Reading...
Play button
Play button
Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
134 Cards in this Set
- Front
- Back
|
What Primary Element of BCP includes carrying out a Business Impact Analysis?
|
Business Impact Analysis
|
|
|
What is required in order to provide "Accountability"?
|
Authentication
|
|
|
hat is the Primary component of a Trusted Computer Base?
|
The Reference Monitor
|
|
|
The "Security Kernel" is made up of what components?
|
Hardware, Software, and Firmware
|
|
|
What is the "Core" of the TCB and the most commonly used approach to building a trusted computing system?
|
The Security Kernel
|
|
|
What are the three main areas of the Security Kernel?
|
1. It must provide isolation for the processes carrying out hte reference monitor concept, and processes must be tamperproof.
2. It must be invoked for every access attempt and must be impossible to circumvent. It must be implemented in a complete and foolproff way. 3. It must be small enough to be tested and verifiedin a complete and comprehensive manner. |
|
|
What can be implemented to mitigate the risk on a corporate network that supports Legacy applications that rely on risky protocols?
|
Implement a Virtual Private Network with controls on workstations joining the VPN
|
|
|
According to the Orange Book, which Security Level is the 1st to require a system to support a separate operator and system administrator rules?
|
B2
|
|
|
According to the Orange Book, which security level is the 1st to require trusted recovery?
|
B3
|
|
|
What is the 1st step to be considered in a penetration test?
|
The formation of specific management obectives.
|
|
|
What encryption algorithm is best suited for communication whith handled wireless devices?
|
Eliptic Curve Cryptosystems (ECC)
ECC provides: digital signatures, secure key distribution, and encryption. |
|
|
Whate are placeholders for literal values in a Standard Query Language (SQL) query being sent to the database on a server?
|
Bind Variables
|
|
|
Information Security is the potection of Data. Information will be protested based on?
|
1. It's sensitivity to the company
2. It's confidentiality 3. It's value. |
|
|
What is the primary reason for the chain of custody of evidence?
|
To ensure it will be admissible in court.
|
|
|
List encryption types that use one-way algorithms?
|
SHA
MD2 MD4 MD5 |
|
|
A country that fails to legally protect personal data in order to attract compaqnies engaged in collection of such data is referred to as a?
|
Data Haven
|
|
|
Compact Disk (CD) optical media types is used more often for?
|
Very small data sets
|
|
|
What access control methodology facilitates frequent changes to data permissions?
|
Rule-based
|
|
|
SSL Secure Sockets Layer has 2 possible "session key" lenghts, what are they?
|
40 bit & 128 bit
|
|
|
LoMAC is a security enhancement for Linux. What access control method does it use to protect the integrity of processes and data?
|
Low-Water-Mark Mandatory Access Control
|
|
|
A storage information architecture addresses?
|
1. Collection of data
2. Management of Data 3. Archiving of Data |
|
|
What are the components of "Operations Security Triples?
|
1. Asset
2. Threat 3. Risk |
|
|
What is a Birthday Attack?
|
A type of attack that is based on the probability of two different messages using the same hash function producing a common message digest.
|
|
|
Why should batch files and scripts be stored in a protected area?
|
Because they may contain credentials
|
|
|
What does "system integrity mean"?
|
Hardware and firmware have undergone periodic testing to verify that they are functioning properly
|
|
|
A forensic examination should inspeck slack space because?
|
It can contain a hidden file or data.
|
|
|
The absence or weakness in a system that may possibly be exploited is called a ?
|
Vunerability
|
|
|
What can be accomplished by storing on each subject a list of rights the subject has for every object?
|
Capabilities
|
|
|
What is concerned with masking the frenquency, length, and origin-destination patterns of the communications between protocol entities?
|
Traffic Analysis
|
|
|
What protocols Funtion at the Application Layer?
|
SMTP, FTP, HTTP, LPD, Telnet, TFTP
|
|
|
What are the characteristics of SOCKS?
|
SOCKS is a circuit-level application Gateway
Reuires clients to be SOCKS-fied with SOCKS client software Mainly used for outbound internet access and virtual private network functionality Can be resource intensive Provides authentication and encryption features to other VPN protocols, but not considered a traditional VPN protocol. Works independent of TCP/IP Protocol An example of a circuit-level proxy gateway that provides a secure channel between two computers |
|
|
hat is defined as imposed access control?
|
MAC
|
|
|
What is defined as a key distribution protocol that uses encryption to convey sessions keys that are used to encrypt data in IP packets?
