Advertisement Upgrade to remove ads

Principles of Information Security-Final


_________carries the lifeblood of information through an organization.


A(n) __________ information security policy outlines the implementation of a security program within the organization


The senior technology officer is typically the chief __________ officer


In an organization, the value of _____________ of information is especially high when it involves personal information about employees, customers, or patients.


The _____________of information is the quality or state of ownership or control of some object or item


The timing attack explores the contents of a Web browser's _______

buffer-overrun or buffer-overflow

A(n) _____-________ or _____-_______ is an application error that occurs when more data is sent to a program buffer than it is designed to handle.


The expert hacker sometimes is called elite hacker.


A momentary low voltage is called a(n) _____


When information gatherers employ techniques that cross the threshold of what is legal or ethical, they are conducting industrial _________


A famous study entitled "Protection Analysis: Final Report" was published in ______


________ was the first operating system to integrate security as its core functions


___________ security addresses the issues necessary to protect the tangible items, objects, or areas of an organization from unauthorized access and misuse


In file hashing, a file is read by a special algorithm that uses the value of the bits in the file to compute a single large number called a _____ value

physical design

During the ________ ________ phase, specific technologies are selected to support the alternatives identified and evaluated in the logical design

systems development life cycle

The most successful kind of top-down approach involves a formal development strategy referred to as a ________ _______ _______ _______


Organizations are moving toward more _______-focused development approaches, seeking to improve not only the functionality of the systems they have in place, but consumer confidence in their product.


The ______ is a methodology for the design and implementation of an information system in an organization


The _________ model consists of six general phases

System Administrators

People with the primary responsibility for administering the systems that house the information used by the organization perform the ________ __________ role.


Is Happy99.exe an example of a Trojan horse program?

social engineering

"4-1-9" fraud is an example of a _______ ________ attack.


Microsoft acknowledged that if you type a res:// URL (a Microsoft-devised type of URL) which is longer than ____ characters in Internet Explorer 4.0, the browser will crash.

Trogan Horses

________ _______ are software programs that hide their true nature, and reveal their designed behavior only when activated


Complete loss of power for a moment is known as a _______


One form of online vandalism is ________operations, which interfere with or disrupt systems to protest the operations, policies, or actions of an organization or government agency.


________ is any technology that aids in gathering information about a person or organization without their knowledge

distributed denial-of-service

A _______ _____ __ _______ is an attack in which a coordinated stream of requests is launched against a target from many locations at the same time.


In a ________-___-_______ attack, the attacker sends a large number of connection or information requests to a target.


A(n) _____ desk policy requires that employees secure all information in appropriate storage containers at the end of each day.


All information that has been approved by management for public release has a(n) _________ classification.


You can assess the relative risk for each of the vulnerabilities by a process called risk __________.


Security ____________ are the technical implementations of the policies defined by the organization.


Operational ___________ analysis examines user acceptance and support, management acceptance and support, and the overall requirements of the organization's stakeholders.

screened subnet

The architecture of a(n) _______ ________ firewall provides a DMZ


.The ___________ authentication system is named after the three-headed dog of Greek mythology, that guards the gates to the underworld.


The _________ packet-filtering firewall allows only a particular packet with a particular source, destination, and port address to enter through the firewall.


The circuit gateway firewall operates at the_______ layer.


______ firewalls combine the elements of other types of firewalls — that is, the elements of packet filtering and proxy services, or of packet filtering and circuit gateways.


The military uses a ____-level classification scheme


In the U.S. military classification scheme, __________ data is any information or material the unauthorized disclosure of which reasonably could be expected to cause damage to the national security.


_____ equals likelihood of vulnerability occurrence times value (or impact) minus percentage risk already controlled plus an element of uncertainty.


The ___________security policy is an executive-level document that outlines the organization's approach and attitude towards information security and relates the strategic value of information security within the organization.


The ________ security policy is a planning document that outlines the process of implementing security in the organization.

defend control

The _______ ________strategy attempts to prevent the exploitation of the vulnerability.

transfer control

The ________ ________strategy attempts to shift risk to other assets, other processes, or other organizations


___ plans usually include all preparations for the recovery process, strategies to limit losses during the disaster, and detailed steps to follow when the smoke clears, the dust settles, or the floodwaters recede.

accept control

The ________ _______strategy is the choice to do nothing to protect a vulnerability and to accept the outcome of its exploitation.

standard of due care

When organizations adopt levels of security for a legal defense, they may need to show that they have done what any prudent organization would do in similar circumstances. This is referred to as a(n) _________ __ ____ _______


1. IP source and destination address 2.Direction (inbound or outbound) 3.TCP or UDP source and destination port request are all restrictions most commonly implemented in ______-_______ firewalls


______ filtering requires that the filtering rules governing how the firewall decides which packets are allowed and which are denied be developed and installed with the firewall.


