CIS 280 Final

Created by jfancher_CIS280 

Upgrade to
remove ads

Network Security

Managerial Controls

Cover security processes that are designed by strategic planners and implemented by the security administration of the organization.

Economic Espionage Act

Attempts to prevent trade secrets from being illegally shared.

Physical Design Phase

Specific technologies are selected to support the alternatives identified and evaluated in the logical design.

Trepass

Can lead to unauthorized real or virtual actions that enable information gatherers to enter premises or systems they have not been authorized to enter.

USA Patriot Act

Defines stiffer penalties for prosecution Terrorist crimes.

Trojan Horse

Hides it's true nature, only reveals it's designated behavior when activated.

Security and Freedom Through Encryption Act

(1999) Guidance on use of encryption, and provides protection from government intervention.

Operational Feasibility Analysis

Examines user acceptance and support, management acceptance and support, and the overall requirements of the organization's stakeholders.

Standard of Due Care

Shows an organization has done what any prudent organization would do in similar circumstances.

Management of Classified Data

Storage, Distribution, Portability, and Destruction.

Alert Roster

Document containing contact information for people to be notified in the event of an incident.

Spyware

Technology that aids in gathering information about a person or organization without their knowledge.

SAM

Data file that contains the hashed representation of user's passwords.

Computer Security Act

Establishes minimum acceptable security practices. Federal systems that contain classified data.

Physical Security

Addresses issues necessary to protect tangible items, objects, or areas of an organization from unauthorized access and misuse.

By Accident

Individuals with authorization and privileges to manage information within the organization are most likely to cause harm or damage _____

Risk Control

Application of controls to reduce the risks to an organization's data and information systems.

Financial Services Modernization Act

Also widely known as the Gramm-Leach-Bliley Act

domains

Security _____ are the areas of trust within which users can freely communicate.

risk identification

The first phase of risk management is ______

All of the above

Which of the following functions does information security perform for an organization?

denial-of-service

In a ____ attack, the attacker sends a large number of connection or information requests to a target.

dumpster diving

There are individuals who search trash and recycling - a practice known as ____ - to retrieve information that could embarrass a company or compromise information security.

distributed denial-of-service

A ____ is an attack in which a coordinated stream of requests is launched against a target from many locations at the same time.

Operational

____ controls address personal security, and the protection of production inputs and outputs.

security

The spheres of ____ are the foundation of the security framework and illustrate how information is under attack from a variety of sources.

assessment

Incident damage ____ is the rapid determination of the scope of the breach of the confidentiality, integrity, and availability of information and information assets during or just following an incident.

transfer control

The ____ strategy attempts to shift risk to other assets, other processes, or other organizations.

Electronic Communications Privacy Act

Which of the following acts is a collection of statutes that regulate the interception of wire, electronic, and oral communications?

Health Insurance

The ____ Portability and Accountability Act Of 1996, also known as the Kennedy-Kassebaum Act, protects the confidentiality and security of health care data by establishing and enforcing standards and by standardizing electronic data interchange

Risk

____ equals likelihood of vulnerability occurrence times value (or impact) minus percentage risk already controlled plus an element of uncertainty.

system administrators

People with the primary responsibility for administering the systems that house the information used by the organization perform the ____ role

Incident response

Part of the logical design phase of the SecSDLC is planning for partial or catastrophic loss. ____ dictates what steps are taken when an attack occurs.

All of the above

Which of the following is a valid type of data ownership?

All of the above

An information system is the entire set of ____, people, procedures, and networks that make possible the use of information resources in the organization.

marketing

The Privacy of Customer Information Section of the common carrier regulation states that any proprietary information shall be used explicitly for providing services, and not for any ____ purposes.

confidential

In the U.S. military classification scheme, ____ data is any information or material the unauthorized disclosure of which reasonably could be expected to cause damage to the national security.

man-in-the-middle

In the well-known ____ attack, an attacker monitors (or sniffs) packets from the network, modifies them, and inserts them back into the network.

hacktivist

One form of online vandalism is ____ operations, which interfere with or disrupt systems to protest the operations, policies, or actions of an organization or government agency

hash

In file hashing, a file is read by a special algorithm that uses the value of the bits in the file to compute a single large number called a ____ value.

framework

A security ____ is an outline of the overall information security strategy for the organization and a roadmap for planned changes to the information security environment of the organization.

All of the above

Redundancy can be implemented at a number of points throughout the security architecture, such as in ____.