|
SKIP - Simple Key Management for Internet Protocols
|
|
|
hat is a method of coordinating access to resources based on the listing of permitted (or denied) users, IP Addresses, or groups for each resource?
|
ACL - Access Control List
|
|
|
What is an ethical consideration of computer technology?
|
Ownership of proprietary software
|
|
|
What are some access control mechanisms that would be appropriate for mobile users to access the corporate network over analog lines?
|
TACACS
CHAP RADIUS |
|
|
What are the sizes of the MD hash bit mesages digest's designed by Ron Rivest?
|
MD4 - is a oneway hash funtion-128-bit hash - used for high-speed
MD5 - is a on-eway hash funtion-128-bit hash, but the algorithm is more complex -Provides a higher level of security than MD4 MD2 - is a oneway hash funtion-128-bit hash - much slower than MD4 or MD5 |
|
|
Certificates that conform to the X.509 contain which data?
|
Version to which the certificate conforms
Serial number Signature Algorithm Identifier Issuer Name Validity Period Subjects Name - contains the distinguished name, or DN |
|
|
What is the act of willfully changing data, using fraudulent input or removal of controls called?
|
Data Diddling
|
|
|
What is a Clipping Level?
|
A clipping level is a baseline of user activity that is considered a routine level of user errors.
|
|
|
How much more secure is a 56 bit encryption opposed to a 40 bit encryption?
|
65,536 times
|
|
|
List some Denial of Service Attacks
|
Tearfrop
Buffer Overflow Smurf |
|
|
What is Manadatory Access Control?
|
The authorization of the subject's access to an object depends upon lables, which indicate the subject's clearance, and the classification or sensitivity of the object.
|
|
|
What is Discretionary Access Control?
|
The subject has the authority, within certain limitations, to specify what objects are accesssible.
|
|
|
What is Rule-based Access Control?
|
A type of MANDATORY access control because rules determine this access, rather than the identity of the subjects and objects alone.
|
|
|
What is Non-Discretionary Access Control?
|
A central authority determines what subjects can have access to certain objects based on the organizational security policy. This access control might be based on the individuals role in the organization (role-based) or the subjects responsibilities and duties(tasked-based). Lattice Based is this type of control.
|
|
|
Which is the lowest TCSEC class wherein the system must support separate operator and system support roles?
|
B2
|
|
|
Which encrytion Algorithms does not deal with discrete logarithms?
|
RSA
|
|
|
Who enforces HIPPA?
|
The Office of Civil Rights of the Department of Health and Human Services
|
|
|
The IP Header contains a protocol field. What are the values for ICMP, TCP, UDP?
|
ICMP=1
TCP=6 UDP=17 |
|
|
What risk management methodology uses the exposure factor multiplied by the asset value to determine its outcome?
|
Single Loss Expectancy
Asset Value($) X Exxposure Factor(EF) = SLE |
|
|
PGP provides?
|
Confidentiality
Integrity Authenticity |
|
|
What are the characteristics of Block Ciphers?
|
1. It operates on fixed-size blocks of plain text
2. It is more suitable for software than hardware implementation 3. Block Ciphers can be operated as a stream |
|
|
Which method is appropriate for planning and controlling activities and resources in a system project?
|
Gantt Chart - a type of bar chart showing the interelationships of how projects, schedules, and other time-related systems over time.
|
|
|
What is Program Evaluation Review Tehnique (PERT)?
|
A method used to size a software product and calculate the Standard Deviation (SD) for risk assessment.
|
|
|
What is the PERT equation?
|
The PERT equation (beta distribution)eatimates the Equivalent Delivered Source Instructions (EDSI's) and the SD based on the analysr's estimate of the lowest possible size, the most likely size, and the highest possible size of each computer program component (CPC).
|
|
|
Access control is a collection of mechanisms tha permits managers to exercise influence over the use of?
|
IS Systems
|
|
|
One-way Hash provides?
|
Integrity
|
|
|
Why would a memory dump be admissible as evidence in court?
|
Becaue it is used to identify the state of the system
|
|
|
What is the marriage of object-oreinted and relational technologies combining the attributes of both?
|
Obect-Relational databases
|
|
|
What is the task of monitoring systems for evidence of an intrusion or an appropriate usage?
|
Intrusion Dection and Response
|
|
|
What is required before a search warrant can be issues?
