Chapter 7-12 Review Questions
Transcript of Chapter 7-12 Review Questions
Chapter 7 Review Questions
Review of attempt 1
Marks: 2 A(n) ____________________ vulnerability scanner is one that initiates traffic on the network in order to determine security holes.Answer:
CorrectMarks for this submission: 2/2.Question 2 Marks: 2 Activities that scan network locales for active systems and then identify the network services offered by the host systems is known as ____.Choose one answer.
a. filtering
b. doorknob rattling
c. footprinting
d. fingerprinting CorrectMarks for this submission: 2/2.Question 3 Marks: 2 A(n) ____ is a proposed systems user.Choose one answer.
a. authenticator
b. challenger
c. supplicant
d. activator IncorrectMarks for this submission: 0/2.Question 4 Marks: 2 A(n) listener vulnerability scanner is one that listens in on the network and determines vulnerable versions of both server and client software.Answer:
True False CorrectMarks for this submission: 2/2.Question 5 Marks: 2 ____ applications use a combination of techniques to detect an intrusion and then trace it back to its source.Choose one answer.
a. Trace and treat
b. Trap and trace
active
c. Treat and trap
d. Trace and clip CorrectMarks for this submission: 2/2.Question 6 Marks: 2 ____ are decoy systems designed to lure potential attackers away from critical systems.Choose one answer.
a. Honeypots
b. Honeycells
c. Padded cells
d. Padded nets CorrectMarks for this submission: 2/2.Question 7 Marks: 2 A(n) ____________________ system contains pseudo-services that emulate well-known services, but is configured in ways that make it look vulnerable to attacks.Answer:
IncorrectCorrect answer: honeypotMarks for this submission: 0/2.Question 8 Marks: 2 Intrusion ____ activities finalize the restoration of operations to a normal state and seek to identify the source and method of the intrusion in order to ensure that the same type of attack cannot occur again.Choose one answer.
a. prevention
b. reaction
c. detection
d. correction IncorrectMarks for this submission: 0/2.Question 9 Marks: 2 Enticement is the action of luring an individual into committing a crime to get a conviction.Answer:
True False CorrectMarks for this submission: 2/2.Question 10 Marks: 2 A passive response is a definitive action automatically initiated when certain types of alerts are triggered.Answer:
True False
honey pot
CorrectMarks for this submission: 2/2.Question 11 Marks: 2 Which of the following ports is commonly used for the HTTP protocol?Choose one answer.
a. 20
b. 25
c. 53
d. 80 CorrectMarks for this submission: 2/2.Question 12 Marks: 2 A sniffer cannot be used to eavesdrop on network traffic.Answer:
True False CorrectMarks for this submission: 2/2.Question 13 Marks: 2 A(n) ____________________ occurs when an attacker attempts to gain entry or disrupt the normal operations of an information system, almost always with the intent to do harm.Answer:
CorrectMarks for this submission: 2/2.Question 14 Marks: 2 A HIDPS can monitor systems logs for predefined events.Answer:
True False CorrectMarks for this submission: 2/2.Question 15 Marks: 2 The ongoing activity from alarm events that are accurate and noteworthy but not necessarily significant as potentially successful attacks is called ____________________.Answer:
CorrectMarks for this submission: 2/2.Question 16 Marks: 2 A(n) ____________________ IDPS can adapt its reactions in response to administrator guidance over time and circumstances of the current local environment.Answer:
intrusion
noise
smart
CorrectMarks for this submission: 2/2.Question 17 Marks: 2 In TCP/IP networking, port ____ is not used.Choose one answer.
a. 0
b. 1
c. 13
d. 1023 CorrectMarks for this submission: 2/2.Question 18 Marks: 2 A signature-based IDPS is sometimes called a(n) ____________________-based IDPS.Answer:
CorrectMarks for this submission: 2/2.Question 19 Marks: 2 IDPS researchers have used padded cell and honeypot systems since the late ____.Choose one answer.
a. 1960s
b. 1970s
c. 1980s
d. 1990s CorrectMarks for this submission: 2/2.Question 20 Marks: 2 Alarm ____________________ and compaction is a consolidation of almost identical alarms that happen at close to the same time into a single higher-level alarm.Answer:
CorrectMarks for this submission: 2/2.Question 21 Marks: 2 Using ____, the system reviews the log files generated by servers, network devices, and even other IDPSs.Choose one answer.
a. LFM
b. stat IDPS
c. AppIDPS
d. HIDPS Correct
know ledge
clustering
Marks for this submission: 2/2.Question 22 Marks: 2 A starting scanner is one that initiates traffic on the network in order to determine security holes.Answer:
True False CorrectMarks for this submission: 2/2.Question 23 Marks: 2 A(n) ____________________ is a honey pot that has been protected so that it cannot be easily compromised.Answer:
CorrectMarks for this submission: 2/2.Question 24 Marks: 2 The initial estimation of the defensive state of an organization’s networks and systems is called doorknob ____________________.Answer:
CorrectMarks for this submission: 2/2.Question 25 Marks: 2 In ____________________ protocol verification, the higher-order protocols are examined for unexpected packet behavior, or improper use.Answer:
CorrectMarks for this submission: 2/2.Question 26 Marks: 2 Three methods dominate the IDPSs detection methods: ____________________-based approach, statistical anomaly-based approach or the stateful packet inspection approach.Answer:
CorrectMarks for this submission: 2/2.Question 27 Marks: 2 A strategy based on the concept of defense in depth is likely to include intrusion detection systems, active vulnerability scanners, passive vulnerability scanners, automated log analyzers, and protocol analyzers.Answer:
True False IncorrectMarks for this submission: 0/2.Question 28 Marks: 2
padded cell
rattling
application
signature
The attack ____________________ is a series of steps or processes used by an attacker, in a logical sequence, to launch an attack against a target system or network.Answer:
CorrectMarks for this submission: 2/2.Question 29 Marks: 2 A HIDPS is optimized to detect multihost scanning, and it is able to detect the scanning of non-host network devices, such as routers or switches.Answer:
True False IncorrectMarks for this submission: 0/2.Question 30 Marks: 2 Fingerprinting is the organized research of the Internet addresses owned or controlled by a target organization.Answer:
True False IncorrectMarks for this submission: 0/2.Question 31 Marks: 2 A packet ____________________ is a network tool that collects copies of packets from the network and analyzes them.Answer:
CorrectMarks for this submission: 2/2.Question 32 Marks: 2 A(n) ____________________-based IDPS resides on a particular computer or server and monitors activity only on that system.Answer:
CorrectMarks for this submission: 2/2.Question 33 Marks: 2 ____ are usually passive devices and can be deployed into existing networks with little or no disruption to normal network operations.Choose one answer.
