Chapter 2-6 Review Questions

Question1
Marks: 2
Information security can begin as a grassroots effort in which systems administrators attempt to improve the security of their systems, which is often referred to as a bottom-up approach. Answer: True False
Correct Marks for this submission: 2/2.
Question2
Marks: 2
Confidentiality ensures that only those with the rights and privileges to access information are able to do so. Answer: True False
Question3
Marks: 2
A(n) project team should consist of a number of individuals who are experienced in one or multiple facets of the technical and nontechnical areas. Answer: True False
Question4
Marks: 2
Part of the logical design phase of the SecSDLC is planning for partial or catastrophic loss. ____ dictates what steps are taken when an attack occurs. Choose one answer.
a. Continuity planning
b. Incident response c. Disaster recovery d. Security response
Question5
Marks: 2
A data custodian works directly with data owners and is responsible for the storage, maintenance, and protection of the information. Answer: True False
Question6
Marks: 2
A famous study entitled Protection Analysis: Final Report was published in ____. Choose one answer.
a. 1868
b. 1978 c. 1988 d. 1998
Question7
Marks: 2
During the early years, information security was a straightforward process composed predominantly of ____________________ security and simple document classification schemes. Answer:
physical
Question8
Marks: 2
In an organization, the value of ____________________ of information is especially high when it involves personal information about employees, customers, or patients. Answer:
confidentiality
Question9
Marks: 2
During the ____________________ War, many mainframes were brought online to accomplish more complex and sophisticated tasks so it became necessary to enable the mainframes to communicate via a less cumbersome process than mailing magnetic tapes between computer centers. Answer:
Cold
Question10
Marks: 2
In the ____________________ approach, the project is initiated by upper-level managers who issue policy, procedures and processes, dictate the goals and expected outcomes, and determine accountability for each required action. Answer:
top-dow n
Question11
Marks: 2
A(n) ____________________ is a formal approach to solving a problem by means of a structured sequence of procedures.
Answer:
methodology
Question12
Marks: 2
The ____ is the individual primarily responsible for the assessment, management, and implementation of information security in the organization. Choose one answer.
a. ISO
b. CIO c. CISO d. CTO
Question13
Marks: 2
The senior technology officer is typically the chief ____________________ officer. Answer:
information
Question14
Marks: 2
The ____ model consists of six general phases. Choose one answer.
a. pitfall
b. 5SA&D
c. waterfall d. SysSP
Question15
Marks: 2
The ____________________ phase consists primarily of assessments of the organization, its current systems, and its capability to support the proposed systems. Answer:
analysis
Question16
Marks: 2
____ of information is the quality or state of being genuine or original. Choose one answer.
a. Authenticity
b. Spoofing c. Confidentiality d. Authorization
Question17
Marks: 2
Information has ____________________ when it is whole, complete, and uncorrupted. Answer:

integrity
Question18
Marks: 2
The CNSS model of information security evolved from a concept developed by the computer security industry known as the ____________________ triangle. Answer:
C.I.A.
Question19
Marks: 2
Policies are written instructions for accomplishing a specific task. Answer: True False
Question20
Marks: 2
An information system is the entire set of ____, people, procedures, and networks that make possible the use of information resources in the organization. Choose one answer.
a. software
b. hardware c. data d. All of the above
Question21
Marks: 2
People with the primary responsibility for administering the systems that house the information used by the organization perform the ____ role.
Choose one answer.

a. security policy developers
b. security professionals c. system administrators d. end users
Question22
Marks: 2
A champion is a project manager, who may be a departmental line manager or staff unit manager, and understands project management, personnel management, and information security technical requirements. Answer: True False
Question23
Marks: 2
A(n) ____ attack is a hacker using a personal computer to break into a system. Choose one answer.
a. indirect
b. direct c. software d. hardware
Question24
Marks: 2
____ is the predecessor to the Internet. Choose one answer.

a. NIST
b. ARPANET c. FIPS d. DES
Question25
Marks: 2
Hardware is often the most valuable asset possessed by an organization and it is the main target of intentional attacks. Answer: True False
Question26
Marks: 2
In file hashing, a file is read by a special algorithm that uses the value of the bits in the file to compute a single large number called a ____ value. Choose one answer.
a. key
b. hashing c. hash d. code
Question27
Marks: 2
Applications systems developed within the framework of the traditional SDLC are designed to anticipate a software attack that requires some degree of application reconstruction. Answer: True False
Question28
Marks: 2
A(n) ____________________ is a group of individuals who are united by similar interests or values within an organization and who share a common goal of helping the organization to meet its objectives. Answer:
community of interest
Question29
Marks: 2
The ____ is a methodology for the design and implementation of an information system in an organization. Choose one answer.
a. DSLC
b. SDLC c. LCSD d. CLSD
Question30
Marks: 2
Hardware is the physical technology that houses and executes the software, stores and transports the data, and provides interfaces for the entry and removal of information from the system.
Answer: True False
Question31
Marks: 2
A frequently overlooked component of an IS, ____________________ are written instructions for accomplishing a specific task. Answer:
procedures
Question32
Marks: 2
Organizations are moving toward more ____-focused development approaches, seeking to improve not only the functionality of the systems they have in place, but consumer confidence in their product. Choose one answer.
a. security
b. reliability c. accessibility d. availability
Question33
Marks: 2
Information security can be an absolute. Answer: True False
Question34
Marks: 2
A breach of possession always results in a breach of confidentiality. Answer: True False
Question35
Marks: 2
The Internet brought connectivity to virtually all computers that could reach a phone line or an Internetconnected local area ____________________. Answer:
netw ork
Question36
Marks: 2
An e-mail virus involves sending an e-mail message with a modified field. Answer: True False
Question37
Marks: 2
In information security, salami theft occurs when an employee steals a few pieces of information at a time, knowing that taking more would be noticed but eventually the employee gets something complete or useable. Answer: True False
Question38
Marks: 2
Information has redundancy when it is free from mistakes or errors and it has the value that the end user expects. Answer: True False
Question39
Marks: 2
Which of the following is a valid type of data ownership? Choose one answer.
a. Data owners
b. Data custodians c. Data users d. All of the above
Question40
Marks: 2
Which of the following phases is the longest and most expensive phase of the systems development life cycle? Choose one answer.
a. investigation
b. logical design c. implementation d. maintenance and change
Correct
Marks for this submission: 2/2.
Question41
Marks: 2
The most successful kind of top-down approach involves a formal development strategy referred to as a ____. Choose one answer.
a. systems design
b. development life project c. systems development life cycle d. systems schema
Question42
Marks: 2
Direct attacks originate from a compromised system or resource that is malfunctioning or working under the control of a threat. Answer: True False
Question43
Marks: 2
In general, protection is the quality or state of being secureto be free from danger. Answer: True False
Question44
Marks: 2
A computer is the ____________________ of an attack when it is the target entity.
Answer:
object
Question45
Marks: 2
A computer is the ____ of an attack when it is used to conduct the attack. Choose one answer.
a. subject
b. object c. target d. facilitator
Question46
Marks: 2
During the ____ phase, specific technologies are selected to support the alternatives identified and evaluated in the logical design. Choose one answer.
a. investigation
b. implementation c. analysis d. physical design
Question47
Marks: 2
The ____________________ component of the IS comprises applications, operating systems, and assorted command utilities. Answer:
softw are
Question48
Marks: 2
The ____________________ of information is the quality or state of ownership or control of some object or item. Answer:
possession
Question49
Marks: 2
A(n) ____________________ information security policy outlines the implementation of a security program within the organization. Answer:
enterprise information security policy
Incorrect Correct answer: enterprise Marks for this submission: 0/2.
Question50
Marks: 2
The history of information security begins with the history of ____________________ security. Answer:
computer
Question1
Marks: 2
Attempting to reverse-calculate a password is called ____________________. Answer:

cracking
Question2
Marks: 2
In the well-known ____ attack, an attacker monitors (or sniffs) packets from the network, modifies them, and inserts them back into the network. Choose one answer.
a. zombie-in-the-middle
b. sniff-in-the-middle c. server-in-the-middle d. man-in-the-middle
Question3
Marks: 2
A ____ is an attack in which a coordinated stream of requests is launched against a target from many locations at the same time. Choose one answer.
a. denial-of-service
b. distributed denial-of-service c. virus
d. spam
Question4
Marks: 2
In a ____ attack, the attacker sends a large number of connection or information requests to a target. Choose one answer.
a. denial-of-service
b. distributed denial-of-service c. virus d. spam
Question5
Marks: 2
Intellectual property is defined as the ownership of ideas and control over the tangible or virtual representation of those ideas. Answer: True False
Question6
Marks: 2
Complete loss of power for a moment is known as a ____. Choose one answer.
a. sag
b. fault
c. brownout d. blackout
Incorrect Marks for this submission: 0/2.
Question7
Marks: 2
Microsoft acknowledged that if you type a res:// URL (a Microsoft-devised type of URL) which is longer than ____ characters in Internet Explorer 4.0, the browser will crash. Choose one answer.
a. 64
b. 128 c. 256 d. 512
Question8
Marks: 2
Duplication of software-based intellectual property is more commonly known as software ____________________. Answer:
piracy
Question9
Marks: 2
A(n) ____________________ is an object, person, or other entity that represents an ongoing danger to an asset. Answer:
threat
Question10
Marks: 2
The ____ data file contains the hashed representation of the users password. Choose one answer.
a. SLA
b. SNMP c. FBI d. SAM
Question11
Marks: 2
Web hosting services are usually arranged with an agreement providing minimum service levels known as a(n) ____. Choose one answer.
a. SSL
b. SLA c. MSL d. MIN
Question12
Marks: 2
____ are software programs that hide their true nature, and reveal their designed behavior only when activated. Choose one answer.
a. Viruses
b. Worms c. Spam d. Trojan horses
Question13
Marks: 2
In the context of information security, ____________________ is the process of using social skills to convince people to reveal access credentials or other valuable information to the attacker. Answer:
social engineering
Question14
Marks: 2
A firewall is a mechanism that keeps certain kinds of network traffic out of a private network. Answer: True False
Question15
Marks: 2
A(n) ____________________ is a malicious program that replicates itself constantly, without requiring another program environment. Answer:
w orm
Question16
Marks: 2
ESD means electrostatic ____________________. Answer:

discharge
Question17
Marks: 2
A number of technical mechanismsdigital watermarks and embedded code, copyright codes, and even the intentional placement of bad sectors on software mediahave been used to enforce copyright laws. Answer: True False
Question18
Marks: 2
Compared to Web site defacement, vandalism within a network is less malicious in intent and more public. Answer: True False
Question19
Marks: 2
As frustrating as viruses and worms are, perhaps more time and money is spent on resolving virus ____. Choose one answer.
a. false alarms
b. power faults c. hoaxes d. urban legends
Question20
Marks: 2
A(n) cookie can allow an attacker to collect information on how to access password-protected sites. Answer: True False
Question21
Marks: 2
One form of online vandalism is ____ operations, which interfere with or disrupt systems to protest the operations, policies, or actions of an organization or government agency. Choose one answer.
a. hacktivist
b. phvist c. hackcyber d. cyberhack
Question22
Marks: 2
An act of theft performed by a hacker falls into the category of theft, but is also often accompanied by defacement actions to delay discovery and thus may also be placed within the category of forces of nature. Answer: True False
Question23
Marks: 2
Acts of ____ can lead to unauthorized real or virtual actions that enable information gatherers to enter premises or systems they have not been authorized to enter. Choose one answer.
a. bypass
b. nature c. trespass d. security
Question24
Marks: 2
A computer virus consists of segments of code that perform ____________________ actions. Answer:
malicious
Question25
Marks: 2
A momentary low voltage is called a(n) ____________________. Answer:

