Reference no: EM132166010
Question 1
Malicious cyber activity directed at private and public entities can manifest itself in which of the following ways?
Denial of service through DOS attacks, and data and property destruction.
Business disruption (sometimes for the purpose of collecting ransoms) and theft of proprietary data.
Theft or corruption of intellectual property, and sensitive financial and strategic information.
All of the above.
Question 2
A cyber activity is considered malicious when it compromises at least one component of what is known as the "CIA triad": confidentiality, integrity, and availability.
True
False
Question 3
A DOS attack which interferes with a firm's web-based services is categorized as an attack on availability.
True
False
Question 4
A cyber-theft of funds from a bank's customer account is considered an attack on confidentiality.
True
False
Question 5
A cyber-enabled theft of the personally identifiable information (PII) of a firm's customers or employees compromises data confidentiality.
True
False
Question 6
A basic conceptual framework that describes the functions of a networking or telecommunications system is referred to as the Open Systems Interconnection (OSI) model.
True
False
Question 7
The TCP/IP model has become the defacto standard for real-world implementation of networking.
True
False
Question 8
Network Analysis uses the Signature Analysis method for the following action(s)
Testing
Hunting
Campaign Detection
All of the responses
Question 9
In general, a Network Forensic Examination includes the following steps, in the following order:
Incident response, identification, preservation, collection, examination, analysis, presentation
Identification, preservation, collection examination, analysis, presentation, Incident Response
Identification, presentation, collection, examination, analysis, preservation, incident response.
Analysis, collection, examination, Identification, Incident Response, presentation, preservation
Question 10
Network behavior analysis (NBA) helps in enhancing network safety by monitoring traffic and noting unusual activity or departures from a normal network operation.
True
False
Question 11
Under GDPR, a controller is the entity that determines the purposes, conditions and means of the processing of personal data.
True
False
Question 12
The eHIPAA Privacy Rule defines "covered entities" as which of the following:
Health plans
Health care providers
Health care services
All of the above
Question 13
The first step in the Configuration Management Process is
Detail design and development phase
Preliminary design phase
Conceptual design phase
Production and construction phase
Question 14
Under GLBA, financial institutions must provide their clients a privacy notice that explains the following:
What information the company gathers about the client
Where this information is shared
How the company safeguards that information
All of the above
Question 15
NIST 800-53, rev 4 provides a catalog of security and privacy controls for federal information systems which federal agencies implement as part of an organization-wide process that manages information security and privacy risk.
True
False
Question 16
GDPR enhanced individual control over the use of personal data by introducing two new rights - the right to be forgotten and the right to data portability.
True
False
Question 17
The HIPAA Security Rule requires covered entities to do all of the following, except:
Ensure the confidentiality, integrity, and availability of all e-PHI they create, receive, maintain or transmit
Protect against reasonably anticipated, impermissible uses or disclosures
Identify and protect against every possible identified threats to the security or integrity of the information
Ensure compliance by their workforce
Question 18
Which of the following reflect good uses of application hosting?
Applications available only internally in the organizations
Applications that format data for display
Shopping cart services
Email services
A and B
C and D
Question 19
Application hosting is also commonly called SAAS, or software as a service.
True
False
Question 20
The use of duplicate servers as a deception strategy is simplified when the organization utilizes DHCP.
True
False
Question 21
The term "protected element" refers to a proxy's network clients or servers.
True
False
Question 22
Several benefits of using a honeypot or honeynet include.
Deception and frustration of an attacker.
the ability to study an attacker.
Little initial work because one can use the default parameters for deception
Determined attackers are generally slow to recognize honeypots or honeynet.
A and B
C and D
All of the above
Question 23
Datagrams, used in UDP transfers, help guarantee the accuracy of data being transmitted and are commonly used when ensure that data is transmitted correctly
True
False
Question 24
TCP transmissions are usually referred to as "packets" as distinguished from "datagrams."
True
False
Question 25
Information transmitted in segments is referred to as a "packet" of a "datagram" depending on where it is travelling
True
False
Question 26
A "datagram" can include the following: IP header fields, TCP header fields, UDP header fields, AH header fields and ESP psychic connections.
True
False
Question 27
The term "protected element" refers to a proxies network clients or servers.
True
False
Question 28
Which of the following is NOT an advantage ?
Login failures track would-be attackers
Login timeouts after several failed attempts block and thwart repeated attacks by an attacker
Login failure documentation helps systems administrators target needed changes to storage and access mechanisms.
Multiple login failures indicate thwarted attacks and mean the system is worry-free.
Question 29
Proxies inspect outside traffic before it passes into internal systems
True
False
Question 30
A stateful router is one that remembers common and accepted paths for reconnection and will not suffer from a query overload.
True
False
Question 31
A host's defense against an exploiter's asymmetric advantage includes which of the following (Choose all that apply):
Defenders choose what systems to run
Defenders choose how to connect systems
Defenders generally maintain the default settings on vendor devices
Defenders choose which policies to implement
Question 32
Which one of the following is a disadvantage of mathematical mode.
