Advertisement Upgrade to remove ads

Principles of Information Security-Final

Software

_________carries the lifeblood of information through an organization.

Enterprise

A(n) __________ information security policy outlines the implementation of a security program within the organization

Information

The senior technology officer is typically the chief __________ officer

confidentiallity

In an organization, the value of _____________ of information is especially high when it involves personal information about employees, customers, or patients.

possesion

The _____________of information is the quality or state of ownership or control of some object or item

Cache.

The timing attack explores the contents of a Web browser's _______

buffer-overrun or buffer-overflow

A(n) _____-________ or _____-_______ is an application error that occurs when more data is sent to a program buffer than it is designed to handle.

elite

The expert hacker sometimes is called elite hacker.

sag

A momentary low voltage is called a(n) _____

espionage

When information gatherers employ techniques that cross the threshold of what is legal or ethical, they are conducting industrial _________

1978

A famous study entitled "Protection Analysis: Final Report" was published in ______

MULTICS

________ was the first operating system to integrate security as its core functions

Physical

___________ security addresses the issues necessary to protect the tangible items, objects, or areas of an organization from unauthorized access and misuse

Hash

In file hashing, a file is read by a special algorithm that uses the value of the bits in the file to compute a single large number called a _____ value

physical design

During the ________ ________ phase, specific technologies are selected to support the alternatives identified and evaluated in the logical design

systems development life cycle

The most successful kind of top-down approach involves a formal development strategy referred to as a ________ _______ _______ _______

security

Organizations are moving toward more _______-focused development approaches, seeking to improve not only the functionality of the systems they have in place, but consumer confidence in their product.

SDLC

The ______ is a methodology for the design and implementation of an information system in an organization

waterfall

The _________ model consists of six general phases

System Administrators

People with the primary responsibility for administering the systems that house the information used by the organization perform the ________ __________ role.

Yes

Is Happy99.exe an example of a Trojan horse program?

social engineering

"4-1-9" fraud is an example of a _______ ________ attack.

256

Microsoft acknowledged that if you type a res:// URL (a Microsoft-devised type of URL) which is longer than ____ characters in Internet Explorer 4.0, the browser will crash.

Trogan Horses

________ _______ are software programs that hide their true nature, and reveal their designed behavior only when activated

fault

Complete loss of power for a moment is known as a _______

Hacktivist

One form of online vandalism is ________operations, which interfere with or disrupt systems to protest the operations, policies, or actions of an organization or government agency.

Spyware

________ is any technology that aids in gathering information about a person or organization without their knowledge

distributed denial-of-service

A _______ _____ __ _______ is an attack in which a coordinated stream of requests is launched against a target from many locations at the same time.

denial-of-service

In a ________-___-_______ attack, the attacker sends a large number of connection or information requests to a target.

clean

A(n) _____ desk policy requires that employees secure all information in appropriate storage containers at the end of each day.

external

All information that has been approved by management for public release has a(n) _________ classification.

assessment

You can assess the relative risk for each of the vulnerabilities by a process called risk __________.

technologies

Security ____________ are the technical implementations of the policies defined by the organization.

feasability

Operational ___________ analysis examines user acceptance and support, management acceptance and support, and the overall requirements of the organization's stakeholders.

screened subnet

The architecture of a(n) _______ ________ firewall provides a DMZ

Kerberos

.The ___________ authentication system is named after the three-headed dog of Greek mythology, that guards the gates to the underworld.

dynamic

The _________ packet-filtering firewall allows only a particular packet with a particular source, destination, and port address to enter through the firewall.

transport

The circuit gateway firewall operates at the_______ layer.

Hybrid

______ firewalls combine the elements of other types of firewalls — that is, the elements of packet filtering and proxy services, or of packet filtering and circuit gateways.

five

The military uses a ____-level classification scheme

confidential

In the U.S. military classification scheme, __________ data is any information or material the unauthorized disclosure of which reasonably could be expected to cause damage to the national security.

Risk

_____ equals likelihood of vulnerability occurrence times value (or impact) minus percentage risk already controlled plus an element of uncertainty.

general

The ___________security policy is an executive-level document that outlines the organization's approach and attitude towards information security and relates the strategic value of information security within the organization.

program

The ________ security policy is a planning document that outlines the process of implementing security in the organization.

defend control

The _______ ________strategy attempts to prevent the exploitation of the vulnerability.

transfer control

The ________ ________strategy attempts to shift risk to other assets, other processes, or other organizations

DR

___ plans usually include all preparations for the recovery process, strategies to limit losses during the disaster, and detailed steps to follow when the smoke clears, the dust settles, or the floodwaters recede.

accept control

The ________ _______strategy is the choice to do nothing to protect a vulnerability and to accept the outcome of its exploitation.

standard of due care

When organizations adopt levels of security for a legal defense, they may need to show that they have done what any prudent organization would do in similar circumstances. This is referred to as a(n) _________ __ ____ _______

packet-filtering

1. IP source and destination address 2.Direction (inbound or outbound) 3.TCP or UDP source and destination port request are all restrictions most commonly implemented in ______-_______ firewalls

Static

______ filtering requires that the filtering rules governing how the firewall decides which packets are allowed and which are denied be developed and installed with the firewall.

