sth to rem Flashcards

Question 1

Q

Atomicity
Isolation
Consistency
Durability

Answer

A

Atomicity – Transaction must be rolled back if not complete (committed).
Isolation – One transaction must complete before other can modify the same data.
Consistency – Transactional changes must ensure that the DB is consistent to the rules (unique primary key etc.)
Durability – Transactions once committed must be durable. Backups such as transaction logs ensure durability.

Question 2

Q

Concurrency
Lost Updates
Dirty Reads

Answer

A

Concurrency – enables users to lock the database to prevent changes by others during a transaction.
Lost Updates – two different processes make updates to the DB without being aware of each others transactions causing errors. Isolation solves this.
Dirty Reads – Process reads from a transaction that did not commit. Atomicity solves this.

Question 3

Q

Polyinstantiation

Answer

A

Polyinstantiation –tuple’s having multiple values with identical primary keys based on Security Clearance, to prevent lower-level inference attacks.

Question 4

Q

Cell Suppression

Answer

A

Cell Suppression – Hide individual fields based on security clearance.

Question 5

Q

Aggregation

Answer

A

Aggregation – Use access to multiple low-level database to gain information. Basically, person asks every question, receives every answer and thus gains information. (No deduction needed) (One DB has Employee ID and name, other has Employee ID and Salary. Aggregation allows to identify Salary of each employee)

Question 6

Q

Inference

Answer

A

Inference – speculation of information based on some information. (Weapon shipment increase in DB records can infer a possible mission)

Question 7

Q

Referential Integrity
Semantic Integrity
Entity Integrity

Answer

A

Referential Integrity – every foreign key matches a candidate key in the parent table.
Semantic Integrity – each column attribute value is consistent with the attribute data type. (Date in date column)
Entity Integrity – every tuple has a primary key which is unique and not NULL

Question 8

Q

Software Escrow Agreement

Answer

A

Software Escrow Agreement
Archive Source code with a third-party repository, to protect the customer in case the software vendor goes out of business..

Question 9

Q

Change Management Process

Answer

A

Request Control: Organized framework for users to request modifications, managers conduct cost/benefit analysis and developers prioritize tasks.
Change Control: Framework for multiple developers to develop and test a solution before rolling into production.
Quality Control restrictions
Documenting code changes
Restrict new code to minimize security
Develop tools for deployment of change.
Release Control: Review code before release. Review includes:
Remove any backdoors.
Approval of change
User Acceptance Testing
Configuration Control: Ensures that changes to software versions are made in accordance with change control and configuration management process.
Updates can only be made from authorized distributions.

Question 10

Q

Configuration Management Process

Answer

A

Configuration Identification: Documentation of all software configuration within organization.
Configuration Control: Configuration changes follow change management.
Configuration Accounting: Track all authorized configuration changes.
Configuration Audit: Configuration documentation meets actual configuration

Question 11

Q

SEI SW-CMMI
Measures Software Development Maturity.
Required by US Agencies and Contractors

Answer

A

Initial: Processes are chaotic, unpredictable, poorly controlled, reactive.
Repeatable: Processes are characterized for projects but reactive. Basic lifecycle mgmt.
Defined: Processes are defined (written) and proactive.
Quantitatively Managed: Processes are defined and measured.
Optimizing: Processes are measured and improved.
Defect Prevention, Technology Change Management, Process Change Management

Question 12

Q

SEI IDEAL

IDEAL model for software development and Change management.

Answer

A

Initiating: Business reasons behind change, approval/support, requirements in place.
Diagnosing(診斷): Engineers analyze current state and make recommendations.
Establishing: Recommendations are developed into plan of actions.
Acting: Develop, test, refine and implement solution.
Learning: Continuous analysis of desired goals, new plans for achieving goals.

Question 13

Q

AGILE

Answer

A

Developed in response to rigid Development processes like Waterfall.
Individuals and interactions over processes and tools
Working software over comprehensive documentation
Customer collaboration over contract negotiation
Responding to change over following a plan

Question 14

Q

Sashimi

Answer

A

Overlapping Waterfall Model.

Steps overlap, leading to faster-integrated development cycle.

Question 15

Q

NIST SP 800-14

Answer

A

Generally Accepted Principles and. Practices for Securing Information. Technology Systems
Initiation
Development/ Acquisition
Implementation
Operation / Maintenance
Disposal

Question 16

Q

SECURE SOFTWARE DESIGN

Fail-Open

Answer

A

Fail-Open: bypasses security at failure to allow operations to continue.

Question 17

Q

SECURE SOFTWARE DESIGN

Fail-Secure

Answer

A

Fail-Secure: puts system in high-security state at failure and does not allow operations until administrator diagnoses and resolves problems.

Question 18

Q

Database Backup

Electronic Vaulting

Answer

A

Electronic Vaulting: Remote site database backup using bulk transfers. Smaller time to backup to remote site, then sending tape.
Significant delay to recover as backup has to be obtained from vault and then restored.

Question 19

Q

Database Backup

Remote Journaling

Answer

A

Remote Journaling: Transaction logs backed up remotely.
Some delay (ex.hourly), technicians retrieve logs transaction logs and apply to production DB.

Question 20

Q

Database Backup

Remote Mirroring

Answer

A

Remote Mirroring: Live Backup via copying any changes to the production database to the backup. (also called Shadowing)
No delay. Can be migrated as is.

Question 21

Q

Recovery Types

Trusted Recovery

Answer

A

Trusted Recovery: System is as secure as before failure or crash.

Question 22

Q

Recovery Types

Manual Recovery

Answer

A

Manual Recovery: If system does not fail in a secure state, an admin has to manually implement security before recovery.

Question 23

Q

Recovery Types

Automated Recovery

Answer

A

Automated Recovery: System performs trusted recovery activities against failure. Ex: RAID.

Question 24

Q

Recovery Types

Automated Recovery with Undue Loss

Answer

A

Automated Recovery with Undue Loss: System performs trusted recovery activities against failure, but also protects specific objects against loss.

Question 25

Q

Recovery Types

Function Recovery

Answer

A

Function Recovery: Systems that can automatically recovery functions.

Question 26

Q

e-Discovery Reference Model

Answer

A

eDiscovery Reference Model

Identification :The identification phase locates relevant information but does not preserve it.
Preservation :During the preservation phase, the organization ensures that information related to the matter at hand is protected against intentional or unintentional alteration or deletion.
Collection :The collection phase occurs after preservation and gathers responsive information
Processing :The processing phase performs a rough cut of the collected information for relevance.
Review of the data to ensure it is relevant.
Analysis of the data for proper context.
Production of the final data set to those requesting it.
Presentation of the data to external audiences to prove or disprove a claim.

Question 27

Q

Real Evidence

Answer

A

Physical, can be brought to court. (Hard disks etc)

Question 28

Q

Documentary Evidence

Answer

A

Original / copies of business records, computer-generated/stored logs. Must comply with Hearsay rule

Question 29

Q

Circumstantial Evidence

Answer

A

Doesn’t directly prove, but makes reasonable inference. (Tickets to the opera infers person was at opera)

Question 30

Q

Direct Evidence

Answer

A

Oral / Written Testimonial evidence witnessed by a persons 5 senses.

Question 31

Q

Demonstrative Evidence

Answer

A

Aid understanding of case via Expert opinion or non-expert facts.

Question 32

Q

Secondary Evidence

Answer

A

A duplicate copy such as photocopy, tape backup, screenshot, logs

Question 33

Q

Best-evidence

Answer

A

Best-evidence: Original, unaltered, requires integrity. Computer-generated records.
Hearsay-evidence: Inaccurate, unreliable, unable to prove integrity. Computer-stored records.

Question 34

Q

Hearsay-evidence

Answer

A

Best-evidence: Original, unaltered, requires integrity. Computer-generated records.
Hearsay-evidence: Inaccurate, unreliable, unable to prove integrity. Computer-stored records.

Question 35

Q

Federal Rules of Evidence states if data stored on pc, or printout is demonstrated to be accurate and reliable, it is ??

Answer

A

it is Best Evidence.

Question 36

Q

Enticement

Answer

A

Make a crime more enticing. Criminal already has mindset to commit crime. E.g. He has already hacked in, so Honeypot can be used to contain, gain knowledge.

Question 37

Q

Best Evidence Rule

Answer

A

Best Evidence Rule: Admissability

Question 38

Q

Parol Evidence Rule

Answer

A

Parol Evidence Rule – Only written agreements acceptable.

Question 39

Q

Hearsay Rule

Answer

A

Hearsay Rule – Hearsay evidence only admitted if maker of the statements is able to testify in court.

Question 40

Q

Best Evidence Rule

Competent / Legally Permissible

Answer

A

Obtained through legal means, and not via:
Illegal Search & Seizure: without warrant.
Illegal Wiretap & Phonetaps
Entrapment
Coercion: force to testify.

Question 41

Q

INVESTIGATIONS

Administrative Investigation

Answer

A

Administrative Investigations: Operational investigations to internal IT system faults, functions & processes. No set guideline for evidence. Evidence is Voluntarily Surrendered to investigation personnel.

Question 42

Q

INVESTIGATIONS

Criminal Investigation

Answer

A

Criminal Investigation: Evidence must meet Beyond a reasonable doubt, investigated by law enforcement.

Question 43

Q

INVESTIGATIONS

Civil Investigation

Answer

A

Civil Investigation: Evidence meets More likely than not, investigated by employees and consultants.

Question 44

Q

INVESTIGATIONS

Regulatory Investigation

Answer

A

Regulatory Investigation: Evidence meets Standard of proof, investigated by government or regulatory bodies if companies are suspected of violating compliance or administrative laws.

Question 45

Q

INVESTIGATIONS

Compliance Assessment

Answer

A

Compliance Assessment: Evidence meets Proof of compliance, Periodic assessment to meet compliance standards, investigated by third-party auditors appointed by regulatory bodies.

Question 46

Q

Evidence gathered for Investigation must maintain their ???

Answer

A

Integrity

Question 47

Q

Honeypots

Answer

A

Honeypots
Offer enticement to attackers, so that the attacker may spend time attacking the honeypot without gaining any information leading to discouragement.

Question 48

Q

Honeynet

Answer

A

Honeynet: Two or more networked honeypots to simulate a network.

Question 49

Q

PsuedoFlaws

Answer

A

PsuedoFlaws

False vulnerabilities or loopholes present in a system, enticing attacker to attack.

Question 50

Q

Padded Cell

Answer

A

Padded Cell

Detection of attack, attacker transmitted to virtual network with exact look and feel of real.

Question 51

Q

Security As A Service

Answer

A

Security As A Service: Managed Detection & Response, Vulnerability Assessment & Mitigation etc.

Question 52

Q

SYN Flood Attack

Answer

A

SYN Flood Attack

Sends multiple SYN packets, but does not respond to the SYN-ACK with an ACK.

Question 53

Q

Fraggle Attack

Answer

A

Fraggle Attack

Send UDP Port 7 and 19 traffic spoofing Victims IP as source. All hosts then send traffic to the victim.

Question 54

Q

Smurf Attack

Answer

A

Smurf Attack
Sends ICMP echo packets spoofing the Victim’s IP as source to a broadcast network via directed broadcast in a router. RFC 2644 defaults to no directed broadcast.

Question 55

Q

Sabotage(破壞)

Answer

A

Sabotage

Criminal destruction or disruption against an organization by an employee.

Question 56

Q

Espionage

Answer

A

Espionage

Spy and steal secrets / intelligence.

Question 57

Q

INCIDENT RESPONSE MANAGEMENT

Answer

A

Detection
First responders analyze to classify alarm as incident and Activate the CIRT. Reporting

Response
Investigate, Assess damage, collect evidence, determine the response (containment action)

Mitigation
Determine Cause that leads to RCA, take action to Contain incident and Eradicate to stop incident.

Reporting
Technical: Technical details of incident.
Non-Technical: Seriousness of incident to management.

Recovery
Restore system to operational status (BU approves). Monitor for persistence. Recovery in off-peak hours.

Remediation
Long term mitigation. Prevent Recurrance. Root cause Analysis. Eg: Password was compromised, mitigation changes password. Remediation adds Multifactor authentication.

Lessons Learned
Final Incident Report.
What could be done to prevent further incidents, response analysis, shortcomings, feedback.

Question 58

Q

INCIDENT RESPONSE MANAGEMENT

Root Cause Analysis

Answer

A

Determine what caused an incident: very critical to Mitigation, Recovery and Remediation. If root cause is not properly identified, an incident can persist for a longer time.

Question 59

Q

INCIDENT RESPONSE MANAGEMENT

CIRT

Answer

A

Computer Incident Response Team: Responsible for Investigation, Containment and Recovery.

Question 60

Q

NIST 800-61r2

Answer

A

Computer Security Handling Guide=>INCIDENT RESPONSE MANAGEMENT

Question 61

Q

Common Vulnerabilities and Exposures (CVE)

Answer

A

Standard convention to identify vulnerabilities among vendors. MITRE maintains the CVE database.

Question 62

Q

Change Review Board

Answer

A

Comprised of experts from different departments. Review and Approve/Reject a change.

Question 63

Q

CHANGE MANAGEMENT

Answer

A

Request Change
Review Change(w/ Impact Analysis)
Approve/Reject
Test
Implement
Document

Question 64

Q

Types of Logs

Application Logs

Answer

A

Types of Logs
Application Logs: Related to application events.
Security Logs: Related to security events such as logon,lockout.
System Logs: Related to system events such as hardware errors.
Proxy Logs: Related to web events.
Audit Logs: Related to admin actions.

Answer 65

A

Types of Logs
Application Logs: Related to application events.
Security Logs: Related to security events such as logon,lockout.
System Logs: Related to system events such as hardware errors.
Proxy Logs: Related to web events.
Audit Logs: Related to admin actions.

Answer 66

A

Types of Logs
Application Logs: Related to application events.
Security Logs: Related to security events such as logon,lockout.
System Logs: Related to system events such as hardware errors.
Proxy Logs: Related to web events.
Audit Logs: Related to admin actions.

Answer 67

A

Types of Logs
Application Logs: Related to application events.
Security Logs: Related to security events such as logon,lockout.
System Logs: Related to system events such as hardware errors.
Proxy Logs: Related to web events.
Audit Logs: Related to admin actions.

Answer 68

A

Duress: Duress(脅迫) systems for safety of personnel working alone or in remote area. (Signal to indicate hazard). Example: Code word for security guard if he is surrounded or in danger.

Answer 69

A

Segregation of Duties

No single person is completely responsible/assigned all functions of a process. Mandatory requirement of SOX compliance.

Answer 70

A

Fuzzing – Provides multiple invalid inputs to software to test it’s limits, in an attempt to produce crashes, vulnerabilities such as bounds, buffer overflows etc. Tools: zzuf
Mutation Fuzzing: Takes valid input, alters it and sends to the application.
Generational Fuzzing: Intelligent Fuzzing. Creates models based on the data types accepted by the program.

Answer 71

A

Fuzzing – Provides multiple invalid inputs to software to test it’s limits, in an attempt to produce crashes, vulnerabilities such as bounds, buffer overflows etc. Tools: zzuf
Mutation Fuzzing: Takes valid input, alters it and sends to the application.
Generational Fuzzing: Intelligent Fuzzing. Creates models based on the data types accepted by the program.

Answer 72

A

Mutation(變異) Testing – Modifies a program in small ways and then tests the mutant to determine if it behaves as it should or fails. This is used to design new software tests and ensures the quality of the tests.

Answer 73

A

Interface Testing – Tests the interfaces exposed by the application such as API, GUI for security vulnerabilities and proper handoff’s, data inputs.

Answer 74

A

Acceptance Testing: Software meets the customers / users requirements.

Answer 75

A

STRUCTURAL
Branch Coverage: every branch at a decision point is TRUE or FALSE.
Condition Coverage: each Boolean expression is evaluated to both TRUE or FALSE.
Function Coverage: every Function or Subrotation is called.
Statement Coverage: every Statement is executed at least once.
Loop Coverage: every loop in the code to verify loop initialization problems, repetition issues, capacity/performance bottlenecks.

Answer 76

A

Functional
Normal Testing: Normal inputs (expected user behavior) are fed and results are tested with expected outcomes.
Misuse Case Testing: Wrong or unexpected inputs sent to program for testing robustness.

Answer 77

A

Planning
Overview
Preparation
Inspection
Rework
Follow-up

Answer 78

A

Dynamic Testing tests code while executing i.e. functions it performs, actions it takes.
Test code Actively.
Organizations deploying third party software typically use this approach.

Answer 79

A

Static Testing reviews raw source code looks for known insecure practices, functions, libraries or characteristics.
Test code passively.
Walkthrough
Syntax Checking
Code Review
Lexical Analysis
Control flow graphs
Data Flow analysis
Can use automated tools to perform Static Testing.

Answer 80

A

Internal Audits
Performed by organization appointed auditors. Continual review of controls. Separate line of reporting to CEO/Business owners.

Answer 81

A

External Audits

Performed by outside organizations. No conflict of interest. High validity. Big Four: E&Y, PwC, Deloitte, KPMG

Answer 82

A

Third Party Audits
Performed on behalf or conducted by another organization, like a regulatory body. Scope decided by the Third Party. Example: PCI-DSS, SOX

Answer 83

A

Auditing Standards
CoBIT – common security requirements for systems
ISO 27002 – granular specifics information systems security control
SSAE18 – SOC2
Type 1 – Point in time controls.
Type II – Period of time controls, testing. More reliable and preferred, auditor opinion
Soc3– Service Provider 3rd party audit.

Answer 84

A

NIST Security Content Automation Protocol (SCAP): interface with the NVD for vulnerability information exchange.

Answer 85

A

Common Vulnerabilities and Exposures (CVE): naming system and describes vulnerabilities.
Common Vulnerability Scoring System (CVSS): Scoring for Severity.

Answer 86

A

NIST SP800-53A – Assessing Security & Privacy Controls:
Specifications: documents of system being audited, policies, requirements.
Mechanisms: Controls used to meet specifications.
Activities: Actions carried out by individuals, procedures and processes.
Individuals: People who access the system and perform the activities.

Answer 87

A

Whaling

SpearPhishing for VPs, CXOs.

Answer 88

A

Spear Phishing
Targeted Phishing – specific users of an organization (RnD, Marketing). Considerable research before launching this attack. Involves exploits crafted for target. Awareness, Patching, reputation filtering.

Answer 89

A

DAC – Discretionary Access Control
Security of object is at Data Owner’s Discretion.
Access granted through ACL.
Owner of Object decides permission.
Identity based.
Subject has no knowledge of the object’s sensitivity.
Scalable and Flexible as each owner decides access.

Answer 90

A

MAC – Mandatory Access Control
Data Owners cannot grant access.
Security Labels of Subject and Object define decision.
Access granted by Security Officer.
Subject label must dominate Object Label.
Subject has knowledge of the object’s sensitivity.
Lattice-based Access control.
Can be compartmented further for Label+Compartment for enforcement of Need to Know.
3 Types: Compartmented, Hierarchical, Hybrid.

Answer 91

A

RBAC– Role Based Access Control
Group based Access Permissions.
Non-discretionary.
Each Role has a set of rights over objects as defined by the Data Owner.
The Security Admin configures the rights.
Subject focused.

Answer 92

A

RuBAC– Rule Based Access Control
Rule based – Global focused rules that apply to all subjects.
Called restrictions or filters.
If/then statements (group=admin allow social-networking time:800)

Answer 93

A

Attributed Based Access Controls
Policies that include multiple attributes for rules (memory=8gb, os=windows)
SDNs use ABAC

Answer 94

A

RADIUS
Authentication, Authorization, Accounting
Ports: UDP 1812,1813 or 1645,1646(unofficial)
Uses Attribute Value Pairs (AVPs) that can be used to enhance authentication and Authorization. 256 Pairs possible.
Logs privileged access once logged in.
Only encrypts the Password exchange.
RADSEC enables RADIUS over TCP/TLS

Answer 95

A

TACACS+
Authentication, Authorization, Accounting
Ports: TCP 49
TACACS+ enhancement allows Two-factor authentication.
Separates AAA into different processes that can be implemented on multiple servers.
Encrypts all authentication information.
Better accountability compared to Radius.

Answer 96

A

Diameter
Supports wide range of protocols: IP, Mobile IP, VoIP.
Better Reliability and Flexibility than RADIUS.
Authentication, Authorization, Accounting
Ports: TCP / SCTP 3868
Supports IPSec & TLS Encryption.
Not backwards compatible with RADIUS
Uses AVP’s and increases to use 32 bits i.e. billions of Pairs.

Answer 97

A

Security Association Markup Language (SAML)
Log-In to Federated sites via SSO. Enterprise websites and apps.
Uses XML
Components:
Assertions: Authentication, Attribute, Authorization
Protocols: HTTP, SMTP, SOAP, FTP
Bindings: SAML over SOAP, SAML over HTTP
Roles:
Identity Provider (IdP): Validate user identity.
Service Provider (SP): The Service
Principal: User
Circle of Trust between all parties before Assertions.