Mathematical models are clear and unambiguous
Mathematical models can address every predictable human variation and situation
Mathematical models are static and do not need revision over time
Mathematical models permit infinite complexity
Question 33
What features of application-level proxies make them more vulnerable to adversaries, and what are ways to mitigate them?
Question 34
Match the model to its description
Biba Model
Bell-LaPadula
Chinese Wall
Integrity Model
a. Identifies both (i) confidential information (e.g., files and documents) and (ii) users permitted to access each type of confidential information, and defines access to permit only those users from accessing information for which they have confidential privileges. is specifically used when an organization has two or more projects or sets of documents that are highly confidential and for which exposure to members of the other team could competitive or ethical conflict. It is commonly used to describe information barriers within businesses and law firms that are created to prevent exchanges, sharing of information or other communications that could lead to conflicts of interest.
b. Systems or rules or procedures that are used to help ensure that data is not modified, accessed, destroyed or otherwise compromised or misused by persons who should not have the proper level of access.
c. Data and system integrity model using both mandatory and discretionary components for enforcing access control, and uses an algebraic formula to express its enforcement. It is more common in government and military applications. Each object (e.g., program, machine, document) is given a label assigning it a confidentiality level. Each subject (user) is given a clearance level. No subject can access an object with a classification level higher than the subject's clearance. No subject may write down to an object with a classification level lower than the confidentiality level of the subject.
d. Formal state mandatory integrity modelling system that describes a set of access control rules. These rules are designed and enforced to protect data integrity, and assign an integrity class and rating to each object (data). Data and subjects (users) are grouped into ordered levels of integrity, such as "user" and "administrator." This model tends to use only a few classifications and classifications cannot be changed by the system once set, although an object can be duplicated and assigned a new integrity level.
Question 35
You have been hired to organize a new network which will be accessible to attack from outside users, what are two deception strategies you can use to mitigate these attacks and why are they effective?
Question 36
You have been hired by a company whose former employee stole then deleted all user passwords. They do not wish to suffer this type of loss again. What do you tell them to do?
Question 37
Basic factors for authentication include
What the subject knows
What the subject has
What the subject is
Where the subject is
All of the above
None of the above
A,B,C
Question 38
Which of the following are examples of multi-factor authentication:
Combining a password with the subject's mother's maiden name
Combining a password with the subject's place of birth
Combining a password with the subject's fingerprint
Combining a password with a security token
None of the above
All of the above
A and B
C and D
Question 39
CAPTCHA is an authentication method that demonstrates:
What a subject knows
Where a subject is
What the subject is
Whether the subject is authorized to access the network
Question 40
What is Role-Based Access Control ("RBAC")? Is it a good approach? Advantages? Disadvantages?
Question 41
Common change management drivers include which of the following:
Technology evolution
Consumer habit changes
Pressure from new business entrants
All of the above
Question 42
What is Change Management? What is Configuration Management? How are they different?
Question 43
How would you document Change Management?
Question 44
Compare and contrast: Privacy and Security
Question 45
HIPAA relates to what industry?
Financial, i.e., banks, investment houses, lenders
Education
Manufacturing
Healthcare
Question 46
Gramm-Leach-Bliley relates to what kind of information?
non-public financial information
personnel records
educational records
medical records
Question 47
FERPA applies to which entities?
Healthcare professionals and business associates
educational agencies and institutions that receive funds under any program administered by the Department of Education
Banks and other financial institutions
Manufacturers of internet-connected devices
Question 48
What is the best way to mitigate liability from a network breach?
Faithfully execute your restoration and remediation plan
Lobby your regulatory agency for minimal fines
Blame a third party for the breach
None of the above
Question 49
Discuss the sources of liability that may arise after a network breach. Consider whether liability may arise from harm to customers, violation of laws or rules. Bonus for specific industry focus.
Question 50
A PIA stands for
Private Industry Assessment
Privacy Industry Assessment
Privacy Impact Assessment
Privacy Impact Analysis
Question 51
The Privacy Act determined that policy guidance, assistance and oversight of implementation of the Act is provided by the Office of Management and Budget (OMB)
True
False
Question 52
What is FOIA?
Federal Organization Information Act
Freedom of Information Act
Federation of Information Act
Federal Organization Information Agreement
Question 53
NIST issues Special Publications to provide guidance for federal information systems.
True
False
Question 54
Federal agencies have adopted a risk-based approach to operating their agency's information security systems and they rely on the ATO process to accomplish this. Briefly explain the ATO process.
Question 55
NIST has developed information security standards such as Federal Information Processing Standards (FIPS), which are mandatory for the Federal agencies to follow. FIPS 200 is used to determine the system impact level, based on the categorization. FIPS 200 established a "high water mark" as the highest potential impact value assigned to each security objective for each type of information resident on those information systems. Explain what that means and provide an example of your analysis.