Information security architecture often relies on boundaries outside the computer to protect important information or programs from error prone or malicious programs. - ANSWER False
A security analyst is performing a
...
Information security architecture often relies on boundaries outside the computer to protect important information or programs from error prone or malicious programs. - ANSWER False
A security analyst is performing a security assessment. The analyst should not: - ANSWER Take actions to mitigate a serious risk
A rational security decision, such as locking your vehicle when not in use, is an example of: - ANSWER reasoned paranoia
- ANSWER 3
What is a worm? - ANSWER Malware
A vulnerability is a security measure intended to protect an asset. - ANSWER False
Victims can protect themselves against zero-day attacks. - ANSWER False
______________ a person who has learned specific attacks on computer systems and can use those specific attacks. - ANSWER Cracker
When disclosing a security vulnerability in a system or software, the manufacturer should avoid: - ANSWER Including enough detail to allow an attacker to exploit the vulnerability
The term "security theater" refers to security measures intended to make potential victims feel safe and secure without regard to their effectiveness. - ANSWER true
Security Category RMF begins with a high level estimate of the impact caused by cyber security failures. - ANSWER true
A threat agent is a person who did attack our assets, an attacker might attack an asset. - ANSWER false
CIA properties do not include: - ANSWER authentication
Authentication is a security service that ensures information is reliably available. - ANSWER False
Zero Day vulnerability is one that has been reported to the software's vendor and the general public. - ANSWER False
The fundamental job of every operating system is to run programs, and this relies on: - ANSWER -process management
-random access memory (RAM) management
-input/output (I/O) management
One of the vulnerabilities the Morris worm used was a networking service called finger. The purpose of the finger service is to: - ANSWER report the status of the individual computer users
The type of computer-based access control that involves a process that uses secret or hidden information in order to retrieve particular data items is: - ANSWER puzzle
The process of loading and running a program from a mass storage device like a hard drive or CD-ROM is called: - ANSWER bootstrapping
A type of security control that takes measures to help restore a system is referred to as: - ANSWER corrective
Steganography is a type of vault computer-based access control. - ANSWER False
A computer's Basic Input/Output System (BIOS) is a computer program stored in read-only memory (ROM). - ANSWER True
A stack provides a simple, structured way to give temporary storage to a procedure, including a place to save the return address. - ANSWER True
Part of the reason why the Morris worm was successful was that the finger process had Least Privilege instead of Most Privilege. - ANSWER False
Everything a computer does, right or wrong, results from running a computer program written by people. - ANSWER True
To switch between two processes, the operating system maintains a collection of data called the ____________ - ANSWER Process State
____________ flaws in the software such as finger service are often exploited. - ANSWER Buffer Overflow
As with CERT Advisories, the system relies on the discovery of vulnerabilities by vendors or other interested parties, and the reporting of these vulnerabilities through the ___________ process. - ANSWER CVE
As with threat agents, attacks do not affect non-cyber resources. - ANSWER False
In a hierarchical file system directory, the topmost directory is called the: - ANSWER Root
The main purpose of a software patch is to: - ANSWER fix a bug in a program
a zero-day exploit: - ANSWER has no software patch
An interpreter is a program that interprets the text of a program one word at a time, and performs the actions specified in the text. The following are examples of interpreters except: - ANSWER Java
When a system process starts another, the parent process often inherits the child's access rights. - ANSWER False
The window of vulnerability is the period of time during which a system is unprotected from an exploit. - ANSWER True
All modern systems use a hierarchical directory to organize files into groups. - ANSWER True
A compiler is a program that "interprets" the text of our program a word at a time. - ANSWER False
Default permit: Everything is allowed except sites on the prohibited list. - ANSWER True
Application programs are the only executable files on a typical operating system. - ANSWER False
We call scripts macros, especially when we embed them in other documents. - ANSWER True
A security database that contains entries for users and their access rights for files and folders is: - ANSWER an access control list (ACL)
The condition in which files automatically take on the same permissions as the folder in which they reside is called: - ANSWER dynamic inheritance
In Windows, when you COPY (not MOVE) a file from one folder to another and the folders have different access permissions, the file: - ANSWER takes on the access rights on the destination folder