_______ inspection firewalls keep track of each network connection between internal and external systems.


The proxy server is often placed in an unsecured area of the network or is placed in the _____________ zone.


______ is the protocol for handling TCP traffic through a proxy server.


Telnet protocol packets usually go to TCP port ___.

rating and filtering

In most common implementation models, the content filter has two components:


____________ and TACACS are systems that authenticate the credentials of users who are trying to access an organization's network via a dial-up connection.


Which of the following is a valid version of TACACS? _________,________ ___________ and __________.


In ___________ mode, the data within an IP packet is encrypted, but the header information is not.


Alarm _________ and compaction is a consolidation of almost identical alarms that happen at close to the same time into a single higher-level alarm


The initial estimation of the defensive state of an organization's networks and systems is called doorknob ________.


A signature-based IDPS is sometimes called a(n) _________-based IDPS.


In _________ protocol verification, the higher-order protocols are examined for unexpected packet behavior, or improper use.


A(n) ______ IDPS can adapt its reactions in response to administrator guidance over time and circumstances of the current local environment.

False Attack Stimulus

________ __________ __________ is an event that triggers an alarm when no actual attack is in progress.


To determine whether an attack has occurred or is underway, NIDPSs compare measured activity to known __________ in their knowledge base.


Most NBA sensors can be deployed in _______ mode only, using the same connection methods as network-based IDPSs.


______ sensors are typically intended for network perimeter use, so they would be deployed in close proximity to the perimeter firewalls, often between the firewall and the Internet border router to limit incoming attacks that could overwhelm the firewall


___________ are decoy systems designed to lure potential attackers away from critical systems.

Trap and trace

______ ____ _______ applications use a combination of techniques to detect an intrusion and then trace it back to its source.


A(n) __________ is a proposed systems user.


___________ is the action of luring an individual into committing a crime to get a conviction.

Biometric access control

_________ _______ __________ is based on the use of some measurable human characteristic or trait to authenticate the identity of a proposed systems user.


The ____ is the level at which the number of false rejections equals the false acceptances, and is also known as the equal error rate.


A message ________ is a fingerprint of the author's message that is compared with the recipient's locally calculated hash of the same message.


To ________ means to encrypt, encode, or convert plaintext into the equivalent ciphertext.


The successor to 3DES is the __________Encryption Standard.


Digital ___________ are public-key container files that allow computer programs to validate the key and identify to whom it belongs.


_________ is the entire range of values that can possibly be used to construct an individual key


More advanced substitution ciphers use two or more alphabets, and are referred to as ______________ substitutions.


______ functions are mathematical algorithms that generate a message summary or digest to confirm the identity of a specific message and to confirm that there have not been any changes to the content.


A ______ is a key-dependent, one-way hash function that allows only specific recipients (symmetric key holders) to access the message digest.


_____ is an integrated system of software, encryption methodologies, protocols, legal agreements, and third-party services that enables users to communicate securely.Digital Certificates.

Digital Signatures

________ ___________ are encrypted messages that can be mathematically proven to be authentic.


An X.509 v3 certificate binds a _____________ name , which uniquely identifies a certificate entity, to a user's public key.


_____ was developed by Phil Zimmermann and uses the IDEA Cipher for message encoding.


The ____ protocol provides system-to-system authentication and data integrity verification, but does not provide secrecy for the content of a network communication.


__________ attacks are a collection of brute-force methods that attempt to deduce statistical relationships between the structure of the unknown key and the ciphertext that is the output of the cryptosystem.


In information security, ________theft occurs when an employee steals a few pieces of information at a time, knowing that taking more would be noticed — but eventually the employee gets something complete or useable.


Information security can begin as a grassroots effort in which systems administrators attempt to improve the security of their systems, which is often referred to as a ____________ approach.


A _______ can deposit copies of itself onto all Web servers that the infected system can reach, so that users who subsequently visit those sites become infected


_____ attacks can be launched against routers.

mail bomb

One form of e-mail attack that is also a DoS is called a ______ _______, in which an attacker routes large quantities of connection or information to the target.


A(n) ________ can allow an attacker to collect information on how to access password-protected sites

Know yourself

______ __________ means identifying, examining, and understanding the information and systems currently in place within the organization.


