Wiley_08092017

Question 1

________ designed by Visa and Mastercard used by E-Commerce Security

Answer 1

S E T, SET, Secure Electronic Transaction

Question 2

securely CREATE and DELETE of subjects and objects..

Graham Denning – Create and Delete…

Answer 2

GRAHAM-DENNING: Graham Denning

Question 3

dfd

Answer 3

dfd

Question 4

The ________model addresses DATA INTEGRITY and is based on the idea of defining a set of system states, initial states, and state transitions. Through the use of and limitations to only these predetermined secure states, integrity is maintained and interference is prohibited…
SUTHERLAND… STATE MACHINE MODEL…. INTEGRITY

Answer 4

SUTHERLAND

Question 5

The _____model addresses DATA INTEGRITY. This is a MULTILEVEL model is a state machine concept that is based on FLOW.
Uses * STAR and SIMPLE states. STAR – No WRITE UP.. SIMPLE – No READ DOWN….
BIBA..MULTILEVEL..INTEGRITY…

Answer 5

BIBA

Question 6

This model is..Dynamic based on previous activity. ..
This requires the following to operate properly:
1) properly identified subjects,
2) one or more datasets,
3) conflict class definitions for all datasets

(A K A Chinese Wall) is based on dynamic changes of user privileges and access based on users previous activity..

Answer 6

Brewer Nash

Question 7

BELL-LAPADULA: The Bell-Lapudal model addresses CONFIDENTIALITY only. A subject cannot read an object at a higher level. …. A trusted subject can violate the star property of “no write down” in the act of declassification, which is not an actual violation of security..
Bell-Lapadula ..subject cannot read at a higher level…

Answer 7

Bell Lapadula

Question 8

GRAHAM-DENNING: Graham Denning securely CREATE and DELETE of subjects and objects..
Graham Denning – Create and Delete…

Answer 8

Denning is Create and Delete

Question 9

A ONE TIME pad is a type of ________ CIPHER. A ONE TIME KEY IS EXTREMELY LONG.
.
PROS OF SYMMETRIC…QUICK … SPEED 1,000 to 10000 times faster…..
CONS OF ASYMMETRIC…SLOW…

Answer 9

STREAMING

Question 10

A ONE TIME pad does not have a ________pattern.

Answer 10

repeated

Question 11

CONS of SYMMETRIC CRYPTO.

Answer 11

KEY EXCHANGE “Out of Band”….

DOES NOT SUPPORT NONREPUDIATION….

NOT SCALABLE…..

KEYS NEED TO BE GENERATED OFTEN…

Question 12

PROS of SYMMETRIC CRYPTOGROPHY

Answer 12

FAST, 1000 to 10000 faster than ASYMMETRIC

Question 13

CONS OF ASYMMETRIC

Answer 13

SLOW

Question 14

PROS of ASYMMETRIC…

Answer 14

Provides CONFIDENTIALITY, INTEGRITY, AUTHORIZATION, NON REPUDIATION

KEY EXCHANGE IS SIMPLE…..SCALABLE..C I A N…

Question 15

3 COMPOSITION THEORIES: Input and output flow between systems.

Answer 15

Cascading, feedback, and hookup are the three composition theories. Cascading, feedback, and hookup are the three composition theories…..

Cascading, feedback, and hookup are the three composition theories..

Question 16

3 Composition Theories Explained:

Answer 16

Cascading..Input from output from another system..

Feedback…One system provides input to another system which reciprocates..System A to B..then B back to A…

Hookup…One system to another, but also sends to an EXTERNAL system…

Question 17

PROTECTION RING: Created 1963 – 1969 by Bell, M I T, G E. For Multics O S. This is an O S protection model.

Answer 17

Ring model is PRIORITY, PRIV, MEMORY SEGMENTATION..

Ring 0 ..has direct access to the most resources..ring 0 has FULL Rights…O S Kernel/Memory.

Ring 1.. other O S components..

Ring 2..Drivers and Protocols…

Ring 3 is user mode…Programs and Applications..

Inside ring has highest privilege.
0 to 2 is Supervisor / Privileged Mode.. Note: 1 and 2 are used for drivers.

3 is user mode..

Question 18

_________ mode is the basic mode used by the CPU when executing user applications. In this mode, the CPU allows the execution of only a portion of its full instruction set. This is designed to protect users from accidentally damaging the system through the execution of poorly designed code or the unintentional misuse of that code

Answer 18

User mode

Question 19

____________ firewalls enable the real-time modification of the filtering rules based on traffic content

Answer 19

Dynamic packet-filtering

Dynamic packet-filtering firewalls enable the real-time modification of the filtering rules based on traffic content……. Dynamic packet-filtering firewalls enable the real-time modification of the filtering rules based on traffic content……

Question 20

________ ensures the data is NOT altered without authorization. Integrity controls protect against alteration.
INTEGRITY can be enforced by using

Answer 20

INTEGRITY.

