60 terms

Final - Part 1

Chapters 1, 2, & 4
Attemping to reverse-calculate a password is called:
what technique does an intruder gain unauthorized access to computers by sending messages with a source IP address that has been changed to indicate that the messages are coming from a trusted host
The timing attack explores the contents of a web browser:
in what type of attack does the attacker send a large number of connections or information requests to a target
denial of service
an attempt to gain personal infomation or financial data, usually be posing as a legitimate entity is called:
in what well-known attack does an attacker monitor (or sniff) packets from the network, modify them, and insert them back into the network
man in the middle
someone purchases a wireless access point for a home network, but does not enable WEP security - this is an example of what design problem?
failure to protect network traffic
SSL is a standard used to:
securely transfer data such as in an online credit card transaction
in 1998, Microsoft encountered and acknowledged what type of problem with Internet Explorer 4.0?
Buffer overflow
What should the minimum length of a password be according to the author?
8 characters
A file that contains sensitive financial account information is an example of:
an asset
during the early years, info security was a straightforward process composed mostly of:
physical security
In the CIA triangle, what does the A stand for?
In the CNSS Security Model (The McCumber Cube) what three attributes represent the three information states?
Storage, Processing, Transmission
Information that is whole, complete, and uncorrupted has:
The act of sending an email with a modified "from" address is called:
What enables authorized users, either persons or computer systems, to access information without interference or obstruction and to receive it in the required format?
What was significant about the Rand R-609?
It expanded the role of computer security to include data
When a computer is the target of an attack, it is defined as the:
Which of the following is most often true?
The CISO reports to the CIO
ARPANET was the predecessor to:
A famous study entitled Protection Analysis: Final Report was published in:
Which was the first operating system to integrate security as its core functions?
Which type of security addresses the issues necessary to protect the tangible items, objects, or areas of an organization from unauthorized access and misuse?
What is a computer considered to be in an attack when it is used to conduct the attack?
Which characteristic of information is the quality or state of being genuine or original?
In the CNSS Security Model (The McCumber Cube) what three attributes represent the three information states?
Storage, Processing, Transmission
An information system consists of:
software, hardware, data, people, and procedures
What is the longest and most expensive phase of the systems development life cycle?
Maintenance and change
What are the phases of the systems development life cycle?
Investigation, Analysis, Logical Design, Physical Design, Implementation, Maintenance and Change
Part of the logical design phase of the Security Systems Development Life Cycle (SecSDLC) is planning for partial or catastrophic loss. What dictates what steps are taken when an attack occurs?
Incident response
Part of the logical design phase of the Security Systems Development Life Cycle (SecSDLC) is planning for partial or catastrophic loss. What dictates how business continues in the event of a loss?
Continuity Planning
Part of the logical design phase of the Security Systems Development Life Cycle (SecSDLC) is planning for partial or catastrophic loss. What dictates what must be done to recover information and vital systems immediately after a disastrous event?
Disaster recovery
Who is the individual primarily responsible for the assessment, management, and implementation of information security in the organization?
Among the greatest threats to an organization's assets are employees who:
Make mistakes
What are software programs that hide their true nature, and reveal their designed behavior only when activated?
Trojan horses
As frustrating as viruses and worms are, perhaps more time and money is spent on resolving virus:
Agreements with providers that protect against deviations in service levels are known as:
Service Legal Agreements (SLA)
What acts can lead to unauthorized real or virtual actions that enable information gatherers to enter premises or systems they have not been authorized to enter?
What form of online vandalism is involves interfering with or disrupting systems to protest the operations, policies, or action of an organization or government agency?
Redirecting users to an illegitimate Web site is characteristic of:
A brute force attack attempts to break a password by:
Trying all possible combinations characters
What software security problem can arise when the input from a user is passed directly to a compiler or interpreter?
Command injection
What software security problem can arise when two programmers are making different changes to the same section of code at the same time?
Neglect of change control
The first phase of risk management is:
Risk identification
In the risk management process, what do many corporations use to help secure the confidentiality and integrity of information?
Data classification schemes
One appropriate way to identify hardware assets is by:
A asset's serial number
Management of classified data includes its storage, distribution, portability, and:
There are individuals who search trash and recycling to retrieve information that could embarrass a company or compromise information security using a process known as:
Dumpster diving
A TVA worksheet relates:
Threat, vulnerabilities and assets
Which control strategy attempts to prevent exploitation of a vulnerability?
What are the risk control strategies?
Defend, Transfer, Mitigate, Accept, Terminate
What type of mitigation plan guides activities after an incident by describing media backups, strategies to limit losses, and detailed steps to follow when the smoke clears, the dust settles, or the floodwaters recede?
Disaster recovery
The value of an asset multiplied by its exposure factor is the calculation for:
Single loss expectancy (SLE)
Security practices that are considered the best of the best are known as the:
Gold standard
The risk control strategy that is the same as a "do nothing" approach is:
The quantity and nature of risk that organizations are willing to accept as they evaluate the tradeoffs between perfect security and unlimited accessibility is known as:
Risk appetite
A single loss exposure of a security threat is $100. The frequency of occurrence is once per month. What is the ARO?
1200 (100 X 12)
In the Cost Benefit Analysis formula, what is ACS?
The annual cost of safeguard
The Cost Benefit Analysis (CBA) formula is:
CBA = ALE(prior) - ALE(post) - ACS

ALE(prior): ALE from earlier assessments before the implementation of the proposed control
ALE(post): revised ALE, estimated based on the control being in place