Unit 2 Test Bullshit Flashcards
What is hashing?
Transforming any key or string of values into another.
Who created Message Digest 5 (MD5) and what value does it create?
Ron Rivest and it produces a 128-bit hash value.
What are the variants of Secure Hash Algorithm SHA?
SHA-224 (224 bit)
SHA-256 (256 bit)
SHA-384 (384 bit)
SHA-512 (512 bit)
What is salting?
Salting adds another layer of security to hashing by allowing the owner to choose a string before hashing starts.
(HMAC) is used for what?
Providing a key input to a hash algorithm to make it more secure.
What do digital signatures provide?
used to determine if someone edits a document after the user signs it, check the authenticity of a message, digital document, or software.
What is a digital certificate?
Enables users and orgs to exchange information securely over the internet.
Equivalent to an electronic passport.
Hash functions are ______________ functions. It is computationally infeasible for two different sets of data to come up with the same output.
one-way
Integrity ensures that data remains unchanged and __________________ by anyone or anything over its entire life cycle.
trustworthy
Because a hash value changes every time data is changed, cryptographic hash values are often called digital ___________________________.
fingerprints
Hashing is relatively easy to compute and equally easy to reverse.
T or F
F
Cryptographic hash functions have the following properties:
a.
The output has a fixed length.
b.
Two different input values will almost never result in the same hash values.
f.
The input can be any length.
g.
The hash function is one way
An 8-bit checksum calculates the hash by converting the message into ____________________ numbers
binary
The 8-bit checksum 2’s complement converts a binary to its opposite value, and then it adds ___________
one
What malware compromised the security of MD5 in 2012?
Flame
SHA is short for what?
secure hash algorithm
MD5 is short for what?
message digest 5
What Cisco command verifies the integrity of IOS images used on Cisco routers?
verify / md5
Hashing is vulnerable to ______________________ attacks and does not provide security to transmitted data.
man-in-the-middle
A _________________________ attack attempts every possible combination of characters up to a given length.
brute-force
A _______________________ attack uses a file containing common words, phrases, and passwords.
dictionary
___________________ creates a different hash result for two users who have the same password.
salting
A ____________________ table stores the pre-computed hashes of passwords in a password dictionary along with the corresponding password.
lookup
CSPRNGs generate a random number that has a high level of randomness and is completely unpredictable, so it is cryptographically secure.
T or F
True
VPNs using IPsec rely on HMAC functions to authenticate the origin of every packet and provide data integrity checking.
t or f
True
A(n) ______________ trail tracks an electronic document’s history for regulatory and legal defense purposes.
audit
_________________________ is a way to ensure that the sender of an electronic message or electronic document cannot deny having sent the message or document and that the recipient cannot deny having received the message or document.
Non-repudiation
______________________ cryptography is the basis for digital signatures.
asymmetric
_____________________________________________________(PKI) is the policies, roles, and procedures required to create, manage, distribute, use, store, and revoke digital certificates.
public key infrastructure
A bank clerk has exceeded a predetermined number of record modifications within a specific period of time block.
Their manager must then flag the record as legitimate (or not). This is an example of what Data Field Validation Control?
maximum record modification trigger
System locks from unusual activity indicate what Data Field Validation Control?
unusual activity trigger
Data field validation via input ______________ prevents users from entering invalid data or help ensure that they enter data consistently.
masks
What data integrity constraints matches these descriptions?
a. All rows must have a unique identifier called a Primary Key
b. All data stored in a column must follow the same format and definition.
c. A set of rules defined by a user which does not belong to one of the other categories
d. Table relationships must remain consistent
a. Entity Integrity
b. Domain Integrity
c. User-defined Integrity
d. Referential Integrity
_________________ in a database signifies missing or unknown values.
null
NIST developed a “best practices” for Business Continuity.
Place these steps in the proper order as presented in our reading (and from NIST):
Develop recovery strategies Develop the contingency plan Identify preventive controls Calculate risk Conduct the business impact analysis Maintain the plan Develop the policy statement Test the plan
1. Develop the policy statement 2. Conduct the business impact analysis 3. Calculate risk 4. Identify preventive controls 5. Develop recovery strategies 6. Develop the contingency plan 7. Test the plan 8. Maintain the plan
In regards to IT disaster recovery, preventative controls include keeping data backed up, keeping data backups off-site, using ____________________, or installing generators.
surge protectors
In regards to IT disaster recovery, Detective controls include using up-to-date _______________ software.
antivirus
An organization’s DRP restores mission critical systems first.