a. NIDPSs
b. HIDPSs
c. AppIDPSs
d. SIDPSs CorrectMarks for this submission: 2/2.
protocol
sniffer
host
Question 34 Marks: 2 A(n) ____ works like a burglar alarm in that it detects a violation (some system activities analogous to an opened or broken window) and activates an alarm.Choose one answer.
a. IDS
b. IIS
c. ITS
d. SIS CorrectMarks for this submission: 2/2.Question 35 Marks: 2 Among all possible biometrics, ____ is(are) considered truly unique.Choose one answer.
a. retina of the eye
b. fingerprints
c. iris of the eye
d. All of the above CorrectMarks for this submission: 2/2.Question 36 Marks: 2 A false positive is the failure of an IDPS system to react to an actual attack event.Answer:
True False CorrectMarks for this submission: 2/2.Question 37 Marks: 2 Most NBA sensors can be deployed in ____ mode only, using the same connection methods as network-based IDPSs.Choose one answer.
a. passive
b. active
c. reactive
d. dynamic CorrectMarks for this submission: 2/2.Question 38 Marks: 2 A(n) ____ is a network tool that collects copies of packets from the network and analyzes them.Choose one answer.
a. packet scanner
b. packet sniffer
c. honey pot
d. honey packet CorrectMarks for this submission: 2/2.Question 39 Marks: 2 HIDPSs are also known as system ____________________ verifiers.Answer:
CorrectMarks for this submission: 2/2.Question 40 Marks: 2 A wireless security toolkit should include the ability to sniff wireless traffic, scan wireless hosts, and assess the level of privacy or confidentiality afforded on the wireless network.Answer:
True False CorrectMarks for this submission: 2/2.Question 41 Marks: 2 The ____________________ error rate is the level at which the number of false rejections equals the false acceptances, also known as the equal error rate.Answer:
CorrectMarks for this submission: 2/2.Question 42 Marks: 2 The ____________________ port is also known as a switched port analysis port or mirror port.Answer:
CorrectMarks for this submission: 2/2.Question 43 Marks: 2 A(n) NIDPS functions on the host system, where encrypted traffic will have been decrypted and is available for processing.Answer:
True False IncorrectMarks for this submission: 0/2.Question 44 Marks: 2 Minutiae are unique points of reference that are digitized and stored in an encrypted format when the user’s system access credentials are created.Answer:
True False
integrity
crossover
monitoring
CorrectMarks for this submission: 2/2.Question 45 Marks: 2 A fully distributed IDPS control strategy is the opposite of the centralized strategy.Answer:
True False CorrectMarks for this submission: 2/2.Question 46 Marks: 2 A(n) ____ IDPS is focused on protecting network information assets.Choose one answer.
a. network-based
b. host-based
c. application-based
d. server-based CorrectMarks for this submission: 2/2.Question 47 Marks: 2 A(n) log file monitor is similar to a NIDPS.Answer:
True False CorrectMarks for this submission: 2/2.Question 48 Marks: 2 To determine whether an attack has occurred or is underway, NIDPSs compare measured activity to known ____ in their knowledge base.Choose one answer.
a. fingernails
b. fingerprints
c. signatures
d. footprints CorrectMarks for this submission: 2/2.Question 49 Marks: 2 A padded cell is a hardened honeynet.Answer:
True False CorrectMarks for this submission: 2/2.Question 50 Marks: 2
____ benchmark and monitor the status of key system files and detect when an intruder creates, modifies, or deletes monitored files.Choose one answer.
a. NIDPSs
b. HIDPSs
c. AppIDPSs
Question1Marks: 2
____ are encrypted messages that can be mathematically proven to be authentic.
Choose one answer.
a. Digital signatures
b. MAC
c. Message certificates
d. Message digests
CorrectMarks for this submission: 2/2.
Question2Marks: 2
A(n) distinguished name uniquely identifies a certificate entity, to a user’s public key.
Answer:
True False
IncorrectMarks for this submission: 0/2.
Question3Marks: 2
Privacy Enhanced Mail was proposed by the Internet Engineering Task Force and is a standard that uses 3DES symmetric key encryption and RSA for key exchanges and digital signatures.
Answer:
True False
CorrectMarks for this submission: 2/2.
Question4
Marks: 2
As DES became known as being too weak for highly classified communications, Double DES was created to provide a level of security far beyond that of DES.
Answer:
True False
CorrectMarks for this submission: 2/2.
Question5Marks: 2
A(n) ____________________ substitution uses one alphabet.
Answer:
CorrectMarks for this submission: 2/2.
Question6Marks: 2
An attacker may obtain duplicate texts, one in ciphertext and one in plaintext, and thus reverse-engineer the encryption algorithm in a known-plaintext attack scheme.
Answer:
True False
CorrectMarks for this submission: 2/2.
