Official Study Guide 2 Flashcards

1
Q

NIST SP800-53 discusses security controls as a security ___

A

baseline

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Communication systems that rely on start and stop flags or bits to manage data transmission are known as ___

A

Asynchronous

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

___ motion detectors transmit ultrasonic or microwave signals into the monitor area, watching for changes in the returned signals bouncing off objects

A

Wave pattern

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

___ provides AAA functionality, but is a Cisco proprietary protocol

A

TACACS+

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

the TCP three-way handshake is ___

A

SYN, SYN/ACK, ACK

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

The ___ program helps to protect the supply chain for components and devices by ensuring that the companies that produce and supply them are secure

A

US Trusted Foundry

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

in an IaaS environment, the vendor is only responsible for the hardware and the ___

A

hypervisor

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

when testing a website, another word for synthetic monitoring (using realistic data) is ___

A

proactive monitoring

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

___ (or impersonation) attacks use stolen or falsified credentials to bypass authentication mechanisms. ___ attacks rely on falsifying an identity like an IP address or hostname without credentials. ___ attacks are a more specific type of impersonation attack that relies on captured network traffic to reestablish authorized
connections

A

Masquerading; Spoofing; Replay

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

The ___ evidence rule states that when an agreement between two parties is put into written form, it is assumed to be the entire agreement unless amended in writing

A

parol

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

The ___ evidence rule says that a copy of a document is not admissible if the original document is available

A

best

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

___ reviews the use and application of controls in an audited organization. It forms part of the underlying framework for SOC 1, 2, and 3 reports

A

SSAE-18

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

The Digital Millennium Copyright Act (DMCA) provides safe harbor protection for the operators of ___

A

Internet service providers

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

___ is a variation in the latency for different packets

A

Jitter

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

___ are a special form of input validation that ensure that the value remains within an expected range

A

Limit checks

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

___ via a web portal can require user authentication and can gather data like operating systems, versions, software information, and many other factors that can uniquely identify systems

A

Device fingerprinting

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Packets with ___ IP addresses as sources or destinations should never be routed onto the Internet

A

private

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

The most frequent target of account management reviews are ___ accounts, as they create the greatest risk

A

highly privileged

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

The courts have applied the ___ rule to include the concept that attorneys may not introduce logs into evidence unless they are authenticated by the system administrator

A

hearsay

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

Attackers may use ___ as a tool to exploit a TOC/TOU race condition

A

algorithmic complexity

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

The formula for determining the number of encryption keys required by a symmetric
algorithm is ___

A

((n*(n − 1))/2)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

many modern thieves immediately take steps to ensure that mobile devices ___ before they capture data or wipe the device for resale.

A

will not be trackable or allowed to connect to a network

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

___ server monitoring relies on synthetic or previously recorded traffic

A

Active

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

___ access control empowers people closer to the resources to control access but does not provide consistent control

A

Decentralized

25
Access control systems rely on ___ and ___ to provide accountability. Effective ___ systems are desirable, but not required, since logs can provide information about who accessed what resources, even if access to those resources is not managed well
identification; authentication; | authorization
26
EAP was originally intended to be used on ___ network channels and did not include ___
physically isolated; encryption
27
The Linux tool ___ creates a bit-by-bit copy of the target drive that is well suited to forensic use
dd
28
___ is specifically defined by HIPAA to include information about an individual’s medical bills
Personal health information (PHI)
29
___ include both the access and actions that you can take on an object. ___ usually refer to the ability to take action on an object and don’t include the access to it
permissions; Rights
30
___ combine rights and permissions, and roles describe sets of ___ based on job tasks or other organizational artifacts
Privileges; privileges
31
___ is a feature in operating systems (such as Windows) that enables computers to automatically self-configure an IP address and subnet mask when their DHCP server isn’t reachable. The IP address range for this is ___
Automatic Private IP Addressing (APIPA); | 169.254.0.1 - 169.254.255.254
32
___, or registration, is the initial creation of a user account in the provisioning process
Enrollment
33
The ___ role is responsible for making sure systems provide value (balanced with security needs)
business or mission owner’s
34
The ___ (Act) makes it a crime to invade the electronic privacy of an individual. It prohibits the unauthorized monitoring of email and voicemail communications
Electronic Communications Privacy Act (ECPA)
35
Syslog uses port ___
UDP 514 (or TCP 6514)
36
___ is a TCP flag used to clear the buffer, resulting in immediately sending data
PSH
37
___ is the TCP urgent flag
URG
38
___ is a TCP flag for Nonce concealment protection
NS
39
___ is a TCP flag used to reset the connection
RST
40
As the incident response progresses, the root cause analysis is a component of the ___ step of the incident response process
remediation
41
___ errors are most likely to be missed by automated functional testing
Business logic
42
___ sites take a very long time to activate, measured in weeks or months
Cold
43
Test coverage is computed using the formula test coverage = number of ___/ total number of ___
use cases tested; use cases
44
___ is the first functional goal of physical security mechanisms
Deterrence
45
a good alternative to FTP for transferring files is ___
SCP—Secure Copy
46
The California Online Privacy Protection Act requires that commercial websites that collect personal information from users in California ___
conspicuously post a privacy policy
47
Iris scans have a longer useful life than many other types of biometric factors because ___
they don’t change throughout a person’s life span
48
The ___ Act is an example of civil law, whereas most cyber-security laws are criminal
Gramm-Leach-Bliley (GLBA)
49
The S/MIME secure email format uses the ___ file format for encrypted email messages
P7S
50
___ allows the storage of multiple different pieces of information in a database at different classification levels to prevent attackers from conducting aggregation or inference attacks
Polyinstantiation
51
Any primary key is, by definition, also a ___ key
candidate
52
to protect the integrity of an email message without encryption, you should ___
digitally sign it (no need to hash it)
53
to force cookies to use TLS, you should ___
set the Secure attribute on them
54
___ is specifically designed for encrypted file transfer, while ___ is used for secure command-line access
SFTP; SSH
55
The disaster recovery test types, listed in order (A-D) of their potential impact on the business from the least impactful to the most impactful, are as follows:
A. Checklist review B. Parallel test C. Tabletop exercise D. Full interruption test
56
HIPAA requires that anyone working with personal health information on behalf of a HIPAA-covered entity be subject to the terms of a ___
business associates agreement (BAA)
57
an ___ can translate traffic between IPv6 networks and IPv4 networks
IPv6 to IPv4 gateway
58
WPA2 encryption has no effect on ___ attacks
password
59
in contrast to synthetic user monitoring, passive monitoring is also referred to as ___ monitoring
real user