Test Study 5

Question 1

Detail the responsibilities of the following positions:

CEO
CIO
CSO
CISO
CPO

Answer 1

CEO - responsible for overall organization and its mission
CIO - responsible for aligning information and technology strategies
CSO - responsible for physical and technical security of assets
CISO - responsible for monitoring and analyzing risk information associated with data protection
CPO - largely responsible for ensuring that there is compliance with organization and regulatory privacy rules

Question 2

Who is responsible for overall organization and its mission?

Answer 2

CEO

Question 3

Who is responsible for aligning information and technology strategies?

Answer 3

CIO

Question 4

Who is responsible for physical and technical security of assets?

Answer 4

CSO

Question 5

Who is responsible for monitoring and analyzing risk information associated with data protection?

Answer 5

CISO

Question 6

Who is responsible for ensuring that there is compliance with organization and regulatory privacy rules?

Answer 6

CPO

Question 7

What is the GISRA?

Answer 7

Government Information Security Reform Act

Requires federal agencies to perform risk assessments, enact policies, and combines several other previous laws.

Question 8

What act is related to risk assessment and combines several previous laws?

Answer 8

GISRA

Question 9

What is FISMA?

Answer 9

Federal Information Security Modernization Act

Handles risk management by the federal government.

Question 10

Which act deals with risk management in the federal government?

Answer 10

FISMA

Question 11

What type of control are backups?

Answer 11

Recovery

RAID is fault tolerance, not recovery, which is compensating.

Question 12

What stage of the risk management framework do you ensure that controls are implemented properly?

Answer 12

Assess

Question 13

What stage of the risk management framework do you declare the acceptance of risks?

Answer 13

Authorize

Question 14

What stage of the risk management framework do you perform ongoing assessment of control effectiveness?

Answer 14

Monitor

Question 15

What is FIPS-198 and what does it provide?

Answer 15

A US Government standard for keyed-HMAC and authentication

Question 16

What is a US governement protocol standard for authentication?

Answer 16

FIPS-198

Question 17

At what ring are the drivers present in a computing system?

Answer 17

Ring 0

Question 18

What are the wifi speeds and ranges?

Answer 18

2. 4 - 46m
3. 0 - 23m
4. 11a = 54
5. 11b = 11
6. 11g = 54
7. 11n = 600
8. 11ac = 3466

Question 19

What protocol and port can be used to load remote operating system?

Answer 19

TFTP, 69

Question 20

What can TFTP be used for?

Answer 20

Loading a remote operating system.

Question 21

What are some authentication methods that can be used over non-ethernet networks?

Answer 21

PAP, CHAP, MSCHAP

Question 22

Which authentication method should be used over non-ethernet networks?

Answer 22

CHAP

Question 23

What is PAP?

Answer 23

Password Authentication Protocol

Operates in clear text, should not be used, was often used in dial up.

Question 24

What is CHAP?

Answer 24

Challenge handshake authentication protocol

Uses an encrypted challenge and a three way handshake

Question 25

What is MS-CHAP?

Answer 25

Microsoft CHAP

Has vulnerabilities because it uses DES

Question 26

What non-ethernet authentication method operates in clear text?

Answer 26

PAP

Question 27

What non-ethernet authentication method uses DES?

Answer 27

MS-CHAP

Question 28

What non-ethernet authentication method uses an encrypted handshake?

Answer 28

CHAP

Question 29

What is a synchronous token?

Answer 29

Tokens must have a link or synchronized time with the authentication server, classic digital authenticator

Question 30

What is an asynchronous token?

Answer 30

Tokens that do not have to maintain a timing or link to the authentication server. Often the authentication server issues a challenge that is answered via the user’s asynchronous token.

Question 31

Which token type is time linked to the server?

Answer 31

Synchronous

Question 32

Which token type has no timing link to the server?

Answer 32

Asynchronous

Question 33

What are all of the endpoints that may authenticate in kerberos?

Answer 33

A realm.

Question 34

What is the name of any endpoint in kerberos?

Answer 34

Principal

Question 35

What is zzuf?

Answer 35

An application input fuzzer.

Question 36

What is nikto?

Answer 36

A general purpose web application scanner.

Question 37

What is 800-53 for?

Answer 37

Catalog of Security Controls

Question 38

What is 800-53A for?

Answer 38

Assessing security and privacy controls?

Question 39

What is the difference between 800-53 and 53A?

Answer 39

53 is a catalog of security controls

53A is assessing security and privacy controls

Question 40

What is the NIST sp for the catalog of security controls.

Answer 40

800-53

Question 41

What is the NIST sp for assessing security and privacy controls?

Answer 41

800-53A

Question 42

What is Fagan and what it is it composed of?

Answer 42

Fagan is an inspection process to try to find defects in documents, such as code.
Planning
Overview
Preparation
Inspection Meeting
Rework
Follow Up

Question 43

What happens in the planning phase of Fagan?

Answer 43

Preparation of matrials
Arranging of participants
Arranging of a meeting place

Question 44

In what phase of Fagan do you prepare materials and arrange participants?

Answer 44

Planning

Question 45

What happens in the overview phase of Fagan?

Answer 45

Group education of participants on what is being reviewed

Assignment of roles

Question 46

In what phase of Fagan do you educate participants about what is being reviewed?

Answer 46

Overview

Question 47

What happens in the preparation stage of Fagan?

Answer 47

Participants review the items to be inspected an prepare to meet about them.
Participants prepare their roles.

Question 48

In what phase of Fagan do the participants inspect the supporting material?

Answer 48

Preparation

Question 49

What happens in the inspection meeting stage of Fagan?

Answer 49

Actual finding of defects

Question 50

In what phase of Fagan are defects found?

Answer 50

Inspection meeting

Question 51

What happens in the rework stage of Fagan?

Answer 51

Defects found are corrected

Question 52

In what stage of Fagan are defects corrected?

Answer 52

Rework

Question 53

What happens in the follow-up stage of Fagan?

Answer 53

All defects found should have been corrected and the moderator is responsible for verifying this.

Question 54

In what stage should the moderator verify that defects have been corrected?

Answer 54

Follow-up

Question 55

What duration of time is a UPS used for?

Answer 55

Minutes to hours

Question 56

What duration of time is a generator used for?

Answer 56

Hours to days

Question 57

What power backup should be used from minutes to hours?

Answer 57

UPS

Question 58

What power backup should be used from hours to days?

Answer 58

Generator

Question 59

What is a darknet?

Answer 59

An area of the network that should contain no traffic and can be watched for malicious activity.

Question 60

What is an area of the network that should be watched for malicious activity and shouldn’t contain normal traffic?

Answer 60

Darknet

Question 61

What is MBSA?

Answer 61

Microsoft Baseline Security Analyzer

A tool for inspecting systems for dangerous settings and missing patches.

Question 62

What is a product that can analyze Windows computers for dangerous settings and missing patches?

Answer 62

MBSA

Question 63

What is TCP hijacking?

Answer 63

Stealing session keys

Question 64

What attack is focused on stealing session keys?

Answer 64

TCP Hijacking

Question 65

What is RAD?

Answer 65

Rapid application development
Parallel development of mini projects
Makes heavy use of prototyping
Is adaptive.