Question7Marks: 2
In IPSEC ____________________ mode, only the IP data is encrypted, not the IP headers.
Answer:
CorrectMarks for this submission: 2/2.
Question8Marks: 2
Digital ____________________ are public-key container files that allow computer programs to validate the key and identify to whom it belongs.
monoalphabetic
transport
Answer:
CorrectMarks for this submission: 2/2.
Question9Marks: 2
Digital ____________________ are encrypted messages that can be mathematically proven to be authentic.
Answer:
CorrectMarks for this submission: 2/2.
Question10Marks: 2
A message ____________________ is a fingerprint of the author’s message that is compared with the recipient’s locally calculated hash of the same message.
Answer:
CorrectMarks for this submission: 2/2.
Question11Marks: 2
Digital signatures should be created using processes and products that are based on the ____.
Choose one answer.
a. DSS
b. NIST
c. SSL
d. HTTPS
IncorrectMarks for this submission: 0/2.
Question12Marks: 2
certif icates
signatures
digest
DES uses a(n) _____-bit block size.
Choose one answer.
a. 32
b. 64
c. 128
d. 256
CorrectMarks for this submission: 2/2.
Question13Marks: 2
Symmetric encryption uses two different but related keys, and either key can be used to encrypt or decrypt the message.
Answer:
True False
CorrectMarks for this submission: 2/2.
Question14Marks: 2
____ attacks are a collection of brute-force methods that attempt to deduce statistical relationships between the structure of the unknown key and the ciphertext that is the output of the cryptosystem.
Choose one answer.
a. Timing
b. Dictionary
c. Correlation
d. Man-in-the-middle
CorrectMarks for this submission: 2/2.
Question15Marks: 2
A(n) ____________________ authority operates under the trusted collaboration of the certificate authority and can be delegated day-to-day certification functions, such as verifying registration information about
new registrants, generating end-user keys, revoking certificates, and validating that users possess a valid certificate.
Answer:
CorrectMarks for this submission: 2/2.
Question16Marks: 2
The science of encryption is known as ____________________.
Answer:
CorrectMarks for this submission: 2/2.
Question17Marks: 2
A ____ is a key-dependent, one-way hash function that allows only specific recipients (symmetric key holders) to access the message digest.
Choose one answer.
a. signature
b. MAC
c. fingerprint
d. digest
CorrectMarks for this submission: 2/2.
Question18Marks: 2
Common implementations of RA include systems that issue digital certificates to users and servers; directory enrollment; key issuing systems; tools for managing the key issuance; and verification and return of certificates.
Answer:
True False
Correct
registration
cryptology
Marks for this submission: 2/2.
Question19Marks: 2
The CA periodically distributes a(n) ____ to all users that identifies all revoked certificates.
Choose one answer.
a. CRL
b. RA
c. MAC
d. AES
CorrectMarks for this submission: 2/2.
Question20Marks: 2
Attackers may conduct an encrypted-plaintext attack by sending potential victims a specific text that they are sure the victims will forward on to others.
Answer:
True False
CorrectMarks for this submission: 2/2.
Question21Marks: 2
The ____ algorithm was the first public key encryption algorithm developed (in 1977) and published for commercial use.
Choose one answer.
a. DES
b. RSA
c. MAC
d. AES
CorrectMarks for this submission: 2/2.
Question22
Marks: 2
A mathematical ____________________ is a “secret mechanism that enables you to easily accomplish the reverse function in a one-way function.”
Answer:
CorrectMarks for this submission: 2/2.
Question23Marks: 2
In a ____ attack, the attacker eavesdrops during the victim’s session and uses statistical analysis of patterns and inter-keystroke timings to discern sensitive session information.
Choose one answer.
a. replay
b. timing
c. correlation
d. dictionary
CorrectMarks for this submission: 2/2.
Question24Marks: 2
In a(n) ____________________ attack, the attacker eavesdrops on the victim’s session and uses statistical analysis of patterns and inter-keystroke timings to discern sensitive session information.
Answer:
CorrectMarks for this submission: 2/2.
Question25Marks: 2
A(n) key is the programmatic steps used to convert an unencrypted message into an encrypted sequence of bits that represent the message.
Answer:
True False
trapdoor
timing
CorrectMarks for this submission: 2/2.
Question26Marks: 2
Hash algorithms are public functions that create a hash value by converting variable-length messages into a single fixed-length value.
Answer:
True False
CorrectMarks for this submission: 2/2.
Question27Marks: 2
A(n) response attack is an attempt to resubmit a recording of the deciphered authentication to gain entry into a secure source.
Answer:
True False
CorrectMarks for this submission: 2/2.
Question28Marks: 2
The ____ protocol provides system-to-system authentication and data integrity verification, but does not provide secrecy for the content of a network communication.
Choose one answer.
a. ESP
b. AH
c. HA
d. SEP
CorrectMarks for this submission: 2/2.
Question29Marks: 2
A method of encryption that requires the same secret key to encipher and decipher the message is known as ____ encryption.
Choose one answer.
a. asymmetric
b. symmetric
c. public
d. private
CorrectMarks for this submission: 2/2.
Question30Marks: 2
AES implements a block cipher called the Rijndael Block Cipher.
Answer:
True False
CorrectMarks for this submission: 2/2.
Question31Marks: 2
Secure HTTP provides the Internet communication services between client and host without consideration for encryption of the data that is transmitted between client and server.
Answer:
True False
CorrectMarks for this submission: 2/2.
Question32Marks: 2
Bit stream methods commonly use algorithm functions like the exclusive OR operation (_____).
Choose one answer.
a. XOR
b. EOR
c. NOR
d. OR
CorrectMarks for this submission: 2/2.
Question33Marks: 2
A(n) man-in-the-middle attack attempts to intercept a public key or even to insert a known key structure in place of the requested public key.