You should adopt __________ standards that do not convey information to potential system attackers.

Mutually exclusive

____________ means that an information asset should fit in only one category


____________ means that an information asset should fit in the list somewhere


__________ are activities performed within the organization to improve security


One method of protecting the residential user is to install a __________ firewall directly on the user's system


The DMZ can be a dedicated port on the firewall device linking a single _______ host


Good policy and practice dictates that each firewall device, whether a filtering router, bastion host, or other firewall implementation, must have its own set of _____________ rules.


Firewall Rule Set __ states that responses to internal requests are allowed.


Some ________ can filter packets by protocol name.

Statful inspection

A ________ ________ firewall keeps track of each network connection between internal and external systems

State table

A _________ ___________ the state and contect of each packet by recording which station sent the packet and when.

Proxy server

The Application Gateway,Application-level firewall or simply the Application firewall is most commonly called a ________ __________.

false positive

A ________ _________ is when the IDPS system mistakes normal system activity for an attack.


A _______ is not optimized to detect multihost scanning, nor it is able to detect the scanning of non-host network devices, such as routers or switches


Your organization's operational goals, constraints, and culture affect the selection of the _____and other security tools and technologies to protect your systems.

Intrusion detection and prevention systems

___________ ___________ and _________ __________ perform monitoring and analysis of system events and user behaviors.


A ________ can be used to eavesdrop on network traffic.


You can combine the____ operation with a block cipher operation


_________ functions don't require the use of keys.


DES uses a ____-bit key

encapsulating security payload protocol

The __________ __________ ________ _________ provides secrecy for the contents of network communications as well as system-to-system authentication and data integrity verification.

Confidenciallity,Integrity and Availability

What does CIA stand for?

Layers os security:Physical, Personal, Operational, Communication,Network and Informational security.

What does P.P.O.C.N.I represent?

A robot Network

What is a Botnet?

Commitee on National Security Systems

What does CNSS stand for?


The biggest security risks are from_______.


____________ was the first internet Browser.


An ________ is the Organizational resource being protected.


____________ is a technique used to compromise a system.


______ is a single instance of an information asset suffering damage


__________ is a condition or state of being vulnerable to an attacker.


______ is the probability that something unwanted will happen.


A ______ is a category or objects, persons,or other entities that presents a danger to an asset.

Threat agent

A _______ _______ is a specific instance or a component of a threat.

Computer Security Institute

What does CSI stand for?

Malicious code attack

includes execution of viruses, worms, Trojan horses, and active Web scripts with intent to destroy or steal information.


transmission of a virus hoax with a real virus attached; more devious form of attack

Back door attacks

gaining access to system or network using known or previously unknown/newly discovered access mechanism.

Password crack

attempting to reverse calculate a password.

Brute force attack

trying every possible combination of options of a password.

Dictionary attack

selects specific accounts to attack and uses commonly used passwords (i.e., the dictionary) to guide guesses

Denial-of-service attack

attacker sends large number of connection or information requests to a target.

Distributed denial-of-service attack

coordinated stream of requests is launched against target from many locations simultaneously.


technique used to gain unauthorized access; intruder assumes a trusted IP address

Man-in-the-middle attack

attacker monitors network packets, modifies them, and inserts them back into network


unsolicited commercial e-mail; more a nuisance than an attack, though is emerging as a vector for some attacks.

Mail bombing

also a DoS; attacker routes large quantities of e-mail to target.


program or device that monitors data traveling over network


an attempt to gain personal/financial information from individual


redirection of legitimate Web traffic (e.g., browser requests) to illegitimate site for the purpose of obtaining private information.

Social engineering

using social skills to convince people to reveal access credentials

Timing attack

relatively new; works by exploring contents of a Web browser's cache to create malicious cookie.

Script Kitty

Hackers of limited skill using expert software to attack.

Packet monkey

Script Kitty's using automated exploits to engage in distributed Dos attacks

See More

Please allow access to your computer’s microphone to use Voice Recording.

Having trouble? Click here for help.

We can’t access your microphone!

Click the icon above to update your browser permissions above and try again


Reload the page to try again!


Press Cmd-0 to reset your zoom

Press Ctrl-0 to reset your zoom

It looks like your browser might be zoomed in or out. Your browser needs to be zoomed to a normal size to record audio.

Please upgrade Flash or install Chrome
to use Voice Recording.

For more help, see our troubleshooting page.

Your microphone is muted

For help fixing this issue, see this FAQ.

Star this term

You can study starred terms together

NEW! Voice Recording