T or f
True
What are strikes and walkouts considered? (event
Labor events
What are vandalism, protests, sabotage ,terrorism, and war considered? (events
Social-political events
__________________ is a Cisco IOS technology that provides statistics on packets flowing through a Cisco router or multilayer switch.
NetFlow
An IPS device operates in __________________ mode.
inline
CSIRT is the acronym for what term?
computer security incident response team
______________________ is the methods and configurations used to make a system or network tolerant of failure.
resiliency
The ability of a network to dynamically recover from the failure of a device acting as a default gateway is known as ________________ redundancy.
first-hop
The _______________________________ is typically the router that provides devices access to the rest of the network or to the Internet.
If there is only one router serving in this role, it is a single point of failure.
default gateway
_________________________ Protocol prevents loops on a network when switches interconnect via multiple paths.
Spanning tree
With RAID:
_____[a]_____ detects data errors.
_____[b]_____ writes data across multiple drives.
_____[c]_____ stores duplicate data on a second drive.
parity
striping
mirroring
What is the minimum number of disks in a RAID 0+1 ?
2
What is the minimum number of disks in a RAID 1 ?
3
A car has four tires and a spare tire in the trunk in case of a flat.
This is a comparative example of ____________ Redundancy
N + 1
If an organization implements complex systems that are hard to understand and troubleshoot, it may actually backfire.
What type of defense best alleviates this issue?
Simplicity
Concealing certain types of information makes it more difficult for cyber criminals to attack a system.
This would be considered what type of defense?
Obscurity
To accomplish a goal of _____________________, organizations can use security products manufactured by different companies for multifactor authentication.
Diversity
Employees in the the shipping department do not need access to marketing presentations to perform their jobs.
This is an example of what defense?
Limiting
An organization stores its confidential documents on a server in a building surrounded by an electronic fence.
This is an example of what defense?
Layering
Mitigation involves reducing the _____[a]_____ of the loss or the likelihood of the loss from occurring
Severity
Many technical controls mitigate risk including authentication systems, _____[b]_____, and firewalls.
file permissions
The ___________________ Corporation maintains the CVE List and its public website.
MITRE
When discussing asset and systems standardization, COTS is short for what?
commercial off-the-shelf
Asset management manages the __________________ and inventory of technology assets including devices and software.
lifecycle
_____[a]_____ management includes a complete inventory of hardware and software.
This means that the organization needs to know all of components that can be subject to _____[b]_____ risks.
Asset
Security
Fault _____________________ enables a system to continue operating if one or more components fail.
Tolerance
What environment corresponds to these high availability requirements?
Maintain high availability for continuous trading, compliance, and customer trust
Require high availability to provide around-the-clock care for patients
Provide security and services to a community, state, or nation
Efficient supply chains and the delivery of products to customers
Communicate information on events as they happen
Finance industry
healthcare facilities
public safety industry
retail industry
news media industry
Five nines mean that systems and services are available _________________ % of the time.
99.999
With the Five Nines, ensuring high availability includes eliminating ________[a]_________ of failure, designing for reliability, and detecting _____[b]_____ as they occur.
a. single points
b. failures
List one component of a perimeter security system (as discussed in our reading):
Bollard (blocks cars)
implement VoIP security by encrypting voice message packets to protect against _____________________.
eavesdropping
Many DoS attacks use ICMP as part of the attack
T or F
True
Attackers can target DNS servers in order to deny access to network resources or redirect traffic to ________________ websites
rogue
A port ____________________________ is an application that probes a device for open ports by sending a message to each port and waiting for a response.
scanner
IEEE 802.__________ is now the industry standard for securing WLANs.
802.11g
Port security on these devices limits the number of valid MAC addresses allowed on a port.
switches
Threats to these devices include attacks against network protocols like ARP/STP.
switches
Threats to these devices include attacks against network protocols like RIP/OSPF.
routers
The ______________________ Operation Center (SOC) is a dedicated site that monitors, assesses, and defends the organization’s information systems such as websites, applications, databases, data centers, networks, servers, and user systems.
security
The _________________ Operation Center (NOC) is one or more locations containing the tools that provide administrators with a detailed status of the organization’s network.
network
Hardware-monitoring systems have become an essential security countermeasure
T or f
True
Hardware monitoring systems are used to monitor the health of these systems and to minimize server and application ________________.
Downtime
Commercial HVAC systems and other building management systems now connect to the Internet for remote monitoring and control.