Answer:
True False
CorrectMarks for this submission: 2/2.
Question34Marks: 2
____ functions are mathematical algorithms that generate a message summary or digest to confirm the identity of a specific message and to confirm that there have not been any changes to the content.
Choose one answer.
a. Hash
b. Map
c. Key
d. Encryption
CorrectMarks for this submission: 2/2.
Question35Marks: 2
An X.509 v3 certificate binds a _____, which uniquely identifies a certificate entity, to a user’s public key.
Choose one answer.
a. message digest
b. fingerprint
c. distinguished name
d. digital signature
CorrectMarks for this submission: 2/2.
Question36Marks: 2
Netscape developed the ____________________ Layer protocol to use public key encryption to secure a channel over the Internet, thus enabling secure communications.
Answer:
IncorrectCorrect answer: Secure SocketMarks for this submission: 0/2.
Question37Marks: 2
The ____ is responsible for the fragmentation, compression, encryption, and attachment of an SSL header to the cleartext prior to transmission.
Choose one answer.
a. Standard HTTP
b. SFTP
c. S-HTTP
d. SSL Record Protocol
CorrectMarks for this submission: 2/2.
Question38Marks: 2
DES uses a 64-bit key.
Answer:
True False
IncorrectMarks for this submission: 0/2.
Question39Marks: 2
____ is a federal information processing standard that specifies a cryptographic algorithm used within the U.S. government to protect information in federal agencies that are not a part of the national defense infrastructure.
Choose one answer.
Secure Sockets
a. DES
b. 2DES
c. AES
d. 3DES
CorrectMarks for this submission: 2/2.
Question40Marks: 2
A digital ____________________ is an electronic document or container file that contains a key value and identifying information about the entity that controls the key.
Answer:
CorrectMarks for this submission: 2/2.
Question41Marks: 2
SHA-1 produces a(n) _____-bit message digest, which can then be used as an input to a digital signature algorithm.
Choose one answer.
a. 48
b. 56
c. 160
d. 256
CorrectMarks for this submission: 2/2.
Question42Marks: 2
Encryption is the process of converting the ciphertext message back into plaintext so that it can be readily understood.
Answer:
True False
certif icate
CorrectMarks for this submission: 2/2.
Question43Marks: 2
The more common name for asymmetric encryption is ____________________-key encryption.
Answer:
CorrectMarks for this submission: 2/2.
Question44Marks: 2
More advanced substitution ciphers use two or more alphabets, and are referred to as ____ substitutions.
Choose one answer.
a. multialphabetic
b. monoalphabetic
c. polyalphabetic
d. polynomic
CorrectMarks for this submission: 2/2.
Question45Marks: 2
One of the most widely known cryptographic algorithms is the Data ____________________ Standard, which was developed by IBM and is based on the company’s Lucifer algorithm.
Answer:
CorrectMarks for this submission: 2/2.
Question46Marks: 2
Hashing functions do not require the use of keys, but it is possible to attach a message ____________________ code.
Answer:
public
Encryption
CorrectMarks for this submission: 2/2.
Question47Marks: 2
Also known as the one-time pad, the ____________________ cipher, which was developed at AT&T, uses a set of characters only one time for each encryption process.
Answer:
CorrectMarks for this submission: 2/2.
Question48Marks: 2
A(n) registration authority issues, manages, authenticates, signs, and revokes users’ digital certificates, which typically contain the user name, public key, and other identifying information.
Answer:
True False
CorrectMarks for this submission: 2/2.
Question49Marks: 2
The encapsulating security ____________________ protocol provides secrecy for the contents of network communications as well as system-to-system authentication and data integrity verification.
Answer:
CorrectMarks for this submission: 2/2.
Question50Marks: 2
The process of hiding messages within the digital encoding of a picture or graphic is called ____________________.
Answer:
authentication
Vernam
payload
steganography
CorrectMarks for this submission: 2/2.
Chapter 9 Review Questions
Question1Marks: 2
A(n) _________________________ is a small enclosure that has separate entry and exit points.
Answer:
CorrectMarks for this submission: 2/2.
Question2Marks: 2
A common form of mechanical locks are electric strike locks, which (usually) require people to announce themselves before being “buzzed” through a locked door.
Answer:
True False
CorrectMarks for this submission: 2/2.
Question3Marks: 2
A(n) _________________________ system has pressurized water in all pipes and has some form of valve in each protected area.
Answer:
CorrectMarks for this submission: 2/2.
Question4Marks: 2
A(n) _________________________ is typically worn concealed.
Answer:
mantrap
w et-pipe
identif ication card
CorrectMarks for this submission: 2/2.
Question5Marks: 2
A variation of the dry-pipe system is the pre-action system, which has a two-phase response to a fire.
Answer:
True False
CorrectMarks for this submission: 2/2.
Question6Marks: 2
Interference with the normal pattern of the electrical current is also referred to as _________________________.
Answer:
CorrectMarks for this submission: 2/2.
Question7Marks: 2
The U.S. government has developed a program, named _________________________ to reduce the risk of EMR monitoring.
Answer:
CorrectMarks for this submission: 2/2.
Question8Marks: 2
Fire detection systems fall into two general categories: manual and electrical.
Answer:
True False
IncorrectMarks for this submission: 0/2.
Question9Marks: 2
noise
TEMPEST
Some sprinkler systems, called _________________________ systems, keep open all of the individual sprinkler heads, and as soon as the system is activated, water is immediately applied to all areas.
Answer:
CorrectMarks for this submission: 2/2.
Question10Marks: 2
Grounding ensures that the returning flow of current is properly discharged to the ground.
Answer:
True False
CorrectMarks for this submission: 2/2.