Answer 98

A

OAuth 2.0
Provides Authorization to API’s such as GoogleID, LinkedIn, Facebook etc.
Roles:
OAuth Provider: Hosts the resource to be accessed.
OAuth Consumer: Requesting the resource.
End User: Granting access
Example: Facebook App (Consumer) asking for permission from (End User) to grant access to your Facebook Profile (Provider)
No Encryption – Relies on TLS for Session encryption.

Answer 99

A

OpenID
SAML based SSO, consumer websites and apps.
Roles:
OpenID Provider: Verifies End user.
Resource Party: Wants to verify the user.
End User: who wants access
Example: Facebook App (Consumer) asking for permission from (End User) to grant access to your Facebook Profile (Provider)
OpenID Connect(OIDC): Uses JSON Web Tokens (JWT) and REST to retrieve JWT. Can retrieve user profiles.
Vulnerable to Phishing attacks.

Answer 100

A

Kerberos:
Uses Symmetric encryption.
Port: UDP 88
The Principal / client’s password is never transmitted on the network.
Time Sensitive: All systems clocks need to be in sync.
Single Point of Failure.

Answer 101

A

Resource Server

The Target Service (TS) that the User/Principal needs access to.

Answer 102

A

Authentication Server (AS) – Grants Ticket Granting Tickets (TGT) to access the TGS
Ticket Granting Service (TGS) – Grants tickets to target services.

Answer 103

A

Session Key – Encrypts communication for a session between client and KDC or TS
Ticket Granting Ticket (TGT) – access to TGS.
Service Ticket – access to Target Service.

Answer 104

A

Lightweight Directory Access Protocol: Directory based on Subjects (users) and objects (resources)
Ports:
389 – Plain LDAP
636 – LDAP-S over SSL
3268 – Global Catalog
3269 – Secure Global Catalog

Answer 105

A

IDaaS

Identity As A Service offering cloud based Identity services and management. Example: PingID, OneIdentity, Okta

Answer 106

A

Fingerprint: Widely used, scans minutae.
Retina: Scans capillaries at back of eye. Most accurate, but intrusive. Health Risk and privacy issues.
Iris: Second most accurate, passive.

Answer 107

A

Palm scan: Scan’s the veins, establish unique identity without another factor.
Hand Geometry scan: Scan’s the length, width and thickness of hand. Not reliable.
Voice Print: Voice sampling. Vulnerable to capture and replay of voice.

Answer 108

A

Facial Scanning: Scans facial features against DB. Passive.

Keyboard dynamics: typing style capture (how hard/fast). Change in behavior can cause FRRs.

Answer 109

A

Type I Error - False Reject Rate: (FRR)Valid authorized user is rejected.
Type II Error - False Accept Rate: (FAR) Invalid Unauthorized user is accepted.
Crossover Error Rate: (CER) When FRR and FAR are equal.
If the CER of a biometric system is not acceptable:
Evaluate other biometric systems.

Answer 110

A

Synchronous Dynamic Tokens
ASynchronous Dynamic Tokens
NIST SP800-63B recommends Push notifications over SMS.

Answer 111

A

Passwords
Passphrases:“IamtheLordofDarkness”
NIST SP 800-63B Recommends
Compare user passwords against known weak passwords like “password” etc.
Don’t enforce complex passwords or users will write it down.
Salt passwords with random value and store as hash.

Answer 112

A

AUTHENTICATION FACTORS
TYPE I – Something You Know
Something that the user knows such as a Password, Passphrase PIN or Response.
TYPE II – Something You Have
Something that the user has such as a Token, Smartcard.
TYPE III – Something You Are
Biometric Authentication such as Fingerprint, Retina, Iris, Facial or Hand Geometry scans.
TYPE IV – Some place you are
GPS, Geolocation, Device

Answer 113

A

Preventive
Prevent or stop unwanted activities from occuring.
Ex: Encryption, mantrap, Firewall, security awareness

Answer 114

A

Detective
Detect unwanted / unauthorized activities.
Ex: CCTV, IDS, EDR, Job rotation, mandatory vacations.

Answer 115

A

Corrective
Restore or resolve problems after security incident. (Short-term recovery – damage isn’t extensive)
Ex: AV Scan, Data Restore, IPS TCP Reset

Answer 116

A

Deterrent
Discourage people from making security violations.
Ex: Fences, Guards, Warnings.

Answer 117

A

Recovery
Long term recovery, if damage is extensive.
Ex: Backup & restore (ransomware attack), RAID, Load-balancing, System re-imaging.

Answer 118

A

Directive
Direct and control user actions.
Ex: Acceptable use policy, Exit signs, warnings, procedures.

Answer 119

A

Compensating
Backup access control in case primary fails or not available.
Ex: Smartcard – primary, temporary id – secondary.

Answer 120

A

DNP3 – multi-layer TCP/IP Protocol that enables Industrial systems such as SCADA to intercommunicate. DNP3 is very good at communicating over low-bandwidth links, making it ideal for utilities, power grids and Oil and Gas management systems. DNP3 supports unsolicited messages that exposes Industrial systems to large remote attack surfaces. The Maroochy-Shire Sewage System attack

Answer 121

A

AirGap
Separation (ideally physical) of Protected systems and the internet. The idea is to prevent internet based attacks.

Answer 122

A

ICS Terms
OT – Operational Technology: computing systems that manage industrial systems.
ICS – Industrial Control Systems: systems that are used to monitor and control industrial processes like conveyor belts, power consumption on electric grids.
PLC – Programmable Logic Controllers: ruggedized device that manages an ICS.
SCADA – Supervisory Control and Data Acquisition: Control and monitor Industrial facilities locally and remotely.
MES – Manufacturing Execution Systems: track and document transformation of Raw material to finished goods.

Answer 123

A

ICS Terms
OT – Operational Technology: computing systems that manage industrial systems.
ICS – Industrial Control Systems: systems that are used to monitor and control industrial processes like conveyor belts, power consumption on electric grids.
PLC – Programmable Logic Controllers: ruggedized device that manages an ICS.
SCADA – Supervisory Control and Data Acquisition: Control and monitor Industrial facilities locally and remotely.
MES – Manufacturing Execution Systems: track and document transformation of Raw material to finished goods.

Answer 124

A

ICS Terms
OT – Operational Technology: computing systems that manage industrial systems.
ICS – Industrial Control Systems: systems that are used to monitor and control industrial processes like conveyor belts, power consumption on electric grids.
PLC – Programmable Logic Controllers: ruggedized device that manages an ICS.
SCADA – Supervisory Control and Data Acquisition: Control and monitor Industrial facilities locally and remotely.
MES – Manufacturing Execution Systems: track and document transformation of Raw material to finished goods.

Answer 125

A

ICS Terms
OT – Operational Technology: computing systems that manage industrial systems.
ICS – Industrial Control Systems: systems that are used to monitor and control industrial processes like conveyor belts, power consumption on electric grids.
PLC – Programmable Logic Controllers: ruggedized device that manages an ICS.
SCADA – Supervisory Control and Data Acquisition: Control and monitor Industrial facilities locally and remotely.
MES – Manufacturing Execution Systems: track and document transformation of Raw material to finished goods.

Answer 126

A

ICS Terms
OT – Operational Technology: computing systems that manage industrial systems.
ICS – Industrial Control Systems: systems that are used to monitor and control industrial processes like conveyor belts, power consumption on electric grids.
PLC – Programmable Logic Controllers: ruggedized device that manages an ICS.
SCADA – Supervisory Control and Data Acquisition: Control and monitor Industrial facilities locally and remotely.
MES – Manufacturing Execution Systems: track and document transformation of Raw material to finished goods.

Answer 127

A

Phreakers.

Answer 128

A

SIP (the registration protocol for VOIP) uses clear text, if a hacker can capture these messages, that hacker is able to read subscribers’ sensitive information such as their public and private identities, and use it to spoof the subscriber.

Answer 129

A

SMTP over TLS: encapsulate SMTP traffic between server transmissions to prevent eavesdroppers. Does not protect from the compromise of the server itself.
Opportunistic: TLS connection forms if both servers are capable of TLS, or else reverts to Plain-Text.
Mandatory: TLS Connection is required else connection is not established.

Answer 130

A

DKIM: Valid mail is sent by verification of the Domain Identity.

Answer 131

A

S/MIME: Provides confidentiality and authentication by encrypting email messages and using Digital signatures to provide authentication of sender using the RSA asymmetric cryptosystem and PKCS (Public Key Cryptography)

Answer 132

A

PGP: Provides confidentiality and authentication by using IDEA for encryption and RSA for Digital signatures and key distribution. Uses a decentralized Trust model.

Answer 133

A

WPA2: Wi-Fi Protected Access 2
Uses CCMP (based on AES) to encrypt communications from Client to AP.
Used along with EAP to provide Enterprise grade security:
EAP-TLS – Every client and Controller/AP has a unique certificate. Server-Client validation. Difficult to deploy and maintain, most secure.
PEAP – Client Credentials (typically AD) and Controller certificate. Cert validated before client credentials are sent. Easy to deploy and maintain, good security.
802.11i – RSN (Robust network security)

Answer 134

A

WPA: Wi-Fi Protected Access
Uses TKIP with RC4 to improve security over WEP.
Adds Key regeneration every 10000 packets, IV and key mixing.
Limits of 30 users per SSID.

Answer 135

A

Captive Portal
Open network with a captive page ideally used to provide temporary access by hotspots (airport etc.)
Open networks, are prone to sniffing, always use a VPN on them.
Can be enhanced further by offering Self registration, Sponsor confirmation, billing and advertisements.

Answer 136

A

WEP
Uses RC4, CRC32 for confidentiality and integrity with 24bit IV.
Broken in 2001, not at all recommended.

Answer 137

A

Bastion Host : is a hardened system exposed to the internet to securely expose services to the internet. A Reverse Proxy is also a Bastion Host. Also called Screened Host.
Example: An Antivirus server has the same port for management and user updates. If directly exposed, it can lead to attacks on the mgmt. console. A Bastion Host securely exposes only user-updates service and restricts management access from the internet.

Answer 138

A

Packet Filter: Checks an ACL and only the message header to determine access. Is not Stateful. Layer 4.

Answer 139

A

Stateful Inspection firewall: Verifies the state (connection originator) and allows access based on IP/Port combination in message header.. Layer 4. (example: A telnet on Port 80 will be allowed if Port 80 (HTTP) is allowed)

Answer 140

A

Application Layer Proxy: Filters Layer 7 content, like a web-filter or a VOIP gateway. Proxies connections on behalf of the client, improving confidentiality and preventing exposure of internal users to the internet.

Answer 141

A

Deep Inspection Firewalls: Filter connections at Layer 7 and add services such as Malware protection, IPS etc.

Answer 142

A

Next Generation Firewalls: As apps shifted to HTTP/S, firewalls shift focus from Port based to Application based, sampling traffic to determine the actual application (example: A telnet on Port 80 is now categorized as Telnet app)

Answer 143

A

DNS is a hierarchical database with a tree structure. Root -> TLD -> Domain -> Sub-domain.
DNS uses UDP Port 53 for lookups, and TCP Port 53 for Zone Transfers.

Answer 144

A

SFTP – TCP 22: Uses SSH for FTP to make it secure.

SCP – TCP 22: Secure Copy Protocol.

Answer 145

A

UDP on the other hand is a Connection-less protocol and relies on Application Layer protocols for Reliability. Uses IP Protocol number 17.
QUIC is a google protocol that uses UDP for Web traffic, aimed at faster transmission.
Block UDP and only allow Apps needed.

Answer 146

A

TCP is a connection oriented Protocol, that segments Payload/Data received from the higher layers, performs Error Detection and correction and performs the actual session setup. Reliability.
TCP uses unique ports from 0-65535 for differentiating application data. Destination are well known ports (such as 80 for HTTP) and source ports are always random.
URG – Packet contains Urgent Data.
ACK – Acknowledge received Data
PSH – Clear Buffer, Push Data to Application Layer.
RST – Reset (Tear down) TCP Connection
SYN – Synchronise a connection
FIN – Graceful Tear down.
CWR – Congestion Window Reduced
ECE – Explicit Congestion Notification Echo.
NS – Nonce Sum

Answer 147

A

ICMP: Internet Control Message Protocol is used for IP Investigations of Reachability.
ICMPv6 is used for IPv6
ICMP has it’s own Transport layer protocol.
IP Protocol number: 1
Important ICMP messages:
ICMP Echo Request: Request a reply, check reachability. Type 8 message.
ICMP Echo Reply: Reply to an Echo req. Type 0 message.
ICMP Time Exceeded: Used in Traceroute to check distance.
Destination Unreachable: Router reports that the Destination is unreachable.
0 – Network Unreachable
1 – Host Unreachable
2 – Protocol Unreachable
3 – Port Unreachable
ICMP Redirect: Redirects Datagrams or Segments to the correct host.

Answer 148

A

RFC 1918 Addresses: Private address, non routable:
Class A – 10.0.0.0-10.255.255.255
Class B – 172.16.0.0-172.31.255.255
Class C – 192.168.0.0-192.168.255.255
Loopback Addresses: Test the local TCP/IP stack
127.0.0.1 ( although the whole 127.0.0.0/8 is reserved)
APIPA Address: Used by Microsoft Windows, when DHCP IP is not received.
169.254.x.x

Answer 149

A

ISDN– Digital voice, video, data.
BRI – Two data and one control channels – 144kbps.
PRI: T1- 23 Data and one control channels – 1.544 Mbps
E1 – 30 Data and one Control channel – 2.048 Mbps
T3 – 28 bundled T1s – 45 Mbps

Answer 150

A

SONET: Optical network that connects continents.

Answer 151

A

DSL: Digital subscriber Line, symmetric, same upload/download speed.
ADSL – Asynchronous DSL, varying Upload and Download speed.
VDSL – High bandwidth DSL

Answer 152

A

ATM – Circuit switched network. Each site needs dedicated circuits for connection.

Answer 153

A

Frame Relay – Packet switched network. Frame Relay supports Virtual Circuits – One single physical link can support multiple Private Virtual Circuits to connect to sites.

Answer 154

A

MPLS – Fast, label-switching WAN, establishes pre-defined routes. Can route to multiple sites over single link without a PVC via routing protocols such as MP-BGP. Adds Label headers and can forward IP and Non-IP Packets.

Answer 155

A

SD-WAN – The cost of dedicated WAN such as MPLS has driven SD-WAN. SD-WAN enables an enterprise to create a WAN fabric across an underlying multi-wan network such as MPLS, Internet etc. SD-WAN enhances traffic delivery by adding auto-failover, congestion detection and application bandwidth optimization.

Answer 156

A

ETHERNET Media Types:
10Base2 – Thinnet Coaxial, 2 Mbps
10Base5 – Thicknet Coaxial, 5 Mbps
10BaseT – UTP Cat 5, 10 Mbps, 100m
100BaseT – UTP Cat 5, 100 Mbps, 100m
100BaseFX – Fiber Optic
1000BaseT – UTP Cat 5e/6, 1Gbps, 100m
10GBaseT: Copper 10G on UTP, Cat 7
10GBase-SR/LR/ER: 10G fiber-optic. S = Short Range, L = Long range, E = Extended range.

Answer 157

A

ETHERNET Media Types:
10Base2 – Thinnet Coaxial, 2 Mbps
10Base5 – Thicknet Coaxial, 5 Mbps
10BaseT – UTP Cat 5, 10 Mbps, 100m
100BaseT – UTP Cat 5, 100 Mbps, 100m
100BaseFX – Fiber Optic
1000BaseT – UTP Cat 5e/6, 1Gbps, 100m
10GBaseT: Copper 10G on UTP, Cat 7
10GBase-SR/LR/ER: 10G fiber-optic. S = Short Range, L = Long range, E = Extended range.

Answer 158

A

ETHERNET Media Types:
10Base2 – Thinnet Coaxial, 2 Mbps
10Base5 – Thicknet Coaxial, 5 Mbps
10BaseT – UTP Cat 5, 10 Mbps, 100m
100BaseT – UTP Cat 5, 100 Mbps, 100m
100BaseFX – Fiber Optic
1000BaseT – UTP Cat 5e/6, 1Gbps, 100m
10GBaseT: Copper 10G on UTP, Cat 7
10GBase-SR/LR/ER: 10G fiber-optic. S = Short Range, L = Long range, E = Extended range.

Answer 159

A

ETHERNET Media Types:
10Base2 – Thinnet Coaxial, 2 Mbps
10Base5 – Thicknet Coaxial, 5 Mbps
10BaseT – UTP Cat 5, 10 Mbps, 100m
100BaseT – UTP Cat 5, 100 Mbps, 100m
100BaseFX – Fiber Optic
1000BaseT – UTP Cat 5e/6, 1Gbps, 100m
10GBaseT: Copper 10G on UTP, Cat 7
10GBase-SR/LR/ER: 10G fiber-optic. S = Short Range, L = Long range, E = Extended range.

Answer 160

A

MAC Addresses
Mac Addresses are typically 48 bits and burned in from factory.
First 24 bits are called OUI – Organizational Unique Identifier and identify the manufacturer of the NIC card – such as Cisco, Juniper, Palo Alto etc.
The last 24 bits are the serial number, and unique to each NIC.
EUI-64 was created to increase the pool. The OUI is still 24 bits, but the serial number is now 40 bits.
IPv6 autoconfiguration is compatible to both MAC Types.
Modern OSes allow Mac Addresses to be changed via tools, thus allowing mac addresses to be spoofed.
You can quickly look up the OUI of a MAC address for IP Spoofing. (Example: A rogue Cisco router has the same IP as your Sonicwall Firewall). An arp –a on a windows PC will give you clues!

Answer 161

A

Collision Domains: Two devices send packets at the same time on a shared segment.
A Hub is one collision domain, only one device can transmit at a time!
A switch breaks collision domains. Every port on a switch is one collision domain.

Answer 162

A

Broadcast Domains: The entire Layer 2 network. Routers break break broadcast domains, VLANs reduce broadcast domains.

Answer 163

A

Payload is Encapsulated as it travels down from the Transport layer into Segments, Packets, Frames and Bits.

Answer 164

A

Sprinkler Systems:
Wet Pipes – water right up to sprinkler head. Glass bulb melts / breaks at specific temperature. Each head independent.
Dry Pipes – Water held back by valve, compressed air in pipe. As head opens, pressure drops and water released.
Deluge – Sprinkler heads are always open and larger than dry pipers. Valve opens water flow via manual or fire alarm.
Preaction – combination of two, opens via two separate triggers.

Answer 165

A

Sprinkler Systems:
Wet Pipes – water right up to sprinkler head. Glass bulb melts / breaks at specific temperature. Each head independent.
Dry Pipes – Water held back by valve, compressed air in pipe. As head opens, pressure drops and water released.
Deluge – Sprinkler heads are always open and larger than dry pipers. Valve opens water flow via manual or fire alarm.
Preaction – combination of two, opens via two separate triggers.

Answer 166

A

Sprinkler Systems:
Wet Pipes – water right up to sprinkler head. Glass bulb melts / breaks at specific temperature. Each head independent.
Dry Pipes – Water held back by valve, compressed air in pipe. As head opens, pressure drops and water released.
Deluge – Sprinkler heads are always open and larger than dry pipers. Valve opens water flow via manual or fire alarm.
Preaction – combination of two, opens via two separate triggers.

Answer 167

A

Sprinkler Systems:
Wet Pipes – water right up to sprinkler head. Glass bulb melts / breaks at specific temperature. Each head independent.
Dry Pipes – Water held back by valve, compressed air in pipe. As head opens, pressure drops and water released.
Deluge – Sprinkler heads are always open and larger than dry pipers. Valve opens water flow via manual or fire alarm.
Preaction – combination of two, opens via two separate triggers.

Answer 168

A

Detection Systems:
Fixed temperature
Rate of rise – speed of temp changes.
Flame actuated – infrared energy of flames.
Smoke Actuated – photoelectric or radioactive

Answer 169

A

Ordinary – wood, paper
vs
Water or Soda Acid

Answer 170

A

Liquid – petrol etc.
vs
Halon, FM200, Soda Acid,CO2

Answer 171

A

Electrical Equipment
vs
Halon, FM200, CO2

Answer 172

A

Combustible Metals
vs
Dry Powder

Answer 173

A

Electricity
Fault – temporary loss of power.
Blackout – prolonged loss of power.
Sag – temporary low voltage.
Brownout – prolonged low voltage.
Surge – prolonged high voltage
Spike – temporary high voltage.

Answer 174

A

Electricity
Fault – temporary loss of power.
Blackout – prolonged loss of power.
Sag – temporary low voltage.
Brownout – prolonged low voltage.
Surge – prolonged high voltage
Spike – temporary high voltage.