Statful

_______ inspection firewalls keep track of each network connection between internal and external systems.

demiliterized

The proxy server is often placed in an unsecured area of the network or is placed in the _____________ zone.

SOCKS

______ is the protocol for handling TCP traffic through a proxy server.

23

Telnet protocol packets usually go to TCP port ___.

rating and filtering

In most common implementation models, the content filter has two components:

RADIUS

____________ and TACACS are systems that authenticate the credentials of users who are trying to access an organization's network via a dial-up connection.

TACACS, Extended TACACS, and TACACS+

Which of the following is a valid version of TACACS? _________,________ ___________ and __________.

Transport

In ___________ mode, the data within an IP packet is encrypted, but the header information is not.

clustering

Alarm _________ and compaction is a consolidation of almost identical alarms that happen at close to the same time into a single higher-level alarm

rattling

The initial estimation of the defensive state of an organization's networks and systems is called doorknob ________.

knowledge

A signature-based IDPS is sometimes called a(n) _________-based IDPS.

application

In _________ protocol verification, the higher-order protocols are examined for unexpected packet behavior, or improper use.

smart

A(n) ______ IDPS can adapt its reactions in response to administrator guidance over time and circumstances of the current local environment.

False Attack Stimulus

________ __________ __________ is an event that triggers an alarm when no actual attack is in progress.

signatures

To determine whether an attack has occurred or is underway, NIDPSs compare measured activity to known __________ in their knowledge base.

passive

Most NBA sensors can be deployed in _______ mode only, using the same connection methods as network-based IDPSs.

Inline

______ sensors are typically intended for network perimeter use, so they would be deployed in close proximity to the perimeter firewalls, often between the firewall and the Internet border router to limit incoming attacks that could overwhelm the firewall

Honeypots

___________ are decoy systems designed to lure potential attackers away from critical systems.

Trap and trace

______ ____ _______ applications use a combination of techniques to detect an intrusion and then trace it back to its source.

suplicant

A(n) __________ is a proposed systems user.

Entrapment

___________ is the action of luring an individual into committing a crime to get a conviction.

Biometric access control

_________ _______ __________ is based on the use of some measurable human characteristic or trait to authenticate the identity of a proposed systems user.

CER

The ____ is the level at which the number of false rejections equals the false acceptances, and is also known as the equal error rate.

digest

A message ________ is a fingerprint of the author's message that is compared with the recipient's locally calculated hash of the same message.

encipher

To ________ means to encrypt, encode, or convert plaintext into the equivalent ciphertext.

advanced

The successor to 3DES is the __________Encryption Standard.

certificates

Digital ___________ are public-key container files that allow computer programs to validate the key and identify to whom it belongs.

Keyspace

_________ is the entire range of values that can possibly be used to construct an individual key

Polyalphabetic

More advanced substitution ciphers use two or more alphabets, and are referred to as ______________ substitutions.

Hash

______ functions are mathematical algorithms that generate a message summary or digest to confirm the identity of a specific message and to confirm that there have not been any changes to the content.

MAC

A ______ is a key-dependent, one-way hash function that allows only specific recipients (symmetric key holders) to access the message digest.

PKI

_____ is an integrated system of software, encryption methodologies, protocols, legal agreements, and third-party services that enables users to communicate securely.Digital Certificates.

Digital Signatures

________ ___________ are encrypted messages that can be mathematically proven to be authentic.

distinguished

An X.509 v3 certificate binds a _____________ name , which uniquely identifies a certificate entity, to a user's public key.

PGP

_____ was developed by Phil Zimmermann and uses the IDEA Cipher for message encoding.

AH

The ____ protocol provides system-to-system authentication and data integrity verification, but does not provide secrecy for the content of a network communication.

Correlation

__________ attacks are a collection of brute-force methods that attempt to deduce statistical relationships between the structure of the unknown key and the ciphertext that is the output of the cryptosystem.

salami

In information security, ________theft occurs when an employee steals a few pieces of information at a time, knowing that taking more would be noticed — but eventually the employee gets something complete or useable.

bottom-up

Information security can begin as a grassroots effort in which systems administrators attempt to improve the security of their systems, which is often referred to as a ____________ approach.

worm

A _______ can deposit copies of itself onto all Web servers that the infected system can reach, so that users who subsequently visit those sites become infected

Dos

_____ attacks can be launched against routers.

mail bomb

One form of e-mail attack that is also a DoS is called a ______ _______, in which an attacker routes large quantities of connection or information to the target.

cookie

A(n) ________ can allow an attacker to collect information on how to access password-protected sites

Know yourself

______ __________ means identifying, examining, and understanding the information and systems currently in place within the organization.

naming

You should adopt __________ standards that do not convey information to potential system attackers.