Question11Marks: 2
____ occurs when an authorized person presents a key to open a door, and other people, who may or may not be authorized, also enter.
Choose one answer.
a. Crowdsurfing
b. Tailgating
c. Freeloading
d. Hitchhiking
CorrectMarks for this submission: 2/2.
Question12Marks: 2
Smoke detection systems are perhaps the most common means of detecting a potentially dangerous fire, and they are required by building codes in most residential dwellings and commercial buildings.
Answer:
True False
CorrectMarks for this submission: 2/2.
deluge
Question13Marks: 2
Guards can evaluate each situation as it arises and make reasoned responses.
Answer:
True False
CorrectMarks for this submission: 2/2.
Question14Marks: 2
A ____ system is designed to work in areas where electrical equipment is used. Instead of containing water, the system contains pressurized air.
Choose one answer.
a. wet-pipe
b. dry-pipe
c. deluge
d. sprinkler
CorrectMarks for this submission: 2/2.
Question15Marks: 2
A(n) _________________________ or offline UPS is an offline battery backup that detects the interruption of power to the power equipment.
Answer:
CorrectMarks for this submission: 2/2.
Question16Marks: 2
UPS devices typically run up to ____ VA.
Choose one answer.
a. 100
standby
b. 250
c. 500
d. 1,000
CorrectMarks for this submission: 2/2.
Question17Marks: 2
A wet-pipe system is usually considered appropriate in computer rooms.
Answer:
True False
CorrectMarks for this submission: 2/2.
Question18Marks: 2
In the ____ UPS, the internal components of the standby models are replaced with a pair of inverters and converters.
Choose one answer.
a. line-interactive
b. ferroresonant
c. true online
d. offline
CorrectMarks for this submission: 2/2.
Question19Marks: 2
A device that assures the delivery of electric power without interruption is a(n) ____.
Choose one answer.
a. GFCI
b. HVAC
c. GPS
d. UPS
CorrectMarks for this submission: 2/2.
Question20Marks: 2
The temperature of ignition is called the _________________________ of a material.
Answer:
CorrectMarks for this submission: 2/2.
Question21Marks: 2
Cold detectors measure rates of change in the ambient temperature in the room.
Answer:
True False
CorrectMarks for this submission: 2/2.
Question22Marks: 2
Class _________________________fires are extinguished by agents that interrupt the ability of the fuel to be ignited.
Answer:
CorrectMarks for this submission: 2/2.
Question23Marks: 2
The most sophisticated locks are ____ locks.
Choose one answer.
a. manual
b. programmable
c. electronic
f lame point
A
d. biometric
CorrectMarks for this submission: 2/2.
Question24Marks: 2
All liquid systems are designed to apply liquid, usually water, to all areas in which a fire has been detected.
Answer:
True False
CorrectMarks for this submission: 2/2.
Question25Marks: 2
A specialized type of keycard reader is the _________________________ reader, which allows individuals simply to place their cards within the reader’s range.
Answer:
CorrectMarks for this submission: 2/2.
Question26Marks: 2
Fire ____ systems are devices installed and maintained to detect and respond to a fire, potential fire, or combustion danger situation.
Choose one answer.
a. detection
b. suppression
c. protection
d. prevention
IncorrectMarks for this submission: 0/2.
Question27Marks: 2
proximity
Videoconferencing is off site computing that uses Internet connections, dialup connections, connections over leased point-to-point links between offices, and other connection mechanisms.
Answer:
True False
CorrectMarks for this submission: 2/2.
Question28Marks: 2
One of the leading causes of damage to sensitive circuitry is ____.
Choose one answer.
a. CPU
b. EPA
c. ESD
d. HVAC
CorrectMarks for this submission: 2/2.
Question29Marks: 2
Class ____ fires are extinguished with non-conducting agents only.
Choose one answer.
a. A
b. B
c. C
d. D
CorrectMarks for this submission: 2/2.
Question30Marks: 2
Gaseous emission systems can be used in the suppression of fires.
Answer:
True False
CorrectMarks for this submission: 2/2.
Question31Marks: 2
Computing and other electrical equipment in areas where water can accumulate must be uniquely grounded, using ____ equipment.
Choose one answer.
a. UPS
b. HVAC
c. GFCI
d. ESD
CorrectMarks for this submission: 2/2.
Question32Marks: 2
Electronic monitoring includes ____ systems.
Choose one answer.
a. blocked video
b. local video
c. open-circuit television
d. closed-circuit television
CorrectMarks for this submission: 2/2.
Question33Marks: 2
The thermal detection systems contain a sophisticated heat _________________________.
Answer:
Correct
sensor
Marks for this submission: 2/2.
Question34Marks: 2
The _________________________ detector is a sensor that detects the infrared or ultraviolet light produced by an open flame.
Answer:
CorrectMarks for this submission: 2/2.
Question35Marks: 2
____ involves a wide variety of computing sites that are distant from the base organizational facility and includes all forms of telecommuting.
Choose one answer.
a. Remote site computing
b. Telecommuting
c. Remote working
d. Hot site computing
CorrectMarks for this submission: 2/2.
Question36Marks: 2
Class ____ fires are extinguished by agents that remove oxygen from the fire.
Choose one answer.
a. A
b. B
c. C
d. D
CorrectMarks for this submission: 2/2.
Question37
f lame
Marks: 2
The _________________________ lock may rely on a key that is a carefully shaped piece of metal, which is rotated to turn tumblers that release secured loops of steel, aluminum, or brass.
Answer:
CorrectMarks for this submission: 2/2.
Question38Marks: 2
____ locks can be changed after they are put in service, allowing for combination or key changes without a locksmith and even allowing the owner to change to another access method (key or combination) to upgrade security.
Choose one answer.
a. Programmable
b. Manual
c. Biometric
d. Electronic
CorrectMarks for this submission: 2/2.