Answer 175

A

Electricity
Fault – temporary loss of power.
Blackout – prolonged loss of power.
Sag – temporary low voltage.
Brownout – prolonged low voltage.
Surge – prolonged high voltage
Spike – temporary high voltage.

Answer 176

A

Heat, Ventilation & Cooling
Humidity – 40-60%
Temperature – 60-75F (15-23 C degrees)
High Humidity – leads to corrosion
Low Humidity – leads to Static Electricity.
Prevent condensation with a positive drain system.

Answer 177

A

Heat, Ventilation & Cooling
Humidity – 40-60%
Temperature – 60-75F (15-23 C degrees)
High Humidity – leads to corrosion
Low Humidity – leads to Static Electricity.
Prevent condensation with a positive drain system.

Answer 178

A

Mantrap
One door must close, before second opens. Two different authentication forms. Security guard’s may also verify authenticity for second door.

Answer 179

A

TurnStile

One person per access. Revolving door concept. Authenticated via Smartcard or Security Guard

Answer 180

A

Gates
Class 1 – Residential
Class II – Commercial (parking)
Class III – Industrial (loading dock)
Class IV – Restricted Access (Airport / Prison)

Answer 181

A

Fences
3 feet – Deterrent
6 feet – Deter most intruders.
8 feet with barbed wire – Preventive – deter most determined.

Answer 182

A

Data Diddling / Salami – small random, incremental changes to a system or data.

Answer 183

A

Electromagnetic Radiation – TEMPEST : monitors/keyboard/mice

Answer 184

A

SCADA Security:
Deploy separate network for SCADA.
Deploy endpoint security on SCADA systems.
Restrict Management interface access to SCADA / ICS devices.
Implement AirGap design.

Answer 185

A

Trusted Paths protect data between a user and a security control, such as a login window.
Defined by Common Criteria.
Protects from attacks such as Login spoofing.

Answer 186

A

Trusted Channels protect data on a link or between communicating peers.
Protects from attacks like Man in the Middle.

Answer 187

A

APPLETS
Act like a program and execute code on user machine rather than on the server. Example: Cisco UCS Manager. Rules/templates config happens locally, only commands sent to server.

Answer 188

A

ACTIVE-X
Microsoft’s, runs in IE.
Full access to system resources.
Can perform privileged actions.
Restrict Active-X in environment.

Answer 189

A

Address Space Layout Randomization
Randomize executing memory space of programs. Example: Attacker develops an exploit on his pc for a memory address, won’t work on client as the process address changes due to ASLR.

Answer 190

A

Data Execution Prevention

Prevent processes from executing instructions in memory locations that are not predefined in the code.

Answer 191

A

Register Addressing: used by the CPU to access one of it’s registers to store/ access data in the register.

Answer 192

A

Immediate Addressing: Instructions supplied as part of a command that does not require the CPU to fetch anything.

Answer 193

A

Direct Addressing: CPU is given the memory address to fetch instruction.

Answer 194

A

Indirect Addressing: CPU is given a memory address to another memory address that has the instruction.

Answer 195

A

Base+Offset Addressing: Use a value stored in a register as base, and begin counting using the offset.

Answer 196

A

Primary Memory:

Readily available information accessed by the CPU. Temporary. Ex. RAM

Answer 197

A

Volatile(易揮發的):

Temporary. Wiped after power loss. Ex. RAM

Answer 198

A

Random Access:

Info can be randomly accessed based on addresses. Ex. RAM, HDD, Flash

Answer 199

A

Secondary Memory:

Long-term storage. Ex. HDD, SSD, Tape

Answer 200

A

Non-Volatile:

Long-term. Retains data. Ex. HDD

Answer 201

A

Sequential Access:

Info has to be accessed in the written sequence. Ex. Tape

Answer 202

A

ROM – Read-only, non-volatile memory. Content burned in at factory. Non-modifiable.
PROM – Programmable Read-only memory: end user/oem burns in chips contents. Only allowed once.
EEPROM – Electronically Erasable PROM: Can be erased and re-written via electronic voltages. Only full erase and write functions.
Flash Memory – Uses NAND Flash. Can be written and erased in blocks. (single file write/deletes etc.)

Answer 203

A

ROM – Read-only, non-volatile memory. Content burned in at factory. Non-modifiable.
PROM – Programmable Read-only memory: end user/oem burns in chips contents. Only allowed once.
EEPROM – Electronically Erasable PROM: Can be erased and re-written via electronic voltages. Only full erase and write functions.
Flash Memory – Uses NAND Flash. Can be written and erased in blocks. (single file write/deletes etc.)

Answer 204

A

ROM – Read-only, non-volatile memory. Content burned in at factory. Non-modifiable.
PROM – Programmable Read-only memory: end user/oem burns in chips contents. Only allowed once.
EEPROM – Electronically Erasable PROM: Can be erased and re-written via electronic voltages. Only full erase and write functions.
Flash Memory – Uses NAND Flash. Can be written and erased in blocks. (single file write/deletes etc.)

Answer 205

A

ROM – Read-only, non-volatile memory. Content burned in at factory. Non-modifiable.
PROM – Programmable Read-only memory: end user/oem burns in chips contents. Only allowed once.
EEPROM – Electronically Erasable PROM: Can be erased and re-written via electronic voltages. Only full erase and write functions.
Flash Memory – Uses NAND Flash. Can be written and erased in blocks. (single file write/deletes etc.)

Answer 206

A

CACHE – volatile, used to store frequently accessed data.
CPU’s have L1 and L2 cache which are registers that store information which the ALU executes.
Registers – Any data ALU manipulates must be inside a register.
Static RAM – Uses Flip-Flops to store volatile data, refreshed at power outage. Expensive.
Dynamic RAM – Uses Registers to store volatile data, CPU must constantly refresh via electric voltages. Inexpensive.
Flash Memory – Uses NAND Flash. Can be written and erased in blocks. (single file write/deletes etc.)

Answer 207

A

CACHE – volatile, used to store frequently accessed data.
CPU’s have L1 and L2 cache which are registers that store information which the ALU executes.
Registers – Any data ALU manipulates must be inside a register.
Static RAM – Uses Flip-Flops to store volatile data, refreshed at power outage. Expensive.
Dynamic RAM – Uses Registers to store volatile data, CPU must constantly refresh via electric voltages. Inexpensive.
Flash Memory – Uses NAND Flash. Can be written and erased in blocks. (single file write/deletes etc.)

Answer 208

A

CACHE – volatile, used to store frequently accessed data.
CPU’s have L1 and L2 cache which are registers that store information which the ALU executes.
Registers – Any data ALU manipulates must be inside a register.
Static RAM – Uses Flip-Flops to store volatile data, refreshed at power outage. Expensive.
Dynamic RAM – Uses Registers to store volatile data, CPU must constantly refresh via electric voltages. Inexpensive.
Flash Memory – Uses NAND Flash. Can be written and erased in blocks. (single file write/deletes etc.)

Answer 209

A

CACHE – volatile, used to store frequently accessed data.
CPU’s have L1 and L2 cache which are registers that store information which the ALU executes.
Registers – Any data ALU manipulates must be inside a register.
Static RAM – Uses Flip-Flops to store volatile data, refreshed at power outage. Expensive.
Dynamic RAM – Uses Registers to store volatile data, CPU must constantly refresh via electric voltages. Inexpensive.
Flash Memory – Uses NAND Flash. Can be written and erased in blocks. (single file write/deletes etc.)

Answer 210

A

CACHE – volatile, used to store frequently accessed data.
CPU’s have L1 and L2 cache which are registers that store information which the ALU executes.
Registers – Any data ALU manipulates must be inside a register.
Static RAM – Uses Flip-Flops to store volatile data, refreshed at power outage. Expensive.
Dynamic RAM – Uses Registers to store volatile data, CPU must constantly refresh via electric voltages. Inexpensive.
Flash Memory – Uses NAND Flash. Can be written and erased in blocks. (single file write/deletes etc.)

Answer 211

A

Ready: Process is ready to begin processing, CPU is not available.
Waiting: Process is waiting for device or access request (interrupt) to continue processing.
Running: Process is executing, Problem state in which CPU is trying to solve problem until it’s solved, blocked or time-slice expires.
Supervisory: Process requires greater privileges, any function not executing in Ring 3.
Stopped: Process finishes or terminates.

Answer 212

A

Multitasking handles multiple processes on a single processor by switching between them using the operating system.
Multiprocessing uses multiple processors to perform multiple processes simultaneously.
SMP: Symmetric Multiprocessing – single OS, multiple CPUs on shared memory and databus.
MPP: Massively Parallel Processing – One OS per CPU, with software that coordinates activities and processing.
Multiprogramming requires modifications to the underlying applications.
Multithreading runs multiple threads within a single process.

Answer 213

A

Multitasking handles multiple processes on a single processor by switching between them using the operating system.
Multiprocessing uses multiple processors to perform multiple processes simultaneously.
SMP: Symmetric Multiprocessing – single OS, multiple CPUs on shared memory and databus.
MPP: Massively Parallel Processing – One OS per CPU, with software that coordinates activities and processing.
Multiprogramming requires modifications to the underlying applications.
Multithreading runs multiple threads within a single process.

Answer 214

A

Multitasking handles multiple processes on a single processor by switching between them using the operating system.
Multiprocessing uses multiple processors to perform multiple processes simultaneously.
SMP: Symmetric Multiprocessing – single OS, multiple CPUs on shared memory and databus.
MPP: Massively Parallel Processing – One OS per CPU, with software that coordinates activities and processing.
Multiprogramming requires modifications to the underlying applications.
Multithreading runs multiple threads within a single process.

Answer 215

A

Multitasking handles multiple processes on a single processor by switching between them using the operating system.
Multiprocessing uses multiple processors to perform multiple processes simultaneously.
SMP: Symmetric Multiprocessing – single OS, multiple CPUs on shared memory and databus.
MPP: Massively Parallel Processing – One OS per CPU, with software that coordinates activities and processing.
Multiprogramming requires modifications to the underlying applications.
Multithreading runs multiple threads within a single process.

Answer 216

A

TCB
Security Perimeter
Delineates the Trusted and the Untrusted components within a computer system.
Isolates the TCB.
Reference Monitor
The reference monitor is an abstract machine that mediates all access subjects have to objects, both to ensure that the subjects have the necessary access rights and to protect the objects from unauthorized access and destructive modification.
Security Kernel
Enforces the Reference monitor concept.
Must facilitate isolation of process.
Enforces the rules defined by the Reference monitor.

Answer 217

A

Certification是一種技術評審，用於評估安全機制並評估其有效性。

Accreditation是管理層對認證過程結果中的信息的正式接受。

Answer 218

A

Certified是對安全組件及其符合認證目的的合規性的全面技術評估。認證過程可以使用保障評估，風險分析，驗證，測試和審核技術來評估特定係統的適用性。
ACCREDITATION是管理層正式接受系統的整體安全性和功能性。認證信息將提交給管理層或負責機構，由管理層提出問題，審核報告和調查結果，並決定是否接受產品以及是否需要採取任何糾正措施。

Answer 219

A

CERTIFICATION
Certified to meet security requirements of the Data Owner. Considers the system, security measures and the residual risk. (Certified by the manufacturer to state what the system does)

Answer 220

A

ASSURANCE
Systems have designs accepted, development stages analyzed, reviewed, tested and evaluated. (Assurance is the analysis of how a system is made)

Answer 221

A

ACCREDITATION

Data Owners acceptance of the certification and the residual risk before the system is put in production.

Answer 222

A

Target of Evaluation (ToE): System or product that is being evaluated.
Protection Profile: Independent Set of objectives and requirements for a specific category of products or systems, such as encryption software or firewalls. Protection Profile is the “I want” from a customer perspective.
Security Target: documentation describing the ToE, with the security requirements and operational environment. Security Target is the “What I can do” from the vendor’s perspective.
Evaluation Assurance Level (EAL): The evaluation score of the tested product.

Answer 223

A

EAL1 – Functionally Tested
EAL2 – Structurally Tested
EAL3 – Methodically Tested and Checked
EAL4 – Methodically Designed, tested and reviewed.
EAL5 – Semi-formally designed and tested
EAL6 – Semi-formally verified, designed and tested
EAL7 – Formally verified, designed and tested.

Answer 224

A

EAL1 – Functionally Tested
EAL2 – Structurally Tested
EAL3 – Methodically Tested and Checked
EAL4 – Methodically Designed, tested and reviewed.
EAL5 – Semi-formally designed and tested
EAL6 – Semi-formally verified, designed and tested
EAL7 – Formally verified, designed and tested.

Answer 225

A

EAL1 – Functionally Tested
EAL2 – Structurally Tested
EAL3 – Methodically Tested and Checked
EAL4 – Methodically Designed, tested and reviewed.
EAL5 – Semi-formally designed and tested
EAL6 – Semi-formally verified, designed and tested
EAL7 – Formally verified, designed and tested.

Answer 226

A

EAL1 – Functionally Tested
EAL2 – Structurally Tested
EAL3 – Methodically Tested and Checked
EAL4 – Methodically Designed, tested and reviewed.
EAL5 – Semi-formally designed and tested
EAL6 – Semi-formally verified, designed and tested
EAL7 – Formally verified, designed and tested.

Answer 227

A

TCSEC published in 1980, called the Orange Book, is made up of Divisions and Classes. 
Higher class number is better security. B3 is more secure than B1.
Division D – Minimal Protection
Division C – Discretion Security
C1 – Discretionary Security Protection
C2 – Controlled Access Protection
Division B – Mandatory Protection
B1 – Labeled Security Protection
B2 – Structured Protection
B3 – Security Domains
Division A – Verified Protection
A1 – Verified Design.
TNI – Trusted Network, the Red Book, Interpretation applies TCSEC concepts to the network.

Answer 228

A

European ITSEC is the first international evaluation model.
Separates
Functionality – F: how well a system works
Assurance – Ability to evaluate. Assurance is measured by Effectiveness (Q) and Correctness (E)
Class ratings are compared in a followup section.
Additional functionality ratings include:
F-IN – High Integrity Requirements
AV – High Availability Requirements
DI – High Integrity Requirements for networks.
DC – High Confidentiality Requirements for networks
DX – High integrity and confidentiality for networks.

Answer 229

A

Brewer-Nash – Chinese Wall model.
Used for designed to avoid conflicts of interest.
Prohibits access to a subject (like a consultant) from accessing multiple conflict of interest categories.(防止監守自盜、球員兼裁判)
Brewer Nash model requires
Properly identified subjects
One or more datasets
Class definitions related to conflict of interest for all datasets.

Answer 230

A

Access Control Matrix:
Table that defines access permissions between subjects and objects.
Remember:
ACL are Object focused and has a list of subjects who are granted access to the object.
Capability table is Subject focused and has a list of actions that a subject can perform.

Answer 231

A

Clark-Wilson – focused on Integrity
Enforces security by using a three-part structure with Security Labels.
Subject -> Interface -> Object (The Restricted Interface Model)
Example: A Data entry user modifies the Database via the SAP Web Interface.
Enforces Well formed transactions & Separation of Duties:
Prevents Unauthorized subjects from making modifications.
Prevents authorized subjects from making unauthorized modifications to objects.
Separation of functions – different functions will be available to user based on class of user.
Common model in Commercial Systems.

Answer 232

A

BIBA: Focused on Integrity.
The idea behind is to ensure that Data is trustworthy.
Simple Integrity Property=>No Read Down
Subject cannot read lower than clearance. (so as not to read untrustworthy data)
* Integrity Property=>No Write Up
Subject cannot writer higher than clearance (so as to not input untrustworthy data.)
Invocation Property=>No invoke
Processes cannot call upon/request subjects at a higher clearance.

Answer 233

A

BELL-LAPADULA: Focused on Confidentiality.
Simple Security Property=>No Read Up
Subject cannot read higher than clearance but can read down.
* Security Property=>No Write Down
Subject cannot writer lower than clearance but can write up. (so as to not leak data writing to a lower level.) Can violate for Declassification
Strong * Property=>No Read/Write Up or Down
Subject with read/write cannot read/write above or below clearance. Only same clearance allowed.

Answer 234

A

Take-Grant model
Take – take control of an object
Grant – grants rights to an object
Create – allow subject to create new rights
Remove – allow subject to remove rights it has

Answer 235

A

CRL – Static list with Serial numbers of revoked certs.

OCSP – OCSP request to CA to verify validity.

Answer 236

A

HMAC – Hashed Message Authentication Code
Only guarantees Integrity of a message.
Uses a Shared key – only communicators who know the shared key can create, or verify the digital signature.
No Non-repudiation or authentication – as anybody with the key can generate the message.

Answer 237

A

DSS – Digital Signature Standard
Provides Non-Repudiation, Authentication and Integrity.
NIST Specified standard under FIPS-186-4
Specifies that Digital Signature algorithms MUST use SHA-3 for Hashing functions.
Specifies the approved Encryption Algorithms:
Digital Signature Algorithm (DSA) – FIPS 186-4
Rivest-Shamir-Adleman (RSA) – ANSI X9.31
Elliptic-Curve DSA (ECDSA) – ANSI X9.62

Answer 238

A

HAVAL – Hash of Variable Length
Modification of MD5.
Uses 1024-bit block size to produce 128, 160,192, 224 and 256bit message digests.

Answer 239

A

MD5 – Message Digest 5
Processes 512-bits blocks of messages with four different computations to produce 128-bits message digest.
Insecure – Subject to collision attacks.

Answer 240

A

Diffie-Hellman – The Key Exchange Algorithm
Used to exchange keys where there is no Public Key infrastructure or Offline Key distribution mechanism.
Used by SSL and SSH, where only the Server has both a Public and Private key, but not the user.

Answer 241

A

Diffie-Hellman
DH Group 1 768 bits
DH Group 2 1024 bits
DH Group 5 1536 bits

Answer 242

A

RSA – based on Prime Number factorization.
2000 freely available in the public Domain.
Each user of the cryptosystem generates a public and a private key.
El Gamal – based on a Standard Discrete Logarithm problem.
an extension of the Diffie-Hellman algorithm.
Freely available to use.
Doubles the length of any encrypted message, increases size.

Answer 243

A

RSA – based on Prime Number factorization.
2000 freely available in the public Domain.
Each user of the cryptosystem generates a public and a private key.
El Gamal – based on a Standard Discrete Logarithm problem.
an extension of the Diffie-Hellman algorithm.
Freely available to use.
Doubles the length of any encrypted message, increases size.

Answer 244

A

IDEA – International Data Encryption Algorithm
Operates on 64bit blocks of plaintext/ciphertext.
Uses 128 bit key.
Broken into 52 16-bit subkeys.
Operates on same modes as DES – EBC, CBC, CFB, OFB, CTR

Answer 245

A

BlowFish
Allows variable length keys from 32 bits to 448 bits.
Operates on 64bit blocks of plaintext/ciphertext.
Faster than DES and IDEA

Answer 246

A

NIST chose RJINDAEL as replacement for DES in 2001.
FIPS 197 mandates the use of AES/RJINDAEL for encryption of all sensitive but unclassified data by the U.S. Government.
RJINDAEL enables cryptographers to use a block size equal to the key length.
128-bit keys require 10 rounds of encryption
192-bit keys require 12 rounds of encryption
256-bit keys require 14 rounds of encryption

Answer 247

A

3DES stands for Triple DES.
Performs 48 rounds of encryption.
3DES Modes
EEE3 – Encrypts Plaintext using three different keys with a length of 168 bits : E(K1,E(K2,E(K3,P)))
EDE3 – Encrypt Decrypt Encrypt operation with three keys: E(K1,D(K2,E(K3,P)))
EEE2 – Encrypts using 2 Keys three times, with length of 112 bits: E(K1,E(K2,E(K1,P)))
EDE2 – Encrypt Decrypt Encrypt operation with two keys: E(K1,D(K2,E(K1,P)))

Answer 248

A

DES – Data Encryption Standard, based on 64 bit block size and 56 bit key.
DES performs 16 rounds of encryption.
Electronic Code Book – Least Secure. Encrypts a block with the secret key. If same block is found, same ciphertext is generated.

Answer 249

A

DES – Data Encryption Standard, based on 64 bit block size and 56 bit key.
DES performs 16 rounds of encryption.
Cipher Block Chaining Mode –
Each block of Plaintext is XOR’ed with the preceding Ciphertext, and then encrypted by DES.
The first block of text is XOR’ed with an IV and then encrypted, generating unique output every time. IV needs to be shared with the recipient.
Errors propagate – if one block is corrupted, entire transmission is corrupted.

Answer 250

A

DES – Data Encryption Standard, based on 64 bit block size and 56 bit key.
DES performs 16 rounds of encryption.
Cipher Feedback Mode – uses memory buffer instead of blocks to perform streaming CBC. Errors propagate.