Computer Fraud and Abuse Act

Which of the following acts defines and formalizes laws to counter threats from computer related acts and offenses?

Authenticity

____ of information is the quality or state of being genuine or original.

systems development life cycle

The most successful kind of top-down approach involves a formal development strategy referred to as a ____.

DMZ

A buffer against outside attacks is frequently referred to as a(n) ____.

Computer Fraud and Abuse Act

The National Information Infrastructure Protection Act of 1996 modified which Act?

Zombies

____ are machines that are directed remotely (usually by a transmitted command) by the attacker to participate in an attack

defend control

The ____ strategy attempts to prevent the exploitation of the vulnerability.

NSTISSI No. 4011

____ presents a comprehensive information security model and has become a widely accepted evaluation standard for the security of information systems.

appetite

Risk ____ defines the quantity and nature of risk that organizations are willing to accept as they evaluate the tradeoffs between perfect security and unlimited accessibility.

accept control

The ____ strategy is the choice to do nothing to protect a vulnerability and to accept the outcome of its exploitation.

PKI

____ is an integrated system of software, encryption methodologies, and legal agreements that can be used to support the entire information infrastructure of an organization.

to harass

According to the National Information Infrastructure Protection Act of 1996, the severity of the penalty for computer crimes depends on the value of the information obtained and whether the offense is judged to have been committed for each of the following except ____.

maintenance and change

Which of the following phases is the longest and most expensive phase of the systems development life cycle?

privilege attribute certificate (PAC)

In SESAME, the user is first authenticated to an authentication server and receives a token. The token is then presented to a privilege attribute server as proof of identity to gain a(n) ____.

VPN

A ____ is "a private data network that makes use of the public telecommunication infrastructure, maintaining privacy through the use of a tunneling protocol and security procedures."

All of the above

Among all possible biometrics, ____ are considered truly unique.

Packet-filtering

____ firewalls examine every incoming packet header and can selectively filter packets based on header information such as destination address, source address, packet type, and other key information.

Policies

The ____ level of the bull's-eye model establishes the ground rules for the use of all systems and describes what is appropriate and what is inappropriate, it enables all other information security components to function correctly.

Encryption

____ is the process of converting an original message into a form that is unreadable to unauthorized individuals.

biometric

The most sophisticated locks are ____ locks.

CBA

A ____, typically prepared in the analysis phase of the SecSDLC, must be reviewed and verified prior to the development of the project plan.

rate-of-rise

In the ____ approach, the sensor detects an unusually rapid increase in the area temperature within a relatively short period of time

packet sniffer

A(n) ____ is a network tool that collects copies of packets from the network and analyzes them

five

Firewalls fall into ____ major processing-mode categories.

SecSDLC

The ____ involves collecting information about an organization's objectives, its technical architecture, and its information security environment.

rating and filtering

In most common implementation models, the content filter has two components: __.

phased implementation

A ____ is usually the best approach to security project implementation.

AH

The ____ protocol provides system-to-system authentication and data integrity verification, but does not provide secrecy for the content of a network communication

demilitarized

The proxy server is often placed in an unsecured area of the network or is placed in the ____ zone.

supplicant

A ____ is a proposed systems user.

process of change

By managing the ____, the organization can reduce unintended consequences by having a process to resolve potential conflict and disruption that uncoordinated change can introduce.

1980s

IDPS researchers have used padded cell and honeypot systems since the late ____.

correction

Intrusion ____ activities finalize the restoration of operations to a normal state and seek to identify the source and method of the intrusion in order to ensure that the same type of attack cannot occur again.

Stateful

____ inspection firewalls keep track of each network connection between internal and external systems.

screened subnet

The dominant architecture used to secure network access today is the ____ firewall.

DSS

Digital signatures should be created using processes and products that are based on the ____.

network-based

A ____ IDPS is focused on protecting network information assets.

GFCI

Computing and other electrical equipment in areas where water can accumulate must be uniquely grounded, using ____ equipment.

Contact and weight

____ sensors work when two contacts are connected as, for example, when a foot steps on a pressure-sensitive pad under a rug, or a window being opened triggers a pin-and-spring sensor.

Water mist

____ sprinklers are the newest form of sprinkler systems and rely on ultra-fine mists instead of traditional shower-type systems.

signatures

To determine whether an attack has occurred or is underway, NIDPSs compare measured activity to known ____ in their knowledge base.