Question39Marks: 2
Mechanical locks can accept a variety of inputs as keys, including magnetic strips on ID cards, radio signals from name badges, personal identification numbers (PINs) typed into a keypad, or some combination of these to activate an electrically powered servo to unlock the mechanism.
Answer:
True False
CorrectMarks for this submission: 2/2.
Question40Marks: 2
A name badge is typically worn concealed.
Answer:
True False
mechanical
IncorrectMarks for this submission: 0/2.
Question41Marks: 2
In the ____ approach, the sensor detects an unusually rapid increase in the area temperature within a relatively short period of time.
Choose one answer.
a. fixed temperature
b. permanent temperature
c. fixed rate
d. rate-of-rise
CorrectMarks for this submission: 2/2.
Question42Marks: 2
A secure _________________________ is a physical location that has in place controls to minimize the risk of attacks from physical threats.
Answer:
IncorrectCorrect answer: facilityMarks for this submission: 0/2.
Question43Marks: 2
Building codes require that each floor have a number of _________________________, or walls that limit the spread of damage should a fire break out in an office.
Answer:
CorrectMarks for this submission: 2/2.
Question44Marks: 2
Carbon dioxide systems rob fire of its oxygen.
secure
firew alls
Answer:
True False
CorrectMarks for this submission: 2/2.
Question45Marks: 2
_________________________ detect movement within a confined space and are either active or passive.
Answer:
CorrectMarks for this submission: 2/2.
Question46Marks: 2
Halon is one of a few chemicals designated as a(n) _________________________ agent, which means that it does not leave any residue after use, nor does it interfere with the operation of electrical or electronic equipment.
Answer:
CorrectMarks for this submission: 2/2.
Question47Marks: 2
Class C fires are those fueled by combustible metals, such as magnesium, lithium, and sodium.
Answer:
True False
CorrectMarks for this submission: 2/2.
Question48Marks: 2
Interior walls reach only part way to the next floor, which leaves a space above the ceiling of the offices but below the top of the storey. This space is called a(n) ____.
Choose one answer.
Motion detectors
clean
a. kneespace
b. attic
c. plenum
d. padding
CorrectMarks for this submission: 2/2.
Question49Marks: 2
Manual fire detection, include human responses, such as calling the fire department, as well as manually activated alarms, such as sprinklers and gaseous systems.
Answer:
True False
CorrectMarks for this submission: 2/2.
Question50Marks: 2
Most guards have clear ____ that help them to act decisively in unfamiliar situations.
Choose one answer.
a. MACs
b. SOPs
c. POSs
d. OPSs
CorrectMarks for this submission: 2/2.
Chapter 10 Review Questions
Question1
Marks: 2
The Lewin change model consists of ____.
Finish review
Choose one answer.
a. unfreezing
b. moving
c. refreezing
d. All of the above
CorrectMarks for this submission: 2/2.
Question2Marks: 2
If the task is to write firewall specifications for the preparation of a(n) ____, the planner would note that the deliverable is a specification document suitable for distribution to vendors.
Choose one answer.
a. WBS
b. CBA
c. SDLC
d. RFP
CorrectMarks for this submission: 2/2.
Question3Marks: 2
Regardless of where in the budget information security items are located, monetary ____________________ determine what can (and cannot) be accomplished.
Answer:
CorrectMarks for this submission: 2/2.
Question4Marks: 2
Once a project is underway, it is managed to completion using a process known as a negative ____________________ loop.
Answer:
constraints
CorrectMarks for this submission: 2/2.
Question5Marks: 2
A(n) ____________________ implementation is the most common conversion strategy and involves a measured rollout of the planned system with a part of the whole being brought out and disseminated across an organization before the next piece is implemented.
Answer:
CorrectMarks for this submission: 2/2.
Question6Marks: 2
Corrective action decisions are usually expressed in terms of trade-offs.
Answer:
True False
IncorrectMarks for this submission: 0/2.
Question7Marks: 2
A proven method for prioritizing a program of complex change is the bull’s-eye method.
Answer:
True False
CorrectMarks for this submission: 2/2.
Question8Marks: 2
One of the oldest models of change is the ____________________ change model.
Answer:
CorrectMarks for this submission: 2/2.
feedback
phased
Lew in
Question9Marks: 2
Each organization has to determine its own project management methodology for IT and information security projects.
Answer:
True False
CorrectMarks for this submission: 2/2.
Question10Marks: 2
Every organization needs to develop an information security department or program of its own.
Answer:
True False
CorrectMarks for this submission: 2/2.
Question11Marks: 2
ERP stands for enterprise ____________________ planning.
Answer:
CorrectMarks for this submission: 2/2.
Question12Marks: 2
In general, the design phase is accomplished by changing the configuration and operation of the organization’s information systems to make them more secure.
Answer:
True False
CorrectMarks for this submission: 2/2.
Question13Marks: 2
Management should coordinate the organization’s information security vision and objectives with the communities of ____________________ involved in the execution of the plan.
resource
Answer:
CorrectMarks for this submission: 2/2.
Question14Marks: 2
In the early stages of planning, the project planner should attempt to specify completion dates only for major employees within the project.
Answer:
True False
CorrectMarks for this submission: 2/2.
Question15Marks: 2
The ____ layer of the bulls-eye model receives attention last.
Choose one answer.
a. Policies
b. Networks
c. Systems
d. Applications
CorrectMarks for this submission: 2/2.
Question16Marks: 2
JAD stands for ____________________ application development.
Answer:
CorrectMarks for this submission: 2/2.
Question17Marks: 2
Most information security projects require a trained project CEO.
interest
joint
Answer:
True False
IncorrectMarks for this submission: 0/2.
Question18Marks: 2
Planners need to estimate the effort required to complete each task, subtask, or action step.