Answer 251

A

DES – Data Encryption Standard, based on 64 bit block size and 56 bit key.
DES performs 16 rounds of encryption.
Output Feedback Mode – XOR’s plaintext with a seed value. No chaining functions, and transmission errors do not corrupt future blocks.

Answer 252

A

DES – Data Encryption Standard, based on 64 bit block size and 56 bit key.
DES performs 16 rounds of encryption.
Counter Mode – uses a counter that increments at each operation. Errors do not propagate. (suited for parallel computing as it breaks encryption & decryption operations into multiple independent steps.

Answer 253

A

Block Cipher – Block ciphers operate on chunks of the message called blocks. Transposition ciphers are an example of Block Ciphers. Modern encryption algorithms work on Blocks (block size)
Stream Cipher – Operates on one bit or character of the message at a time. Can also be block ciphers by using buffers. RC4 is a Stream Cipher.
Example: Atbash or Onetime pads are examples of Stream cipher, as they work on each character at a time.

Answer 254

A

Block Cipher – Block ciphers operate on chunks of the message called blocks. Transposition ciphers are an example of Block Ciphers. Modern encryption algorithms work on Blocks (block size)
Stream Cipher – Operates on one bit or character of the message at a time. Can also be block ciphers by using buffers. RC4 is a Stream Cipher.
Example: Atbash or Onetime pads are examples of Stream cipher, as they work on each character at a time.

Answer 255

A

Split Knowledge – split the knowledge to access a system among two people.
M of N control.
M of N Control = (m)inimum agents required out of (n) to perform high-security tasks.
Example: Ashish and Samir each knows 8 bits of a 16 bit key to open the ATM machine.

Answer 256

A

Kerchoff Principle – Everything about the system is public (algorithm, deciphering etc). The encryption is secure because key’s are unique. This enables a cryptographic system to be tested by the community and identify vulnerabilities.

Answer 257

A

Baselines – NIST SP800-53
Ensure a minimum security standard and starting point for security controls.
Example: Disable unsecure protocols Telnet and HTTP on routers provides a minimum access security configuration.

Answer 258

A

Scoping –
Reviewing baselines and selecting relevant controls to the system or organization.
Rejected as not relevant.
Example: A Router hardening baseline may require to you implement an access-list to deny access to the webserver on the router. However if your router does not have an embedded HTTP Server, you choose not implement this control.

Answer 259

A

Tailoring(裁縫) –
Tailoring the baseline to fit the organizations requirements.
Baseline rejected as unable to implement and a compensating control implemented.
Example: The organization uses low-cost routers at remote branches which only have HTTP management capability, and this cannot deny access to the embedded HTTP Server. However the organization selects a compensating control such as allowing access to the HTTP server only from the IT Subnet.

Answer 260

A

Standards

Comply with standards relevant to the industry the organization operates in such as PCI DSS, GLBA, SOX, HIPAA, DPD etc.

Answer 261

A

Pseudonymization(假名化):
Use pseudonyms to represent data.
Prevents data from being identified directly.
GDPR refers to pseudonymization as replacing data with artificial identifiers.
Pseudonymization & Tokenization is reversible, meaning that with another set of data the original data can still be identified.. Anonymization (Masking) is irreversible.

Answer 262

A

Anonymization(匿名化):
If personal data is not needed, anonymization removes relevant data to make it impossible to identify the original subject or person.
GDPR no longer relevant for anonymized data.
Masking is an effective anonymization method:
Swaps data in individual data columns, no longer representing the actual data.
Pseudonymization & Tokenization is reversible, meaning that with another set of data the original data can still be identified.. Anonymization (Masking) is irreversible.

Answer 263

A

Data Owner
The data owner (information owner) is usually a member of management who is in charge of a specific business unit, and who is ultimately responsible for the protection and use of a specific subset of information.
The data owner has due care responsibilities and thus will be held responsible for any negligent act that results in the corruption or disclosure of the data.
The data owner decides upon the classification of the data she is responsible for and alters that classification if the business need arises.
This person is also responsible for ensuring that the necessary security controls are in place, defining security requirements per classification and backup requirements, approving any disclosure activities, ensuring that proper access rights are being used, and defining user access criteria.
The data owner approves access requests or may choose to delegate this function to business unit managers. And the data owner will deal with security violations pertaining to the data she is responsible for protecting.
The data owner, who obviously has enough on her plate, delegates responsibility of the day-to-day maintenance of the data protection mechanisms to the data custodian.

Answer 264

A

Asset / System Owner
Owns the IT systems on which Data resides and is processed. E.g. Systems Manager
Develops and maintains system security plan to ensure system is secured, and operated according to the security requirements.
Ensures system users and support personnel receive appropriate training.
Assists in identification, selection and assessment of security controls.

Answer 265

A

Mission / Business Owner
Ensure that systems provide value to the organization.
Owns the processes that use the systems. E.g. Sales teams using SAP.
NIST 800-18 refers as Program Owner or Information Systems Owner.
Responsible to ensure that security controls are not misguided or impacting business.

Answer 266

A

Data Custodian
The data custodian (information custodian) is responsible for maintaining and protecting the data. This role is usually filled by the IT or security department, and the duties include implementing and maintaining security controls; performing regular backups of the data; periodically validating the integrity of the data; restoring data from backup media; retaining records of activity; and fulfilling the requirements specified in the company’s security policy, standards, and guidelines that pertain to information security and data protection.

Answer 267

A

Data Processor
An individual, system or organization that processes data on behalf of the Data Controller.
E.g. Panauti Systems (Data Controller) outsources physical application form input to Eventman Technologies (Data Processor)

Answer 268

A

Data Controller
Controls the use of Data
Required Role for GDPR.

Answer 269

A

Erasing: Performs delete operations on file, but does not delete actual data. Data can be recovered by recovery tools.
Clearing: Overwrites deleted data with dummy bits (single character or patterns) to make data irrecoverable. However bad sectors and SSDs may retain data, making this technique less effective.
Degaussing: Rewrites magnetic media with a heavy magnetic field. Works on backup tapes, hdd or floppy drives. Only Tapes can be reused, Destroys HDDs.
Purging: Repeats the “clearing” process multiple times and may use another process (degaussing) to completely remove data. Degrading from Confidential to Unclassified requires Purging.
Declassifying: Efforts required to secure and declassify media costs more than new media for a lower classification level, so many organizations choose not to declassify. Declassification requires Purging.
Sanitization: Ensures that Data cannot be recovered by using a combination of processes – verifying purging, verifying any media is not present in a system before it is scrapped, verifying destruction of hdds etc.
Destruction: destroying media via incineration, crushing, shredding, disintegration, dissolving.

Answer 270

A

Erasing: Performs delete operations on file, but does not delete actual data. Data can be recovered by recovery tools.
Clearing: Overwrites deleted data with dummy bits (single character or patterns) to make data irrecoverable. However bad sectors and SSDs may retain data, making this technique less effective.
Degaussing: Rewrites magnetic media with a heavy magnetic field. Works on backup tapes, hdd or floppy drives. Only Tapes can be reused, Destroys HDDs.
Purging: Repeats the “clearing” process multiple times and may use another process (degaussing) to completely remove data. Degrading from Confidential to Unclassified requires Purging.
Declassifying: Efforts required to secure and declassify media costs more than new media for a lower classification level, so many organizations choose not to declassify. Declassification requires Purging.
Sanitization: Ensures that Data cannot be recovered by using a combination of processes – verifying purging, verifying any media is not present in a system before it is scrapped, verifying destruction of hdds etc.
Destruction: destroying media via incineration, crushing, shredding, disintegration, dissolving.

Answer 271

A

Erasing: Performs delete operations on file, but does not delete actual data. Data can be recovered by recovery tools.
Clearing: Overwrites deleted data with dummy bits (single character or patterns) to make data irrecoverable. However bad sectors and SSDs may retain data, making this technique less effective.
Degaussing: Rewrites magnetic media with a heavy magnetic field. Works on backup tapes, hdd or floppy drives. Only Tapes can be reused, Destroys HDDs.
Purging: Repeats the “clearing” process multiple times and may use another process (degaussing) to completely remove data. Degrading from Confidential to Unclassified requires Purging.
Declassifying: Efforts required to secure and declassify media costs more than new media for a lower classification level, so many organizations choose not to declassify. Declassification requires Purging.
Sanitization: Ensures that Data cannot be recovered by using a combination of processes – verifying purging, verifying any media is not present in a system before it is scrapped, verifying destruction of hdds etc.
Destruction: destroying media via incineration, crushing, shredding, disintegration, dissolving.

Answer 272

A

Erasing: Performs delete operations on file, but does not delete actual data. Data can be recovered by recovery tools.
Clearing: Overwrites deleted data with dummy bits (single character or patterns) to make data irrecoverable. However bad sectors and SSDs may retain data, making this technique less effective.
Degaussing: Rewrites magnetic media with a heavy magnetic field. Works on backup tapes, hdd or floppy drives. Only Tapes can be reused, Destroys HDDs.
Purging: Repeats the “clearing” process multiple times and may use another process (degaussing) to completely remove data. Degrading from Confidential to Unclassified requires Purging.
Declassifying: Efforts required to secure and declassify media costs more than new media for a lower classification level, so many organizations choose not to declassify. Declassification requires Purging.
Sanitization: Ensures that Data cannot be recovered by using a combination of processes – verifying purging, verifying any media is not present in a system before it is scrapped, verifying destruction of hdds etc.
Destruction: destroying media via incineration, crushing, shredding, disintegration, dissolving.

Answer 273

A

Erasing: Performs delete operations on file, but does not delete actual data. Data can be recovered by recovery tools.
Clearing: Overwrites deleted data with dummy bits (single character or patterns) to make data irrecoverable. However bad sectors and SSDs may retain data, making this technique less effective.
Degaussing: Rewrites magnetic media with a heavy magnetic field. Works on backup tapes, hdd or floppy drives. Only Tapes can be reused, Destroys HDDs.
Purging: Repeats the “clearing” process multiple times and may use another process (degaussing) to completely remove data. Degrading from Confidential to Unclassified requires Purging.
Declassifying: Efforts required to secure and declassify media costs more than new media for a lower classification level, so many organizations choose not to declassify. Declassification requires Purging.
Sanitization: Ensures that Data cannot be recovered by using a combination of processes – verifying purging, verifying any media is not present in a system before it is scrapped, verifying destruction of hdds etc.
Destruction: destroying media via incineration, crushing, shredding, disintegration, dissolving.

Answer 274

A

Erasing: Performs delete operations on file, but does not delete actual data. Data can be recovered by recovery tools.
Clearing: Overwrites deleted data with dummy bits (single character or patterns) to make data irrecoverable. However bad sectors and SSDs may retain data, making this technique less effective.
Degaussing: Rewrites magnetic media with a heavy magnetic field. Works on backup tapes, hdd or floppy drives. Only Tapes can be reused, Destroys HDDs.
Purging: Repeats the “clearing” process multiple times and may use another process (degaussing) to completely remove data. Degrading from Confidential to Unclassified requires Purging.
Declassifying: Efforts required to secure and declassify media costs more than new media for a lower classification level, so many organizations choose not to declassify. Declassification requires Purging.
Sanitization: Ensures that Data cannot be recovered by using a combination of processes – verifying purging, verifying any media is not present in a system before it is scrapped, verifying destruction of hdds etc.
Destruction: destroying media via incineration, crushing, shredding, disintegration, dissolving.

Answer 275

A

Erasing: Performs delete operations on file, but does not delete actual data. Data can be recovered by recovery tools.
Clearing: Overwrites deleted data with dummy bits (single character or patterns) to make data irrecoverable. However bad sectors and SSDs may retain data, making this technique less effective.
Degaussing: Rewrites magnetic media with a heavy magnetic field. Works on backup tapes, hdd or floppy drives. Only Tapes can be reused, Destroys HDDs.
Purging: Repeats the “clearing” process multiple times and may use another process (degaussing) to completely remove data. Degrading from Confidential to Unclassified requires Purging.
Declassifying: Efforts required to secure and declassify media costs more than new media for a lower classification level, so many organizations choose not to declassify. Declassification requires Purging.
Sanitization: Ensures that Data cannot be recovered by using a combination of processes – verifying purging, verifying any media is not present in a system before it is scrapped, verifying destruction of hdds etc.
Destruction: destroying media via incineration, crushing, shredding, disintegration, dissolving.

Answer 276

A

PII – Personally Identifiable Information – specified by NIST SP-800-122
information to identify or trace an individual such as name, social-security number, place and date of birth, mother’s maiden name, biometric records.
Information that can be linked to an individual such as financial, work, health and educational.

Answer 277

A

PHI – Personal Health Information – specified by HIPAA
Information created or received by a healthcare provider, health plan, public health authority, life insurer, healthcare clearing house, employer, school or university.
Relates to past, present or future physical or mental health conditions of individual, or past, present and future payment to provision health care to an individual.

Answer 278

A

Top Secret
Secret
Confidential
Unclassified

Answer 279

A

Confidential / Propreitary
Private
Sensitive
Public

Answer 280

A

Encryption Export Controls
Limits US companies from exporting and selling high-security encryption technologies to countries suspected of terrorism, pose a nuclear threat or not agreeing to the WAASENAR agreement.

Answer 281

A

International Traffic in Arms Regulations (ITAR)

Controls export of military or Defence items, appearing on United States Munitions List (USML)

Answer 282

A

Literary, Musical, Dramatic, Pantomimes/Choreographic, Pictorial/Sculptural/Graphical, Motion Pictures/AV, Sound recordings and Architectural works.
Computer software under literary works, protects actual source code. Not the idea or process.
Exemption(豁免) from DMCA:
Transmission must be initiated by person other than the Service Provider.
Transmission, routing, provision of connections or copying must be carried out by an automated technical process without selection of material by the service provider.
The Service provider must not determine the recipients of the material.
Any intermediate copies (caching) must not ordinarily be accessible to any one other than the anticipated recipients and must not be retained for longer than reasonably necessary by the service provider.
The material must be transmitted with no modification of the content.

Answer 283

A

Copyright - U.S. Copyright Office
Protects works from unauthorized duplication.
Applies to: Literary, musical, movie, pictorial, sound, architectural works. Software source codes and look and feel can be copyrighted – not the idea.
Works are protected until 70 years after death of the author. 75 years for organizations.
Copyrights are protected by the DMCA – Digital Millennium Copyright Act.

Answer 284

A

Trade Mark - US Patents and Trademarks Office.
Trademarks protect words, slogans or logo’s that identify a Brand (a company and it’s services.)
Trademarks are granted for 10 years but renewable indefinitely.
Unregistered Trademarks have the TM symbol and the registered have ® symbol.

Answer 285

A

Patents - US Patents and Trademarks Office.
Protect intellectual property rights of inventors.
Period of 20 years where the inventor has exclusive rights to his invention. Non-renewable, hence shortest duration.

Answer 286

A

Trade Secret
Trade secrets are absolutely critical to business and leakage could destroy the business (McDonald’s secret sauce)
Is not registered with anyone as it could lead to disclosure which could lead to copy. Companies must enforce their own protection of data to ensure it doesn’t get exposed.
Trade secrets are protected by the Economic Espionage Act.(經濟間諜法)

Answer 287

A

Licensing

Protected by UCITA, making licensing terms are legal contracts, and opt-out capabilities.

Answer 288

A

Notice – inform individuals about the purposes for which it collects and uses information about them. Also inform about rights.
Choice – offer the user the choice to opt-out.
Accountability of Onward Transfer – Organizations can only transfer data with other Organizations that comply to Notice and Choice principles.
Security – Proper mechanisms to protect data loss, misuse and unauthorized disclosure to protect personal data.
Data integrity and Purpose Limitation – Only collect data that is needed for processing purposes as identified in Notice. Organization also responsible to take reasonable steps to ensure data is accurate, complete and current.
Access – Individuals must have access to any records containing their personal information. Also have the ability to correct, amend or delete information when it is inaccurate.
Recourse, Enforcement and Liability– implement mechanisms to ensure compliance with principles and provide mechanisms to handle individual complaints with a response to any complaints within 45 days, agree to an appeal process including binding arbitration.

Answer 289

A

GDPR applies to all organizations that collect data from EU residents or process information on behalf of someone who collects it, even if the organization itself is not based in the EU:
Data Breach notification to inform authorities of SERIOUS DATA BREACHES within 24 hours.
Creation of Centralized data protection authorities in each EU Member state.
Provisions that individuals will have access to their own data.
Data Portability provisions that facilitate the transfer of PII between service providers at the individual’s request.
Right to be forgotten – allows people to require companies to delete their information if it is no longer needed.
Organizations need to appoint a Data Protection Officer who is responsible to oversee the data protection strategy and implementation compliance to GDPR requirements.

Answer 290

A

Data Controller
Determines the purposes and means for collecting and processing of personal Data. Shall use processors that will meet GDPR regulation requirements to safeguard PII
E.g: A bank collecting account information

Answer 291

A

Data Processor
Processes data on behalf of the controller based on documented instruction of the controller.
E.g: Organization that digitizes and archives data on behalf of the bank.

Answer 292

A

California SB 1386 - 2002
Unencrypted Data Exposure or Breach of:
Social Security Number
Drivers License
State Identification Number
Credit or Debit Card Number
Bank Account Number with Access password/PIN
Medical Records
Health Insurance Information

Answer 293

A

4th Amendment

Prohibits Government agents from searching private property without a warrant and probable clause.

Answer 294

A

Privacy Act of 1974(Federal Privacy Act of 1974)
Mandates that agencies maintain only records that are necessary for conducting business and they destroy those records when they are no longer needed for a legitimate Government function.
Procedure for individuals to gain access to records that the Government maintains about them and a request to change incorrect records.

Answer 295

A

Electronics Communications Privacy Act of 1986
Prohibits interception or disclosure of electronic communication.
Defines situations in which disclosure of such is legal.
Protects against monitoring of email and voicemail communications and prevent those service providers (e.g. gmail) from making unauthorized disclosures of those contents.
Makes it illegal to monitor telephone conversations.

Answer 296

A

USA PATRIOT 2001 - Terrorism Focused.
Agencies can gain Wiretapping authorization – blanket authorization against a person to monitor all communications to and from that person.
ISPs may voluntarily provide the government with information.
Allows the government to obtain detailed info on user activity through a subpoena.

Answer 297

A

Childrens Online Privacy Protection Act (COPPA) of 2000

Age of consent 13 years – Parents must give consent for data collected of children below 13 years of age.

Answer 298

A

FERPA

Applies to student records. Requires student consent for records disclosure

Answer 299

A

Based on ISAE 3402 International standard, supersedes SAS 70
Auditing Standard
SOC-1 – Financial control information Only.

Answer 300

A

Based on ISAE 3402 International standard, supersedes SAS 70
Auditing Standard
SOC-2 – Provide details on controls, procedures and issues. Released under NDA.
Type-1 – Report of procedures or controls an organization has put in place as of at a point in time. Organization’s attestation.
Example: What security measures are in place to protect data center as on today’s date?
Type-2 – Period based audit report, how the organization operated it’s controls over the period of 6 months, actual testing to determine effectiveness, and auditors opinion based on description. More Reliable Report, preferred.
Example: How was security for the data center operated and maintained?

Answer 301

A

Based on ISAE 3402 International standard, supersedes SAS 70
Auditing Standard
SOC-3 – Report by a 3rd Party auditor on whether a Service Provider organization (typically cloud vendor) maintained effective controls over its systems – CIA. Typically used by Cloud vendors to assure customers of their controls, and avoid individual audits from customers. (Less detailed than SOC-2 Type 2 Reports)

Answer 302

A

PCI-DSS
Payment Card Industry regulation – the Payment Card industry Self-regulates. Is not a Law, but a Data Security standard.
All companies that accept, process, store or transmit credit-card information are subject to PCI-DSS Compliance.
Requires disclosure by Merchants in case of Credit card data breach.
Example: Eventman Technologies deliver a Solution Assessment Guideline service, where a consultant can be engaged to discuss and review a customer’s potential solution investment vs. market trends. A customer can choose to buy the service via the Eventman Tech website using their credit-card. Eventman uses the Panauti-Pay platform to process the credit-card transactions.
In this case, both Eventman Technologies (Accept Credit Card) and Panauti-Pay (Process,Transmit) are thus required to conform to PCI-DSS at varying levels.

Answer 303

A

HIPAA-HITECH
Applies to any organization that processes or stores private medical information of individuals such as Health-care providers, health insurance providers etc.
HITECH 2013, also modifies this act to cover Business Associates of healthcare industry who work on PHI data to also be covered under HIPAA via Business Associate Agreement.
HITECH also enforces Data Breach Notifications, requiring HIPAA covered entities notify affected individuals in the event of a breach. Also notify Secretary of Health, and the media in case breach is higher than 500 individuals.
Example: Eventman Technologies works with National Insurance – Kentucky, to process the scanned forms and input them into the CRM solution for National Insurance. In this case, National Insurance needs have a BAA with Eventman Technologies. Eventman Technologies would also be regulated by HIPAA and must follow the compliance requirements.