Question 21

Message INTEGRITY is enforced using ENCRYPTED MESSAGE DIGEST such as _____ _______ and ____ _______.

Answer 21

DIGITAL SIGNATURES

PUBLIC and SECRET KEY CRYPTOSYSTEMS.

Question 22

NIST SP 800-18 goes over _______.

Answer 22

responsibilities

Question 23

_________ has ULTIMATE RESPONSIBILITY of the data. This is typically C E O, president, or department head or C I O. This role establishes rules and behavior. Provides information to the system owner on security requirements and security controls. Decides who has access to the data.

Answer 23

DATA OWNER

Question 24

_______ _______ owns the system that processes the data. This is sometimes the same person as the DATA OWNER. Develops the security plan with information owners, systems administrators and functional end users. Develops acceptable use policy and ensures users get training. Updates security plan. .

Answer 24

SYSTEM OWNER

Question 25

________ role owns processes and ensures the system provides VALUE to the organization.

Answer 25

BUSINESS AND MISSION OWNER

Question 26

________ assign permissions based on LEAST PRIVLEDGED and NEED TO KNOW access. This role will typically use role based model.

Answer 26

ADMINISTRATORS

Question 27

______ _______ typically gathers and collects data. …..

Answer 27

DATA CONTROLLER

Question 28

____ _____ process data. For example, a payroll company processes data given to them to process payroll.

Answer 28

DATA PROCESSOR

Question 29

______ do day to day work. DATA OWNERS delegate to CUSTODIAN. CUSTODIAN ensures data is stored and protected. They are respoinsible for backups. This role will maintain audit logs.

Answer 29

CUSTODIAN

Question 30

NIST SECURITY BASELINE – NIST SP 800-53

Answer 30

SECURITY BASELINE provides a starting point ensure MINIMUM Security standards. BASELINE IS MINIMUM SECURITY as a starting point.

Question 31

______is the most consideration when classifying data.

Answer 31

VALUE

Question 32

CONFIDENTIALITY, INTEGRITY, AUTHENTICATION and NOREPUDIATION are GOALS of .

Answer 32

CRYPTOGRAPHY

C I A N are goals of cryptography.

Question 33

CONFIDENTIALITY - Two types of data when dealing with CONFIDENTIALITY…

Answer 33

DATA AT REST which can be susceptible to theft of physical devices…DATA IN MOTION which is susceptible to eavesdropping.

Question 34

NONREPUDIATION is only offered by PUBLIC KEY. NONREPUDIATION is only offered by Public Key or ASYMMETRIC key. Public Keys are Asymmetric.

TRue or False

Answer 34

True

Question 35

The goal of E U is to prevent …

Answer 35

unauthorized disclosure of information.

Question 36

An ECC-RSA 160-bit key is the equivalent of an RSA _____-bit key..An E C C R S A is 160 bit key..

Answer 36

1,024

Question 37

Frequency analysis may be used on encrypted messages.. Frequency analysis – uses the statistics of the language to break a ciphertext… Frequency analysis – uses the statistics of the language to break a ciphertext.

True or False

Answer 37

True

Question 38

FREQUENCY ANALYSIS attack can be used on decrypting an unencrypted message…Frequency analysis uses the ______ of ______ of the characters to substitute cipher to discover original plaintext.

Answer 38

frequency of occurrence

Question 39

This attack uses collisions to reverse engineer HASH values. Digital signatures can be susceptible to birthday attacks if the output of the hash function is not large enough to avoid collisions..

Answer 39

Birthday Attack:

Question 40

A potential occurrence that can cause an undesirable or unwanted outcome to an organization or to a specific asset is a _______.

Answer 40

THREAT

Question 41

Define Threat

Answer 41

A potential occurrence that can cause an undesirable or unwanted outcome to an organization or to a specific asset.

Threat = UNWANTED and UNDESIRABLE

Question 42

This attack is used against cryptographic algorithms that don’t incorporate temporal protections In this attack, the malicious individual intercepts an encrypted message between two parties (often a request for authentication) and then later replays the captured message to open a new session.

Answer 42

The replay attack

In a replay attack, the malicious individual intercepts an encrypted message between two parties (often a request for authentication) and then later replays the captured message to open a new session..

Question 43

____ ____ _____ are precompiled lists of common passwords and their permutations and serve as the foundation for a dictionary attack on accounts.