sag
Question26
Marks: 2
A mail bomb is a form of DoS. Answer: True False
Question27
Marks: 2
Which of the following functions does information security perform for an organization? Choose one answer.
a. Protecting the organizations ability to function. b. Enabling the safe operation of applications implemented on the organizations IT systems. c. Protecting the data the organization collects and uses. d. All of the above.
Question28
Marks: 2
Some information gathering techniques are quite legal, for example, using a Web browser to perform market research. These legal techniques are called, collectively, competitive ____________________. Answer:
itelligence
Incorrect Correct answer: intelligence Marks for this submission: 0/2.
Question29
Marks: 2
A worm requires that another program is running before it can begin functioning. Answer: True False
Question30
Marks: 2
Which of the following is an example of a Trojan horse program? Choose one answer.
a. Netsky
b. MyDoom c. Klez d. Happy99.exe
Question31
Marks: 2
Cyberterrorists hack systems to conduct terrorist activities via network or Internet pathways. Answer: True False
Question32
Marks: 2
A(n) ____________________ is an application error that occurs when more data is sent to a program buffer than it is designed to handle. Answer:
buffer overrun
Question33
Marks: 2
A virus or worm can have a payload that installs a(n) ____________________ door or trap door component in a system, which allows the attacker to access the system at will with special privileges. Answer:
back
Question34
Marks: 2
____ are machines that are directed remotely (usually by a transmitted command) by the attacker to participate in an attack. Choose one answer.
a. Drones
b. Helpers c. Zombies d. Servants
Question35
Marks: 2
Script ____________________ are hackers of limited skill who use expertly written software to attack a system. Answer:
kiddies
Question36
Marks: 2
The expert hacker sometimes is called ____________________ hacker. Answer:

elite
Question37
Marks: 2
A(n) ____________________ hacks the public telephone network to make free calls or disrupt services. Answer:
phreaker
Question38
Marks: 2
DoS attacks cannot be launched against routers. Answer: True False
Question39
Marks: 2
There are generally two skill levels among hackers: expert and ____. Choose one answer.
a. novice
b. journeyman c. packet monkey d. professional
Question40
Marks: 2
The ____ hijacking attack uses IP spoofing to enable an attacker to impersonate another entity on the network. Choose one answer.
a. WWW
b. TCP c. FTP d. HTTP
Question41
Marks: 2
Hackers are people who use and create computer software to gain access to information illegally. Answer: True False
Question42
Marks: 2
A(n) polymorphic threat is one that over time changes the way it appears to antivirus software programs, making it undetectable by techniques that look for preconfigured signatures. Answer: True False
Question43
Marks: 2
Attacks conducted by scripts are usually unpredictable. Answer: True False
Question44
Marks: 2
According to Mark Pollitt, ____ is the premeditated, politically motivated attacks against information, computer systems, computer programs, and data which result in violence against noncombatant targets by subnational groups or clandestine agents. Choose one answer.
a. infoterrorism
b. cyberterrorism c. hacking d. cracking
Question45
Marks: 2
A(n) ____________________ is an identified weakness in a controlled system, where controls are not present or are no longer effective. Answer:
vulnerability
Question46
Marks: 2
A timing attack involves the interception of cryptographic elements to determine keys and encryption algorithms. Answer: True False
Question47
Marks: 2
A worm can deposit copies of itself onto all Web servers that the infected system can reach, so that users who subsequently visit those sites become infected. Answer:
True
False
Question48
Marks: 2
The timing attackexplores the contents of a Web browsers ____________________. Answer:

cache
Question49
Marks: 2
A sniffer program shows all the data going by on a network segment including passwords, the data inside filessuch as word-processing documentsand screens full of sensitive data from applications. Answer: True False
Question50
Marks: 2
A(n) ____________________ is an act that takes advantage of a vulnerability to compromise a controlled system. Answer:
attack
Question1
Marks: 2
The ____________________ is a respected professional society that was established in 1947 as the worlds first educational and scientific computing society. Answer:
Association of Computing Machinery
Question2
Marks: 2
Laws and policies and their associated penalties only deter if which of the following conditions is present? Choose one answer.
a. Fear of penalty
b. Probability of being caught c. Probability of penalty being administered d. All of the above
Question3
Marks: 2
Cultural differences can make it easy to determine what is and is not ethicalespecially when it comes to the use of computers. Answer: True False
Question4
Marks: 2
The ____________________ Act of 2001 provides law enforcement agencies with broader latitude in order to combat terrorism-related activities. Answer:
USA PATRIOT
Question5
Marks: 2
Which of the following countries reported generally intolerant attitudes toward personal use of organizational computing resources? Choose one answer.
a. Australia
b. United States c. Singapore d. Sweden
Question6
Marks: 2
____ attempts to prevent trade secrets from being illegally shared. Choose one answer.
a. Electronic Communications Privacy Act
b. Sarbanes-Oxley Act c. Financial Services Modernization Act d. Economic Espionage Act
Question7
Marks: 2
The Privacy of Customer Information Section of the common carrier regulation states that any proprietary information shall be used explicitly for providing services, and not for any ____ purposes. Choose one answer.
a. troubleshooting
b. billing c. customer service d. marketing
Question8
Marks: 2
Established in January 2001, the National InfraGard Program began as a cooperative effort between the FBIs Cleveland Field Office and local technology professionals. Answer: True False
Question9
Marks: 2
The ____ Portability and Accountability Act Of 1996, also known as the Kennedy-Kassebaum Act, protects the confidentiality and security of health care data by establishing and enforcing standards and by standardizing electronic data interchange. Choose one answer.
a. Customer
b. Health Insurance c. Computer d. Telecommunications
Question10
Marks: 2
Studies have reported that the Pacific Rim countries of Singapore and Hong Kong are hotbeds of software piracy. Answer: True False
Question11
Marks: 2
____________________ are the fixed moral attitudes or customs of a particular group. Answer:
Cultural mores
Question12
Marks: 2
Every state has implemented uniform laws and regulations placed on organizational use of computer technology. Answer: True False
Question13
Marks: 2
HIPAA specifies particular security technologies for each of the security requirements to ensure the privacy of the health-care information. Answer: True False
Question14
Marks: 2
The ____________________ Association is a professional association that focuses on auditing, control, and security and whose membership comprises both technical and managerial professionals.
Answer:
Information Systems Audit and Control
Question15
Marks: 2
The ____________________ Act of 1996 attempts to prevent trade secrets from being illegally shared. Answer:
Economic Espionage
Question16
Marks: 2
The ____________________ Act of 1986 is a collection of statutes that regulates the interception of wire, electronic, and oral communications. Answer:
Electronic Communications Privacy
Question17
Marks: 2
Which of the following acts is also widely known as the Gramm-Leach-Bliley Act? Choose one answer.
a. Financial Services Modernization Act
b. Communications Act c. Computer Security Act d. Economic Espionage Act
Question18
Marks: 2
What is the subject of the Computer Security Act? Choose one answer.
a. Federal Agency Information Security
b. Telecommunications Common Carriers c. Cryptography Software Vendors d. Banking Industry
Question19
Marks: 2
Software license infringement is also often called software ____________________. Answer:

piracy
Question20
Marks: 2
Civil law addresses activities and conduct harmful to society and is actively enforced by the state. Answer: True False
Question21
Marks: 2
Intellectual privacy is recognized as a protected asset in the United States. Answer: True False
Question22
Marks: 2
What is the subject of the Sarbanes-Oxley Act? Choose one answer.

a. Banking
b. Financial Reporting c. Privacy d. Trade secrets
Question23
Marks: 2
Key studies reveal that the overriding factor in leveling the ethical perceptions within a small population is ____________________. Answer:
education
Question24
Marks: 2
Deterrence can prevent an illegal or unethical activity from occurring. Answer: True False
Question25
Marks: 2
The ____________________ is the American contribution to an international effort to reduce the impact of copyright, trademark, and privacy infringement, especially when accomplished via the removal of technological copyright protection measures. Answer:
Digital Millennium Copyright Act
Question26
Marks: 2
The Computer ____ and Abuse Act of 1986 is the cornerstone of many computer-related federal laws and enforcement efforts. Choose one answer.
a. Violence
b. Fraud c. Theft d. Usage
Question27
Marks: 2
The Council of Europe adopted the Convention of CyberCrime in ____. Choose one answer.
a. 1976
b. 1986 c. 1998 d. 2001
Question28
Marks: 2
The ____________________2 manages a body of knowledge on information security and administers and evaluates examinations for information security certifications. Answer:
(ISC)
Question29
Marks: 2
In a study on software licence infringement, those from United States were significantly more permissive. Answer: True False
Question30
Marks: 2
Studies on ethics and computer use reveal that people of different nationalities have different perspectives; difficulties arise when one nationalitys ethical behavior violates the ethics of another national group. Answer: True False
Question31
Marks: 2
The ____________________ Act of 1966 allows any person to request access to federal agency records or information not determined to be a matter of national security. Answer:
Freedom of Information
Question32
Marks: 2
Individuals with authorization and privileges to manage information within the organization are most likely to cause harm or damage ____. Choose one answer.
a. with intent
b. by accident c. with malice d. with negligence
Question33
Marks: 2
Criminal or unethical ____ goes to the state of mind of the individual performing the act. Choose one answer.
a. attitude
b. intent c. accident d. ignorance
Question34
Marks: 2
Which of the following acts defines and formalizes laws to counter threats from computer related acts and offenses? Choose one answer.
a. Electronic Communications Privacy Act of 1986
b. Freedom of Information Act (FOIA) c. Computer Fraud and Abuse Act d. Federal Privacy Act of 1974
Question35
Marks: 2
According to the National Information Infrastructure Protection Act of 1996, the severity of the penalty for computer crimes depends on the value of the information obtained and whether the offense is judged to have been committed for each of the following except ____. Choose one answer.
a. for purposes of commercial advantage
b. for private financial gain c. to harass d. in furtherance of a criminal act
Question36
Marks: 2
The National Information Infrastructure Protection Act of 1996 modified which Act? Choose one answer.
a. USA PATRIOT Act
b. USA PATRIOT Improvement and Reauthorization Act c. Computer Security Act
d. Computer Fraud and Abuse Act
Question37
Marks: 2
Family law, commercial law, and labor law are all encompassed by ____________________ law. Answer:
private
Question38
Marks: 2
The ____________________ Act seeks to improve the reliability and accuracy of financial reporting, as well as increase the accountability of corporate governance, in publicly traded companies. Answer:
Sarbanes-Oxley
Question39
Marks: 2
Which of the following acts is a collection of statutes that regulate the interception of wire, electronic, and oral communications? Choose one answer.
a. Electronic Communications Privacy Act
b. Financial Services Modernization Ac c. Sarbanes-Oxley Act d. Economic Espionage Act
Question40
Marks: 2
The ____________________ Act of 1999 contains a number of provisions focusing on facilitating affiliation among banks, securities firms, and insurance companies. Answer:
Financial Services Modernization
Question41
Marks: 2
____________________ are rules that mandate or prohibit certain behavior in society. Answer:
Law s
Question42
Marks: 2
Due care requires that an organization make a valid effort to protect others and continually maintain this level of effort. Answer: True False
Question43
Marks: 2
Ethics define socially acceptable behaviors. Answer: True False
Question44
Marks: 2
Individuals with authorization and privileges to manage information within the organization are most likely to cause harm or damage by accident. Answer: True False
Question45
Marks: 2
In 1995 the Directive 95/46/EC was adopted by the European Union. Answer: True False
Question46
Marks: 2
The low overall degree of tolerance for ____________________ system use may be a function of the easy association between the common crimes of breaking and entering, trespassing, theft, and destruction of property to their computer-related counterparts. Answer:
illicit
Question47
Marks: 2
The ____ of 1999 provides guidance on the use of encryption and provides protection from government intervention. Choose one answer.
a. Sarbanes-Oxley Act
b. Gramm-Leach-Bliley Act c. U.S.A. Patriot Act
d. Security and Freedom through Encryption Act
Question48
Marks: 2
DHS is made up of three directorates. Answer: True False
Question49
Marks: 2
Guidelines that describe acceptable and unacceptable employee behaviors in the workplace are known as ____________________. Answer:
policies
Question50
Marks: 2
Privacy is not absolute freedom from observation, but rather is a more precise state of being free from unsanctioned intrusion. Answer: True False
Question1
Marks: 2
A(n) qualitative assessment is based on characteristics that do not use numerical measures. Answer:
True
False
Question2
Marks: 2
A(n) exposure factor is the expected percentage of loss that would occur from a particular attack. Answer: True False
Question3
Marks: 2
Management of classified data includes its storage and ____. Choose one answer.
a. distribution
b. portability c. destruction d. All of the above
Question4
Marks: 2
The difference between an organizations measures and those of others is often referred to as a performance ____________________. Answer:
gap
Question5
Marks: 2
The ____ strategy attempts to shift risk to other assets, other processes, or other organizations. Choose one answer.
a. transfer control
b. defend control c. accept control d. mitigate control
Question6
Marks: 2
ALE determines whether or not a particular control alternative is worth its cost. Answer: True False
Question7
Marks: 2
Operational ____________________ analysis examines user acceptance and support, management acceptance and support, and the overall requirements of the organizations stakeholders. Answer:
feasibility
Question8
Marks: 2
Cost ____________________ is the process of preventing the financial impact of an incident by implementing a control. Answer:
avoidance
Question9
Marks: 2
Qualitative-based measures are comparisons based on numerical standards, such as numbers of successful attacks. Answer: True False
Question10
Marks: 2
The concept of competitive ____ refers to falling behind the competition. Choose one answer.
a. disadvantage
b. drawback c. failure d. shortcoming
Question11
Marks: 2
Benefit is the value that an organization realizes by using controls to prevent losses associated with a specific vulnerability. Answer: True False
Question12
Marks: 2
In the U.S. military classification scheme, ____ data is any information or material the unauthorized disclosure of which reasonably could be expected to cause damage to the national security. Choose one answer.
a. confidential
b. secret c. top secret d. sensitive
Question13
Marks: 2
CBAs cannot be calculated after controls have been functioning for a time. Answer: True False
Question14
Marks: 2
The ____ security policy is a planning document that outlines the process of implementing security in the organization. Choose one answer.
a. program
b. agency c. issue-specific d. system-specific
Question15
Marks: 2
The military uses a _____-level classification scheme. Choose one answer.