Answer 304

A

Business Associates who work on PHI require a BAA – Business Associates Agreement.

Answer 305

A

Sarbanes-Oxley Act – SOX 2002
Protects Shareholders and the General public from the fraudulent practices in enterprises and improve accuracy corporate disclosures.
SOX applies to PRIVATE Companies
IT Departments are responsible for creating and maintaining corporate records (Data Retention)
Mandates Segregation of Duties: duties should be separated and the person should be assigned the least privileges to prevent fraud.

Answer 306

A

Banking Industry Regulation, applies to Financial institutions. – CIVIL LAW
GLBA compliance is mandatory; whether a financial institution discloses nonpublic information or not, there must be a policy in place to protect the information from foreseeable threats in security and data integrity.
Financial Privacy Rule requires financial institutions to provide each consumer with a privacy notice at the time the consumer relationship is established and annually thereafter.
The privacy notice must explain the information collected about the consumer, where that information is shared, how that information is used, and how that information is protected.
The notice must also identify the consumer’s right to opt out of the information being shared with unaffiliated parties pursuant to the provisions of the Fair Credit Reporting Act. Should the privacy policy change at any point in time, the consumer must be notified again for acceptance.
The Safeguards Rule requires financial institutions to develop a written information security plan that describes how the company is prepared for, and plans to continue to protect clients’ nonpublic personal information.

Answer 307

A

NIST SP 800-53: Security and Privacy Controls for Federal Information Systems and Organizations
Federal computing systems and Agencies must comply with this standard.
Commonly used as an Industry Cybersecurity benchmark.
NIST SP 800-171: Protecting Controlled Unclassified Information in Nonfederal Information Systems and Organizations.
Federal Contractors must comply with this standard.
NIST CyberSecurity Framework (CSF):
Voluntary risk-based framework for securing data and systems.

Answer 308

A

NIST SP 800-53: Security and Privacy Controls for Federal Information Systems and Organizations
Federal computing systems and Agencies must comply with this standard.
Commonly used as an Industry Cybersecurity benchmark.
NIST SP 800-171: Protecting Controlled Unclassified Information in Nonfederal Information Systems and Organizations.
Federal Contractors must comply with this standard.
NIST CyberSecurity Framework (CSF):
Voluntary risk-based framework for securing data and systems.

Answer 309

A

NIST SP 800-53: Security and Privacy Controls for Federal Information Systems and Organizations
Federal computing systems and Agencies must comply with this standard.
Commonly used as an Industry Cybersecurity benchmark.
NIST SP 800-171: Protecting Controlled Unclassified Information in Nonfederal Information Systems and Organizations.
Federal Contractors must comply with this standard.
NIST CyberSecurity Framework (CSF):
Voluntary risk-based framework for securing data and systems.

Answer 310

A

Computer Security Act 1987
Gives National Institute of Standards and Technology the responsibility to develop standards and guidelines for Federal computer systems.
NIST uses technical advice and assistance of National Security Agency (NSA) where appropriate.
Provide enactment of such guidelines and standards.
Require establishments of security plans by all operators of Federal computer systems that contain sensitive information.
Mandatory periodic training and review for all people involved in management, use and operation of such systems.
This act replaced the NSA with NIST for the responsibility to develop the standards.
NIST produces 800 series of Publications related to Computer Security for Federal Systems.
http://csrc.nist.gov/publications/PubsSPs.html

Answer 311

A

Gross Negligence(重大過失) – Opposite of Due care.
For example: Despite the sensitivity of the data, the CEO of Eventman technologies refuses to implement any reasonable security control to prevent data loss.

Answer 312

A

BCP Testing should be conducted at least once annually
Read-Through / Checklist Test
All have copies of plans
Make aware of responsibilities
Knowledge refreshed
Update the plan

Answer 313

A

BCP Testing should be conducted at least once annually
Structured-Walkthrough / TableTop Exercise
Members ROLE-PLAY disaster scenarios.
Discuss Appropriate responses.

Answer 314

A

BCP Testing should be conducted at least once annually
Simulation / Practical Test
Given scenario and have to develop response.
Interruption of NON-CRITICAL Business Activity.
Some Operational Personnel involved

Answer 315

A

BCP Testing should be conducted at least once annually
Parallel Test
Activate DR (Alternate Site)
No interruption to Primary site.

Answer 316

A

BCP Testing should be conducted at least once annually
Full-Interruption Test
Actual shutdown of primary site/operations.
Activate DR (Alternate Site)

Answer 317

A

Identify Priorities
Identify Risk
Likelihood Assessment
Impact Assessment
Resource Prioritization

Answer 318

A

MTBF – Mean Time Between Failure – Identifies the average time between failures. Example: We can expect the syslog server to fail once every week due to load.

Answer 319

A

WRT – Work Recovery Time – Maximum Time till verification of Data integrity and systems to resume production.

Answer 320

A

MTTR – Mean Time to Restore – Time required to restore, repair or recover a system after failure.

Answer 321

A

Hot Site – Maintained in constant working condition with continuous/periodic Data Replication, IT equipment and systems equivalent to the Primary site pre-configured and ready to take over in the event of a disaster. Fastest to restore. Expensive. – Minutes to upto 6 hours recovery.

Answer 322

A

Cold Site – Only contains communications, power systems. IT Systems / Data have to be installed, configured and replicated to bring this site up. Slowest to Restore, Cheapest.

Answer 323

A

Warm Site – Contains all systems and applications pre-configured and up, doesn’t have any Data. Median between MTTR and cost. – 24 to 48 hours recovery.

Answer 324

A

Respond:Initial responders will Assess whether it is a “disaster”.
Activate:Initial responders will activate the DR Team via Secondary response procedures.
Communicate:Disseminate recovery details with workers and the public.
Assess:DR Team will assess the extent of the damage to determine proper steps to recover.
Reconstitute / Recover:Recover critical Business operations at primary or secondary site.

Answer 325

A

Phase 1: Project Scoping and Planning
Business analysis from crisis point of view
Creation of the BCP Team with Approval from senior management
Assessment of resources available to participate in continuity processes
Legal and Regulatory requirements analysis
Business Organizational Analysis
Phase 2: Business Impact Analysis
Phase 3: Continuity Planning - Recovery Strategies and Continuity Development
Phase 4: Approval and Implementation
Phase 5: Testing and Maintenance
Exercise, Test, Drill and Maintain the BCP.
Maintenance includes updating documentation as processes and controls change.

Answer 326

A

BCP: Long Term Strategy Plan
DRP: Short Term Tactical Plan
BCP is more high-level than DRP. DRP falls under the umbrella of BCP.

Answer 327

A

Risk Mitigation – Risk reduction or risk mitigation is implementation of safeguards and countermeasures to eliminate vulnerabilities or block threats. Lowering the risk to an acceptable level. In some cases, a specific risk can be eliminated completely.
Risk Transfer – Transfer risk to another organization such as insurance or outsourcing.
Risk Avoidance – Eliminating the Risk cause, to avoid a risk. E.g. System is open to HTTP attacks, if HTTP is not needed, the protocol can simply be disabled to avoid the risk.
Risk Deterrence – Deter violators from violating security and polices by putting in warning messages, auditing etc. but allow the activity to continue. E.g. User’s browsing to File share websites are prompted a message saying they are being monitored.
Risk Acceptance – Risk acceptance happens when the cost of the safeguard is higher than the risk or if the risk is deemed to low by the management. The management chooses to accept the consequences if the risk is realized. Acceptance of risk is determined on an organizations Risk tolerance. Risk acceptance involves proper documentation of risk and signoff that the risk is accepted.
For example: An ecommerce organization won’t accept any downtime to it’s web applications as it’s their primary source of business. A Salon will accept their website being down for sometime as their business is direct/walk-in.
Risk Rejection – Reject or ignore a risk. Unacceptable response. Denying a risk will not be realized is not prudent due-care response to risk.

Answer 328

A

Qualitative Risk Assessment focuses on Likelihood and Impact Assessment.
Likelihood: How likely is it that a threat will be realized? Example: It floods every year in Mumbai during the rains. The likelihood of Flooding is high. However, Earthquakes are unheard of. The likelihood is low.
Impact: What will be the impact on the business? This can be monetary as well has having long term effects. Example: The impact of flooding would be that operations could be down or slowed due to less number of employees. Impact is Moderate. However in an Earthquake, the impact would be catastrophic.

Answer 329

A

Total Cost of Ownership (TCO) – The total cost of ownership is the total cost of a mitigating safeguard. The TCO combines one time expense and Annual cost of maintenance, operational cost etc.
For example: Our GWC Safeguard solution of monitoring software and disk replacement costs $2000 annually and a $500 operational cost. Considering a 5 year technology refresh cycle, this amounts to $12500 for 5 years, and $2500 annually.
TCO for the Storage Safeguard is $2500 annually.
Return on Investment (RoI) – Amount of money saved by implementing a safeguard. If Annual TCO is less than the ACS than ROI is positive.
ROI = ACS – TCO

Answer 330

A

Asset Value (AV)– A monetary figure for an Asset that not just includes the cost of the asset and it’s per year maintenance but the information residing on it. 
For example: An GWC NAS Storage unit may cost $100000 with a per year maintenance of $10000, but the data residing on that Asset is Confidential IP and is valued at $1 million. The total value of the Asset is $1.1+ Million.
Exposure Factor (EF) – a % Value, the exposure or percentage of loss expected from a threat. 
For example: Multiple Disk failures can cause data loss stored in the Storage unit. 5 disk failures can cause 20% data loss. 7 disk failures can cause 30% data loss, and 10 disk failures can cause 50% data loss. The % figures are the Exposure factor.
Single Loss Expectancy (SLE) – a monetary value from a one time loss. Calculated as SLE = AV * EF
For example:
5 Disk failures – SLE = 1110000 * 20% = $222,000
7 Disk Failures – SLE = 1110000 * 30% = $333,000
10 Disk Failures – SLE = 1110000 * 50% = $555,000

Answer 331

A

Annual Rate of Occurrence (ARO)– The chance a particular threat can be realized in a single year. This data has to be supplemented by studies, fact-checks or third-party tests/certifications.
For Example: GWC says there is a once in 3 years chance of a 5 disk failure, once in 5 years chance of a 7 disk failure and once in 10 year chance of a 10 disk failure.
Annual Loss Expectancy (ALE) – The Amount of loss expected annually due to a threat. ALE = SLE * ARO
For Example:
ALE from a 5 disk failure = 222000 * 0.34 = $75,480
ALE from a 7 disk failure = 333000 * 0.2 = $66,600
ALE from a 10 disk failure = 555000 * 0.1 = $55,500

Answer 332

A

Safeguard (SG)– Adding a safeguard can reduce the Exposure factor(EF) or reduce the Annualized Rate of Occurrence (ARO), reducing the overall risk assessment.
For example: GWC says replacing disks at 80% duty cycle reduces chance of disk failures. This requires installing proprietary monitoring software and replacing disks, however GWC certifies that a 5 disk failure will only happen once in 8 years, a 7 disk failure once in 12 years and a 10 disk failure of once in 20 years. The Safeguard costs $2000 per year
ALE with Safeguard – Safeguard assessment has to be calculated with the impact of its placement (the EF or the ALE) bringing down the total cost of the risk.
ALE = SLE * ARO
In our example, the Safeguard directly impacts the ARO, thus the calculations are:
ALE Safeguard 5 disk failure: AV = 1110000; SLE = AV 1110000 * EF 20% = 222000
ALE = SLE 222000 * ARO 0.125 = 27,750
ALE Safeguard 7 disk failure: AV = 1110000; SLE = AV 1110000 * EF 30% = 333000
ALE = SLE 333000 * ARO 0.084 = 27,972
ALE Safeguard 10 disk failure: AV = 1110000; SLE = AV 1110000 * EF 50% =550000
ALE = SLE 550000 * ARO 0.05 = 27,500
Annual Cost Savings (ACS) - The benefits of a Safeguard can be calculated by subtracting the Post Safeguard-ALE from the Pre Safeguard-ALE.
Pre-ALE – Post-ALE = ACS

Answer 333

A

Key Performance Indicators (KPI): Resolve open items or backlog items identified in past. Risk Assessment or audits.
Key Risk Indication (KRI): provides predictive information for an organization risk exposure.
Key Control Indicator (KCI): control an organization has over it’s environment and risk. Effectively a particular control is working.

Answer 334

A

Key Performance Indicators (KPI): Resolve open items or backlog items identified in past. Risk Assessment or audits.
Key Risk Indication (KRI): provides predictive information for an organization risk exposure.
Key Control Indicator (KCI): control an organization has over it’s environment and risk. Effectively a particular control is working.

Answer 335

A

Key Performance Indicators (KPI): Resolve open items or backlog items identified in past. Risk Assessment or audits.
Key Risk Indication (KRI): provides predictive information for an organization risk exposure.
Key Control Indicator (KCI): control an organization has over it’s environment and risk. Effectively a particular control is working.

Answer 336

A

STRIDE
Originated at Microsoft
Spoofing
Tampering
Repudiation
Information Disclosure
Denial of Service (DoS)
Elevation of Privilege

Answer 337

A

DREAD
Rating Threats
Damage Potential
Reproducibility
Exploitability
Affected Users
Discoverability

Answer 338

A

PASTA
Stage 1: Definition of Objectives (DO)
Stage II: Definition of Technical Scope (DTS)
Stage III: Application Decomposition Analysis (ADA)
Stage IV: Threat Analysis (TA)
Stage V: Weakness and Vulnerability Analysis (WVA)
Stage VI: Attack Modeling and Simulation (AMS)
Stage VII: Risk Analysis and Management (RAM)

Answer 339

A

1.System Characterization
Determine Scope
Choose Systems

2.Threat Identification
Identify Threats to Systems and Processes

3.Vulnerability Identification
Identify Vulnerabilities in Systems and Processes

4.Control Analysis
Analyze Safeguards already in place to mitigate risk.

5.Likelihood Determination
How likely is it that the threat will occur.

6.Impact Analysis
Impact if the Threat Occurs

7.Risk Determination
Determine Risk.

8.Controls Recommendation
Safeguards to mitigate risk

9.Results Documentation
Document the Results

NIST SP-800-30 – Risk Management Guide for Technology Systems

Answer 340

A

NIST SP-800-30 – Risk Management Guide for Technology Systems

Answer 341

A

Residual Risk – A result of the remaining risk after enabling a risk response or safeguard mechanism. Residual Risks are expected to remain, and generally accepted. Total Risk – Control’s Gap = Residual Risk. Response: Contingency Plan

Answer 342

A

Risk – Threat x Vulnerability = Risk. A Threat must connect with a vulnerability to form a risk.
Example: A Web Application that has an input validation vulnerability that is not patched. A Hacker can exploit that vulnerability to steal information. This is a Risk. If the input validation vulnerability did not exist, a hacker would not be able to exploit it, leading to no Risk (at least from this specific aspect ;) )

Answer 343

A

Threat Agents use Vulnerabilities to exploit a system to cause Threats.
An example is a Hacker using an SQL Injection vulnerability in the eCommerce Website to steal Credit Card data of its users.
The Hacker is the Threat Agent
The SQL Injection is the vulnerability
Stealing of Credit Card Data (Hacking) is the Threat.
Loss of PII (Credit Card Data) is the Risk.

Answer 344

A

Code of Ethics Preamble:
The safety and welfare of society and the common good, duty to our principles, and to each other, requires that we adhere, and be seen to adhere, to the highest ethical standards of behavior.
Therefore, strict adherence to this Code is a condition of certification.

Answer 345

A

Code of Ethics Canons:
Protect society, the common good, necessary public trust and confidence, and the infrastructure.
Act honorably, honestly, justly, responsibly, and legally.
Provide diligent and competent service to principles.
Advance and protect the profession.

Answer 346

A

Internet Advisory Board (IAB): Released RFC 1087 that lists:
Unauthorized access to resources.
Disrupt intended use of internet.
Waste resources.
Destroys integrity of computer based information
Compromises privacy of users.

Answer 347

A

Background Checks: Perform criminal records checks, education, certification checks before hiring.

Answer 348

A

Policy – Mandatory, High-level management directives. Contains – Purpose | Scope | Responsibilities | Compliance.
Standards – Mandatory, Standardizes equipment or policy directives. Lowers TCO and supports DR. Specifics such as “Laptops should be from XYZ with 8 GB RAM, 128 GB SSD”.
Procedures – Mandatory, Step by Step documents on how to perform an activity. “Adding a new Administrator”
Baselines – Discretionary, Minimum Acceptable Security Configuration, starting point for security configuration.
Guidelines – Discretionary, Best Practices. Example: “Recommended to deploy a WAF vs Required to deploy a WAF.”

Answer 349

A

Organizational Security Policy
Mandatory
High level policy mandated by Management
Designed to support organization Strategic Goals.
Legislation or Industry specific drivers (example Financial institution = GLBA)
Assigns High Level responsibility e.g. Departmental
NIST 800-12 policy types
Program specific – Establishes an organizations Information Security Program
System specific – aimed at protecting a system.
Issue specific – focused on issues such as privacy or functions like email, acceptable use.

Answer 350

A

27001 – ISMS requirements - Plan, Do, Check, Act PDCA
27002 – Code of practice for information security management
27003 – Guideline for ISMS Implementation
27004 – Measure the success of ISMS with metrics framework.
27005 – Risk Management
27006 – Guidelines for audit and certification bodies of ISMS
27799 – Protect PHI

Answer 351

A

NIST SP-800-30

Risk Management guide for Technology Systems

Answer 352

A

OCTAVE
3 Step Risk Assessment
ID Staff knowledge, assets & threats
ID vulnerabilities and evaluate safeguards
Conduct risk analysis, develop risk mitigation strategy

Answer 353

A

Control Objectives for Information and related Technology (COBIT)
IT Management Controls  a framework 
--------------------------------------
1. Meeting stakeholder needs
2.Covering the enterprise end to end
3. Applying a single integrated framework
4. Enabling a holistic approach
5. Separating governance from management

Answer 354

A

Internal Control—Integrated Framework by Committee of Sponsoring Organizations (COSO)
Fraudulent Financial Activities and Reporting.
Control environment
Risk Assessment
Control activities
Information
Communication
Monitoring

Answer 355

A

ITIL
IT Services Management Framework.
Although ITIL has a component that
deals with security, its focus is more toward internal SLAs between the IT department and the
“customers” it serves. The customers are usually internal departments.

Answer 356

A

NIST SP800-37 Risk Management Framework
Step 1
CATEGORIZE

Answer 357

A

NIST SP800-37

Risk Management Framework

Answer 358

A

Domain I:
Security &amp; Risk Management
Domain II:
Asset Security
Domain III:
Security Architecture &amp; Engineering
Domain IV:
Communications &amp; Network Security
Domain V:
Identity &amp; Access Management
Domain VI:
Security Assessment &amp; Testing
Domain VII:
Security Operations
Domain VIII:
Software Development Security

Answer 359

A

Domain I:
Security &amp; Risk Management
Domain II:
Asset Security
Domain III:
Security Architecture &amp; Engineering
Domain IV:
Communications &amp; Network Security
Domain V:
Identity &amp; Access Management
Domain VI:
Security Assessment &amp; Testing
Domain VII:
Security Operations
Domain VIII:
Software Development Security

Answer 360

A

Domain I:
Security &amp; Risk Management
Domain II:
Asset Security
Domain III:
Security Architecture &amp; Engineering
Domain IV:
Communications &amp; Network Security
Domain V:
Identity &amp; Access Management
Domain VI:
Security Assessment &amp; Testing
Domain VII:
Security Operations
Domain VIII:
Software Development Security

Answer 361

A

Domain I:
Security &amp; Risk Management
Domain II:
Asset Security
Domain III:
Security Architecture &amp; Engineering
Domain IV:
Communications &amp; Network Security
Domain V:
Identity &amp; Access Management
Domain VI:
Security Assessment &amp; Testing
Domain VII:
Security Operations
Domain VIII:
Software Development Security

Answer 362

A

Domain I:
Security &amp; Risk Management
Domain II:
Asset Security
Domain III:
Security Architecture &amp; Engineering
Domain IV:
Communications &amp; Network Security
Domain V:
Identity &amp; Access Management
Domain VI:
Security Assessment &amp; Testing
Domain VII:
Security Operations
Domain VIII:
Software Development Security

Answer 363

A

Domain I:
Security &amp; Risk Management
Domain II:
Asset Security
Domain III:
Security Architecture &amp; Engineering
Domain IV:
Communications &amp; Network Security
Domain V:
Identity &amp; Access Management
Domain VI:
Security Assessment &amp; Testing
Domain VII:
Security Operations
Domain VIII:
Software Development Security

Answer 364

A

Domain I:
Security &amp; Risk Management
Domain II:
Asset Security
Domain III:
Security Architecture &amp; Engineering
Domain IV:
Communications &amp; Network Security
Domain V:
Identity &amp; Access Management
Domain VI:
Security Assessment &amp; Testing
Domain VII:
Security Operations
Domain VIII:
Software Development Security

Answer 365

A

Domain I:
Security &amp; Risk Management
Domain II:
Asset Security
Domain III:
Security Architecture &amp; Engineering
Domain IV:
Communications &amp; Network Security
Domain V:
Identity &amp; Access Management
Domain VI:
Security Assessment &amp; Testing
Domain VII:
Security Operations
Domain VIII:
Software Development Security

Answer 366

A

Programmable Logic Controllers (PLC)
Distributed Control System (DCS)
Supervisory Control and Data Acquisition (SCADA)

Answer 367

A

The Federal Information Security Management Act (FISMA) of 2002 is a U.S. law that requires
every federal agency to create, document, and implement an agency-wide security program to
provide protection for the information and information systems that support the operations and
assets of the agency, including those provided or managed by another agency, contractor, or
other source. It explicitly emphasizes a “risk-based policy for cost-effective security.”