|
1. There is probable cause tha a crime has been committed
2. There is probable cause to enter someones home or office. 3. There is an expactation that evidence exist of the crime. |
|
|
The privacy provisions of the federal law, the Health Insurance Portability and Accountability Act of 1996 (HIPPA), applies to certain types of health information created or maintained by health care providers who?
|
Engage in certain electronic transactions, health plans, and health care clearinghouses
|
|
|
Whic OSI/ISO Layer is IP implemented at?
|
Network
|
|
|
The word "Smart Card" has a meaning of?
|
1. IC Card with ISO 7816
2. Processor IC card 3. Personal indentity token containing IC-s 4. Integrated Circuit(s) and ID-1 type (specified in ISO 7810) card, into which has been inserted one or more integrated circuits. [ISO 7816] |
|
|
What class is defined in the Orange Book as mandatory protection?
|
B
|
|
|
SQL Commands include?
|
Select, Update
Grant, Revoke Delete, Insert |
|
|
Why is public key cryptography reccommended for use in the process of securing facimiles during transmission?
|
The key is securely passed to the receiving machine.
|
|
|
What are the rules for audit data recording according to the Minimum Security Requirements (MSR) for Multi-User Operating systems (NISTIR 5153) document?
|
1. the system shall provide ene-to-end user accountability for all security-related events.
2. The system shall protect the security audit trail from unauthorized access. 3. The system should support an option to maintain the security audit trail data in encrypted format. |
|
|
Which DES modes can best be used for authentication?
|
Cipher Block Chaining and Cipher Feedback
|
|
|
Developement staff should?
|
Perform Unit Testing
|
|
|
According to the Orange Book, which security level is the first to require trusted Recovery?
|
B2
|
|
|
The relative security of a commercial crptographic system can be measured by the?
|
Size of the key space and the available computational power.
|
|
|
What type of telephone fraud manipulates the line voltage to receive a toll-free call?
|
Black Box
Red-Box - simulates the sounds of coins being dropped Blue-Box - The mother of all boxes - 1st box in history White Box - turns a normal touch tone keypad into a portable unit. |
|
|
Which form of attack is NOt a direct attack against operations?
|
Known Palian Text Attacks - an attack against the organizations cryptosystem.
|
|
|
What is called the act of a user professing an identity to a system, usually in the form of a log-on ID?
|
Identification
|
|
|
Under MAC, classification reflects?
|
Sensitivity reflects Classification
Priviledge reflects - Clearance Subject relects - User Object relects - File |
|
|
Which of the following business continuity stages ensures the continuity stragedy remains visible?
|
Implementation, Testing and Maintenance
|
|
|
A copyright protects___________.
|
An expression or an idea - not the resource directly.
|
|
|
What is a security issue related to aggregation in a database?
|
Inference
|
|
|
The Internet Activities Board characterizes _____________as unethical behavior for Internet users.
|
Concealing unauthorized Access
|
|
|
When block chaining cryptography is used __________ code is calculated and appended to the data to ensure authenticity.
|
Message authentication code
|
|
|
What is the software called that maintains and provides access to databases?
|
Database Management System
|
|
|
Name a feature of Rule-Based Access control?
|
The use of a Profile
|
|
|
How fast is private key cryptograhpy compared to public key cryptography?
|
1000 to 10000 times faster
|
|
|
Critcal area should be lighted?
|
eight ft high and two feet out
|
|
|
Secure Shell and secure Sockets Layer are heavily used for protecting?
|
WhInternet transactions
|
|
|
List three staements pertaining to RADIUS?
|
A Radius server can act as a proxy server, forwarding client request to other authentication domaains
Most RADIUS clients have a capability to query secondary RADIUS servers for redundancy |
|
|
What is the proper term to refer to a single unit of Ethernet data?
|
Ethernet Frame
|
|
|
What layer of the ISO/OSI model do packet filtering firewalls operate at?
|
The Network Layer
|
|
|
What are the methods used in the process of facial identification?
|
Detection and Recognition
|
|
|
Under MAC, a clearance is a?
|
privilege
|
|
|
What is a security issue related to aggregation in a database?
|
Inference
|
|
|
Total risk is equal to?
|
Threat
Vulnerability Asset Value |
|
|
What is called the study and control of signal emanations from electrical and electromagnetic equipment?
|
Tempest
|
|
|
Which OSI Layer does not provide confidentiality?
|
Transport Layer
|
|
|
The Primary Purpose for using one-way encryption of users passwords within a system is?
|
It prevents an unauthorized person from reading or modifying the password list.
|
|
|
Gap analysis does not apply to?