These systems are often called “__________________ systems”
smart
Power degradation includes ______________, which are prolonged low voltage issues
brownout
Power degradation includes ___________________ current, which is an initial surge of power
inrush
A(n) _____[a]_____ log tracks user authentication attempts.
A(n) _____[b]_____ log provides all of the details on requests for specific files on a system
a. audit
b. access
In all versions of Windows except Home edition, enter _______________ at the Run command to open the Local Security Policy tool.
secpol.msc
An account _________________ Policy locks a computer for a configured duration when too many incorrect login attempts occur.
lockout
When a computer is not part of an Active Directory domain, the user configures policies through Windows _______________ Security Policy.
local
Best practices for securing privileged accounts includes establishing a process for ______________________ of rights when employees leave or change jobs
revocation
Best practices for securing privileged accounts includes implementing a _________________ between the end-user and sensitive assets to limit network exposure to malware
gateway
Privileged accounts have the credentials to gain access to systems and they provide _____________________, unrestricted access.
Elevated
A simple method that many administrators use to help secure the network from unauthorized access is to disable all unused ________________ on a switch.
ports
Telnet is an older protocol that uses unsecure _____[a]_____ transmission of both the login authentication.
Secure Shell (SSH) is a protocol that provides a secure _____[b]_____ management connection to a remote device.
a. Plaintext
b. Encrypted
SSH uses what TCP port?
22
Telnet uses what TCP port?
23
Remote Desktop used which port number (by default)?
3389
Remote ____________________ allows technicians to assist customers with problems from a remote location.
Assistance
Higher frequency RFID systems have a faster data transfer rate and shorter read ranges.
T or F
False
Higher frequency RFID systems are more sensitive to radio wave interference.
T or F
True
_________________________________ identification (RFID) uses radio waves to identify and track objects.
radio frequency
RFID tags contain an integrated circuit that connects to an ______________.
antenna
Using GPS to locate a cell phone without the user’s permission is legal.
false
GPS tracking can pinpoint a location within __________________ meters.
100 meters
A ________________________ lock uses buttons that a user presses in a given sequence to open the door.
cipher
Many portable devices and expensive computer monitors have a special steel bracket security slot built in to use in conjunction with __________________________.
cable locks
Disk _____________________ copies the contents of the computer’s hard disk to an image file.
cloning
With ________________, any applications installed or files saved are lost when the system restarts.
deep freezing
Always _________________________ backups to ensure the integrity of the data.
validate
Before using BitLocker, a user needs to enable Trusted Platform Module (TPM) in the BIOS.
The TPM is a specialized chip installed on the ________________________________.
motherboard
A user can also choose to encrypt an entire hard drive in Windows using a feature called ______________________________.
BitLocker
With EFS, only the user that encrypted the data will be able to access the encrypted files or folders.
True
According to the Principle of ______________________________, users should be limited to only the resources they need on a computer system or on a network.
Least Privilege
Will these actions keep permissions or inherit new ones?
Data moved to the same volume
Data copied to the same volume
Data moved to a different volume
Data copied to a different volume
Moved to same/keep
copied to save/new
moved to diff/new
copied to diff/new
To prevent rouge access points, the computer industry developed ____________________ authentication, also called two-way authentication
mutual
With WPA-PSK, the PSK is short for what?
pre-shared key
A significant security improvement from WPA to WPA2 was the mandatory use of AES _________________
algorithms
AES superseded TKIP for even key management and encryption protection.
T or F
True
Mobile devices transmit data using ________________ signals that any device with a compatible antenna can receive.
radio
Remote-access users must have a VPN ___________________ installed on their computers to form a secure connection with the corporate private network.
client
Manufacturers may combine patches and upgrades into a comprehensive update application called a _______________________.
service pack
___________________________________________________ assesses missing security updates and security misconfigurations in Microsoft Windows.
Microsoft baseline security analyzer
MBSA checks blank, _______________________, or non-existent passwords
simple
An administrator hardens an operating system by modifying the default _____[a]_____ to make it more secure to outside threats.
This process includes the removal of unnecessary programs and _____[b]_____.
a. configuration
b. services
Device hardening involves implementing proven methods of physically securing network devices.
True
A job site _________________________ is a job search site that gathers listings from other job board and company career sites and displays them in a single location.
aggregator
The _________________________________________ is the top information security officer reporting to the CIO. The CISO is a business manager first, technologist second.
chief information security officer
Kali _______________ incorporates more than 300 penetration testing and security auditing programs.