Answer 368

A

Department of Veterans Affairs Information Security Protection Act
退伍軍人事務部信息安全保護法

Answer 369

A

Install and maintain a firewall configuration to protect cardholder data.
Do not use vendor-supplied defaults for system passwords and other security parameters.
Protect stored cardholder data.
Encrypt transmission of cardholder data across open, public networks.
Use and regularly update anti-virus software or programs.
Develop and maintain secure systems and applications.
Restrict access to cardholder data by business need to know.
Assign a unique ID to each person with computer access.
Restrict physical access to cardholder data.
Track and monitor all access to network resources and cardholder data.
Regularly test security systems and processes.
Maintain a policy that addresses information security for employees and contractors.

Answer 370

A

GLBA applies to institutions that provide financial or insurance services. It requires that, upon identification of an incident of unauthorized access to sensitive customer information, the institution determine the likelihood that the information has or will be misused. If the institution determines that misuse occurred or is reasonably likely to occur, GLBA requires notification to federal regulators, law enforcement authorities, and affected customers.

Answer 371

A

Risk analysis has four main goals:
• Identify assets and their value to the organization.
• Determine the likelihood that a threat exploits a vulnerability.
• Determine the business impact of these potential threats.
• Provide an economic balance between the impact of the threat and the cost of the countermeasure.

Answer 372

A

The Delphi Technique The Delphi technique is a group decision method used to ensure that each member gives an honest opinion of what he or she thinks the result of a particular threat will be. This avoids a group of individuals feeling pressured to go along with others’ thought processes and enables them to participate in an independent and anonymous way.

Answer 373

A

NIST outlines the following steps in SP 800-34, Revision 1, “Contingency Planning Guide for
Federal Information Systems”:
1. Develop the continuity planning policy statement. Write a policy that provides the guidance necessary to develop a BCP and that assigns authority to the necessary roles to carry out these tasks.
2. Conduct the business impact analysis (BIA). Identify critical functions and systems and allow the organization to prioritize them based on necessity. Identify vulnerabilities and threats, and calculate risks.
3. Identify preventive controls. Once threats are recognized, identify and implement controls and countermeasures to reduce the organization’s risk level in an economical manner.
4. Create contingency strategies. Formulate methods to ensure systems and critical functions can be brought online quickly.
5. Develop an information system contingency plan. Write procedures and guidelines for how the organization can still stay functional in a crippled state.
6. Ensure plan testing, training, and exercises. Test the plan to identify deficiencies in the BCP, and conduct training to properly prepare individuals on their expected tasks.
7. Ensure plan maintenance. Put in place steps to ensure the BCP is a living document that is updated regularly.

Answer 374

A

Business units
Senior management
IT department
Security department
Communications department
Legal department

Answer 375

A

four phases: acquisition, use, archival, and disposal.

Answer 376

A

NIST Special Publication 800-88, Revision 1, “Guidelines for Media Sanitization”(December 2014), describes the best practices for combating data remanence.

Answer 377

A

OECD-Privacy Framework

Collection Limintation
Data Quality
Purpose Specification
Use Limitation
Security Safeguards
Openness
Individual Participation
Accountability

Answer 378

A

The EU-U.S. Privacy Shield principles are :
■ Notice
■ Choice
■ Accountability for Onward Transfer
■ Security
■ Data Integrity and Purpose Limitation
■ Access
■ Recourse, Enforcement, and Liability

Answer 379

A

許多移動設備都採用這種方法來快速安全地使數據無法使用。前提是使用強密鑰以加密格式將數據存儲在介質上。為了使數據不可恢復，系統僅需要安全地刪除加密密鑰，這比刪除加密數據快許多倍。在這種情況下，恢復數據通常在計算上是不可行的。

Answer 380

A

對抗數據殘留的最佳方法也許就是簡單地破壞物理介質。破壞介質的兩種最常用方法是將其切碎或使其暴露於使它們無法使用的腐蝕性或腐蝕性化學物質中。另一種方法是焚化。
NIST SP 800-88r1 Guidelines for Media Sanitization

Answer 381

A

覆蓋數據需要用隨機的或固定的1和0模式替換存儲介質上代表數據的1和0，以使原始數據無法恢復。此操作至少應執行一次（例如，用1、0或其中的一種模式覆蓋媒體），但可能還需要做更多。多年來，美國國防部（DoD）標準5220.22-M要求將媒體覆蓋7次。此標準已被取代。現在必須對具有敏感信息的DoD系統進行消磁。

Answer 382

A

這是去除或減少常規磁盤驅動器或磁帶上磁場模式的過程。本質上，強大的磁力會施加到介質上，這會導致數據擦除，有時還會破壞驅動磁盤的電機。儘管仍然有可能恢復數據，但這樣做通常成本高昂。

Answer 383

A

RAID 0 is called disk striping.
RAID 1 is called disk mirroring.
RAID level 5 is called disk striping with parity.
RAID 10 is known as a stripe of mirrors.

Answer 384

A

RAID 0 is called disk striping.
RAID 1 is called disk mirroring.
RAID level 5 is called disk striping with parity.
RAID 10 is known as a stripe of mirrors.

Answer 385

A

RAID 0 is called disk striping.
RAID 1 is called disk mirroring.
RAID level 5 is called disk striping with parity.
RAID 10 is known as a stripe of mirrors.

Answer 386

A

RAID 0 is called disk striping.
RAID 1 is called disk mirroring.
RAID level 5 is called disk striping with parity.
RAID 10 is known as a stripe of mirrors.

Answer 387

A

NIST 800-12 is an introduction to computer security

Answer 388

A

NIST SP 800-30 Risk assessment guide for information security

Answer 389

A

800-34 covers contingency planning

Answer 390

A

NIST SP 800-53A “Assessing Security and Privacy Controls in Federal Information Systems and Organizations:
Building Effective Assessment Plans,”

Answer 391

A

800-86 is the “Guide to Integrating Forensic Techniques into Incident Response.”

Answer 392

A

NIST SP 800-115 Technical Guide to Information Security Testing and Assessment

Answer 393

A

NIST SP 800-137 Information Security Continuous Monitoring (ISCM) for Federal Information Systems and Organizations

Answer 394

A

NIST SP 800-192, Verification and Test Methods for Access Control Policies/Models

Answer 395

A

The actual execution of the instructions is done by the arithmetic logic unit (ALU). The ALU
performs mathematical functions and logical operations on data. The ALU can be thought of as
the brain of the CPU, and the CPU as the brain of the computer.

Answer 396

A

A program is not considered a process until it is

loaded into memory and activated by the operating system

Answer 397

A

When a process needs to send something to the CPU for processing, it
generates a thread. A thread is made up of an individual instruction set and the data that must be
worked on by the CPU.

Answer 398

A

The trusted computing base (TCB) is a collection of all the hardware, software, and firmware
components within a system that provides some type of security and enforces the system’s
security policy.

Answer 399

A

A trusted path is a communication channel between the

user, or program, and the TCB

Answer 400

A

Simple security rule
*-property (star property) rule
Strong star property rule

Answer 401

A

• *-integrity axiom A subject cannot write data to an object at a higher integrity level
(referred to as “no write up”).
• Simple integrity axiom A subject cannot read data from a lower integrity level (referred to
as “no read down”).
• Invocation property A subject cannot request service (invoke) at a higher integrity.

Answer 402

A

The Clark-Wilson model was developed after Biba and takes some different approaches to protecting the integrity of information. This model uses the following elements:
• Users Active agents
• Transformation procedures (TPs) Programmed abstract operations, such as read, write, and modify
• Constrained data items (CDIs) Can be manipulated only by TPs
• Unconstrained data items (UDIs) Can be manipulated by users via primitive read and write operations
• Integrity verification procedures (IVPs) Check the consistency of CDIs with external reality

Answer 403

A

The Brewer and Nash model, also called the Chinese Wall model, states that a subject can write to an object if, and only if, the subject cannot read another object that is in a different dataset. It was created to provide access controls that can change dynamically depending upon a user’s previous actions. The main goal of the model is to protect against conflicts of interest by users’ access attempts.

Answer 404

A

How to securely create an object
How to securely create a subject
How to securely delete an object
How to securely delete a subject
How to securely provide the read access right
How to securely provide the grant access right
How to securely provide the delete access right
How to securely provide transfer access rights

Answer 405

A

• Protection profile (PP) Description of a needed security solution.
保護配置文件（PP）所需安全解決方案的描述。
• Target of evaluation (TOE) Product proposed to provide a needed security solution.
評估目標（TOE）建議提供所需安全解決方案的產品。
• Security target Vendor’s written explanation of the security functionality and assurance mechanisms that meet the needed security solution—in other words, “This is what our product does and how it does it.”
供應商對安全功能和保證機制的書面說明，以滿足所需的安全解決方案
• Security functional requirements Individual security functions that must be provided by a product.
必須由產品提供的個人安全功能
• Security assurance requirements Measures taken during development and evaluation of the product to assure compliance with the claimed security functionality.
在開發和評估產品期間採取的措施，以確保符合聲明的安全功能
• Packages—EALs Functional and assurance requirements are bundled into packages for reuse. This component describes what must be met to achieve specific EAL ratings.
功能和保證要求捆綁到包中以便重複使用。該組件描述了實現特定EAL評級必須滿足的要求。

Answer 406

A

ISO/IEC 15408 is the international standard that is used as the basis for the evaluation of
security properties of products under the CC framework. It actually has three main parts:
• ISO/IEC 15408-1 Introduction and general model
• ISO/IEC 15408-2 Security functional components
• ISO/IEC 15408-3 Security assurance components

Answer 407

A

Aggregation is the act of combining information from separate sources. The combination of the data forms new information, which the subject does not have the necessary rights to access. The combined information has a sensitivity that is greater than that of the individual parts.

Answer 408

A

NIST Special Publication 800-82, “Guide to Industrial Control Systems (ICS) Security.”

Answer 409

A

In the programming world, maintenance hooks are a type of back door.

Answer 410

A

The strength of an encryption method comes from the algorithm, the secrecy of the key, the length of the key, the initialization vectors, and how they all work together within the cryptosystem.

Answer 411

A

One-Time Pad Requirements
For a one-time pad encryption scheme to be considered unbreakable, each pad in the scheme must be
• Made up of truly random values
• Used only one time
• Securely distributed to its destination
• Secured at sender’s and receiver’s sites
• At least as long as the message

Answer 412

A

Data Encryption Standard (DES)
Triple-DES (3DES)
Blowfish
International Data Encryption Algorithm (IDEA)
RC4, RC5, and RC6
Advanced Encryption Standard (AES)

Answer 413

A

Rivest-Shamir-Adleman (RSA)
Elliptic curve cryptosystem (ECC)
Diffie-Hellman
El Gamal
Digital Signature Algorithm (DSA)

Answer 414

A

Initialization vectors (IVs) are random values that are used with algorithms to ensure patterns are not created during the encryption process. They are used with keys and do not need to be encrypted when being sent to the destination.

Answer 415

A

DES Modes
•  Electronic Code Book (ECB)
•  Cipher Block Chaining (CBC)
•  Cipher Feedback (CFB)
•  Output Feedback (OFB)
•  Counter (CTR)

Answer 416

A

Cipher Feedback (CFB) Mode
can emulate a stream cipher
using CFB to encrypt 8-bit blocks is very common

Answer 417

A

Counter (CTR) Mode Counter (CTR)
this mode uses an IV counter that
increments for each plaintext block that needs to be encrypted.
which means no ciphertext is
brought forward to encrypt the next block.
CTR mode has been around for quite some time and is used in encrypting ATM cells for
virtual circuits, in IPSec, and in the wireless security standard IEEE 802.11i.
Since chaining is not involved, the destination can decrypt and begin processing the packets
without having to wait for the full message to arrive and then decrypt all the data.

Answer 418

A

Advanced Encryption Standard
a symmetric block cipher supporting key sizes of 128, 192, and 256 bits.
Out of these contestants, Rijndael was chosen. The block sizes that Rijndael supports are 128,
192, and 256 bits. The number of rounds depends upon the size of the block and the key length:
• If both the key and block size are 128 bits, there are 10 rounds.
• If both the key and block size are 192 bits, there are 12 rounds.
• If both the key and block size are 256 bits, there are 14 rounds.
Rijndael was NIST’s choice to replace DES. It is now the algorithm required to protect sensitive but unclassified U.S. government information.

Answer 419

A

International Data Encryption Algorithm (IDEA) is a block cipher and operates on 64-bit blocks of data.
The key is 128 bits long, and IDEA is faster than DES
when implemented in software.
IDEA is used in PGP and other encryption software implementations. It was thought to replace DES, but it is patented, meaning that licensing fees would have to be paid to use it.

Answer 420

A

Blowfish is a block cipher that works on 64-bit blocks of data. The key length can be anywhere from 32 bits up to 448 bits, and the data blocks go through 16 rounds of cryptographic functions.
Blowfish is unpatented,
and will remain so in all countries. The algorithm is hereby placed in the public domain, and can
be freely used by anyone.

Answer 421

A

• w = Word size, in bits, which can be 16, 32, or 64 bits in length
• r = Number of rounds, which can be 0 to 255
• b = Key size, in bytes
So RC5-32/12/16 would mean the following:
• 32-bit words, which means it encrypts 64-bit data blocks
• Using 12 rounds
• With a 16-byte (128-bit) key

Answer 422

A

A newer block mode combines CTR mode and CBC-MAC and is called CCM. The goal of using this mode is to provide both data origin authentication and encryption through the use of the same key. One key value is used for the counter values for CTR mode encryption and the IV value for CBC-MAC operations. The IEEE 802.11i wireless security standard outlines the use of CCM mode for the block cipher AES.

Answer 423

A

NIST Special Publication 800-57, Part 1 Revision 4: “Recommendation for Key Management, Part
1: General.”

Answer 424

A

Crime Prevention Through Environmental Design (CPTED) is a discipline that outlines how the
proper design of a physical environment can reduce crime by directly affecting human behavior.
It provides guidance in loss and crime prevention through proper facility construction and
environmental components and procedures.

Answer 425

A

CPTED provides three main strategies to bring together the physical environment and social behavior to increase overall protection:
natural access control
natural surveillance
natural territorial reinforcement

Answer 426

A

Bollards are short posts commonly used to prevent vehicular access and to protect a building or people walking on a sidewalk from vehicles. They can also be used to direct foot traffic.

Answer 427

A

Power excess:功率過剩
• Spike Momentary high voltage
• Surge Prolonged high voltage
Power loss:功率流失
• Fault Momentary power outage
• Blackout Prolonged, complete loss of electric power
Power degradation:電力下降
• Sag/dip Momentary low-voltage condition, from one cycle to a few seconds
• Brownout Prolonged power supply that is below normal voltage
• In-rush current Initial surge of current required to start a load

Answer 428

A

Power excess:功率過剩
• Spike Momentary high voltage
• Surge Prolonged high voltage
Power loss:功率流失
• Fault Momentary power outage
• Blackout Prolonged, complete loss of electric power
Power degradation:電力下降
• Sag/dip Momentary low-voltage condition, from one cycle to a few seconds
• Brownout Prolonged power supply that is below normal voltage
• In-rush current Initial surge of current required to start a load

Answer 429

A

Power excess:功率過剩
• Spike Momentary high voltage
• Surge Prolonged high voltage
Power loss:功率流失
• Fault Momentary power outage
• Blackout Prolonged, complete loss of electric power
Power degradation:電力下降
• Sag/dip Momentary low-voltage condition, from one cycle to a few seconds
• Brownout Prolonged power supply that is below normal voltage
• In-rush current Initial surge of current required to start a load

Answer 430

A

The OSI reference model, as described by ISO Standard 7498-1

Answer 431

A

The session layer protocol can enable communication between two applications to happen in three different modes:
• Simplex Communication takes place in one direction, though in practice this is very seldom the case.
• Half-duplex Communication takes place in both directions, but only one application can send information at a time.
• Full-duplex Communication takes place in both directions, and both applications can send information at the same time.

Answer 432

A

The data link layer is divided into two functional sublayers: the Logical Link Control (LLC) and the Media Access Control (MAC).
The LLC, which was originally defined in the IEEE 802.2 specification for Ethernet networks and is now also the ISO/IEC 8802-2 standard, communicates with the protocol immediately above it, the network layer.
The MAC will have the appropriately loaded protocols to interface with the protocol requirements of the physical layer.

Answer 433

A

The IEEE MAC specification for Ethernet is 802.3, Token Ring is 802.5, wireless LAN is 802.11, and so on. So when you see a reference to an IEEE standard, such as 802.11, 802.16, or 802.3, it refers to the protocol working at the MAC sublayer of the data link layer of a protocol stack.

Answer 434

A

Some of the protocols that work at the data link layer are the Point-to-Point Protocol (PPP), ATM, Layer 2 Tunneling Protocol (L2TP), FDDI, Ethernet, and Token Ring. Figure 4-8 shows the two sublayers that make up the data link layer.

Answer 435

A

Presentation
The services of the presentation layer handle translation into standard formats, data compression and decompression, and data encryption and decryption. No protocols work at this layer, just services. The following lists some of the presentation layer standards:
• American Standard Code for Information Interchange (ASCII)
• Extended Binary-Coded Decimal Interchange Mode (EBCDIC)
• Tagged Image File Format (TIFF)
• Joint Photographic Experts Group (JPEG)
• Motion Picture Experts Group (MPEG)
• Musical Instrument Digital Interface (MIDI)

Answer 436

A

Session
The session layer protocols set up connections between applications; maintain dialog control; and negotiate, establish, maintain, and tear down the communication channel. Some of the protocols that work at this layer include
• Network Basic Input Output System (NetBIOS)
• Password Authentication Protocol (PAP)
• Point-to-Point Tunneling Protocol (PPTP)
• Remote Procedure Call (RPC)

Answer 437

A

Data Link
The protocols at the data link layer convert data into LAN or WAN frames for transmission and define how a computer accesses a network. This layer is divided into the Logical Link Control (LLC) and the Media Access Control (MAC) sublayers. Some protocols that work at this layer include the following:
•  Address Resolution Protocol (ARP)
•  Reverse Address Resolution Protocol (RARP)
•  Point-to-Point Protocol (PPP)
•  Serial Line Internet Protocol (SLIP)
•  Ethernet (IEEE 802.3)
•  Token Ring (IEEE 802.5)
•  Wireless Ethernet (IEEE 802.11)

Answer 438

A

Distributed Network Protocol 3 The Distributed Network Protocol 3 (DNP3) is a communications protocol designed for use in SCADA systems, particularly those within the power sector. It is not a general-purpose protocol like IP, nor does it incorporate routing functionality. SCADA systems typically have a very flat hierarchical architecture in which sensors and actuators are connected to remote terminal units (RTUs). The RTUs aggregate data from one or more of these devices and relay it to the SCADA master, which includes a human-machine interface (HMI) component. Control instructions and configuration changes are sent from the SCADA master to the RTUs and then on to the sensors and actuators.

Answer 439

A

Registered ports are 1024 to 49151, which can be registered with the Internet Corporation for Assigned Names and Numbers (ICANN) for a particular use. Vendors register specific ports to map to their proprietary software. Dynamic ports are 49152 to 65535 and are available to be used by any application on an “as needed” basis.

Answer 440

A

The cable types match with the maximum lengths as follows:
1.  Category 5e:  300 feet.
2.  Coaxial (RG-58):  500 feet.
3.  Fiber optic:  1+ kilometers.
#300 feet = 91.44 公尺

Answer 441

A

The higher the frequency, the more data the signal can carry, but the higher the frequency, the more susceptible the signal is to atmospheric interference. Normally, a higher frequency can carry more data, but over a shorter distance.