CRL

The CA periodically distributes a(n) ____ to all users that identifies all revoked certificates.

wrap-up

The goal of the ____ is to resolve any pending issues, critique the overall effort of the project, and draw conclusions about how to improve the process for the future.

KDC

____ generates and issues session keys in Kerberos.

line-interactive

In the ____ UPS, the internal components of the standby models are replaced with a pair of inverters and converters.

timing

In a ____ attack, the attacker eavesdrops during the victim's session and uses statistical analysis of patterns and inter-keystroke timings to discern sensitive session information.

symmetric

A method of encryption that requires the same secret key to encipher and decipher the message is known as ____ encryption.

end-of-fical-year spend-a-thons

Public organizations often have "____" to spend all their remaining funds before the end of the fiscal year.

64

DES uses a __- bit block size.

All of the above

Which of the following is a valid version of TACACS?

LFM

Using ___, the system reviews the log files generated by servers, network devices, and even other IDPSs.

Keyspace

____ is the entire range of values that can possibly be used to construct an individual key.

IP source and destination address, Direction, TCP or UDP source and destination port.

The restrictions most commonly implemented in packet-filtering firewalls are based on ____.

pilot

In a ____ implementation, the entire security system is put in place in a single office, department, or division, and issues that arise are dealt with before expanding to the rest of the organization.

Applications

The ____ layer of the bull's-eye model receives attention last.

Tailgating

____ occurs when an authorized person presents a key to open a door, and other people, who may or may not be authorized, also enter.

successors

Tasks or action steps that come after the task at hand are called ____.

sacrificial

Since the bastion host stands as a sole defender on the network perimeter, it is commonly referred to as the ____ host.

MAC

A ____ is a key-dependent, one-way hash function that allows only specific recipients (symmetric key holders) to access the message digest.

Work Factor

____ is the amount of effort (usually in hours) required to perform cryptanalysis to decode an encrypted message when the key or algorithm (or both) are unknown.

negative feedback loop

In the ____ process, measured results are compared to expected results.

DMZ

The ____ is an intermediate area between a trusted network and an untrusted network.

SSL Record Protocol

The ____ is responsible for the fragmentation, compression, encryption, and attachment of an SSL header to the cleartext prior to transmission.

WAPs

In recent years, the broadband router devices that can function as packet-filtering firewalls have been enhanced to combine the features of ____.

milestone

The date for sending the final RFP to vendors is considered a(n) ____, because it signals that all RFP preparation work is complete.

SOCKS

____ is the protocol for handling TCP traffic through a proxy server.

PGP

____ is a hybrid cryptosystem that combines some of the best available cryptographic algorithms and has become the open-source de facto standard for encryption and authentication of e-mail and file storage applications.

dry-pipe

A ____ system is designed to work in areas where electrical equipment is used. Instead of containing water, the system contains pressurized air.

RSA

The ____ algorithm was the first public key encryption algorithm developed (in 1977) and published for commercial use.

RADIUS

____ and TACACS are systems that authenticate the credentials of users who are trying to access an organization's network via a dial-up connection.

HIDPSs

____ benchmark and monitor the status of key system files and detect when an intruder creates, modifies, or deletes monitored files.

Alarm Filtering

____ is the process of classifying IDPS alerts so that they can be more effectively managed.

WBS

____ is a simple planning tool.

application-level firewall

The application gateway is also known as a(n) ____.

Programmable

____ locks can be changed after they are put in service, allowing for combination or key changes without a locksmith and even allowing the owner to change to another access method (key or combination) to upgrade security.

Trap and trace

____ applications use a combination of techniques to detect an intrusion and then trace it back to its source.

passive

Most NBA sensors can be deployed in ____ mode only, using the same connection methods as network-based IDPSs.

polyalphabetic

More advanced substitution ciphers use two or more alphabets, and are referred to as ____ substitutions.

Please allow access to your computer’s microphone to use Voice Recording.

Having trouble? Click here for help.

We can’t access your microphone!

Click the icon above to update your browser permissions above and try again

Example:

Reload the page to try again!

Reload

Press Cmd-0 to reset your zoom

Press Ctrl-0 to reset your zoom

It looks like your browser might be zoomed in or out. Your browser needs to be zoomed to a normal size to record audio.

Please upgrade Flash or install Chrome
to use Voice Recording.

For more help, see our troubleshooting page.

Your microphone is muted

For help fixing this issue, see this FAQ.

Star this term

You can study starred terms together

NEW! Voice Recording

Create Set