a. three
b. four c. five d. six
Question16
Marks: 2
Major risk is a combined function of (1) a threat less the effect of threat-reducing safeguards, (2) a vulnerability less the effect of vulnerability reducing safeguards, and (3) an asset less the effect of asset value-reducing safeguards. Answer: True False
Question17
Marks: 2
Asset ____________________ is the process of assigning financial value or worth to each information asset. Answer:
valuation
Question18
Marks: 2
After identifying and performing the preliminary classification of an organizations information assets, the analysis phase moves on to an examination of the ____________________ facing the organization. Answer:
information assets
Incorrect Correct answer: threats Marks for this submission: 0/2.
Question19
Marks: 2
A(n) ____________________ is a value or profile of a performance metric against which changes in the performance metric can be usefully compared. Answer:
baseline
Question20
Marks: 2
Due ____________________ is the demonstration that the organization is diligent in ensuring that the implemented standards continue to provide the required level of protection. Answer:
diligence
Question21
Marks: 2
The ____________________ control strategy attempts to reduce the impact caused by the exploitation of vulnerability through planning and preparation. Answer:
mitigate
Question22
Marks: 2
Overriding an employees security ____________________ requires that the need-to-know standard be met. Answer:
clearance
Question23
Marks: 2
Many corporations use a ____ to help secure the confidentiality and integrity of information. Choose one answer.
a. system classification scheme
b. data restoration scheme c. data hierarchy d. data classification scheme
Question24
Marks: 2
Of the three types of mitigation plans, the ____________________ plan is the most strategic and long term. Answer:
business continuity
Question25
Marks: 2
A best practice proposed for a small home office setting is appropriate to help design control strategies for a multinational company. Answer:
True
False
Question26
Marks: 2
Best business practices are often called recommended practices. Answer: True False
Question27
Marks: 2
The ____ strategy attempts to prevent the exploitation of the vulnerability. Choose one answer.
a. suspend control
b. defend control c. transfer control d. defined control
Question28
Marks: 2
Risk ____ is the application of controls to reduce the risks to an organizations data and information systems. Choose one answer.
a. management
b. control
c. identification d. security
Question29
Marks: 2
A single loss ____________________ is the calculation of the value associated with the most likely loss from an attack. Answer:
expentancy
Incorrect Correct answer: expectancy Marks for this submission: 0/2.
Question30
Marks: 2
Security ____________________ are the technical implementations of the policies defined by the organization. Answer:
technologies
Question31
Marks: 2
Program-specific policies address the specific implementations or applications of which users should be aware. Answer: True False
Question32
Marks: 2
The first phase of risk management is ____.
Choose one answer.

a. risk identification
b. design c. risk control d. risk evaluation
Question33
Marks: 2
Likelihood risk is the risk to the information asset that remains even after the application of controls. Answer: True False
Question34
Marks: 2
For hardware devices, the ____________________ number is used by the network operating system to identify a specific network device. Answer:
MAC address
Question35
Marks: 2
The actions an organization can and perhaps should take while an incident is in progress should be specified in a document called the ____ plan. Choose one answer.
a. BC
b. DR c. IR d. BR
Question36
Marks: 2
The formal decision making process used when consider the economic feasibility of implementing information security controls and safeguards is called a(n) ____. Choose one answer.
a. ARO
b. CBA c. ALE d. SLE
Question37
Marks: 2
Mutually exclusive means that all information assets must fit in the list somewhere. Answer: True False
Question38
Marks: 2
The ____ security policy is an executive-level document that outlines the organizations approach and attitude towards information security and relates the strategic value of information security within the organization. Choose one answer.
a. general
b. agency c. issue-specific d. system-specific
Question39
Marks: 2
A certificate authority should actually be categorized as a software security component. Answer: True False
Question40
Marks: 2
Policies are documents that specify an organizations approach to security. Answer: True False
Question41
Marks: 2
The ____ strategy is the choice to do nothing to protect a vulnerability and to accept the outcome of its exploitation. Choose one answer.
a. avoidance of risk
b. transference
c. mitigation d. accept control
Question42
Marks: 2
In a(n) _____, each information asset is assigned a score for each of a set of assigned critical factor. Choose one answer.
a. OPSEC
b. COMSEC c. weighted factor analysis d. data classification scheme
Question43
Marks: 2
A(n) ____________________ desk policy requires that employees secure all information in appropriate storage containers at the end of each day. Answer:
clean
Question44
Marks: 2
Behavioral feasibility is also known as ____________________. Answer:

operational feasibility
Question45
Marks: 2
Once the inventory and value assessment are complete, you can prioritize each asset using a straightforward process known as ____________________ analysis. Answer:
w eighted factor
Question46
Marks: 2
A(n) disaster recovery plan dictates the actions an organization can and perhaps should take while an incident is in progress. Answer: True False
Question47
Marks: 2
A(n) ____ is an authorization issued by an organization for the repair, modification, or update of a piece of equipment. Choose one answer.
a. IP
b. FCO c. CTO d. HTTP
Question48
Marks: 2
All information that has been approved by management for public release has a(n) ____________________ classification.
Answer:
external
Question49
Marks: 2
Comprehensive means that an information asset should fit in only one category. Answer: True False
Question50
Marks: 2
Risk ____ defines the quantity and nature of risk that organizations are willing to accept as they evaluate the tradeoffs between perfect security and unlimited accessibility. Choose one answer.
a. benefit
b. appetite c. acceptance d. avoidance
Question1
Marks: 2
The application firewall is also known as a(n) ____________________ server. Answer:

proxy
Correct
Question2
Marks: 2
A Web server is often exposed to higher levels of risk when placed in the DMZ than when it is placed in the untrusted network. Answer: True False
Question3
Marks: 2
The architecture of a(n) ____________________ firewall provides a DMZ. Answer:

screened subnet
Question4
Marks: 2
A packets structure is independent from the nature of the packet. Answer: True False
Question5
Marks: 2
In recent years, the broadband router devices that can function as packet-filtering firewalls have been enhanced to combine the features of ____. Choose one answer.
a. UDPs
b. MACs
c. WANs d. WAPs
Question6
Marks: 2
A(n) ____________________ is an information security program that prevents specific types of information from moving between the outside world and the inside world. Answer:
firew all
Question7
Marks: 2
A(n) ____________________ private network is a private and secure network connection between systems that uses the data communication capability of an unsecured and public network. Answer:
virtual
Question8
Marks: 2
A trusted VPN is also known as a(n) ____________________ VPN. Answer:

legacy
Question9
Marks: 2
SESAME uses ____________________ key encryption to distribute secret keys. Answer:
public
Question10
Marks: 2
Traces, formally known as ICMP Echo requests, are used by internal systems administrators to ensure that clients and servers can communicate. Answer: True False
Question11
Marks: 2
In Kerberos, a(n) ____________________ is an identification card for a particular client that verifies to the server that the client is requesting services and that the client is a valid member of the Kerberos system and therefore authorized to receive services. Answer:
ticket
Question12
Marks: 2
Static filtering is common in network routers and gateways. Answer: True False
Question13
Marks: 2
A(n) ____________________ filter is a software filter technically not a firewall that allows administrators to restrict access to content from within a network. Answer:
content
Question14
Marks: 2
The circuit gateway firewall operates at the ____________________ layer. Answer:

transport
Question15
Marks: 2
SESAME may be obtained free of charge from MIT. Answer: True False
Question16
Marks: 2
In ____ mode, the data within an IP packet is encrypted, but the header information is not. Choose one answer.
a. tunnel
b. transport c. public d. symmetric
Question17
Marks: 2
A(n) ____________________ dialer is an automatic phone-dialing program that dials every number in a configured range, and checks to see if a person, answering machine, or modem picks up. Answer:
w ar
Question18
Marks: 2
The restrictions most commonly implemented in packet-filtering firewalls are based on ____. Choose one answer.
a. IP source and destination address
b. Direction (inbound or outbound) c. TCP or UDP source and destination port requests d. All of the above
Question19
Marks: 2
A packet-____________________ firewall installed on a TCP/IP based network typically functions at the IP level and determines whether to drop a packet (deny) or forward it to the next network connection (allow) based on the rules programmed into the firewall. Answer:
filtering
Question20
Marks: 2
The dominant architecture used to secure network access today is the ____ firewall. Choose one answer.
a. static
b. bastion c. unlimited d. screened subnet
Question21
Marks: 2
A(n) perimeter is a segment of the DMZ where additional authentication and authorization controls are put into place to provide services that are not available to the general public. Answer: True False
Question22
Marks: 2
The proxy server is often placed in an unsecured area of the network or is placed in the ____ zone. Choose one answer.
a. fully trusted
b. hot c. demilitarized d. cold
Question23
Marks: 2
A content filter is essentially a set of scripts or programs that restricts user access to certain networking protocols and Internet locations.
Answer: True False
Question24
Marks: 2
Simple firewall models enforce address ____________________, which are rules designed to prohibit packets with certain addresses or partial addresses from passing through the device. Answer:
restrictions
Question25
Marks: 2
A VPN allows a user to use the Internet into a private network. Answer: True False
Question26
Marks: 2
First generation firewalls are application-level firewalls. Answer: True False
Question27
Marks: 2
A(n) ____ is a private data network that makes use of the public telecommunication infrastructure, maintaining privacy through the use of a tunneling protocol and security procedures. Choose one answer.
a. SVPN
b. VPN c. SESAME d. KERBES
Question28
Marks: 2
A content filter is technically a firewall. Answer: True False
Question29
Marks: 2
In most common implementation models, the content filter has two components: ____. Choose one answer.
a. encryption and decryption
b. filtering and encoding c. rating and decryption d. rating and filtering
Question30
Marks: 2
Circuit gateway firewalls prevent direct connections between one network and another. Answer:
True
False
Question31
Marks: 2
Since the bastion host stands as a sole defender on the network perimeter, it is commonly referred to as the ____ host. Choose one answer.
a. trusted
b. domain c. single d. sacrificial
Question32
Marks: 2
Content filters are often called ____________________ firewalls. Answer:

reverse
Question33
Marks: 2
Kerberos ____ provides tickets to clients who request services. Choose one answer.
a. KDS
b. TGS
c. AS d. VPN
Question34
Marks: 2
The ____ is an intermediate area between a trusted network and an untrusted network. Choose one answer.
a. perimeter
b. DMZ c. domain d. firewall
Question35
Marks: 2
A benefit of a(n) dual-homed host is its ability to translate between many different protocols at their respective data link layers, including Ethernet, token ring, Fiber Distributed Data Interface, and asynchronous transfer mode. Answer: True False
Question36
Marks: 2
Address grants prohibit packets with certain addresses or partial addresses from passing through the device. Answer: True False
Question37
Marks: 2
ICMP uses port ____ to request a response to a query and can be the first indicator of a malicious attack. Choose one answer.
a. 4
b. 7 c. 8 d. 48
Question38
Marks: 2
ISA Server can use ____ technology. Choose one answer.