Answer 442

A

The three core deficiencies with WEP are the use of static encryption keys, the ineffective use of initialization vectors, and the lack of packet integrity assurance. The WEP protocol uses the RC4 algorithm, which is a stream-symmetric cipher. Symmetric means the sender and receiver must use the exact same key for encryption and decryption purposes. The 802.11 standard does not stipulate how to update these keys through an automated process, so in most environments, the RC4 symmetric keys are never changed out.

Answer 443

A

In most WEP implementations, the same IV values are used over and over again in this process, and since the same symmetric key (or shared secret) is generally used, there is no way to provide effective randomness in the key stream that is generated by the algorithm. The appearance of patterns allows attackers to reverse-engineer the process to uncover the original encryption key, which can then be used to decrypt future encrypted traffic.

Answer 444

A

In WEP, there are certain circumstances in which the receiver cannot detect whether an alteration to the frame has taken place; thus, there is no true integrity assurance.

Answer 445

A

The full 802.11i (WPA2) has a major advantage over WPA by providing encryption protection with the use of the AES algorithm in counter mode with CBC-MAC (CCM), which is referred to as the Counter Mode Cipher Block Chaining Message Authentication Code Protocol (CCM Protocol or CCMP). AES is a more appropriate algorithm for wireless than RC4 and provides a higher level of protection. WPA2 defaults to CCMP, but can switch down to TKIP and RC4 to provide backward compatibility with WPA devices and networks.

Answer 446

A

The 802.1X technology actually provides an authentication framework and a method of dynamically distributing encryption keys. The three main entities in this framework are the supplicant (wireless device), the authenticator (AP), and the authentication server (usually a RADIUS server).

Answer 447

A

A bridge is a LAN device used to connect LAN segments. It works at the data link layer and therefore works with MAC addresses.
If the MAC address is not on the local network segment, the bridge forwards the frame to the necessary network segment.
A translation bridge does what its name implies—it translates between the two network types.

Answer 448

A

Do not confuse routers with bridges. Routers work at the network layer and filter packets based on IP addresses, whereas bridges work at the data link layer and filter frames based on MAC addresses. Routers usually do not pass broadcast information, but bridges do pass broadcast information.

Answer 449

A

Routers are layer 3, or network layer, devices that are used to connect similar or different networks.
It can filter traffic based on access control lists (ACLs),
and it fragments packets when necessary.

Answer 450

A

The IEEE standard that defines how VLANs are to be constructed and how tagging should take place to allow for interoperability is IEEE 802.1Q.

Answer 451

A

Gateway is a general term for software running on a device that connects two different environments and that many times acts as a translator for them or somehow restricts their interactions.
ex:IPX & FDDI

Answer 452

A

Repeater  work at Physical layer
Bridge  work at Data link layer
Router  work at Network layer
Switch  work at Data link layer
Gateway  work at Application layer

Answer 453

A

A Private Branch Exchange (PBX) is a private telephone switch that is located on a company’s property. This switch performs some of the same switching tasks that take place at the telephone company’s central office. The PBX has a dedicated connection to its local telephone company’s central office, where more intelligent switching takes place.

Answer 454

A

The types of firewalls we will review are
•  Packet filtering-first generation
•  Stateful
•  Proxy
•  Dynamic packet filtering
•  Kernel proxy
We will then dive into the three main firewall architectures, which are
•  Screened host
•  Multihome
•  Screened subnet

Answer 455

A

Packet filtering is also known as stateless inspection because the device does not understand the context that the packets are working within. This means that the device does not have the capability to understand the “full picture” of the communication that is taking place between two systems, but can only focus on individual packet characteristics.

Answer 456

A

stateful firewalls understand and keep track of a full communication session, not just the individual packets that make it up. Stateless firewalls make their decisions for each packet based solely on the data contained in that individual packet. Stateful firewalls accumulate data about the packets they see and use that data in an attempt to match incoming and outgoing packets to determine which packets may be part of the same network communications session. By evaluating a packet in the larger context of a network communications session, a stateful firewall has much more complete information than a stateless firewall and can therefore more readily recognize and reject packets that may be part of a network protocol–based attack.

Answer 457

A

Stateful-Inspection Firewall Characteristics
• Maintains a state table that tracks each and every communication session
• Provides a high degree of security and does not introduce the performance hit that application proxy firewalls introduce
• Is scalable and transparent to users
• Provides data for tracking connectionless protocols such as UDP and ICMP
• Stores and updates the state and context of the data within the packets

Answer 458

A

A circuit-level proxy creates a connection (circuit) between the two communicating systems.
It works at the session layer of the OSI model and monitors traffic from a network-based view.
This type of proxy cannot “look into” the contents of a packet; thus, it does not carry out deeppacket inspection.

Answer 459

A

packet filtering work at network layer
stateful filtering work at network layer
application-level filtering work at application layer
circuit-lecel filtering work at session layer

Answer 460

A

Sometimes a screened-host architecture is referred to as a single-tiered configuration and a screened subnet is referred to as a two-tiered configuration. If three firewalls create two separate DMZs, this may be called a three-tiered configuration.
#幾tiered還是看他保護幾個區域，不是看有幾個防火牆

Answer 461

A

Circuit switching:
•  Connection-oriented virtual links.
•  Traffic travels in a predictable and constant manner.
•  Fixed delays.
•  Usually carries voice-oriented data.
Packet switching:
•  Packets can use many different dynamic paths to get to the same destination.
•  Traffic is usually bursty in nature.
•  Variable delays.
•  Usually carries data-oriented data.

Answer 462

A

QoS allows a service provider to guarantee a level of service to its customers.
Four different types of ATM QoS services (listed next) are available to customers. Each service maps to a specific type of data that will be transmitted.
• Constant bit rate (CBR) A connection-oriented channel that provides a consistent data throughput for time-sensitive applications, such as voice and video applications. Customers specify the necessary bandwidth requirement at connection setup.
• Variable bit rate (VBR) A connection-oriented channel best used for delay-insensitive applications because the data throughput flow is uneven. Customers specify their required peak and sustained rate of data throughput.
• Unspecified bit rate (UBR) A connectionless channel that does not promise a specific data throughput rate. Customers cannot, and do not need to, control their traffic rate.
• Available bit rate (ABR) A connection-oriented channel that allows the bit rate to be adjusted. Customers are given the bandwidth that remains after a guaranteed service rate has been met.

Answer 463

A

PPP carries out several functions, including the encapsulation of multiprotocol packets; it has a Link Control Protocol (LCP) that establishes, configures, and maintains the connection; Network Control Protocols (NCPs) are used for network layer protocol configuration; and it provides user authentication capabilities through Password Authentication Protocol (PAP), Challenge Handshake Authentication Protocol (CHAP), and Extensible Authentication Protocol (EAP).

Answer 464

A

xDSL
Many different flavors of DSL are available, each with its own characteristics and specific uses:
• Symmetric DSL (SDSL) Data travels upstream and downstream at the same rate.
Bandwidth can range between 192 Kbps and 1.1 Mbps. Used mainly for business applications that require high speeds in both directions.
• Asymmetric DSL (ADSL) Data travels downstream faster than upstream. Upstream speeds are 128 Kbps to 384 Kbps, and downstream speeds can be as fast as 768 Kbps.
Generally used by residential users.
• High-bit-rate DSL (HDSL) Provides T1 (1.544 Mbps) speeds over regular copper phone wire without the use of repeaters. Requires two twisted pairs of wires, which many voice-grade UTP lines do not have.
• Very High-Data-Rate Digital Subscriber Line (VDSL) VDSL is basically ADSL at much higher data rates (13 Mbps downstream and 2 Mbps upstream). It is capable of supporting high-bandwidth applications such as HDTV, telephone services (voice over IP), and general Internet access over a single connection.
• Rate-Adaptive Digital Subscriber Line (RADSL) Rate-adaptive feature that will adjust the transmission speed to match the quality and the length of the line.

Answer 465

A

Internet Protocol Security
IPSec is a suite of protocols that was developed to specifically protect IP traffic. IPv4 does not have any integrated security, so IPSec was developed to “bolt onto” IP and secure the data the protocol transmits. Where PPTP and L2TP work at the data link layer, IPSec works at the network layer of the OSI model. The main protocols that make up the IPSec suite and their basic functionality are as follows:
• Authentication Header (AH) Provides data integrity, data-origin authentication, and protection from replay attacks
• Encapsulating Security Payload (ESP) Provides confidentiality, data-origin authentication, and data integrity
• Internet Security Association and Key Management Protocol (ISAKMP) Provides a framework for security association creation and key exchange
• Internet Key Exchange (IKE) Provides authenticated keying material for use with ISAKMP

Answer 466

A

Point-to-Point Tunneling Protocol (PPTP):
•  Works in a client/server model
•  Extends and protects PPP connections
•  Works at the data link layer
•  Transmits over IP networks only

Answer 467

A

Layer 2 Tunneling Protocol (L2TP):
•  Hybrid of L2F and PPTP
•  Extends and protects PPP connections
•  Works at the data link layer
•  Transmits over multiple types of networks, not just IP
•  Combined with IPSec for security

Answer 468

A

IPSec:
• Handles multiple VPN connections at the same time
• Provides secure authentication and encryption
• Supports only IP networks
• Focuses on LAN-to-LAN communication rather than user-to-user communication
• Works at the network layer, and provides security on top of IP

Answer 469

A

Transport Layer Security (TLS):
• Works at the session layer and protects mainly web and e-mail traffic
• Granular access control and configuration are available
• Easy deployment since TLS is already embedded into web browsers
• Can only protect a small number of protocol types, thus is not an infrastructure-level VPN solution

Answer 470

A

One VPN solution is not necessarily better than the other; they just have their own focused purposes:
• PPTP is used when a PPP connection needs to be extended through an IP-based network.
• L2TP is used when a PPP connection needs to be extended through a non–IP-based network.
• IPSec is used to protect IP-based traffic and is commonly used in gateway-to-gateway connections.
• TLS VPN is used when a specific application layer traffic type needs protection.

Answer 471

A

實際上，EAP不是PAP和CHAP的特定認證協議。相反，它提供了一個框架，可以在建立網絡連接時使用多種類型的身份驗證技術。顧名思義，它將身份驗證的可能性從標準（PAP和CHAP）擴展到其他方法，例如一次性密碼，令牌卡，生物識別，Kerberos，數字證書和未來機制。因此，當用戶連接到身份驗證服務器並且都具有EAP功能時，他們可以在更長的可能身份驗證方法列表之間進行協商。

Answer 472

A

Encryption at Different Layers
In reality, encryption can happen at different layers of an operating system and network stack.
The following are just a few examples:
• End-to-end encryption happens within the applications.
• TLS encryption takes place at the session layer.
• PPTP encryption takes place at the data link layer.
• Link encryption takes place at the data link and physical layers.

Answer 473

A

PGP does not use a hierarchy of CAs, or any type of formal trust certificates, but instead relies on a “web of trust” in its key management approach. Each user generates and distributes his or her public key, and users sign each other’s public keys, which creates a community of users who trust each other.

Answer 474

A

Type 1 =>Something you know
Type 2 =>Something you have
Type 3 =>Something you are
Type 4 =>Somewhere you are (type 5 => Something you do)
https: //medium.com/@renansdias/the-5-factors-of-authentication-bcb79d354c13

Answer 475

A

視網膜掃描

Answer 476

A

Directories
Most enterprises have some type of directory that contains information pertaining to the company’s network resources and users. Most directories follow a hierarchical database format, based on the X.500 standard, and a type of protocol, as in Lightweight Directory Access Protocol (LDAP), that allows subjects and applications to interact with the directory.

Answer 477

A

When a biometric system rejects an authorized individual, it is called a Type I error (false rejection rate [FRR]).
When the system accepts impostors who should be rejected, it is called a Type II error (false acceptance rate [FAR]).
The goal is to obtain low numbers for each type of error, but Type II errors are the most dangerous and thus the most important to avoid.
When comparing different biometric systems, many different variables are used, but one of the most important metrics is the crossover error rate (CER). This rating is stated as a percentage and represents the point at which the false rejection rate equals the false acceptance rate. This rating is the most important measurement when determining the system’s accuracy.
A biometric system that delivers a CER of 3 will be more accurate than a system that delivers a CER of 4.

Answer 478

A

The main difference between memory cards and smart cards is their capacity to process information. A memory card holds information but cannot process information. A smart card holds information and has the necessary hardware and software to actually process that information.

Answer 479

A

In the industry today, lack of interoperability is a big problem. An ISO/IEC standard, 14443, outlines the following items for smart card standardization

Answer 480

A

The need-to-know principle is similar to the least-privilege principle. It is based on the concept that individuals should be given access only to the information they absolutely require in order to perform their job duties.

Answer 481

A

Kerberos is an open protocol, meaning that vendors can manipulate it to work properly within their products and environments. The industry has different “flavors” of Kerberos, since various vendors require different functionality.

Answer 482

A

Single Sign-On Technologies: A Summary
• Kerberos Authentication protocol that uses a KDC and tickets, and is based on symmetric key cryptography
• Security domains Resources working under the same security policy and managed by the same group
• Directory services Technology that allows resources to be named in a standardized manner and access control to be maintained centrally
• Thin clients Terminals that rely upon a central server for access control, processing, and storage

Answer 483

A

A federated identity is a portable identity, and its associated entitlements, that can be used across business boundaries. It allows a user to be authenticated across multiple IT systems and enterprises. Identity federation is based upon linking a user’s otherwise distinct identities at two or more locations without the need to synchronize or consolidate directory information. Federated identity offers businesses and consumers a more convenient way of accessing distributed resources and is a key component of e-commerce.

Answer 484

A

SPML allows for the automation of user management (account creation, amendments, revocation) and access entitlement configuration related to electronically published services across multiple provisioning systems.

Answer 485

A

SPML is made up of three main entities: the Requesting Authority (RA), which is the entity that is making the request to set up a new account or make changes to an existing account; the Provisioning Service Provider (PSP), which is the software that responds to the account requests; and the Provisioning Service Target (PST), which is the entity that carries out the provisioning activities on the requested system.

Answer 486

A

When there is a need to allow a user to log in one time and gain access to different and separate web-based applications, the actual authentication data has to be shared between the systems maintaining those web applications securely and in a standardized manner. This is the role that the Security Assertion Markup Language (SAML) plays. It is an XML standard that allows the exchange of authentication and authorization data to be shared between security domains.
SAML provides the authentication pieces to federated identity management systems to allow business-to-business (B2B) and business-to-consumer (B2C) transactions.

Answer 487

A

XML-based standard we will look at is Extensible Access Control Markup Language (XACML). XACML is used to express security policies and access rights to assets provided through web services and other enterprise applications. SAML is just a way to send around your authentication information, as in a password, key, or digital certificate, in a standard format.
XACML is both an access control policy language and a processing model that allows for policies to be interpreted and enforced in a standard manner.

Answer 488

A

OpenID, currently in version 1.0, defines three roles:
• End user The user who wants to be authenticated in order to use a resource
• Relying party The server that owns the resource that the end user is trying to access
• OpenID provider The IdP (e.g., Google) in which the end user already has an account and which will authenticate the user to the relying party

Answer 489

A

The latest version of OAuth, which is version 2.0, is defined in Request for Comments (RFC) 6749. It defines four roles as described here:
• Client A process that requests access to a protected resource. It is worth noting that this term describes the relationship of an entity with a resource provider in a client/server architecture. This means the “client” could actually be a web service (e.g., LinkedIn) that makes requests from another web service (e.g., Google).
• Resource server The server that controls the resource that the client is trying to access.
• Authorization server The system that keeps track of which clients are allowed to use which resources, and issues access tokens to those clients.
• Resource owner Whoever owns a protected resource and is able to grant permissions for others to use it. These permissions are usually granted through a consent dialog box. The resource owner is typically an end user, but could be an application or service.

Answer 490

A

OpenID
SAML based SSO, consumer websites and apps.
Roles:
OpenID Provider: Verifies End user.
Resource Party: Wants to verify the user.
End User: who wants access
Example: Facebook App (Consumer) asking for permission from (End User) to grant access to your Facebook Profile (Provider)
OpenID Connect(OIDC):
OpenID Connect (OIDC) is an authentication layer built on the OAuth 2.0 protocol. It allows transparent authentication and authorization of client resource requests
Uses JSON Web Tokens (JWT) and REST to retrieve JWT. Can retrieve user profiles.
Vulnerable to Phishing attacks.

Answer 491

A

Remote Authentication Dial-In User Service (RADIUS) is a network protocol that provides client/server authentication and authorization, and audits remote users. A network may have access servers, a modem pool, DSL, ISDN, or a T1 line dedicated for remote users to communicate through.
The access server and customer’s software negotiate through a handshake procedure
and agree upon an authentication protocol (PAP, CHAP, or EAP).
RADIUS was developed by Livingston Enterprises for its network access server product series, but was then published as a set of standards (RFC 2865 and RFC 2866). This means it is an open protocol that any vendor can use and manipulate so it will work within its individual products.

Answer 492

A

TACACS has been through three generations: TACACS, Extended TACACS (XTACACS), and TACACS+. TACACS combines its authentication and authorization processes; XTACACS separates authentication, authorization, and auditing processes; and TACACS+ is XTACACS with extended two-factor user authentication. TACACS uses fixed passwords for authentication, while TACACS+ allows users to employ dynamic (onetime) passwords, which provides more protection.
TACACS+ is really not a new generation of TACACS and XTACACS; it is a distinct protocol that provides similar functionality and shares the same naming scheme. Because it is a totally different protocol, it is not backward-compatible with TACACS or XTACACS.

Answer 493

A

Diameter is another AAA protocol that provides the same type of functionality as RADIUS and TACACS+ but also provides more flexibility and capabilities to meet the new demands of today’s complex and diverse networks.
Today, we want our wireless devices and smartphones to be able to authenticate themselves to our networks, and we use roaming protocols, Mobile IP, Ethernet over PPP, Voice over IP (VoIP), and other crazy stuff that the traditional AAA protocols cannot keep up with.

Answer 494

A

An access control matrix is a table of subjects and objects indicating what actions individual subjects can take upon individual objects. Matrices are data structures that programmers implement as table lookups that will be used and enforced by the operating system.
This type of access control is usually an attribute of DAC models. The access rights can be assigned directly to the subjects (capabilities) or to the objects (ACLs).

Answer 495

A

Capability Table A capability table specifies the access rights a certain subject possesses pertaining to specific objects. A capability table is different from an ACL because the subject is bound to the capability table, whereas the object is bound to the ACL.
An example of a capability-based system is Kerberos. In this environment, the user is given a ticket, which is his capability table.

Answer 496

A

Access Control Lists Access control lists (ACLs) are used in several operating systems, applications, and router configurations. They are lists of subjects that are authorized to access a specific object, and they define what level of authorization is granted. Authorization can be specific to an individual, group, or role.

Answer 497

A

TEMPEST started out as a study carried out by the DoD and then turned into a standard that outlines how to develop countermeasures that control spurious electrical signals emitted by electrical equipment.

Answer 498

A

Just to make life a little more confusing, HIDS and NIDS can be one of the types, as listed next.
Signature-based:
•  Pattern matching
•  Stateful matching
Anomaly-based:
•  Statistical anomaly–based
•  Protocol anomaly–based
•  Traffic anomaly–based
•  Rule- or heuristic-based

Answer 499

A

When performing a penetration test, the team goes through a five-step process:

Discovery Footprinting and gathering information about the target
Enumeration Performing port scans and resource identification methods
Vulnerability mapping Identifying vulnerabilities in identified systems and resources
Exploitation Attempting to gain unauthorized access by exploiting vulnerabilities
Report to management Delivering to management documentation of test findings along with suggested countermeasures

Answer 500

A

War dialing allows attackers and administrators to dial large blocks of phone numbers in search of available modems

Answer 501

A

Real user monitoring (RUM) is a passive way to monitor the interactions of real users with a web application or system. It uses agents to capture metrics such as delay, jitter, and errors from the user’s perspective. RUM differs from synthetic transactions in that it uses real people instead of scripted commands.

Answer 502

A

Synthetic transactions are very predictable and can be very regular, because their behaviors are scripted. They can also detect rare occurrences more reliably than waiting for a user to actually trigger that behavior. Synthetic transactions also have the advantage of not having to wait for a user to become dissatisfied or encounter a problem, which makes them a more proactive(主動的) approach.

Answer 503

A

Fagan testing is a detailed code review that steps through planning, overview, preparation, inspection, rework, and follow-up phases.

Answer 504

A

Defensive programming is a best practice that all software development operations should adopt. In a nutshell, it means that as you develop or review the code, you are constantly looking for opportunities for things to go badly. Perhaps the best example of defensive programming is the practice of treating all inputs, whether they come from a keyboard, a file, or the network, as untrusted until proven otherwise.