|
Availability
|
|
|
The Orange Book Defines Division B as?
|
Manadatory Protection
Manadatory access is enforced by the use of security labels |
|
|
The Orange Book Defines Level B1 as?
|
Labeled Security - each data object must contain a classification label and each subject must have a clearance label.
|
|
|
The Orange Book Defines Level B2 as?
|
Structured Protection - The system does not allow covert channels - separation of operator and administrative functions within the system to provide more trusted and protected operational funtionality. This class adds assurance - this environment would require systems that are relatrively resistant to penetration comprimise.
|
|
|
The Orange Book Defines Level B3 as?
|
Security Domains in this class, more granualarity is provided in each protects mechanism, and progamming code that is not necessary to support the security is excluded. An environment that supports B3 systems is a highly secure environment that processes very sensitive information.
|
|
|
hich OSI layer supervises the control rate of packet transfers in an OSI implementation?
|
The Tansport layer
|
|
|
Alarms and notifivcations generated by IDS systems usually take the form of?
|
Onscreen alert
|
|
|
Passwords can be required to change, modify, quarterly, or any other interval?
|
Depending on the criticality of the information needing protection and the passwords's frequency of use
|
|
|
What would be the best reason for separating the test and developement environments?
|
To control teh stability of the test environment
|
|
|
Which tape format is mostly used for home/small office backups?
|
Quater Inch Cartrige Drive (QIC)
|
|
|
Group Health Plans sponsor or maintained by, employers, however:
|
Are covered entities
|
|
|
With MAC, who may make decisions that bear on policy?
|
Only the administrator
|
|
|
What statement is true about information that is designated with the highest of confidentiality in a private sector organization?
|
It is available to anyone in the organization whose work relates to the subject and requires authorization for each access.
|
|
|
What does database security look at when it makes access control decisions?
|
Content-Dependant access control. This type of access Control increases processing overhead, but provides higher grandular control.
|
|
|
What tool is being used to determine whether attackers have altered system files or executables?
|
File Integrity checker
|
|
|
what can you to to increase the cost of an exhaustive attack?
|
1. Increase the length of a password
2. Increase the effective length of a cryptographic key variable |
|
|
Another method of risk analysis is qualitative, which does not assign ____ or _____ values to the components and losses
|
numbers
monetatry |
|
|
What is a Hostile Applet?
|
An active content module, which attempts to monopolize and exploits system resources
|
|
|
During which phase of an IT system life cycle are security requirements developed?
|
Development Stage
|
|
|
In a public Key Infrastructure, how are public keys published?
|
Through Digital Certificates
|
|
|
What is not an OSI architecture-defined broad category of security standards?
|
Firewall Security Standards
|
|
|
In an organization, an Information Technology security function should?
|
Be lead by a Cheif Security Officer and report directly to the CEO
|
|
|
In the TCP/IP protocol stack, at what level is the SSL protocol provided?
|
Network Layer
|
|
|
The concentric circle approach is used to?
|
Assess the physical security facility
|
|
|
What are the three area that the Physical Security Domain addresses?
|
1. Threats
2. Countermeasures 3. Vulnearabilities |
|
|
In a cryptographic key distribution system, the master key is used to exchange?
|
The Session Key
|
|
|
List some statement tha are true regarding IPSec Transport mode?
|
1. Set-up when end-point is host or communications terminates at end-points
2. If used in gatewat-to-host communication, gateway must act as a host 3. It is Detective/Administrative Pairing |
|
|
A continguency Plan should address?
|
Residual Risk
|
|
|
FIPS-140 is a standard for the security of?
|
Hardware and software cryptographic module
|
|
|
Which SSL version offers client side authentication?
|
SSL v2
|
|
|
What is the primary security goal of configuration management?
|
To ensure that changes to the system do not unintentionally diminish security
|
|
|
In the US, HIPPA addresses?
|
Security and Privacy
|
|
|
What are the limitations of the Bell-Lapadula Model?
|
Have no policy for changing access data control
Contains covert Channels Static in Nature |
|
|
What are some components of the Chinese Wall?
|
Conflict if Interest
Subject Company Datasets Sanitized Information No access Restrictions |
|
|
What is Reverse Engineering?
|
When an individual or company commit to decompiling vendor code.
|
|
|
What is the term used to describe a virus that can infect both program files and boot sectors?
|
Multipartite
|
|
|
What should organizations consider befor connecting their LAN's to the Internet?
|
A plan for considering all authentication options
|