a. PNP
b. Point to Point Tunneling Protocol c. RAS d. All of the above
Question39
Marks: 2
Firewalls fall into ____ major processing-mode categories. Choose one answer.
a. two
b. three c. four d. five
Question40
Marks: 2
SOHO assigns non-routing local addresses to the computer systems in the local area network and uses the single ISP-assigned address to communicate with the Internet. Answer: True False
Question41
Marks: 2
Secure VPNs use security protocols and encrypt traffic transmitted across unsecured public networks like the Internet. Answer: True False
Question42
Marks: 2
The firewall device is never accessible directly from the ____________________ network. Answer:
public
Question43
Marks: 2
Since the bastion host stands as a sole defender on the network perimeter, it is commonly referred to as the ____________________ host. Answer:
sacrificial
Question44
Marks: 2
A ____ filtering firewall can react to an emergent event and update or create rules to deal with the event. Choose one answer.
a. dynamic
b. static c. stateful d. stateless
Question45
Marks: 2
Telnet protocol packets usually go to TCP port ____. Choose one answer.
a. 7
b. 8 c. 14 d. 23
Question46
Marks: 2
The fifth generation firewalls include the ____________________ proxy, a specialized form that works under Windows NT Executive, which is the kernel of Windows NT. Answer:
kernel
Question47
Marks: 2
Access control is achieved by means of a combination of policies, programs, and technologies. Answer: True False
Question48
Marks: 2
In SESAME, the user is first authenticated to an authentication server and receives a token. The token is then presented to a privilege attribute server as proof of identity to gain a(n) ____. Choose one answer.
a. VPN
b. ECMA c. ticket d. PAC
Question49
Marks: 2
In ____________________ mode, the organization establishes two perimeter tunnel servers. Answer:
tunel
Incorrect Correct answer: tunnel Marks for this submission: 0/2.
Question50
Marks: 2
The application gateway is also known as a(n) ____. Choose one answer.
a. application-level firewall
b. client firewall c. proxy firewall d. All of the above
Chapter 5 Review Questions Review of attempt 1

Top of Form
Finish review
Bottom of Form
Started on
Wednesday, June 15, 2011, 07:33 PM
Completed on
Saturday, June 18, 2011, 02:34 AM
Time taken
2 days 7 hours
Grade
90 out of a maximum of 100 (90%)
Question1
Marks: 2
A(n) ____________________ site is a fully configured computer facility, with all services, communications links, and physical plant operations including heating and air conditioning. Answer:
hot
Question2
Marks: 2
A standard is a plan or course of action that conveys instructions from an organizations senior management to those who make decisions, take actions, and perform other duties. Answer: True False
Question3
Marks: 2
A policy should state that if employees violate a company policy or any law using company technologies, the company will protect them, and the company is liable for the employees actions. Answer: True False
Question4
Marks: 2
The first phase in the development of the contingency planning process is the ____. Choose one answer.
a. BIA
b. BRP c. DP9
d. IRP
Question5
Marks: 2
A security ____ is an outline of the overall information security strategy for the organization and a roadmap for planned changes to the information security environment of the organization. Choose one answer.
a. plan
b. framework c. mission d. blanket
Question6
Marks: 2
Implementing multiple types of technology and thereby precluding that the failure of one system will compromise the security of information is referred to as ____________________. Answer:
redundancy
Question7
Marks: 2
Security ____ are the areas of trust within which users can freely communicate. Choose one answer.
a. perimeters
b. domains
c. rectangles d. layers
Question8
Marks: 2
A(n) ____________________ is a device that selectively discriminates against information flowing into or out of the organization. Answer:
firew all
Question9
Marks: 2
An attack ____________________ is a detailed description of the activities that occur during an attack. Answer:
profile
Question10
Marks: 2
A(n) capability table specifies which subjects and objects users or groups can access. Answer: True False
Question11
Marks: 2
A service bureau is an agency that provides a service for a fee. Answer:
True
False
Question12
Marks: 2
A buffer against outside attacks is frequently referred to as a(n) ____. Choose one answer.
a. proxy server
b. no-mans land c. DMZ d. firewall
Question13
Marks: 2
The Security Area Working Group acts as an advisory board for the protocols and areas developed and promoted by the Internet Society and the ____. Choose one answer.
a. IETF
b. ISO/IEC c. ISOC d. IRTF
Question14
Marks: 2
A firewall can be a single device or a firewall extranet, which consists of multiple firewalls creating a buffer between the outside and inside networks. Answer: True False
Question15
Marks: 2
Systems-specific security policies are formalized as written documents readily identifiable as policy. Answer: True False
Question16
Marks: 2
A(n) ____________________ plan ensures that critical business functions continue if a catastrophic incident or disaster occurs. Answer:
disaster recovery
Incorrect Correct answer: business continuity Marks for this submission: 0/2.
Question17
Marks: 2
The spheres of ____ are the foundation of the security framework and illustrate how information is under attack from a variety of sources. Choose one answer.
a. defense
b. assessment c. security
d. information
Question18
Marks: 2
Policies are living documents that must be managed. Answer: True False
Question19
Marks: 2
NIST documents can assist in the design of a security framework. Answer: True False
Question20
Marks: 2
RAID ____ drives can be hot swapped. Choose one answer.

a. 2
b. 3 c. 4 d. 5
Question21
Marks: 2
Incident ____________________ is the process of examining a potential incident, or incident candidate, and determining whether or not the candidate constitutes an actual incident. Answer:
classification
Question22
Marks: 2
A disaster recovery plan addresses the preparation for and recovery from a disaster, whether natural or man-made. Answer: True False
Question23
Marks: 2
Laws are more detailed statements of what must be done to comply with policy. Answer: True False
Question24
Marks: 2
An alert ____ is a document containing contact information for the people to be notified in the event of an incident. Choose one answer.
a. message
b. roster c. plan
d. list
Question25
Marks: 2
A cold site provides many of the same services and options of a hot site. Answer: True False
Question26
Marks: 2
A(n) ____ plan deals with the identification, classification, response, and recovery from an incident. Choose one answer.
a. CM
b. BC c. DR d. IR
Question27
Marks: 2
Incident damage ____ is the rapid determination of the scope of the breach of the confidentiality, integrity, and availability of information and information assets during or just following an incident. Choose one answer.
a. assessment
b. evaluation
c. recovery d. plan
Question28
Marks: 2
Standards may be published, scrutinized, and ratified by a group, as in formal or ____ standards. Choose one answer.
a. de formale
b. de public c. de jure d. de facto
Question29
Marks: 2
Strategic planning is the process of moving the organization towards its ____. Choose one answer.
a. standard
b. policy c. mission d. vision
Question30
Marks: 2
A(n) ____________________ is any clearly identified attack on the organizations information assets that would threaten the assets confidentiality, integrity, or availability. Answer:
incident
Question31
Marks: 2
A(n) ____________________ backup is the storage of all files that have changed or been added since the last full backup. Answer:
differential
Question32
Marks: 2
A(n) contingency plan is prepared by the organization to anticipate, react to, and recover from events that threaten the security of information and information assets in the organization, and, subsequently, to restore the organization to normal modes of business operations. Answer: True False
Question33
Marks: 2
Host-based IDPSs are usually installed on the machines they protect to monitor the status of various files stored on those machines. Answer: True False
Question34
Marks: 2
A(n) ____________________ message is a scripted description of an incident, usually just enough information so that each individual knows what portion of the IRP to implement, and not enough to slow down the notification process. Answer:
alert
Question35
Marks: 2
A(n) ____________________ server performs actions on behalf of another system. Answer:

proxy
Question36
Marks: 2
A(n) ____________________ is a contract between two or more organizations that specifies how each will assist the other in the event of a disaster. Answer:
mutual agreement
Question37
Marks: 2
Effective management includes planning and ____. Choose one answer.

a. organizing
b. leading c. controlling
d. All of the above
Question38
Marks: 2
A managerial guidance SysSP document is created by the IT experts in a company to guide management in the implementation and configuration of technology. Answer: True False
Question39
Marks: 2
Technical controls are the tactical and technical implementations of security in the organization. Answer: True False
Question40
Marks: 2
Incident ____________________ is the set of activities taken to plan for, detect, and correct the impact of an incident on information assets. Answer:
response
Question41
Marks: 2
A ____ site provides only rudimentary services and facilities. Choose one answer.
a. cool
b. warm c. hot d. cold
Question42
Marks: 2
A(n) ____________________ is a detailed examination of the events that occurred from first detection to final recovery. Answer:
after-action review
Question43
Marks: 2
A(n) ____________________ is a plan or course of action that conveys instructions from an organizations senior management to those who make decisions, take actions, and perform other duties. Answer:
policy
Question44
Marks: 2
A security ____________________ defines the boundary between the outer limit of an organizations security and the beginning of the outside world. Answer:
perimeter
Question45
Marks: 2
Redundancy can be implemented at a number of points throughout the security architecture, such as in ____. Choose one answer.
a. firewalls
b. proxy servers c. access controls d. All of the above
Question46
Marks: 2
The SETA program is the responsibility of the ____ and is a control measure designed to reduce the incidences of accidental security breaches by employees. Choose one answer.
a. CIO
b. CISCO c. CISO d. end users
Question47
Marks: 2
Evidence is the physical object or documented information that proves an action occurred or identifies the intent of a perpetrator. Answer: True False
Question48
Marks: 2
Computer ____________________ is the process of collecting, analyzing, and preserving computerrelated evidence. Answer:
forensics
Question49
Marks: 2
RAID Level 1 is commonly called disk ____________________. Answer:

mirroring
Question50
Marks: 2
SP 800-14, Generally Accepted Principles and Practices for Securing Information Technology Systems, provides best practices and security principles that can direct the security team in the development of a security ____. Choose one answer.
a. plan
b. standard c. policy d. blueprint