Linux
“Kali Linux is an open source project that is maintained and funded by _______________________, a provider of world-class information security training and penetration testing services.”
offensive security
Pen testing is the same as vulnerability testing.
t or f
False
Pen testing is done by humans to determine the degree to which a malicious attacker can gain unauthorized access to your assets. A vulnerability scan is typically automated.
A vulnerability scanner looks for the following types of vulnerabilities:
Use of _____[a]_____ passwords or common passwords
Missing patches
Open _____[b]_____
Misconfiguration of operating systems and software
_____[c]_____ IP addresses
a. default
b. ports
c. active
The Advanced Cyber Security Center (ACSC) is a _____[a]_____ organization that brings together industry, academia, and government to address advanced cyber threats.
The organization shares information on cyber threats, engages in cybersecurity research and development, and creates _____[b]_____ programs to promote the cybersecurity profession.
a. non-profit
b. education
“The ISC was created in 2001 following the successful detection, analysis, and widespread warning of the ______________ worm.
Li0n
The Internet Storm Center (ISC) gathers millions of _____________________ from intrusion detection systems every day using sensors covering 500,000 IP addresses in over 50 countries.
log entries
CERT (in regards to SEI) stands for what?
Computer emergency response team
The CERT Division of SEI studies and solves problems in the cybersecurity arena including security vulnerabilities in _____[a]_____ products, changes in _____[b]_____ systems, and training to help improve cybersecurity.
a. software
b. networked
SCAP is a method for using specific standards to automate vulnerability management, measurement, and policy compliance evaluation.
t or F
True
The ________________________________________________________ is a U.S. government repository of standards-based vulnerability management data that uses SCAP.
National vulnerability database
The NVD uses the Common Vulnerability ________________ System to assess the impact of vulnerabilities.
scoring
SCAP is the acronym for what?
security content automation protocol
The Convention on Cybercrime is also known as the _______________________________________________________
Budapest convention on cybercrime
A _________________________________________________ (or PIA) ensures that personally identifiable information (PII) is properly handled throughout an organization.
privacy impact assessment
Computer Fraud and Abuse Act was created in 1986
t of f
true
The Computer Fraud and Abuse Act (CFAA) makes it a crime to knowingly access a computer considered either a government computer or a computer used in interstate _________________, without permission.
commerce
What are the primary sources of laws and regulations in the United States?
statutory/written laws
common/established by court
administrative/government agencies
“BJA provides leadership and services in ____________________ administration and criminal justice policy development to support local, state, and tribal law enforcement in achieving safer communities.”
grant
The InfraGard program provides a vehicle for seamless public-private collaboration with government that expedites the timely exchange of information and promotes mutual learning opportunities relevant to the protection of Critical ______________________________.”
infrastructure
The Software & Information Industry Association is the principal trade association for the software and digital content industry.
SIIA provides global services in government relations, business development, corporate education and ____________________________ protection to the leading companies that are setting the pace for the digital age.”
intellectual property
“The mission of the Internet Crime Complaint Center is to provide the public with a reliable and convenient _______________________ mechanism to submit information to the Federal Bureau of Investigation concerning suspected Internet-facilitated criminal activity and to develop effective alliances with law enforcement and industry partners.”
reporting
“NW3C provides a nationwide support system for ___________________________ and regulatory agencies involved in the prevention, investigation and prosecution of economic and high-tech crime.”
law enforcement
A computer may be involved in a cybercrime in different ways (per our reading).
computer-targeted/ targeted
computer-incidental/information like customer lists for traffickers
computer-assisted/used as a tool
An open lobby that allows a visitor to walk straight through to the inside facilities represent what kind of common threat?
physical facilities
Malware represents what kind of common threat?
devices
A misconfigured firewall represents what kind of common threat?
LAN
Software as a service (SaaS) is a subscription-based model that provides access to software that is centrally hosted and accessed by users via a _____[a]_____.
Platform as a service (PaaS) provides a platform that allows an organization to develop, run, and manage its _____[b]_____ on the service’s hardware using tools that the service provides.
Infrastructure as a service (IaaS) provides _____[c]_____ computing resources such as hardware, software, servers, storage and other infrastructure components over the Internet.
Note: no partial credit given
a. web browser
b. applications
c. virtualized
Data theft by users can cost organizations financially resulting in damage to an organization’s _____[a]_____ or posing a legal _____[b]_____ associated with disclosure of sensitive information.
a. reputation
b. liability