Answer 505

A

First, all new users should be required to read through and acknowledge they understand (typically by signing) all policies that apply to them. At a minimum, every organization should have (and every user should sign) an acceptable use policy (AUP) that specifies what the organization considers acceptable use of the information systems that are made available to the employee.

Answer 506

A

Checklist Test In this type of test, copies of the DRP or BCP are distributed to the different departments and functional areas for review. This enables each functional manager to review the plan and indicate if anything has been left out or if some approaches should be modified or deleted. This method ensures that nothing is taken for granted or omitted, as might be the case in a single-department review. Once the departments have reviewed their copies and made suggestions, the planning team then integrates those changes into the master plan.
The checklist test is also called the desk check test.

Answer 507

A

Structured Walk-Through Test In this test, representatives from each department or functional area come together and go over the plan to ensure its accuracy. The group reviews the objectives of the plan; discusses the scope and assumptions of the plan; reviews the organization and reporting structure; and evaluates the testing, maintenance, and training requirements described. This gives the people responsible for making sure a disaster recovery happens effectively and efficiently a chance to review what has been decided upon and what is expected of them. The group walks through different scenarios of the plan from beginning to end to make sure nothing was left out. This also raises the awareness of team members about the recovery procedures.

Answer 508

A

Tabletop Exercises Tabletop exercises (TTXs) may or may not happen at a tabletop, but they do not involve a technical control infrastructure. TTXs can happen at an executive level (e.g., CEO, CIO, CFO) or at a team level (e.g., security operations center [SOC]), or anywhere in between. The idea is usually to test out procedures and ensure they actually do what they’re intended to and that everyone knows their role in responding to an event. TTXs require relatively few resources apart from deliberate planning by qualified individuals and the undisturbed time and attention of the participants.

Answer 509

A

Simulation Test This type of test takes a lot more planning and people. In this situation, all employees who participate in operational and support functions, or their representatives, come together to practice executing the disaster recovery plan based on a specific scenario. The scenario is used to test the reaction of each operational and support representative. Again, this is done to ensure specific steps were not left out and that certain threats were not overlooked. It raises the awareness of the people involved. The drill includes only those materials that will be available in an actual disaster to portray a more realistic environment. The simulation test continues up to the point of actual relocation to an offsite facility and actual shipment of replacement equipment.

Answer 510

A

Parallel Test In a parallel test, some systems are moved to the alternate site and processing takes place. The results are compared with the regular processing that is done at the original site. This ensures that the specific systems can actually perform adequately at the alternate offsite facility, and points out any tweaking or reconfiguring that is necessary.

Answer 511

A

Security training is the process of teaching a skill or set of skills that will allow people to perform specific functions better.
Security awareness training, on the other hand, is the process of exposing people to security issues so that they may be able to recognize them and better respond to them.
Security training is typically provided to security personnel, while security awareness training should be provided to every member of the organization.

Answer 512

A

The threshold is a baseline for violation activities that may be normal for a user to commit before alarms are raised. This baseline is referred to as a clipping level. Once this clipping level has been exceeded, further violations are recorded for review. The goal of using clipping levels, auditing, and monitoring is to discover problems before major damage occurs and, at times, to be alerted if a possible attack is underway within the network.

Answer 513

A

The risk analysis results will also help indicate what height of fencing the organization should implement. Fences come in varying heights, and each height provides a different level of security:
•  Fences three to four feet high only deter casual trespassers.
•  Fences six to seven feet high are considered too high to climb easily.
•  Fences eight feet high (possibly with strands of barbed or razor wire at the top) means you are serious about protecting your property. They often deter the more determined intruder.
#Critical areas should have fences at least eight feet high to provide the proper level of protection.

Answer 514

A

Two main types of lenses are used in CCTV: fixed focal length and zoom (varifocal).
The focal length of a lens defines its effectiveness in viewing objects from a horizontal and vertical view. The focal length value relates to the angle of view that can be achieved. Short focal length lenses provide wider-angle views, while long focal length lenses provide a narrower view.

Answer 515

A

Provisioning is only one part of a cyclical asset management process that can be divided into four phases: business case, acquisition, operation and maintenance (O&M), and retirement.

Answer 516

A

Change Control Process
• Request for a change to take place Requests should be presented to an individual or group that is responsible for approving changes and overseeing the activities of changes that take place within an environment.
• Approval of the change The individual requesting the change must justify the reasons and clearly show the benefits and possible pitfalls of (that is, risk introduced by) the change. Sometimes the requester is asked to conduct more research and provide more information before the change is approved.
• Documentation of the change Once the change is approved, it should be entered into a change log. The log should be updated as the process continues toward completion. Denied requests must also be documented, so that there is a record of the rationale for not making the change.
• Tested and presented The change must be fully tested to uncover any unforeseen results. Regardless of how well we test, there is always a chance that the change will cause an unacceptable loss or outage, so every change request should also have a rollback plan that restores the system to the last known-good configuration. Depending on the severity of the change and the company’s organization, the change and implementation may need to be presented to a change control committee. This helps show different sides to the purpose and outcome of the change and the possible ramifications.
• Implementation Once the change is fully tested and approved, a schedule should be developed that outlines the projected phases of the change being implemented and the necessary milestones. These steps should be fully documented and progress should be monitored.

Answer 517

A

An operating system’s response to a type of failure can be classified as one of the following:
• System reboot
• Emergency system restart
• System cold start

Answer 518

A

A system reboot takes place after the system shuts itself down in a controlled manner in response to a kernel failure. If the system finds inconsistent data structures or if there is not enough space in some critical tables, a system reboot may take place. This releases resources and returns the system to a more stable and safe state.

Answer 519

A

An emergency system restart takes place after a system failure happens in an uncontrolled manner. This could be a kernel or media failure caused by lower-privileged user processes attempting to access memory segments that are restricted. The system sees this as an insecure activity that it cannot properly recover from without rebooting. The kernel and user objects could be in an inconsistent state, and data could be lost or corrupted. The system thus goes into a maintenance mode and recovers from the actions taken. Then it is brought back up in a consistent and stable state.

Answer 520

A

A system cold start takes place when an unexpected kernel or media failure happens and the regular recovery procedure cannot recover the system to a more consistent state. The system, kernel, and user objects may remain in an inconsistent state while the system attempts to recover itself, and intervention may be required by the user or administrator to restore the system.

Answer 521

A

Companies should have an acceptable use policy (AUP), which indicates what software users can install and informs users that the environment will be surveyed from time to time to verify compliance.

Answer 522

A

Mean time between failures (MTBF) is a measure of how long we expect a piece of equipment to operate reliably.
#MTBF implies that the device or component is repairable. If it isn’t, then we use the term mean time to failure (MTTF).

Answer 523

A

Mean time to repair (MTTR) is the expected amount of time it will take to get a device fixed and back into production after its failure.

Answer 524

A

BCP addresses how to keep the organization in business after a disaster takes place. It is about the survivability of the organization and making sure that critical functions can still take place even after a disaster.
Contingency plans address how to deal with small incidents that do not qualify as disasters, as in power outages, server failures, a down communication link to the Internet, or the corruption of software. It is important that

Answer 525

A

NIST Special Publication 800-137, “Information Security Continuous Monitoring (ISCM) for Federal Information Systems and Organizations,” defines information security continuous monitoring as “maintaining ongoing awareness of information security, vulnerabilities, and threats to support organizational risk management decisions.”

Answer 526

A

There is a distinction here between logging, monitoring, and continuous monitoring. Your logging policies should be pretty permissive. Data storage is cheap and you want to capture as much data as you can in case you ever need it. Monitoring is more limited because it typically requires a human to personally do it, or at least to deal with the reports (such as SIEM alerts) that come out of it.

Answer 527

A

Patch Management
According to NIST Special Publication 800-40, Revision 3, “Guide to Enterprise Patch Management Technologies,” patch management is “the process for identifying, acquiring, installing, and verifying patches for products and systems.” Patches are software updates intended to remove a vulnerability or defect in the software, or to provide new features or functionality for it. Patch management is, at least in a basic way, an established part of organizations’ IT or security operations already.

Answer 528

A

(ISC) 2 has broken out these four basic actions and prescribes seven phases in the incident management process: detect, respond, mitigate, report, recover, remediate, and learn. An event is any occurrence that can be observed, verified, and documented, whereas an incident is one or more related events that negatively affect the company and/or impact its security posture.

Answer 529

A

The Cyber Kill Chain

Reconnaissance The adversary has developed an interest in your organization as a target and begins a deliberate information-gathering effort to find vulnerabilities.
Weaponization Armed with detailed-enough information, the adversary determines the best way into your systems and begins preparing and testing the weapons to be used against you.
Delivery In this phase, the cyber weapon is delivered into your system. In over 95 percent of the published cases, this delivery happens via e-mail and usually in the form of a link to a malicious website.
Exploitation The malicious software is executing on a CPU within your network. This may have launched when the target user clicked a link, opened an attachment, visited a website, or plugged in a USB thumb drive. It could also (in somewhat rare cases) be the result of a remote exploit. One way or another, the attacker’s software is now running in your systems.
Installation Most malicious software is delivered in stages. First, there is the exploit that compromised the system in the prior step. Then, some other software is installed in the target system to ensure persistence, ideally with a good measure of stealth.
Command and Control (C&C) Once the first two stages of the software (exploit and persistence) have been executed, most malware will “phone home” to the attackers to let them know the attack was successful and to request updates and instructions.
Actions on the Objective Finally, the malware is ready to do whatever it is it was designed to do. Perhaps the intent is to steal intellectual property and send it to an overseas server. Or perhaps this particular effort is an early phase in a grander attack, so the malware will pivot off the compromised system. Whatever the case, the attacker has won at this point.

Answer 530

A

According to NIST Special Publication 800-61, Revision 2, “Computer Security Incident Handling Guide,” the following information should be reported for each incident:
• Summary of the incident
• Indicators
• Related incidents
• Actions taken
• Chain of custody for all evidence (if applicable)
• Impact assessment
• Identity and comments of incident handlers
• Next steps to be taken

Answer 531

A

The Forensic Investigation Process
•  Identification
•  Preservation
•  Collection
•  Examination
•  Analysis
•  Presentation
•  Decision

Answer 532

A

A chain of custody is a history that shows how evidence was collected, analyzed, transported, and preserved in order to be presented in court. Because electronic evidence can be easily modified, a clearly defined chain of custody demonstrates that the evidence is trustworthy.

Answer 533

A

The work recovery time (WRT) is the remainder of the overall MTD value after the RTO has passed. RTO usually deals with getting the infrastructure and systems back up and running, and WRT deals with restoring data, testing processes, and then making everything “live” for production purposes.

Answer 534

A

Disruptions, in BCP terms, are of three main types: nondisasters, disasters, and catastrophes.
A nondisaster is a disruption in service that has significant but limited impact on the conduct of business processes at a facility. The solution could include hardware, software, or file restoration.
A disaster is an event that causes the entire facility to be unusable for a day or longer. This usually requires the use of an alternate processing facility and restoration of software and data from offsite copies. The alternate site must be available to the company until its main facility is repaired and usable.
A catastrophe is a major disruption that destroys the facility altogether. This requires both a short-term solution, which would be an offsite facility, and a long-term solution, which may require rebuilding the original facility. Disasters and catastrophes are rare compared to nondisasters, thank goodness.

Answer 535

A

Hot Site Advantages:
• Ready within hours for operation
• Highly available
• Usually used for short-term solutions, but available for longer stays
• Annual testing available
Hot Site Disadvantages:
• Very expensive
• Limited on hardware and software choices
Warm and Cold Site Advantages:
• Less expensive
• Available for longer timeframes because of the reduced costs
• Practical for proprietary hardware or software use
Warm and Cold Site Disadvantages:
• Operational testing not usually available
• Resources for operations not immediately available

Answer 536

A

Most companies choose to combine a full backup with a differential or incremental backup.
A differential process backs up the files that have been modified since the last full backup. When the data needs to be restored, the full backup is laid down first, and then the most recent differential backup is put down on top of it. The differential process does not change the archive bit value.

Answer 537

A

Most companies choose to combine a full backup with a differential or incremental backup.
An incremental process backs up all the files that have changed since the last full or incremental backup and sets the archive bit to 0. When the data needs to be restored, the full backup data is laid down, and then each incremental backup is laid down on top of it in the proper order.

Answer 538

A

The first step is to do a full backup, which is just what it sounds like—all data is backed up and saved to some type of storage media. During a full backup, the archive bit is cleared, which means that it is set to 0. A company can choose to do full backups only, in which case the restoration process is just one step, but the backup and restore processes could take a long time.

Answer 539

A

Whatever the organization chooses, it is important to not mix differential and incremental backups. This overlap could cause files to be missed, since the incremental backup changes the archive bit and the differential backup does not.

Answer 540

A

The Safeguards Rule in the Gramm-Leach-Bliley Act (GLBA) requires financial institutions to have information security programs that protect consumers’ personal financial information from anticipated threats and/or unauthorized access.

Answer 541

A

NIST Special Publication 800-34, Revision 1, “Contingency Planning Guide for Federal Information Systems,”

Answer 542

A

There have been several software development life cycle (SDLC) models developed over the years, which we will cover later in this section, but the crux of each model deals with the following phases:
• Requirements gathering Determine why to create this software, what the software will do, and for whom the software will be created
• Design Deals with how the software will accomplish the goals identified, which are encapsulated into a functional design
• Development Programming software code to meet specifications laid out in the design phase and integrating that code with existing systems and/or libraries
• Testing Verifying and validating software to ensure that the software works as planned and that goals are met
• Operations and maintenance Deploying the software and then ensuring that it is properly configured, patched, and monitored

Answer 543

A

PMBOK® Guide Concept of the Project Life Cycle
Phase 1: Project Initiation
Phase 2: Project Planning
Phase 3: Project Execution
Phase 4: Project Performance/Monitoring
Phase 5: Project Closure

Answer 544

A

The term static analysis is generally reserved for automated tools that assist analysts and developers, whereas manual inspection by humans is generally referred to as code review.
However, it must be remembered that static code analysis can never reveal logical errors and design flaws, and therefore must be used in conjunction with manual code review to ensure thorough evaluation.

Answer 545

A

The following are some of the most common
testing approaches:
• Unit testing Testing individual components in a controlled environment where programmers validate data structure, logic, and boundary conditions
• Integration testing Verifying that components work together as outlined in design specifications
• Acceptance testing Ensuring that the code meets customer requirements
• Regression testing After a change to a system takes place, retesting to ensure functionality, performance, and protection

Answer 546

A

Verification vs. Validation
Verification determines if the product accurately represents and meets the specifications. After all, a product can be developed that does not match the original specifications, so this step ensures the specifications are being properly met.
It answers the question: Did we build the product right?
Validation determines if the product provides the necessary solution for the intended real world problem. In large projects, it is easy to lose sight of the overall goal. This exercise ensures that the main goal of the project is met.
It answers the question: Did we build the right product?

Answer 547

A

SDLC and Security
The main phases of a software development life cycle are shown here with some specific security tasks.
Requirements gathering:
•  Security risk assessment
•  Privacy risk assessment
•  Risk-level acceptance
•  Informational, functional, and behavioral requirements
Design:
•  Attack surface analysis
•  Threat modeling
Development:
•  Automated CASE tools
•  Static analysis
Testing:
•  Dynamic analysis
•  Fuzzing
•  Manual testing
•  Unit, integration, acceptance, and regression testing
Operations and maintenance:
•  Final security review

Answer 548

A

Agile methodology
Individuals and interactions over processes and tools
Working software over comprehensive documentation
Customer collaboration over contract negotiation
Responding to change over following a plan

Answer 549

A

Review of Development Methodologies
• Waterfall Very rigid, sequential approach that requires each phase to complete before the next one can begin. Difficult to integrate changes. Inflexible methodology.
• V-shaped Emphasizes verification and validation at each phase and testing to take place throughout the project, not just at the end.
• Prototyping Creating a sample or model of the code for proof-of-concept purposes.
• Incremental Multiple development cycles are carried out on a piece of software throughout its development stages. Each phase provides a usable version of software.
• Spiral Iterative approach that emphasizes risk analysis per iteration. Allows for customer feedback to be integrated through a flexible evolutionary approach.
• Rapid Application Development Combines prototyping and iterative development procedures with the goal of accelerating the software development process.
• Agile Iterative and incremental development processes that encourage team-based collaboration. Flexibility and adaptability are used instead of a strict process structure.

Answer 550

A

DevOps is the practice of incorporating development, IT, and quality assurance (QA) staff into software development projects to align their incentives and enable frequent, efficient, and reliable releases of software products.

Answer 551

A

The five maturity levels of the CMMI model are
• Initial Development process is ad hoc or even chaotic. The company does not use effective management procedures and plans. There is no assurance of consistency, and quality is unpredictable. Success is usually the result of individual heroics.
• Repeatable A formal management structure, change control, and quality assurance are in place. The company can properly repeat processes throughout each project. The company does not have formal process models defined.
• Defined Formal procedures are in place that outline and define processes carried out in each project. The organization has a way to allow for quantitative process improvement.
• Managed The company has formal processes in place to collect and analyze quantitative data, and metrics are defined and fed into the process-improvement program.
• Optimizing The company has budgeted and integrated plans for continuous process improvement.

Answer 552

A

IDEAL 模型
SEI 為軟件開發確立了 IDEAL 模型，這種模型實現了許多 SWαm 屬性。 IDEAL 模型具有下列 5 個階段 :
1 :啟動在 IDEAL 模型的啟動階段，概述更改的業務原因，為舉措提供支持，以及準備好恰當的基礎設施。
2: 診斷在診斷階段，工程師分析組織的當前狀態，並且為更改給出一般性建議。
3: 建立在建立階段，組織採用診斷階段的一般建議，並且開發幫助實現這些更改的具體動作計劃。
4 :行動在行動階段，停止 “討論” 開始 “執行”。組織開發解決方案，隨後測試、改進和實現解決方案。
5: 學習與任何質量改進過程一樣，組織必須不斷分析其努力的結果，從而確定是否己實現期望的目標，必要時建議採取新的行動，使組織重返正軌。

Answer 553

A

The following are some necessary steps for a change control process:

Make a formal request for a change.
Analyze the request.
a. Develop the implementation strategy.
b. Calculate the costs of this implementation.
c. Review security implications.
Record the change request.
Submit the change request for approval.
Develop the change.
a. Recode segments of the product and add or subtract functionality.
b. Link these changes in the code to the formal change control request.
c. Submit software for testing and quality control.
d. Repeat until quality is adequate.
e. Make version changes.
Report results to management.

Answer 554

A

OWASP Top 10 2017
•  A1: Injection
•  A2: Broken Authentication
•  A3: Sensitive Data Exposure
•  A4: XML External Entities
•  A5: Broken Access Control
•  A6: Security Misconfiguration
•  A7: Cross-Site Scripting (XSS)
•  A8: Insecure Deserialization
•  A9: Using Components with Known Vulnerabilities
•  A10: Insufficient Logging &amp; Monitoring

Answer 555

A

The following lists the basic software programming language generations:
• Generation one Machine language
• Generation two Assembly language
• Generation three High-level language
• Generation four Very high-level language
• Generation five Natural language

Answer 556

A

Data hiding is provided by encapsulation, which protects an object’s private data from outside access. No object should be allowed to, or have the need to, access another object’s internal data or processes.

Answer 557

A

Objects should be self-contained and perform a single logical function, which is high cohesion. Objects should not drastically affect each other, which is low coupling.

Answer 558

A

Common Object Request Broker Architecture (CORBA) is an open object-oriented standard architecture developed by the Object Management Group (OMG). It provides interoperability among the vast array of software, platforms, and hardware in environments today. CORBA enables applications to communicate with one another no matter where the applications are located or who developed them.

Answer 559

A

Mobile Code
Code that can be transmitted across a network, to be executed by a system or device on the other end, is called mobile code.
Java Applets
Java is an object-oriented, platform-independent programming language. It is employed as a fullfledged programming language and is used to write complete programs and small components, called applets, which commonly run in a user’s web browser.
ActiveX is a Microsoft technology composed of a set of OOP technologies and tools based on COM and DCOM. A programmer uses these tools to create ActiveX controls, which are self-sufficient programs (similar to Java applets) that can be executed in the Windows environment.

Answer 560

A

Databases come in several types of models, as listed next:
•  Relational
•  Hierarchical
•  Network
•  Object-oriented
•  Object-relational

Answer 561

A

The most commonly used implementation of the hierarchical model is in the Lightweight Directory Access Protocol (LDAP) model.

Answer 562

A

Polyinstantiation is a process of interactively producing more detailed versions of objects by populating variables with different values or other variables. It is often used to prevent inference attacks.

Brainscape's Knowledge GenomeTM

sth to rem Flashcards

Brainscape's Knowledge Genome^TM