Top of Form
Marks: 2 A(n) ____________________ vulnerability scanner is one that initiates traffic on the network in order to determine security holes. Answer:
active
Correct Marks for this submission: 2/2. Question 2 Marks: 2 Activities that scan network locales for active systems and then identify the network services offered by the host systems is known as ____. Choose one answer. a. filtering b. doorknob rattling c. footprinting d. fingerprinting Correct Marks for this submission: 2/2. Question 3 Marks: 2 A(n) ____ is a proposed systems user. Choose one answer. a. authenticator b. challenger c. supplicant d. activator Incorrect Marks for this submission: 0/2. Question 4 Marks: 2 A(n) listener vulnerability scanner is one that listens in on the network and determines vulnerable versions of both server and client software. Answer: True False Correct Marks for this submission: 2/2. Question 5
Marks: 2 ____ applications use a combination of techniques to detect an intrusion and then trace it back to its source. Choose one answer. a. Trace and treat b. Trap and trace c. Treat and trap d. Trace and clip Correct Marks for this submission: 2/2. Question 6 Marks: 2 ____ are decoy systems designed to lure potential attackers away from critical systems. Choose one answer. a. Honeypots b. Honeycells c. Padded cells d. Padded nets Correct Marks for this submission: 2/2. Question 7 Marks: 2 A(n) ____________________ system contains pseudo-services that emulate well-known services, but is configured in ways that make it look vulnerable to attacks. Answer:
honey pot
Incorrect Correct answer: honeypot Marks for this submission: 0/2. Question 8 Marks: 2 Intrusion ____ activities finalize the restoration of operations to a normal state and seek to identify the source and method of the intrusion in order to ensure that the same type of attack cannot occur again. Choose one answer. a. prevention b. reaction c. detection d. correction Incorrect
Marks for this submission: 0/2. Question 9 Marks: 2 Enticement is the action of luring an individual into committing a crime to get a conviction. Answer: True False Correct Marks for this submission: 2/2. Question 10 Marks: 2 A passive response is a definitive action automatically initiated when certain types of alerts are triggered. Answer: True False Correct Marks for this submission: 2/2. Question 11 Marks: 2 Which of the following ports is commonly used for the HTTP protocol? Choose one answer. a. 20 b. 25 c. 53 d. 80 Correct Marks for this submission: 2/2. Question 12 Marks: 2 A sniffer cannot be used to eavesdrop on network traffic. Answer: True False Correct Marks for this submission: 2/2. Question 13 Marks: 2 A(n) ____________________ occurs when an attacker attempts to gain entry or disrupt the normal operations of an information system, almost always with the intent to do harm. Answer:
intrusion
Correct Marks for this submission: 2/2. Question 14 Marks: 2 A HIDPS can monitor systems logs for predefined events. Answer:
True False Correct Marks for this submission: 2/2. Question 15 Marks: 2 The ongoing activity from alarm events that are accurate and noteworthy but not necessarily significant as potentially successful attacks is called ____________________. Answer:
noise
Correct Marks for this submission: 2/2. Question 16 Marks: 2 A(n) ____________________ IDPS can adapt its reactions in response to administrator guidance over time and circumstances of the current local environment. Answer:
smart
Correct Marks for this submission: 2/2. Question 17 Marks: 2 In TCP/IP networking, port ____ is not used. Choose one answer. a. 0 b. 1 c. 13 d. 1023 Correct Marks for this submission: 2/2. Question 18 Marks: 2 A signature-based IDPS is sometimes called a(n) ____________________-based IDPS. Answer:
know ledge
Correct Marks for this submission: 2/2. Question 19 Marks: 2 IDPS researchers have used padded cell and honeypot systems since the late ____. Choose one answer. a. 1960s b. 1970s
c. 1980s d. 1990s Correct Marks for this submission: 2/2. Question 20 Marks: 2 Alarm ____________________ and compaction is a consolidation of almost identical alarms that happen at close to the same time into a single higher-level alarm. Answer:
clustering
Correct Marks for this submission: 2/2. Question 21 Marks: 2 Using ____, the system reviews the log files generated by servers, network devices, and even other IDPSs. Choose one answer. a. LFM b. stat IDPS c. AppIDPS d. HIDPS Correct Marks for this submission: 2/2. Question 22 Marks: 2 A starting scanner is one that initiates traffic on the network in order to determine security holes. Answer: True False Correct Marks for this submission: 2/2. Question 23 Marks: 2 A(n) ____________________ is a honey pot that has been protected so that it cannot be easily compromised. Answer:
padded cell
Correct Marks for this submission: 2/2. Question 24 Marks: 2 The initial estimation of the defensive state of an organizations networks and systems is called doorknob ____________________. Answer:
rattling
Correct Marks for this submission: 2/2. Question 25 Marks: 2 In ____________________ protocol verification, the higher-order protocols are examined for unexpected packet behavior, or improper use. Answer:
application
Correct Marks for this submission: 2/2. Question 26 Marks: 2 Three methods dominate the IDPSs detection methods: ____________________-based approach, statistical anomaly-based approach or the stateful packet inspection approach. Answer:
signature
Correct Marks for this submission: 2/2. Question 27 Marks: 2 A strategy based on the concept of defense in depth is likely to include intrusion detection systems, active vulnerability scanners, passive vulnerability scanners, automated log analyzers, and protocol analyzers. Answer: True False Incorrect Marks for this submission: 0/2. Question 28 Marks: 2 The attack ____________________ is a series of steps or processes used by an attacker, in a logical sequence, to launch an attack against a target system or network. Answer:
protocol
Correct Marks for this submission: 2/2. Question 29 Marks: 2 A HIDPS is optimized to detect multihost scanning, and it is able to detect the scanning of non-host network devices, such as routers or switches. Answer: True False Incorrect Marks for this submission: 0/2. Question 30 Marks: 2 Fingerprinting is the organized research of the Internet addresses owned or controlled by a target organization. Answer:
True False Incorrect Marks for this submission: 0/2. Question 31 Marks: 2 A packet ____________________ is a network tool that collects copies of packets from the network and analyzes them. Answer:
sniffer
Correct Marks for this submission: 2/2. Question 32 Marks: 2 A(n) ____________________-based IDPS resides on a particular computer or server and monitors activity only on that system. Answer:
host
Correct Marks for this submission: 2/2. Question 33 Marks: 2 ____ are usually passive devices and can be deployed into existing networks with little or no disruption to normal network operations. Choose one answer. a. NIDPSs b. HIDPSs c. AppIDPSs d. SIDPSs Correct Marks for this submission: 2/2. Question 34 Marks: 2 A(n) ____ works like a burglar alarm in that it detects a violation (some system activities analogous to an opened or broken window) and activates an alarm. Choose one answer. a. IDS b. IIS c. ITS d. SIS Correct
Marks for this submission: 2/2. Question 35 Marks: 2 Among all possible biometrics, ____ is(are) considered truly unique. Choose one answer. a. retina of the eye b. fingerprints c. iris of the eye d. All of the above Correct Marks for this submission: 2/2. Question 36 Marks: 2 A false positive is the failure of an IDPS system to react to an actual attack event. Answer: True False Correct Marks for this submission: 2/2. Question 37 Marks: 2 Most NBA sensors can be deployed in ____ mode only, using the same connection methods as network-based IDPSs. Choose one answer. a. passive b. active c. reactive d. dynamic Correct Marks for this submission: 2/2. Question 38 Marks: 2 A(n) ____ is a network tool that collects copies of packets from the network and analyzes them. Choose one answer. a. packet scanner b. packet sniffer c. honey pot d. honey packet Correct
Marks for this submission: 2/2. Question 39 Marks: 2 HIDPSs are also known as system ____________________ verifiers. Answer:
integrity
Correct Marks for this submission: 2/2. Question 40 Marks: 2 A wireless security toolkit should include the ability to sniff wireless traffic, scan wireless hosts, and assess the level of privacy or confidentiality afforded on the wireless network. Answer: True False Correct Marks for this submission: 2/2. Question 41 Marks: 2 The ____________________ error rate is the level at which the number of false rejections equals the false acceptances, also known as the equal error rate. Answer:
crossover
Correct Marks for this submission: 2/2. Question 42 Marks: 2 The ____________________ port is also known as a switched port analysis port or mirror port. Answer:
monitoring
Correct Marks for this submission: 2/2. Question 43 Marks: 2 A(n) NIDPS functions on the host system, where encrypted traffic will have been decrypted and is available for processing. Answer: True False Incorrect Marks for this submission: 0/2. Question 44 Marks: 2 Minutiae are unique points of reference that are digitized and stored in an encrypted format when the users system access credentials are created. Answer: True Correct False
Marks for this submission: 2/2. Question 45 Marks: 2 A fully distributed IDPS control strategy is the opposite of the centralized strategy. Answer: True False Correct Marks for this submission: 2/2. Question 46 Marks: 2 A(n) ____ IDPS is focused on protecting network information assets. Choose one answer. a. network-based b. host-based c. application-based d. server-based Correct Marks for this submission: 2/2. Question 47 Marks: 2 A(n) log file monitor is similar to a NIDPS. Answer: True False Correct Marks for this submission: 2/2. Question 48 Marks: 2 To determine whether an attack has occurred or is underway, NIDPSs compare measured activity to known ____ in their knowledge base. Choose one answer. a. fingernails b. fingerprints c. signatures d. footprints Correct Marks for this submission: 2/2. Question 49 Marks: 2 A padded cell is a hardened honeynet. Answer:
True False Correct Marks for this submission: 2/2. Question 50 Marks: 2 ____ benchmark and monitor the status of key system files and detect when an intruder creates, modifies, or deletes monitored files. Choose one answer. a. NIDPSs b. HIDPSs c. AppIDPSs
Question1
Marks: 2
____ are encrypted messages that can be mathematically proven to be authentic. Choose one answer.
a. Digital signatures
b. MAC c. Message certificates d. Message digests
Question2
Marks: 2
A(n) distinguished name uniquely identifies a certificate entity, to a users public key. Answer: True False
Question3
Marks: 2
Privacy Enhanced Mail was proposed by the Internet Engineering Task Force and is a standard that uses 3DES symmetric key encryption and RSA for key exchanges and digital signatures. Answer: True False
Question4
Marks: 2
As DES became known as being too weak for highly classified communications, Double DES was created to provide a level of security far beyond that of DES. Answer: True False
Question5
Marks: 2
A(n) ____________________ substitution uses one alphabet. Answer:

monoalphabetic
Question6
Marks: 2
An attacker may obtain duplicate texts, one in ciphertext and one in plaintext, and thus reverse-engineer the encryption algorithm in a known-plaintext attack scheme. Answer: True False
Question7
Marks: 2
In IPSEC ____________________ mode, only the IP data is encrypted, not the IP headers. Answer:
transport
Question8
Marks: 2
Digital ____________________ are public-key container files that allow computer programs to validate the key and identify to whom it belongs. Answer:
certificates
Question9
Marks: 2
Digital ____________________ are encrypted messages that can be mathematically proven to be authentic. Answer:
signatures
Question10
Marks: 2
A message ____________________ is a fingerprint of the authors message that is compared with the recipients locally calculated hash of the same message. Answer:
digest
Question11
Marks: 2
Digital signatures should be created using processes and products that are based on the ____.
Choose one answer.

a. DSS
b. NIST c. SSL d. HTTPS
Question12
Marks: 2
DES uses a(n) _____-bit block size. Choose one answer.

a. 32
b. 64 c. 128 d. 256
Question13
Marks: 2
Symmetric encryption uses two different but related keys, and either key can be used to encrypt or decrypt the message. Answer: True False
Question14
Marks: 2
____ attacks are a collection of brute-force methods that attempt to deduce statistical relationships between the structure of the unknown key and the ciphertext that is the output of the cryptosystem. Choose one answer.
a. Timing
b. Dictionary c. Correlation d. Man-in-the-middle
Question15
Marks: 2
A(n) ____________________ authority operates under the trusted collaboration of the certificate authority and can be delegated day-to-day certification functions, such as verifying registration information about new registrants, generating end-user keys, revoking certificates, and validating that users possess a valid certificate. Answer:
registration
Question16
Marks: 2
The science of encryption is known as ____________________. Answer:

