What kind of rule is this?
Law
The Triffid Corporation publishes a strategic overview of the company’s intent to secure all the data the company possesses. This document is signed by Triffid’s senior management.
What kind of document is this?
Policy
Fill in the missing words:
Grampon municipal code requires that all companies that operate within city limits will have a set of processes to ensure employees are safe while working with hazardous materials. Triffid Corporation creates a checklist of activities employees must follow while working with hazardous materials inside Grampon city limits.
The municipal code is a ______, and the Triffid checklist is a ________.
Law, procedure
Fill in the missing word:
The Payment Card Industry (PCI) Council is a committee made up of representatives from major credit card providers (Visa, Mastercard, American Express) in the United States.
The PCI Council issues rules that merchants must follow if the merchants choose to accept payment via credit card. These rules describe best practices for securing credit card processing technology, activities for securing credit card information, and how to protect customers’ personal data.
This set of rules is a _____.
Standard
Hoshi is an ISC2 member who works for the Triffid Corporation as a data manager. Triffid needs a new firewall solution, and Hoshi is asked to recommend a product for Triffid to acquire and implement. Hoshi’s cousin works for a firewall vendor; that vendor happens to make the best firewall available.
What should Hoshi do?
Disclose the relationship, but recommend the vendor/product
Olaf is a member of ISC2 and a security analyst for Triffid Corporation.
During an audit, Olaf is asked whether Triffid is currently following a particular security practice. Olaf knows that Triffid is not adhering to that standard in that particular situation, but that saying this to the auditors will reflect poorly on Triffid.
What should Olaf do?
Tell the auditors the truth
Aphrodite is a member of ISC2 and a data analyst for Triffid Corporation. While Aphrodite is reviewing user log data, Aphrodite discovers that another Triffid employee is violating the acceptable use policy and watching streaming videos during work hours.
What should Aphrodite do?
Inform Triffid management
Glena is an ISC2 member. Glena receives an email from a company offering a set of answers for an ISC2 certification exam.
What should Glena do?
Inform ISC2
Fill in the missing word:
You are reviewing log data from a router; there is an entry that shows a user sent traffic through the router at 11:45 am, local time, yesterday.
This is an example of a(n) _______.
Event
Who approves the incident response policy?
Senior management
Fill in the missing word:
An attacker outside the organization attempts to gain access to the organization’s internal files. This is an example of a(n) ______.
Intrusion
Which of the following are not typically involved in incident detection?
What is the risk associated with resuming full normal operations too soon after a DR effort?
The danger posed by the disaster might still be present
What is the goal of Business Continuity efforts?
Keep critical business functions operational
Which of the following is likely to be included in the business continuity plan?
Alternate work areas for personnel affected by a natural disaster
What is the most important goal of a business continuity effort?
Preserve health and human safety
What is the overall objective of a disaster recovery (DR) effort?
Return to normal, full operations
What is the risk associated with delaying the resumption of full normal operations after a disaster?
Gelbi is a Technical Support analyst for Triffid, Inc. Gelbi sometimes is required to install or remove software.
Which of the following could be used to describe Gelbi’s account?
Privileged
Guillermo logs onto a system and opens a document file. In this example, Guillermo is:
The subject
Which of the following is not an appropriate control to add to privileged accounts?
Security deposit
Prachi works as a database administrator for Triffid, Inc. Prachi is allowed to add or delete users, but is not allowed to read or modify the data in the database itself. When Prachi logs onto the system, an access control list (ACL) checks to determine which permissions Prachi has.
In this situation, what is the ACL?
Prachi works as a database administrator for Triffid, Inc. Prachi is allowed to add or delete users, but is not allowed to read or modify the data in the database itself. When Prachi logs onto the system, an access control list (ACL) checks to determine which permissions Prachi has.
In this situation, what is Prachi?
Larry and Fern both work in the data center. In order to enter the data center to begin their workday, they must both present their own keys (which are different) to the key reader, before the door to the data center opens.
Which security concept is being applied in this situation?
Dual control
Which of the following is a biometric access control mechanism?
A door locked by a voiceprint identifier
Fill in the missing word:
All visitors to a secure facility should be _______.
All of the following are typically perceived as drawbacks to biometric systems, except:
Lack of accuracy
Fill in the missing word:
A human guard monitoring a hidden camera could be considered a ______ control.
Fill in the missing word:
A _____ is a record of something that has occurred.
Log
Tekila works for a government agency. All data in the agency is assigned a particular sensitivity level, called a Classification. Every person in the agency is assigned a clearances’ level, which determines the classification of data each person can access and is controlled at the system level.
What is the access control model being implemented in Tekila’s agency?
Which of the following would be considered a logical access control?
Trina and Doug both work at Triffid, Inc. Doug is having trouble logging into the network. Trina offers to log in for Doug, using Trina’s credentials, so that Doug can get some work done.
What is the problem with this?
Anything either of them do will be attributed to Trina
Gary is unable to log in to the production environment. Gary tries three times and is then locked out of trying again for one hour.
Why could this be?
Gray’s actions look like an attack
Suvid works at Triffid, Inc. When Suvid attempts to log in to the production environment, a message appears stating that Suvid has to reset the password.
What may have occurred to cause this?