Answer:
True False
CorrectMarks for this submission: 2/2.
Question19Marks: 2
All organizations should designate a champion from the general management community of interest to supervise the implementation of an information security project plan.
Answer:
True False
CorrectMarks for this submission: 2/2.
Question20Marks: 2
A task or subtask becomes an action step when it can be completed by one individual or skill set and when it includes a single deliverable.
Answer:
True False
IncorrectMarks for this submission: 0/2.
Question21Marks: 2
In the ____ process, measured results are compared to expected results.
Choose one answer.
a. negative feedback loop
b. wrap-up
c. direct changeover
d. turnover
CorrectMarks for this submission: 2/2.
Question22Marks: 2
The level of resistance to ____________________ impacts the ease with which an organization is able to implement the procedural and managerial changes.
Answer:
CorrectMarks for this submission: 2/2.
Question23Marks: 2
Medium- and large-sized organizations deal with the impact of technical change on the operation of the organization through a(n) ____________________ control process.
Answer:
CorrectMarks for this submission: 2/2.
Question24Marks: 2
In a ____ implementation, the entire security system is put in place in a single office, department, or division, and issues that arise are dealt with before expanding to the rest of the organization.
Choose one answer.
a. loop
b. direct
c. parallel
d. pilot
CorrectMarks for this submission: 2/2.
change
change
Question25Marks: 2
The goal of the ____ is to resolve any pending issues, critique the overall effort of the project, and draw conclusions about how to improve the process for the future.
Choose one answer.
a. direct changeover
b. wrap-up
c. phased implementation
d. pilot implementation
CorrectMarks for this submission: 2/2.
Question26Marks: 2
A direct changeover is also known as going “fast turnkey.”
Answer:
True False
CorrectMarks for this submission: 2/2.
Question27Marks: 2
By managing the ____, the organization can reduce unintended consequences by having a process to resolve potential conflict and disruption that uncoordinated change can introduce.
Choose one answer.
a. changeover
b. wrap-up
c. process of change
d. governance
CorrectMarks for this submission: 2/2.
Question28Marks: 2
A cybernetic loop ensures that progress is measured periodically.
Answer:
True False
CorrectMarks for this submission: 2/2.
Question29Marks: 2
The ____ layer of the bulls-eye model includes computers used as servers, desktop computers, and systems used for process control and manufacturing systems.
Choose one answer.
a. Policies
b. Networks
c. Systems
d. Applications
CorrectMarks for this submission: 2/2.
Question30Marks: 2
The ____ involves collecting information about an organization’s objectives, its technical architecture, and its information security environment.
Choose one answer.
a. SISC
b. SecSDLC
c. DLC
d. SIDLC
CorrectMarks for this submission: 2/2.
Question31Marks: 2
Project ____________________ describes the amount of time and effort-hours needed to deliver the planned features and quality level of the project deliverables.
Answer:
CorrectMarks for this submission: 2/2.
Question32Marks: 2
A(n) _____________________ is a completed document or program module that can either serve as the beginning point for a later task or become an element in the finished project.
Answer:
CorrectMarks for this submission: 2/2.
Question33Marks: 2
Technology _____________________ is a complex process that organizations use to manage the affects and costs of technology implementation, innovation, and obsolescence.
Answer:
CorrectMarks for this submission: 2/2.
Question34Marks: 2
The date for sending the final RFP to vendors is considered a(n) ____, because it signals that all RFP preparation work is complete.
Choose one answer.
a. intermediate step
b. resource
c. milestone
d. deliverable
IncorrectMarks for this submission: 0/2.
Question35
scope
deliverable
governance
Marks: 2
Each for-profit organization determines its capital budget and the rules for managing capital spending and expenses the same way.
Answer:
True False
IncorrectMarks for this submission: 0/2.
Question36Marks: 2
Tasks or action steps that come after the task at hand are called ____.
Choose one answer.
a. predecessors
b. successors
c. children
d. parents
IncorrectMarks for this submission: 0/2.
Question37Marks: 2
Some cases of ____ are simple, such as requiring employees to use a new password beginning on an announced date.
Choose one answer.
a. phased implementation
b. direct changeover
c. pilot implementation
d. wrap-up
CorrectMarks for this submission: 2/2.
Question38Marks: 2
During the implementation phase, the organization translates its blueprint for information security into a concrete project ____________________.
Answer:
CorrectMarks for this submission: 2/2.
Question39Marks: 2
Technology ____ guides how frequently technical systems are updated, and how technical updates are approved and funded.
Choose one answer.
a. wrap-up
b. governance
c. turnover
d. changeover
CorrectMarks for this submission: 2/2.
Question40Marks: 2
A(n) ____, typically prepared in the analysis phase of the SecSDLC, must be reviewed and verified prior to the development of the project plan.
Choose one answer.
a. RFP
b. WBS
c. SDLC
d. CBA
CorrectMarks for this submission: 2/2.
Question41Marks: 2
plan
Project managers can reduce resistance to change by involving employees in the project plan. In systems development, this is referred to as ____.
Choose one answer.
a. DMZ
b. SDLC
c. WBS
d. JAD
CorrectMarks for this submission: 2/2.
Question42Marks: 2
A ____ is usually the best approach to security project implementation.
Choose one answer.
a. direct changeover
b. phased implementation
c. pilot implementation
d. parallel operation
CorrectMarks for this submission: 2/2.
Question43Marks: 2
DMZ is the primary way to secure an organization’s networks.
Answer:
True False
IncorrectMarks for this submission: 0/2.
Question44Marks: 2
Planning for the implementation phase of a security project requires the creation of a detailed project plan.
Answer:
True False
CorrectMarks for this submission: 2/2.
Question45Marks: 2
A direct ____________________ involves stopping the old method and beginning the new.