Mutually exclusive

____________ means that an information asset should fit in only one category

Comprehensive

____________ means that an information asset should fit in the list somewhere

Programs

__________ are activities performed within the organization to improve security

software

One method of protecting the residential user is to install a __________ firewall directly on the user's system

bastion

The DMZ can be a dedicated port on the firewall device linking a single _______ host

configuration

Good policy and practice dictates that each firewall device, whether a filtering router, bastion host, or other firewall implementation, must have its own set of _____________ rules.

1

Firewall Rule Set __ states that responses to internal requests are allowed.

firewalls

Some ________ can filter packets by protocol name.

Statful inspection

A ________ ________ firewall keeps track of each network connection between internal and external systems

State table

A _________ ___________ the state and contect of each packet by recording which station sent the packet and when.

Proxy server

The Application Gateway,Application-level firewall or simply the Application firewall is most commonly called a ________ __________.

false positive

A ________ _________ is when the IDPS system mistakes normal system activity for an attack.

HIDPS

A _______ is not optimized to detect multihost scanning, nor it is able to detect the scanning of non-host network devices, such as routers or switches

IDPS

Your organization's operational goals, constraints, and culture affect the selection of the _____and other security tools and technologies to protect your systems.

Intrusion detection and prevention systems

___________ ___________ and _________ __________ perform monitoring and analysis of system events and user behaviors.

sniffer

A ________ can be used to eavesdrop on network traffic.

XOR

You can combine the____ operation with a block cipher operation

Hashing

_________ functions don't require the use of keys.

128

DES uses a ____-bit key

encapsulating security payload protocol

The __________ __________ ________ _________ provides secrecy for the contents of network communications as well as system-to-system authentication and data integrity verification.

Confidenciallity,Integrity and Availability

What does CIA stand for?

Layers os security:Physical, Personal, Operational, Communication,Network and Informational security.

What does P.P.O.C.N.I represent?

A robot Network

What is a Botnet?

Commitee on National Security Systems

What does CNSS stand for?

inside

The biggest security risks are from_______.

Mosaic

____________ was the first internet Browser.

asset

An ________ is the Organizational resource being protected.

exploit

____________ is a technique used to compromise a system.

Loss

______ is a single instance of an information asset suffering damage

Exposure

__________ is a condition or state of being vulnerable to an attacker.

Risk

______ is the probability that something unwanted will happen.

threat

A ______ is a category or objects, persons,or other entities that presents a danger to an asset.

Threat agent

A _______ _______ is a specific instance or a component of a threat.

Computer Security Institute

What does CSI stand for?

Malicious code attack

includes execution of viruses, worms, Trojan horses, and active Web scripts with intent to destroy or steal information.

Hoaxes

transmission of a virus hoax with a real virus attached; more devious form of attack

Back door attacks

gaining access to system or network using known or previously unknown/newly discovered access mechanism.

Password crack

attempting to reverse calculate a password.

Brute force attack

trying every possible combination of options of a password.

Dictionary attack

selects specific accounts to attack and uses commonly used passwords (i.e., the dictionary) to guide guesses

Denial-of-service attack

attacker sends large number of connection or information requests to a target.

Distributed denial-of-service attack

coordinated stream of requests is launched against target from many locations simultaneously.

Spoofing

technique used to gain unauthorized access; intruder assumes a trusted IP address

Man-in-the-middle attack

attacker monitors network packets, modifies them, and inserts them back into network

Spam

unsolicited commercial e-mail; more a nuisance than an attack, though is emerging as a vector for some attacks.

Mail bombing

also a DoS; attacker routes large quantities of e-mail to target.

Sniffers

program or device that monitors data traveling over network

Phishing

an attempt to gain personal/financial information from individual

Pharming

redirection of legitimate Web traffic (e.g., browser requests) to illegitimate site for the purpose of obtaining private information.

Social engineering

using social skills to convince people to reveal access credentials

Timing attack

relatively new; works by exploring contents of a Web browser's cache to create malicious cookie.

Script Kitty

Hackers of limited skill using expert software to attack.

Packet monkey

Script Kitty's using automated exploits to engage in distributed Dos attacks

See More

Please allow access to your computer’s microphone to use Voice Recording.

Having trouble? Click here for help.

We can’t access your microphone!

Click the icon above to update your browser permissions above and try again

Example:

Reload the page to try again!

Reload

Press Cmd-0 to reset your zoom

Press Ctrl-0 to reset your zoom

It looks like your browser might be zoomed in or out. Your browser needs to be zoomed to a normal size to record audio.

Please upgrade Flash or install Chrome
to use Voice Recording.

For more help, see our troubleshooting page.

Your microphone is muted

For help fixing this issue, see this FAQ.

Star this term

You can study starred terms together

NEW! Voice Recording

Create Set