Suvid’s password has expired
Prina is a database manager. Prina is allowed to add new users to the database, remove current users, and create new usage functions for the users. Prina is not allowed to read the data in the fields of the database itself.
This is an example of:
Handel is a senior manager at Triffid, Inc., and is in charge of implementing a new access control scheme for the company. Handel wants to ensure that operational managers have the utmost personal choice in determining which employees get access to which systems/data.
Which method should Handel select?
Discretionary access controls (DAC)
Handel is a senior manager at Triffid, Inc., and is in charge of implementing a new access control scheme for the company. Handel wants to ensure that employees transferring from one department to another, getting promoted, or cross-training to new positions can get access to the different assets they’ll need for their new positions, in the most efficient manner.
Which method should Handel select?
Role-based access controls (RBAC)
Handel is a senior manager at Triffid, Inc., and is in charge of implementing a new access control scheme for the company. Handel wants to ensure that employees who are assigned to new positions in the company do not retain whatever access they had in their old positions.
Which method should Handel select?
Role-based access controls (RBAC)
What term refers to the logical address of a device connected to the network or Internet?
Internet Protocol (IP) address
What type of device filters network traffic in order to enhance overall security/performance?
Firewall
What protocol should Barry use when he wants to upload a series of files to a web-based storage service?
What type of device, typically accessed by multiple users and often intended for a single purpose, such as managing email or web pages, is referred to as?
Carol is browsing the Web. Which of the following ports is she probably using?
80
Cyril wants to ensure all the devices on his company’s internal IT environment are properly synchronized.
NTP (Network Time Protocol)
Ludwig is a security analyst at Triffid, Inc. Ludwig notices network traffic that might indicate an attack designed to affect the availability of the environment.
Which of the following might be the attack Ludwig sees?
Gary is an attacker. Gary is able to get access to the communication wire between Dauphine’s machine and Linda’s machine and can then surveil the traffic between the two when they’re communicating.
What kind of attack is this?
On-path
Bert wants to add a flashlight capability to a smartphone. Bert searches the internet for a free flashlight app and downloads it to the phone. The app allows Bert to use the phone as a flashlight but also steals Bert’s contacts list.
What kind of app is this?
Trojan
Triffid, Inc., has many remote workers who use their own IT devices to process Triffid’s information. The Triffid security team wants to deploy some sort of sensor on user devices in order to recognize and identify potential security issues.
Which of the following is probably most appropriate for this specific purpose?
HIDS (host-based intrusion-detection systems)
Inbound traffic from an external source seems to indicate much higher rates of communication than normal, to the point where the internal systems might be overwhelmed.
Which security solution can often identify and potentially counter this risk?
Firewall
What tool aggregates log data from multiple sources, typically analyzes it, and reports potential threats?
What type of solution typically inspects outbound communications traffic to check for unauthorized exfiltration of sensitive/valuable information?
DLP (data loss prevention)
What type of tool is utilized to monitor local devices with the aim of reducing potential threats from hostile software?
Which of the following activities is usually part of the configuration management process, but is also extremely helpful in countering potential attacks?
Updating and patching systems
Which type of fire-suppression system is typically the safest for humans?
Water
Which common cloud service model offers the customer the most control of the cloud environment?
The section of the IT environment that is closest to the external world; where we locate IT systems that communicate with the Internet.
DMZ
An IoT (Internet of Things) device is typified by its effect on or use of the _____ environment.
Physical
What type of device is commonly advisable to have on the perimeter between two networks?
Firewall
Archiving is typically done when _________.
Archiving is typically done when _________.
Every document owned by Triffid, Inc., whether hardcopy or electronic, has a clear, 24-point word at the top and bottom. Only three words can be used: “Sensitive”, “Proprietary”, and “Public”.
This is an example of _____.
Labeling
Security needs to be provided to ____ data.
All of the answers
Private, illegal, restricted
Data retention periods apply to ____ data.
All of the answers
Medical, sensitive, secret
When data has reached the end of the retention period, it should be _____.
Destroyed
Data _____ is data left behind on systems/media after normal deletion procedures have been attempted.
Remanence
Log data should be kept ______.
On a device other than where it was captured
Security controls on log data should reflect ________.
The sensitivity of the source device
Logs should be reviewed ______.
Continually
Dieter wants to send a message to Lupa and wants to be sure that Lupa knows the message has not been modified in transit.
What technique/tool could Dieter use to assist in this effort?
Hashing
Triffid, Inc., wants to host streaming video files for the company’s remote users but wants to ensure the data is protected while it’s streaming.
Which of the following methods are probably best for this purpose?
______ is used to ensure that configuration management activities are effective and enforced.
Verification and audit
An organization must always be prepared to ______ when applying a patch.
Rollback
Why is the proper alignment of security policy and business goals within the organization important?
Security policy that conflicts with business goals can inhibit productivity
The organization should keep a copy of every signed Acceptable Use Policy (AUP) on file, and issue a copy to _______.
The user who signed it
What is the most crucial element of any security instruction program?
Preserve health and human safety
Which one of the following is a benefit of computer-based training (CBT)?
Scalable
The output of a hashing algorithm is _____.
The same length
Hashing is often used to provide _______.
Integrity
If two people want to use asymmetric communication to conduct a confidential conversation, how many keys do they need?
4
each party needs their own key pair (a public key and a private key) to engage in confidential communication.