cryptology
Question17
Marks: 2
A ____ is a key-dependent, one-way hash function that allows only specific recipients (symmetric key holders) to access the message digest. Choose one answer.
a. signature
b. MAC c. fingerprint d. digest
Question18
Marks: 2
Common implementations of RA include systems that issue digital certificates to users and servers; directory enrollment; key issuing systems; tools for managing the key issuance; and verification and return of certificates. Answer: True False
Question19
Marks: 2
The CA periodically distributes a(n) ____ to all users that identifies all revoked certificates. Choose one answer.
a. CRL
b. RA c. MAC d. AES
Question20
Marks: 2
Attackers may conduct an encrypted-plaintext attack by sending potential victims a specific text that they are sure the victims will forward on to others. Answer: True False
Question21
Marks: 2
The ____ algorithm was the first public key encryption algorithm developed (in 1977) and published for commercial use. Choose one answer.
a. DES
b. RSA c. MAC d. AES
Question22
Marks: 2
A mathematical ____________________ is a secret mechanism that enables you to easily accomplish the reverse function in a one-way function. Answer:
trapdoor
Question23
Marks: 2
In a ____ attack, the attacker eavesdrops during the victims session and uses statistical analysis of patterns and inter-keystroke timings to discern sensitive session information. Choose one answer.
a. replay
b. timing c. correlation d. dictionary
Question24
Marks: 2
In a(n) ____________________ attack, the attacker eavesdrops on the victims session and uses statistical analysis of patterns and inter-keystroke timings to discern sensitive session information. Answer:
timing
Question25
Marks: 2
A(n) key is the programmatic steps used to convert an unencrypted message into an encrypted sequence of bits that represent the message. Answer: True False
Question26
Marks: 2
Hash algorithms are public functions that create a hash value by converting variable-length messages into a single fixed-length value. Answer: True False
Question27
Marks: 2
A(n) response attack is an attempt to resubmit a recording of the deciphered authentication to gain entry into a secure source. Answer: True False
Question28
Marks: 2
The ____ protocol provides system-to-system authentication and data integrity verification, but does not provide secrecy for the content of a network communication. Choose one answer.
a. ESP
b. AH c. HA d. SEP
Question29
Marks: 2
A method of encryption that requires the same secret key to encipher and decipher the message is known as ____ encryption. Choose one answer.
a. asymmetric
b. symmetric c. public
d. private
Question30
Marks: 2
AES implements a block cipher called the Rijndael Block Cipher. Answer: True False
Question31
Marks: 2
Secure HTTP provides the Internet communication services between client and host without consideration for encryption of the data that is transmitted between client and server. Answer: True False
Question32
Marks: 2
Bit stream methods commonly use algorithm functions like the exclusive OR operation (_____). Choose one answer.
a. XOR
b. EOR c. NOR d. OR
Question33
Marks: 2
A(n) man-in-the-middle attack attempts to intercept a public key or even to insert a known key structure in place of the requested public key. Answer: True False
Question34
Marks: 2
____ functions are mathematical algorithms that generate a message summary or digest to confirm the identity of a specific message and to confirm that there have not been any changes to the content. Choose one answer.
a. Hash
b. Map c. Key d. Encryption
Question35
Marks: 2
An X.509 v3 certificate binds a _____, which uniquely identifies a certificate entity, to a users public key. Choose one answer.
a. message digest
b. fingerprint c. distinguished name d. digital signature
Correct
Question36
Marks: 2
Netscape developed the ____________________ Layer protocol to use public key encryption to secure a channel over the Internet, thus enabling secure communications. Answer:
Secure Sockets
Incorrect Correct answer: Secure Socket Marks for this submission: 0/2.
Question37
Marks: 2
The ____ is responsible for the fragmentation, compression, encryption, and attachment of an SSL header to the cleartext prior to transmission. Choose one answer.
a. Standard HTTP
b. SFTP c. S-HTTP d. SSL Record Protocol
Question38
Marks: 2
DES uses a 64-bit key. Answer: True False
Question39
Marks: 2
____ is a federal information processing standard that specifies a cryptographic algorithm used within the U.S. government to protect information in federal agencies that are not a part of the national defense infrastructure. Choose one answer.
a. DES
b. 2DES c. AES d. 3DES
Question40
Marks: 2
A digital ____________________ is an electronic document or container file that contains a key value and identifying information about the entity that controls the key. Answer:
certificate
Question41
Marks: 2
SHA-1 produces a(n) _____-bit message digest, which can then be used as an input to a digital signature algorithm. Choose one answer.
a. 48
b. 56 c. 160 d. 256
Correct
Question42
Marks: 2
Encryption is the process of converting the ciphertext message back into plaintext so that it can be readily understood. Answer: True False
Question43
Marks: 2
The more common name for asymmetric encryption is ____________________-key encryption. Answer:
public
Question44
Marks: 2
More advanced substitution ciphers use two or more alphabets, and are referred to as ____ substitutions. Choose one answer.
a. multialphabetic
b. monoalphabetic c. polyalphabetic d. polynomic
Question45
Marks: 2
One of the most widely known cryptographic algorithms is the Data ____________________ Standard, which was developed by IBM and is based on the companys Lucifer algorithm.
Answer:
Encryption
Question46
Marks: 2
Hashing functions do not require the use of keys, but it is possible to attach a message ____________________ code. Answer:
authentication
Question47
Marks: 2
Also known as the one-time pad, the ____________________ cipher, which was developed at AT&T, uses a set of characters only one time for each encryption process. Answer:
Vernam
Question48
Marks: 2
A(n) registration authority issues, manages, authenticates, signs, and revokes users digital certificates, which typically contain the user name, public key, and other identifying information. Answer: True False
Question49
Marks: 2
The encapsulating security ____________________ protocol provides secrecy for the contents of network communications as well as system-to-system authentication and data integrity verification. Answer:
payload
Question50
Marks: 2
The process of hiding messages within the digital encoding of a picture or graphic is called ____________________. Answer:
steganography
Chapter 9 Review Questions

Question1
Marks: 2
A(n) _________________________ is a small enclosure that has separate entry and exit points. Answer:
mantrap
Question2
Marks: 2
A common form of mechanical locks are electric strike locks, which (usually) require people to announce themselves before being buzzed through a locked door. Answer: True False
Question3
Marks: 2
A(n) _________________________ system has pressurized water in all pipes and has some form of valve in each protected area.
Answer:
w et-pipe
Question4
Marks: 2
A(n) _________________________ is typically worn concealed. Answer:

identification card
Question5
Marks: 2
A variation of the dry-pipe system is the pre-action system, which has a two-phase response to a fire. Answer: True False
Question6
Marks: 2
Interference with the normal pattern of the electrical current is also referred to as _________________________. Answer:
noise
Question7
Marks: 2
The U.S. government has developed a program, named _________________________ to reduce the risk of EMR monitoring. Answer:
TEMPEST
Question8
Marks: 2
Fire detection systems fall into two general categories: manual and electrical. Answer: True False
Question9
Marks: 2
Some sprinkler systems, called _________________________ systems, keep open all of the individual sprinkler heads, and as soon as the system is activated, water is immediately applied to all areas. Answer:
deluge
Question10
Marks: 2
Grounding ensures that the returning flow of current is properly discharged to the ground. Answer: True False
Question11
Marks: 2
____ occurs when an authorized person presents a key to open a door, and other people, who may or may not be authorized, also enter. Choose one answer.
a. Crowdsurfing
b. Tailgating c. Freeloading d. Hitchhiking
Question12
Marks: 2
Smoke detection systems are perhaps the most common means of detecting a potentially dangerous fire, and they are required by building codes in most residential dwellings and commercial buildings. Answer: True False
Question13
Marks: 2
Guards can evaluate each situation as it arises and make reasoned responses. Answer: True False
Question14
Marks: 2
A ____ system is designed to work in areas where electrical equipment is used. Instead of containing water, the system contains pressurized air. Choose one answer.
a. wet-pipe
b. dry-pipe c. deluge
d. sprinkler
Question15
Marks: 2
A(n) _________________________ or offline UPS is an offline battery backup that detects the interruption of power to the power equipment. Answer:
standby
Question16
Marks: 2
UPS devices typically run up to ____ VA. Choose one answer.

a. 100
b. 250 c. 500 d. 1,000
Question17
Marks: 2
A wet-pipe system is usually considered appropriate in computer rooms. Answer: True False
Question18
Marks: 2
In the ____ UPS, the internal components of the standby models are replaced with a pair of inverters and converters. Choose one answer.
a. line-interactive
b. ferroresonant c. true online d. offline
Question19
Marks: 2
A device that assures the delivery of electric power without interruption is a(n) ____. Choose one answer.
a. GFCI
b. HVAC c. GPS d. UPS
Question20
Marks: 2
The temperature of ignition is called the _________________________ of a material. Answer:

flame point
Question21
Marks: 2
Cold detectors measure rates of change in the ambient temperature in the room. Answer: True False
Question22
Marks: 2
Class _________________________fires are extinguished by agents that interrupt the ability of the fuel to be ignited. Answer:
A
Question23
Marks: 2
The most sophisticated locks are ____ locks. Choose one answer.
a. manual
b. programmable c. electronic d. biometric
Question24
Marks: 2
All liquid systems are designed to apply liquid, usually water, to all areas in which a fire has been detected. Answer:
True
False
Question25
Marks: 2
A specialized type of keycard reader is the _________________________ reader, which allows individuals simply to place their cards within the readers range. Answer:
proximity
Question26
Marks: 2
Fire ____ systems are devices installed and maintained to detect and respond to a fire, potential fire, or combustion danger situation. Choose one answer.
a. detection
b. suppression c. protection d. prevention
Question27
Marks: 2
Videoconferencing is off site computing that uses Internet connections, dialup connections, connections over leased point-to-point links between offices, and other connection mechanisms. Answer: True False
Question28
Marks: 2
One of the leading causes of damage to sensitive circuitry is ____. Choose one answer.
a. CPU
b. EPA c. ESD d. HVAC
Question29
Marks: 2
Class ____ fires are extinguished with non-conducting agents only. Choose one answer.
a. A
b. B c. C d. D
Question30
Marks: 2
Gaseous emission systems can be used in the suppression of fires. Answer: True False
Question31
Marks: 2
Computing and other electrical equipment in areas where water can accumulate must be uniquely grounded, using ____ equipment. Choose one answer.
a. UPS
b. HVAC c. GFCI d. ESD
Question32
Marks: 2
Electronic monitoring includes ____ systems. Choose one answer.

a. blocked video
b. local video c. open-circuit television d. closed-circuit television
Question33
Marks: 2
The thermal detection systems contain a sophisticated heat _________________________. Answer:

sensor
Correct
Question34
Marks: 2
The _________________________ detector is a sensor that detects the infrared or ultraviolet light produced by an open flame. Answer:
flame
Question35
Marks: 2
____ involves a wide variety of computing sites that are distant from the base organizational facility and includes all forms of telecommuting. Choose one answer.
a. Remote site computing
b. Telecommuting c. Remote working d. Hot site computing
Question36
Marks: 2
Class ____ fires are extinguished by agents that remove oxygen from the fire. Choose one answer.
a. A
b. B c. C
d. D
Question37
Marks: 2
The _________________________ lock may rely on a key that is a carefully shaped piece of metal, which is rotated to turn tumblers that release secured loops of steel, aluminum, or brass. Answer:
mechanical
Question38
Marks: 2
____ locks can be changed after they are put in service, allowing for combination or key changes without a locksmith and even allowing the owner to change to another access method (key or combination) to upgrade security. Choose one answer.
a. Programmable
b. Manual c. Biometric d. Electronic
Question39
Marks: 2
Mechanical locks can accept a variety of inputs as keys, including magnetic strips on ID cards, radio signals from name badges, personal identification numbers (PINs) typed into a keypad, or some combination of these to activate an electrically powered servo to unlock the mechanism. Answer: True False
Question40
Marks: 2
A name badge is typically worn concealed. Answer: True False
Question41
Marks: 2
In the ____ approach, the sensor detects an unusually rapid increase in the area temperature within a relatively short period of time. Choose one answer.
a. fixed temperature
b. permanent temperature c. fixed rate d. rate-of-rise
Question42
Marks: 2
A secure _________________________ is a physical location that has in place controls to minimize the risk of attacks from physical threats. Answer:
secure
Incorrect Correct answer: facility Marks for this submission: 0/2.
Question43
Marks: 2
Building codes require that each floor have a number of _________________________, or walls that limit the spread of damage should a fire break out in an office. Answer:
firew alls
Question44
Marks: 2
Carbon dioxide systems rob fire of its oxygen. Answer: True False
Question45
Marks: 2
_________________________ detect movement within a confined space and are either active or passive. Answer:
Motion detectors
Question46
Marks: 2
Halon is one of a few chemicals designated as a(n) _________________________ agent, which means that it does not leave any residue after use, nor does it interfere with the operation of electrical or electronic equipment. Answer:
clean
Question47
Marks: 2
Class C fires are those fueled by combustible metals, such as magnesium, lithium, and sodium. Answer: True False
Question48
Marks: 2
Interior walls reach only part way to the next floor, which leaves a space above the ceiling of the offices but below the top of the storey. This space is called a(n) ____. Choose one answer.
a. kneespace
b. attic c. plenum d. padding
Question49
Marks: 2
Manual fire detection, include human responses, such as calling the fire department, as well as manually activated alarms, such as sprinklers and gaseous systems. Answer: True False
Question50
Marks: 2
Most guards have clear ____ that help them to act decisively in unfamiliar situations. Choose one answer.
a. MACs
b. SOPs c. POSs d. OPSs

Top of Form
Finish review
Bottom of Form
Chapter 10 Review Questions

Bottom of Form
Question1
Marks: 2
The Lewin change model consists of ____. Choose one answer.