In Windows, when you MOVE (not COPY) a file from one folder to another and the folders have different access permissions, the file: - ANSWER retains its original access rights
A primary use of event logs is to: - ANSWER serve as an audit trail
The law that establishes security measures that must be taken on health-related information is: - ANSWER HIPAA
Regarding access permissions in Windows, the owner of a shared folder may read, modify, and delete other user's files. - ANSWER True
The computer keeps record of what it does and those set of files are called the event log or the audit trail. - ANSWER True
If the "root" user accesses a file, the system grants full access. - ANSWER True
Some operating systems provide ways of temporarily granting administrative to people logged in to regular accounts. - ANSWER True
ACL implementation in Microsoft windows provides flexible and sophisticated inheritance. Files and folders automatically inherent changes made to an enclosing folder access rights. - ANSWER True
The term for recovering from computer-related attacks, incidents, and compromises is: - ANSWER remediation
The Fourth Amendment prevents arbitrary searches of areas where users expect their privacy to be protected. This is referred to as: - ANSWER reasonable expectation of privacy
The following are steps a digital forensic investigator takes when collecting evidence except: - ANSWER analyze the evidence
When collecting digital evidence from a crime scene, often the best strategy for dealing with a computer that is powered on is to: - ANSWER unplug it
A typical hard drive has an arm, a read/write head, and: - ANSWER platters
The sector(s) at the beginning of a hard disk that identify the starting block of each partition is called the: - ANSWER master boot record
The part of a FAT volume that stores files and subdirectories is the: - ANSWER clusters
The major file system used with Windows today is: - ANSWER NTFS
The file system that organizes a volume's contents around five master files, such as the catalog file and the extents overflow file, is: - ANSWER HFS+
The file system that uses a master file table is: - ANSWER NTFS
A compromised computer is no longer trustworthy because it may have been subverted. - ANSWER True
The role of a hard drive controller is to operate the head assembly and select the correct sector. - ANSWER True
A checksum can correct smaller errors in a sector and detect larger errors. - ANSWER False
At a crime scene, the computer must be analyzed on the spot and documented after they are considered safe. - ANSWER False
The following are fundamental strategies for authenticating people on computer systems - ANSWER -Something you know
-Something you have
-Something you are
NOT Something you make
An authentication system that requires the user to provide two different passwords and a fingerprint scan is an example of: - ANSWER two-factor authentication
Hashing - ANSWER transforms readable text into gibberish
An attack that blocks access to a system by other users is called: - ANSWER Denial of Service
An attack in which someone tries to trick a system administrator into divulging a password is called: - ANSWER Social Engineering
In a password system, the total number of possible passwords is called the: - ANSWER Search Space
Low-hanging fruit refers to the easiest targets in an attack. (True or False) - ANSWER True
The one-way hash is a cryptographic function. (True or False) - ANSWER True
MD5 is one of the most recent forms of hash functions. (True or False) - ANSWER False:
SHA-224,SHA-256, SHA-384 and SHA-512 are more recent
Entropy refers to the strength of a password system. (True or False) - ANSWER False:
Entropy is a measure of the uncertainty in the value of a variable that takes on random variables
When you are biased in selecting a password, you choose your password from the entire search space. (True or False) - ANSWER False
When an attacker is attacking a password system, the average attack space estimates the number of guesses required before success is likely. (True or False) - ANSWER True
When selecting a password, random collections of letters contain far less entropy than written words. (True or False) - ANSWER False
Some challenge-response systems use a token as part of the user identification process. (True or False) - ANSWER True
Authentication does what: - ANSWER Associates an individual with an identity
while
ACCESS CONTROL will check and grant access rights
Two factor authentication is using two passwords (True or False) - ANSWER False - need to use two DIFFERENT factors of authentication, not two instances of the same factor.
The most recent listed hash algorithm is what? - ANSWER SHA-512
Network-based guessing is the most powerful modern attack on passwords. (True or False) - ANSWER False
The offline attack is the most powerful modern attack on passwords
There are three types of tokens; they do not include which? - ANSWER Token types
-Passive tokens
-challenge response tokens
-one time password tokens
Not a token type
-Offensive tokens
Biometric readers have a large allowance for error in reading and conditions of the body. (True or False) - ANSWER False
[Show More]
