IS3110 CHAP 9

Question 1

The standard defined by NIST for symmetric encryption. It is fast, efficient, and commonly used to encrypt data on drives, including universal serial bus (USB) flash drives.

Answer 1

Advanced Encryption Standard (AES)

Question 2

Files that are used for security. Uses include identification and encryption. They can be issued to users or systems and are then presented to other entities. It includes a public key that is shared with other. The public key is matched with a private key that is always kept private.

Answer 2

Certificates

Question 3

An entity that issues and manages certificates. ___ can be public or private. Public CAs are accessible on the Internet. Private CAs are internal to an organization. CA are used by users and systems for security purposes, such as identification and encryption.

Answer 3

Certification authority (CA)

Question 4

A class of control identified by its function. It attempts to reverse the effect of an exploited vulnerability. For example, antivirus software can work as a ___ if it detects an infected file.

Answer 4

Corrective control

Question 5

A class of control identified by its function. It will detect when a vulnerability is being exploited. IDS is an example of a ___.

Answer 5

Detective control

Question 6

A method used for identification. This ___ uses certificates issued by a CA. A hash of a message is created. The hash is encrypted with the sender’s private key. If the receiver can decrypt the encrypted hash with the sender’s public key, it has been verified that it was encrypted and sent with the sender’s private key. Only the sender has the private key.

Answer 6

Digital signature

Question 7

Used to prevent someone from denying they took an action. Audit logs record details of who, what, where, and when on events. If an audit log records an action by a suer after the user logs on, the user cannot believably deny the action. Digital signatures are also used for ___.

Answer 7

Non-repudiation

Question 8

A class of control identified by its function. It will attempt to prevent the risk from occurring. For example, an unneeded protocol is removed from a server to harden it. Any attacks on this protocol are now prevented on this server.

Answer 8

Preventative control

Question 9

A document users must read before accessing a system. It identifies what they can and cannot do on the system. It is also called an acceptable use policy (AUP) in most private organizations.

Answer 9

Rules of Behavior

Question 10

A tool used to capture traffic on a network in order to analyze it. Wireshark is a packet analyzer that can be used as a ___. If data is sent in clear text, the captured traffic can easily be read.

Answer 10

Sniffer

Question 11

1. A ___ will reduce or eliminate a threat or vulnerability.

Answer 11

Control or countermeasure

Question 12

2. Controls can be identified based on their function. The functions are preventative, detective, and corrective.
   TRUE OR FALSE

Answer 12

TRUE

Question 13

3. What are the primary objectives of a control?
4. Prevent, control, attack
5. Prevent, respond, log
6. Prevent, recover, detect
7. Detect, recover, attack

Answer 13

Prevent, recover, detect

Question 14

4. What type of control is an intrusion detection system (IDS)?
5. Preventative
6. Detective
7. Corrective
8. Recovery

Answer 14

Detective

Question 15

5. NIST SP 800-53 identifies controls in three primary classes. What are they?
6. Preventative, Detective, Corrective
7. Administrative, Technical, Operational
8. Technical, Administrative, Environmental
9. Technical, Operational, Management

Answer 15

Technical, Operational, Management

Question 16

6. A(n) ___ control is used to ensure that users have the rights and permissions they need to perform their jobs, and no more.

Answer 16

Access

Question 17

7. Logon identifiers help ensure that users cannot deny taking a specific action such as deleting a file. What is this called?
8. Digital signature
9. Encryption
10. Non-repudiation
11. PKI

Answer 17

Non-repudiation

Question 18

8. What should you use to ensure that users understand what they can and cannot do on systems within the network?
9. Acceptable use banner
10. Data range checks
11. Rules of behavior
12. Audit cards

Answer 18

Rules of behavior

Question 19

9. What can be used to ensure confidentiality of sensitive data?
10. Encryption
11. Hashing
12. Digital signature
13. Non-repudiation

Answer 19

Encryption

Question 20

10. What should be logged in an audit log?
11. All system events
12. All security related events
13. The details of what happened for an event
14. Who, what, when, and where details of an event

Answer 20

Who, what, when, and where details of an event

Question 21

11. Your organization wants to issue certificates for internal systems such as in internal Web server. You’ll need to install a ___ to issue and manage certificates.

Answer 21

Certification authority (CA)

Question 22

12. Which of the following is an administrative control?
13. Session timeout
14. Reasonableness check
15. Water detection
16. DRP

Answer 22

DRP

Question 23

13. Which of the following is a technical control?
14. PKI
15. Awareness and training
16. Guards
17. Electrical grounding

Answer 23

PKI

Question 24

14. Which of the following is a physical control?
15. Logon identifiers
16. CCTV
17. Encryption
18. BCP

Answer 24

CCTV

Question 25

15. A PTZ camera is used within a CCTV system. It can pan, tilt, and zoom.
    TRUE OR FALSE

Answer 25

TRUE