a. unfreezing
b. moving c. refreezing d. All of the above
Question2
Marks: 2
If the task is to write firewall specifications for the preparation of a(n) ____, the planner would note that the deliverable is a specification document suitable for distribution to vendors. Choose one answer.
a. WBS
b. CBA c. SDLC d. RFP
Question3
Marks: 2
Regardless of where in the budget information security items are located, monetary ____________________ determine what can (and cannot) be accomplished. Answer:
constraints
Question4
Marks: 2
Once a project is underway, it is managed to completion using a process known as a negative ____________________ loop. Answer:
feedback
Question5
Marks: 2
A(n) ____________________ implementation is the most common conversion strategy and involves a measured rollout of the planned system with a part of the whole being brought out and disseminated across an organization before the next piece is implemented. Answer:
phased
Correct
Question6
Marks: 2
Corrective action decisions are usually expressed in terms of trade-offs. Answer: True False
Question7
Marks: 2
A proven method for prioritizing a program of complex change is the bulls-eye method. Answer: True False
Question8
Marks: 2
One of the oldest models of change is the ____________________ change model. Answer:
Lew in
Question9
Marks: 2
Each organization has to determine its own project management methodology for IT and information security projects. Answer: True False
Question10
Marks: 2
Every organization needs to develop an information security department or program of its own. Answer: True False
Question11
Marks: 2
ERP stands for enterprise ____________________ planning. Answer:

resource
Question12
Marks: 2
In general, the design phase is accomplished by changing the configuration and operation of the organizations information systems to make them more secure. Answer: True False
Question13
Marks: 2
Management should coordinate the organizations information security vision and objectives with the communities of ____________________ involved in the execution of the plan. Answer:
interest
Question14
Marks: 2
In the early stages of planning, the project planner should attempt to specify completion dates only for major employees within the project.
Answer: True False
Question15
Marks: 2
The ____ layer of the bulls-eye model receives attention last. Choose one answer.
a. Policies
b. Networks c. Systems d. Applications
Question16
Marks: 2
JAD stands for ____________________ application development. Answer:

joint
Question17
Marks: 2
Most information security projects require a trained project CEO. Answer: True False
Question18
Marks: 2
Planners need to estimate the effort required to complete each task, subtask, or action step. Answer: True False
Question19
Marks: 2
All organizations should designate a champion from the general management community of interest to supervise the implementation of an information security project plan. Answer: True False
Question20
Marks: 2
A task or subtask becomes an action step when it can be completed by one individual or skill set and when it includes a single deliverable. Answer: True False
Question21
Marks: 2
In the ____ process, measured results are compared to expected results. Choose one answer.
a. negative feedback loop
b. wrap-up c. direct changeover
d. turnover
Question22
Marks: 2
The level of resistance to ____________________ impacts the ease with which an organization is able to implement the procedural and managerial changes. Answer:
change
Question23
Marks: 2
Medium- and large-sized organizations deal with the impact of technical change on the operation of the organization through a(n) ____________________ control process. Answer:
change
Question24
Marks: 2
In a ____ implementation, the entire security system is put in place in a single office, department, or division, and issues that arise are dealt with before expanding to the rest of the organization. Choose one answer.
a. loop
b. direct c. parallel d. pilot
Question25
Marks: 2
The goal of the ____ is to resolve any pending issues, critique the overall effort of the project, and draw conclusions about how to improve the process for the future. Choose one answer.
a. direct changeover
b. wrap-up c. phased implementation d. pilot implementation
Question26
Marks: 2
A direct changeover is also known as going fast turnkey. Answer: True False
Question27
Marks: 2
By managing the ____, the organization can reduce unintended consequences by having a process to resolve potential conflict and disruption that uncoordinated change can introduce. Choose one answer.
a. changeover
b. wrap-up c. process of change d. governance
Question28
Marks: 2
A cybernetic loop ensures that progress is measured periodically. Answer: True False
Question29
Marks: 2
The ____ layer of the bulls-eye model includes computers used as servers, desktop computers, and systems used for process control and manufacturing systems. Choose one answer.
a. Policies
b. Networks c. Systems d. Applications
Question30
Marks: 2
The ____ involves collecting information about an organizations objectives, its technical architecture, and its information security environment. Choose one answer.
a. SISC
b. SecSDLC c. DLC
d. SIDLC
Question31
Marks: 2
Project ____________________ describes the amount of time and effort-hours needed to deliver the planned features and quality level of the project deliverables. Answer:
scope
Question32
Marks: 2
A(n) _____________________ is a completed document or program module that can either serve as the beginning point for a later task or become an element in the finished project. Answer:
deliverable
Question33
Marks: 2
Technology _____________________ is a complex process that organizations use to manage the affects and costs of technology implementation, innovation, and obsolescence. Answer:
governance
Question34
Marks: 2
The date for sending the final RFP to vendors is considered a(n) ____, because it signals that all RFP preparation work is complete. Choose one answer.
a. intermediate step
b. resource c. milestone d. deliverable
Question35
Marks: 2
Each for-profit organization determines its capital budget and the rules for managing capital spending and expenses the same way. Answer: True False
Question36
Marks: 2
Tasks or action steps that come after the task at hand are called ____. Choose one answer.
a. predecessors
b. successors c. children d. parents
Question37
Marks: 2
Some cases of ____ are simple, such as requiring employees to use a new password beginning on an announced date.
Choose one answer.

a. phased implementation
b. direct changeover c. pilot implementation d. wrap-up
Question38
Marks: 2
During the implementation phase, the organization translates its blueprint for information security into a concrete project ____________________. Answer:
plan
Question39
Marks: 2
Technology ____ guides how frequently technical systems are updated, and how technical updates are approved and funded. Choose one answer.
a. wrap-up
b. governance c. turnover d. changeover
Question40
Marks: 2
A(n) ____, typically prepared in the analysis phase of the SecSDLC, must be reviewed and verified prior to the development of the project plan. Choose one answer.
a. RFP
b. WBS c. SDLC d. CBA
Question41
Marks: 2
Project managers can reduce resistance to change by involving employees in the project plan. In systems development, this is referred to as ____. Choose one answer.
a. DMZ
b. SDLC c. WBS d. JAD
Question42
Marks: 2
A ____ is usually the best approach to security project implementation. Choose one answer.
a. direct changeover
b. phased implementation
c. pilot implementation d. parallel operation
Question43
Marks: 2
DMZ is the primary way to secure an organizations networks. Answer: True False
Question44
Marks: 2
Planning for the implementation phase of a security project requires the creation of a detailed project plan. Answer: True False
Question45
Marks: 2
A direct ____________________ involves stopping the old method and beginning the new. Answer:
direct
Incorrect Correct answer: changeover Marks for this submission: 0/2.
Question46
Marks: 2
A(n) ____________________ is a specific point in the project plan when a task that has a noticeable impact on the progress of the project plan is complete. Answer:
milestone
Question47
Marks: 2
The project planner should describe the skill set or person, often called a(n) ____________________, needed to accomplish a task. Answer:
resource
Question48
Marks: 2
Public organizations often have ____ to spend all their remaining funds before the end of the fiscal year. Choose one answer.
a. end-of-fiscal-year spending-sprees
b. end-of-year spend-a-thons c. end-of-fiscal spending-sprees d. end-of-fiscal-year spend-a-thons
Question49
Marks: 2
An ideal organization fosters resilience to change. Answer: True False
Question50
Marks: 2
Tasks or action steps that come after the task at hand are called ____________________. Answer:
successors
Chapter 11 Review Quiz Review of attempt 1

Top of Form
Question1
Marks: 2
____ are often involved in national security and cyber-security tasks and move from those environments into the more business-oriented world of information security. Choose one answer.
a. Marketing managers
b. Military personnel c. Business analysts d. Lawyers
Question2
Marks: 2
CISOs are ____________________ managers first. Answer:

business
Question3
Marks: 2
A(n) ____________________ agency is an agency that provides specifically qualified individuals at the paid request of another company. Answer:
temp
Question4
Marks: 2
The ____ examination is designed to provide CISSPs with a mechanism to demonstrate competence in the more in-depth and concentrated requirements of information security management. Choose one answer.
a. ISSMP
b. ISSAP c. CISSPM d. CISSMP
Question5
Marks: 2
In recent years, the ____ certification program has added a set of concentration exams. Choose one answer.
a. ISSEP
b. ISSMP c. ISSAP d. CISSP
Question6
Marks: 2
It is important to gather employee ____________________ early about the information security program and respond to it quickly. Answer:
feedback
Question7
Marks: 2
Each CISSP concentration exam consists of 25 to 50 questions. Answer: True False
Question8
Marks: 2
Employees should be provided access to the minimal amount of information for the minimal amount of time necessary for them to perform their duties. This is referred to as the principle of ____________________. Answer:
least privilege
Question9
Marks: 2
SANS developed a series of technical security certifications in 1999 that are known as the Global Information ____________________ Certification or GIAC family of certifications. Answer:
Assurance
Question10
Marks: 2
The ____________________ acts as the spokesperson for the information security team. Answer:
CISO
Question11
Marks: 2
____ are the technically qualified individuals tasked to configure firewalls, deploy IDSs, implement security software, diagnose and troubleshoot problems, and coordinate with systems and network administrators to ensure that an organizations security technology is properly implemented. Choose one answer.
a. CSOs
b. CISOs c. Security managers d. Security technicians
Question12
Marks: 2
____ are hired by the organization to serve in a temporary position or to supplement the existing workforce. Choose one answer.
a. Temporary employees
b. Consultants c. Contractors
d. Self-employees
Question13
Marks: 2
Sometimes onsite contracted employees are self-employed or are employees of an organization hired for a specific, one-time purpose. These people are typically referred to as ____________________. Answer:
consultants
Question14
Marks: 2
In many organizations, information security teams lacks established roles and responsibilities. Answer: True False
Question15
Marks: 2
The SCP certification provides three tracks: the SCNS (Security Certified Network Specialist); the SCNP (Security Certified Network Professional); and the SCNA (Security Certified Network ____________________). Answer:
Architect
Question16
Marks: 2
The ____________________ of (ISC)2 program is geared toward those who want to take the CISSP or SSCP exams before obtaining the requisite experience for certification. Answer:
Associate
Question17
Marks: 2
Administrators provide the policies, guidelines and standards in the Schwartz, Erwin,Weafer, and Briney classification. Answer: True False
Question18
Marks: 2
A study of information security positions, done by Schwartz, Erwin,Weafer, and Briney, found that positions can be classified into one of ____ areas. Choose one answer.
a. two
Question19
Marks: 2
In the business world, background checks determine the individuals level of security classification, a requirement for many positions. Answer: True False
Question20
Marks: 2
The ____ program focuses more on building trusted networks, including biometrics and PKI. Choose one answer.
a. NFC
b. SCNP c. PKI d. SCNA
Question21
Marks: 2
The ____ position is typically considered the top information security officer in the organization. Choose one answer.
a. CISO
b. CFO c. CTO d. CEO
Question22
Marks: 2
ISSAP stands for Information Systems Security Architecture Professional. Answer: True False
Question23
Marks: 2
The information security function can be placed within the ____. Choose one answer.
a. insurance and risk management function
b. administrative services function c. legal department d. All of the above
Question24
Marks: 2
ISSMP stands for Information Systems Security Monitoring Professional. Answer: True False
Question25
Marks: 2
Security ____________________ are accountable for the day-to-day operation of the information security program. Answer:
managers
Question26
Marks: 2
Related to the concept of separation of duties is that of ____________________, the requirement that two individuals review and approve each others work before the task is categorized as finished. Answer:
tw o-person control
Question27
Marks: 2
The breadth and depth covered in each of the domains makes the ____ one of the most difficult-to-attain certifications on the market. Choose one answer.
a. NSA
b. CISO c. CISSP d. ISEP
Question28
Marks: 2
ISSEP was developed under a joint agreement between the FBI and the United States National Security Agency, Information Assurance Directorate. Answer: True False
Question29
Marks: 2
All of the existing certifications are fully understood by hiring organizations. Answer: True False
Question30
Marks: 2
System Administration, Networking, and Security Organization is better known as ____. Choose one answer.
a. SANO
b. SAN c. SANS d. SANSO
Question31
Marks: 2
Once an information security functions organizational position has been determined, the challenge is to design a(n) ____________________ structure for the information security function that balances the competing needs of each of the communities of interest. Answer:
reporting
Question32
Marks: 2
ISSEP stands for Information Systems Security Expert Professional. Answer: True False
Question33
Marks: 2
The Information Systems ____________________ and Control Association offers the CISA certification for auditing, networking, and security professionals.
Answer:
Audit
Question34
Marks: 2
Separation of ____________________ is used to reduce the chance of an individual violating information security and breaching the confidentiality, integrity, or availability of information. Answer:
duties
Question35
Marks: 2
A mandatory furlough provides the organization with the ability to audit the work of an individual. Answer: True False
Question36
Marks: 2
____ are the real techies who create and install security solutions. Choose one answer.
a. Builders
b. Administrators c. Senior managers d. Definers
Question37
Marks: 2
The organization should conduct a behavioral feasibility study before the ____________________ phase. Answer:
implementation
Question38
Marks: 2
GIAC stands for Global Information Architecture Certification. Answer: True False
Question39
Marks: 2
Many information security professionals enter the field from traditional ____ assignments. Choose one answer.
a. HR
b. BA c. IT d. All of the above
Question40
Marks: 2
Builders operate and administrate the security tools and the security monitoring function and continuously improve the processes, performing all the day-to-day work. Answer:
True
False
Question41
Marks: 2
Friendly departures include termination for cause, permanent downsizing, temporary lay-off, or some instances of quitting. Answer: True False
Question42
Marks: 2
ISACA stands for Information Systems Automation and Control Association. Answer: True False
Question43
Marks: 2
Job ____________________ can greatly increase the chance that an employees misuse of the system or abuse of the information will be detected by another. Answer:
rotation
Question44
Marks: 2
The applicant for the CISM must provide evidence of ____ years of professional work experience in the field of information security, with a waiver or substitution of up to two years for education or previous certification. Choose one answer.
a. five
b. eight c. ten d. twelve
Question45
Marks: 2
Many organizations use a(n) ____ interview to remind the employee of contractual obligations, such as nondisclosure agreements, and to obtain feedback on the employees tenure in the organization. Choose one answer.
a. hostile
b. departure c. exit d. termination
Question46
Marks: 2
The model used often by large organizations places the information security department within the ____ department. Choose one answer.
a. management
b. information technology c. financial
d. production
Question47
Marks: 2
The SSCP exam consists of ____ multiple-choice questions, and must be completed within three hours. Choose one answer.
a. 75
b. 100 c. 125 d. 225
Question48
Marks: 2
Information security should be visible to the users. Answer: True False
Question49
Marks: 2
Once a candidate has accepted a job offer, the ____________________ becomes an important security instrument. Answer:
employment contract
Question50
Marks: 2
In most cases, organizations look for a technically qualified information security generalist who has a solid understanding of how an organization operates. Answer: True False