Answer 43

Dictionary word lists

Dictionary word lists are precompiled lists of common passwords and their permutations and serve as the foundation for a dictionary attack on accounts.

Question 44

When an intruder is detected by an I D S, they are transferred to a _______ _______. The transfer of the intruder into a padded cell is performed automatically, without informing the intruder that the change has occurred. The padded cell is unknown to the intruder before the attack, so it cannot serve as an enticement or entrapment. Padded cells are used to detain intruders, not to detect vulnerabilities. Padded cells are used to detain intruders, not to detect vulnerabilities.
.. Padded cells are used to detain intruders,

Answer 44

padded cell

Question 45

ISAKMP: Internet Security Association and Key Management Protocol (ISAKMP) provides background security support services for ______

Answer 45

IPSec

Question 46

_________Switching has 1) Variable Delays, 2) Bursty traffic focused, 3) Sensitive to data loss, 4) Supports any traffic.

__________Switching has FIXED KNOWN delays..

Answer 46

Packet

Circuit

Question 47

What replaced SSL?

Answer 47

TLS (Transport Layer Security) was specifically designed as a replacement for SSL..
TLS Replaced SSL..
TLS Replaced SSL…
TLS replaced SSL…
TLS Replaced SSL..

Question 48

__________ Control takes into consideration the processes and people who operate within an organizational security policy..

Answer 48

Administrative Control -

Administrative control takes into consideration the processes and people who operate within an organizational security policy…

Question 49

When possible, _______ controls should be TRANSPARENT..

Answer 49

operations controls

Operations Controls should be TRANSPARENT…
Next topic..

Question 50

Audit Report Requirements:

Answer 50

purpose, scope and results of an audit are the three primary (and necessary) elements…
purpose, scope and results are necessary for an AUDIT REPORT..

Question 51

Full Knowledge - These possess a full body of knowledge of the operation, configuration, and utilization of hardware and software inventory prior to a security assessment or penetration test.

Partial Knowledge - Possess an incomplete account of organizational assets, including hardware and software inventory, prior to a penetration test. Thus, time must be spent in obtaining additional knowledge about the organization before test attacks can begin.

Zero Knowledge - zero knowledge team knows nothing about the site except for basic information, such as domain name and company address.

Answer 51

Full Knowledge - These possess a full body of knowledge of the operation, configuration, and utilization of hardware and software inventory prior to a security assessment or penetration test.

Partial Knowledge - Possess an incomplete account of organizational assets, including hardware and software inventory, prior to a penetration test. Thus, time must be spent in obtaining additional knowledge about the organization before test attacks can begin.

Zero Knowledge - zero knowledge team knows nothing about the site except for basic information, such as domain name and company address.

Question 52

________ provides confidentiality and integrity protection security services for authentication traffic using symmetric cryptography…

Answer 52

Kerberos

Question 53

Matthew receives a digitally signed message from Christopher. What key should Matthew use to verify the digital signature?

Answer 53

Mathew uses Christophers PUBLIC Key.

In Digital Signage – the receiver uses the senders PUBLIC key to verify. Next topic..

Question 54

Christopher would like to send Renee a message using a digital signature. What key should he use to create the digital signature?

Answer 54

Renee uses Christopher PRIVATE Key to create the message..

Question 55

ISC Code of Ethics:

Answer 55

ISC Code of Ethics:
• Protect society, the commonwealth, and the infrastructure.

• Act honorably, honestly, justly, responsibly, and legally.
• Provide diligent and competent service to principals.
• Advance and protect the profession.

Question 56

Kerberos provides _______ and _______

Answer 56

Kerberos provides CONFIDENTIALITY and INTEGRITY..

Question 57

Christopher would like to send Renee a message using asymmetric encryption. What key should he use to encrypt the message?

Answer 57

Renee’s public key is used to encrypt the message.

Question 58

A security _______is usually a permanent part of the object to which it is attached, thus providing some protection against tampering.

Answer 58

label

Question 59

How long to bring warm sites up?

Answer 59

12 hours

Question 60

Third Party Governance definition.

Answer 60

Third-party governance is the system of oversight that may be mandated by law, regulation, industry standards, or licensing requirements. The actual method of third-party governance may vary, but it generally involves an outside investigator or auditor. This auditor might be designated by a governing body or might be a consultant hired by the target organization..

Question 61

Remote Journaling:

Answer 61

Remote journaling technology transfers copies of the database transaction log to the alternate site on a frequent basis…

Question 62

Attacker modifies Domain-Name-To-IP address

Answer 62

DNS Poisoning