Top of Form
Finish review
Bottom of Form

Top of Form
Finish review
Bottom of Form
Question1
Marks: 2
The ____ mailing list includes announcements and discussion of an open-source IDPS. Choose one answer.
a. Nmap-hackers
b. Packet Storm c. Security Focus d. Snort-sigs
Question2
Marks: 2
A maintenance model such as the ISO model deals with methods to manage and operate systems. Answer:
True
False
Question3
Marks: 2
The optimum approach for escalation is based on a thorough integration of the monitoring process into the ____. Choose one answer.
a. IDE
b. CERT c. ERP d. IRP
Question4
Marks: 2
The ____ process is designed to find and document the vulnerabilities that may be present because there are misconfigured systems in use within the organization. Choose one answer.
a. ASP
b. ISP c. SVP d. PSV
Question5
Marks: 2
As the help desk personnel screen problems, they must also track the activities involved in resolving each complaint in a help desk ____________________system. Answer:
information
Question6
Marks: 2
A trouble ticket is closed when a user calls about an issue. Answer: True False
Question7
Marks: 2
A(n) ____________________ risk is one that is higher than the risk appetite of the organization. Answer:
significant
Question8
Marks: 2
The proven cases of real vulnerabilities can be considered vulnerability ____________________. Answer:
instances
Question9
Marks: 2
A(n) war game puts a subset of plans in place to create a realistic test environment. Answer:
True
False
Question10
Marks: 2
There are ____ common vulnerability assessment processes. Choose one answer.
a. two
Question11
Marks: 2
CERTs stands for computer emergency recovery teams. Answer: True False
Question12
Marks: 2
As an alternative view of the way data flows into the monitoring process, a(n) ____ approach may prove useful. Choose one answer.
a. DTD
b. DFD
c. Schema d. ERP
Question13
Marks: 2
The process of collecting detailed information about devices in a network is often referred to as ____________________. Answer:
characterization
Question14
Marks: 2
All systems that are mission critical should be enrolled in PSV measurement. Answer: True False
Question15
Marks: 2
A performance ____________________ is an expected level of performance against which all subsequent levels of performance are compared. Answer:
baseline
Question16
Marks: 2
The primary objective of the planning and risk ____________________ domain is to keep a lookout over the entire information security program.
Answer:
assessment
Question17
Marks: 2
The primary goal of the readiness and ____________________ domain is to keep the information security program functioning as designed and to keep it continuously improving over time. Answer:
review
Question18
Marks: 2
An effective information security governance program requires constant change. Answer: True False
Question19
Marks: 2
Detailed ____ on the highest risk warnings can include identifying which vendor updates apply to which vulnerabilities as well as which types of defenses have been found to work against the specific vulnerabilities reported. Choose one answer.
a. escalation
b. intelligence c. monitoring d. elimination
Correct
Question20
Marks: 2
ISO 27001 Information Security Handbook: A Guide for Managers provides managerial guidance for the establishment and implementation of an information security program. Answer: True False
Question21
Marks: 2
A(n) ____________________ analysis is a procedure that compares the current state of a network segment (the systems and services it offers) against a known previous state of that same network segment (the baseline of systems and services). Answer:
difference
Question22
Marks: 2
Organizations should perform a(n) ____________________ assessment of their information security programs. Answer:
annual
Question23
Marks: 2
The ____ list is intended to facilitate the development of a free network exploration tool. Choose one answer.
a. Nmap-hackers
b. Packet Storm c. Security Focus d. Snort-sigs
Question24
Marks: 2
A(n) ____ is a statement of the boundaries of the RA. Choose one answer.
a. scope
b. disclaimer c. footer d. head
Question25
Marks: 2
The ____ commercial site focuses on current security tool resources. Choose one answer.
a. Nmap-hackers
b. Packet Storm c. Security Laser d. Snort-sigs
Question26
Marks: 2
All telephone numbers controlled by an organization should be tested for modem vulnerability, unless the configuration of the phone equipment on premises can assure that no number can be dialed from the worldwide telephone system. Answer: True False
Question27
Marks: 2
Rehearsals that closely match reality are called ____________________ games. Answer:
w ar
Question28
Marks: 2
The Analysis step of Internet vulnerability assessment is when a knowledgeable and experienced vulnerability analyst screens the test results for the ____________________vulnerabilities logged during scanning. Answer:
candidate
Question29
Marks: 2
The steps of the Internet vulnerability assessment include ____, which is when the penetration test engine is unleashed at the scheduled time using the planned target list and test selection. Choose one answer.
a. scanning
b. target selection c. test selection d. analysis
Question30
Marks: 2
The primary goal of the ____________________ monitoring domain is to maintain an informed awareness of the state of all of the organizations networks, information systems, and information security defenses. Answer:
internal
Question31
Marks: 2
UN-CERT is a set of moderated mailing lists full of detailed, full-disclosure discussions and announcements about computer security vulnerabilities. Answer: True False
Question32
Marks: 2
The primary mailing list, called simply ____, provides time-sensitive coverage of emerging vulnerabilities, documenting how they are exploited, and reporting on how to remediate them. Individuals can register for the flagship mailing list or any one of the entire family of its mailing lists. Choose one answer.
a. Bug
b. Bugfix
c. Buglist d. Bugtraq
Question33
Marks: 2
In ____________________ selection, all areas of the organizations premises should be scanned with a portable wireless network scanner. Answer:
target
Question34
Marks: 2
The ____________________ interconnections are network devices, communications channels, and applications that may not be owned by the organization but are essential to the continued operation of the organizations partnership with another company. Answer:
partner
Question35
Marks: 2
Documentation procedures are not required for configuration and change management processes. Answer: True False
Question36
Marks: 2
The objective of the external ____________________ domain within the maintenance model is to provide the early awareness of new and emerging threats, threat agents, vulnerabilities, and attacks that the organization needs in order to mount an effective and timely defense. Answer:
monitoring
Question37
Marks: 2
An intranet scan starts with an Internet search engine. Answer: True False
Question38
Marks: 2
The primary goal of the vulnerability assessment and ____________________ domain is to identify specific, documented vulnerabilities and remediate them in a timely fashion. Answer:
remediation
Question39
Marks: 2
Digital forensics helps the organization understand what happened and how. Answer: True False
Question40
Marks: 2
An example of the type of vulnerability exposed via traffic analysis occurs when an organization is trying to determine if all its device signatureshave been adequately masked.
Answer: True False
Question41
Marks: 2
The ____ vulnerability assessment process is designed to find and document selected vulnerabilities that are likely to be present on the internal network of the organization. Choose one answer.
a. intranet
b. Internet c. LAN d. WAN
Question42
Marks: 2
Court decisions generally do not impact agency policy. Answer: True False
Question43
Marks: 2
An effective security program demands comprehensive and continuous understanding of program and system configuration. Answer: True False
Question44
Marks: 2
A ____ is the recorded state of a particular revision of a software or hardware configuration item. Choose one answer.
a. state
b. version c. configuration d. baseline
Question45
Marks: 2
One approach that can improve the situational awareness of the information security function uses a process known as ____ to quickly identify changes to the internal environment. Choose one answer.
a. baseline
b. difference analysis c. differential d. revision
Question46
Marks: 2
CM assists in streamlining change management processes and prevents changes that could detrimentally affect the security posture of a system before they happen. Answer: True False
Question47
Marks: 2
The ____ vulnerability assessment process is designed to find and document any vulnerability that is present on dial-up modems connected to the organizations networks. Choose one answer.
a. modem
b. phone c. dial-up d. network
Question48
Marks: 2
A key component in the engine that drives change in the information security program is a relatively straightforward process called an information security ____________________ risk assessment. Answer:
operational
Question49
Marks: 2
A(n) ____ item is a hardware or software item that is to be modified and revised throughout its life cycle. Choose one answer.
a. revision
b. update c. change
d. configuration
Question50
Marks: 2
The ____ is a center of Internet security expertise and is located at the Software Engineering Institute, a federally funded research and development center operated by Carnegie Mellon University. Choose one answer.
a. Bug/CERT
b. Bugtraq/CERT c. CC/CERT d. CERT/CC

Chapter 2-6 Review Questions

Uploaded by

Copyright:

Available Formats

Chapter 2-6 Review Questions

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Chapter 2-6 Review Questions

Uploaded by

Copyright:

Available Formats

What are the main components of an information security program?

What are the main components of an information security program?

What are some common approaches to information security projects?

What are some common approaches to information security projects?

Question1

Correct Marks for this submission: 2/2.

Correct Marks for this submission: 2/2.

Correct Marks for this submission: 2/2.

b. Incident response c. Disaster recovery d. Security response

Correct Marks for this submission: 2/2.

Correct Marks for this submission: 2/2.

b. 1978 c. 1988 d. 1998

Correct Marks for this submission: 2/2.

Correct Marks for this submission: 2/2.

Correct Marks for this submission: 2/2.

Correct Marks for this submission: 2/2.

Correct Marks for this submission: 2/2.

Correct Marks for this submission: 2/2.

b. CIO c. CISO d. CTO

Correct Marks for this submission: 2/2.

Correct Marks for this submission: 2/2.

Correct Marks for this submission: 2/2.

Correct Marks for this submission: 2/2.

b. Spoofing c. Confidentiality d. Authorization

Correct Marks for this submission: 2/2.

Information has ____________________ when it is whole, complete, and uncorrupted. Answer:

Correct Marks for this submission: 2/2.

Correct Marks for this submission: 2/2.

Correct Marks for this submission: 2/2.

b. hardware c. data d. All of the above

Correct Marks for this submission: 2/2.

Choose one answer.

b. security professionals c. system administrators d. end users

Correct Marks for this submission: 2/2.

Correct Marks for this submission: 2/2.

b. direct c. software d. hardware

Correct Marks for this submission: 2/2.

____ is the predecessor to the Internet. Choose one answer.

b. ARPANET c. FIPS d. DES

Correct Marks for this submission: 2/2.

Correct Marks for this submission: 2/2.

b. hashing c. hash d. code

Correct Marks for this submission: 2/2.

Correct Marks for this submission: 2/2.

Correct Marks for this submission: 2/2.

b. SDLC c. LCSD d. CLSD

Correct Marks for this submission: 2/2.

Answer: True False

Correct Marks for this submission: 2/2.

Correct Marks for this submission: 2/2.

b. reliability c. accessibility d. availability

Correct Marks for this submission: 2/2.

Information security can be an absolute. Answer: True False

Correct Marks for this submission: 2/2.

A breach of possession always results in a breach of confidentiality. Answer: True False

Correct Marks for this submission: 2/2.

Correct Marks for this submission: 2/2.

Correct Marks for this submission: 2/2.

Correct Marks for this submission: 2/2.

Correct Marks for this submission: 2/2.