Answer:
IncorrectCorrect answer: changeoverMarks for this submission: 0/2.
Question46Marks: 2
A(n) ____________________ is a specific point in the project plan when a task that has a noticeable impact on the progress of the project plan is complete.
Answer:
CorrectMarks for this submission: 2/2.
Question47Marks: 2
The project planner should describe the skill set or person, often called a(n) ____________________, needed to accomplish a task.
Answer:
CorrectMarks for this submission: 2/2.
Question48Marks: 2
Public organizations often have “____” to spend all their remaining funds before the end of the fiscal year.
Choose one answer.
a. end-of-fiscal-year spending-sprees
direct
milestone
resource
b. end-of-year spend-a-thons
c. end-of-fiscal spending-sprees
d. end-of-fiscal-year spend-a-thons
CorrectMarks for this submission: 2/2.
Question49Marks: 2
An ideal organization fosters resilience to change.
Answer:
True False
IncorrectMarks for this submission: 0/2.
Question50Marks: 2
Tasks or action steps that come after the task at hand are called ____________________.
Answer:
CorrectMarks for this submission: 2/2.
Chapter 11 Review Quiz
Review of attempt 1
Question1Marks: 2
____ are often involved in national security and cyber-security tasks and move from those environments into the more business-oriented world of information security.
Choose one answer.
a. Marketing managers
b. Military personnel
c. Business analysts
successors
d. Lawyers
CorrectMarks for this submission: 2/2.
Question2Marks: 2
CISOs are ____________________ managers first.
Answer:
CorrectMarks for this submission: 2/2.
Question3Marks: 2
A(n) “____________________ agency” is an agency that provides specifically qualified individuals at the paid request of another company.
Answer:
CorrectMarks for this submission: 2/2.
Question4Marks: 2
The ____ examination is designed to provide CISSPs with a mechanism to demonstrate competence in the more in-depth and concentrated requirements of information security management.
Choose one answer.
a. ISSMP
b. ISSAP
c. CISSPM
d. CISSMP
CorrectMarks for this submission: 2/2.
Question5Marks: 2
In recent years, the ____ certification program has added a set of concentration exams.
business
temp
Choose one answer.
a. ISSEP
b. ISSMP
c. ISSAP
d. CISSP
CorrectMarks for this submission: 2/2.
Question6Marks: 2
It is important to gather employee ____________________ early about the information security program and respond to it quickly.
Answer:
CorrectMarks for this submission: 2/2.
Question7Marks: 2
Each CISSP concentration exam consists of 25 to 50 questions.
Answer:
True False
CorrectMarks for this submission: 2/2.
Question8Marks: 2
Employees should be provided access to the minimal amount of information for the minimal amount of time necessary for them to perform their duties. This is referred to as the principle of ____________________.
Answer:
CorrectMarks for this submission: 2/2.
Question9
feedback
least privilege
Marks: 2
SANS developed a series of technical security certifications in 1999 that are known as the Global Information ____________________ Certification or GIAC family of certifications.
Answer:
CorrectMarks for this submission: 2/2.
Question10Marks: 2
The ____________________ acts as the spokesperson for the information security team.
Answer:
CorrectMarks for this submission: 2/2.
Question11Marks: 2
____ are the technically qualified individuals tasked to configure firewalls, deploy IDSs, implement security software, diagnose and troubleshoot problems, and coordinate with systems and network administrators to ensure that an organization’s security technology is properly implemented.
Choose one answer.
a. CSOs
b. CISOs
c. Security managers
d. Security technicians
CorrectMarks for this submission: 2/2.
Question12Marks: 2
____ are hired by the organization to serve in a temporary position or to supplement the existing workforce.
Choose one answer.
Assurance
CISO
a. Temporary employees
b. Consultants
c. Contractors
d. Self-employees
CorrectMarks for this submission: 2/2.
Question13Marks: 2
Sometimes onsite contracted employees are self-employed or are employees of an organization hired for a specific, one-time purpose. These people are typically referred to as ____________________.
Answer:
CorrectMarks for this submission: 2/2.
Question14Marks: 2
In many organizations, information security teams lacks established roles and responsibilities.
Answer:
True False
CorrectMarks for this submission: 2/2.
Question15Marks: 2
The SCP certification provides three tracks: the SCNS (Security Certified Network Specialist); the SCNP (Security Certified Network Professional); and the SCNA (Security Certified Network ____________________).
Answer:
CorrectMarks for this submission: 2/2.
Question16Marks: 2
consultants
Architect
The ____________________ of (ISC)2 program is geared toward those who want to take the CISSP or SSCP exams before obtaining the requisite experience for certification.
Answer:
CorrectMarks for this submission: 2/2.
Question17Marks: 2
Administrators provide the policies, guidelines and standards in the Schwartz, Erwin,Weafer, and Briney classification.
Answer:
True False
CorrectMarks for this submission: 2/2.
Question18Marks: 2
A study of information security positions, done by Schwartz, Erwin,Weafer, and Briney, found that positions can be classified into one of ____ areas.
Choose one answer.
a. two
b. three
c. four
d. five
CorrectMarks for this submission: 2/2.
Question19Marks: 2
In the business world, background checks determine the individual’s level of security classification, a requirement for many positions.
Answer:
True False
Incorrect
Associate
Marks for this submission: 0/2.
Question20Marks: 2
The ____ program focuses more on building trusted networks, including biometrics and PKI.
Choose one answer.
a. NFC
b. SCNP
c. PKI
d. SCNA
CorrectMarks for this submission: 2/2.
Question21Marks: 2
The ____ position is typically considered the top information security officer in the organization.
Choose one answer.
a. CISO
b. CFO
c. CTO
d. CEO
CorrectMarks for this submission: 2/2.
Question22Marks: 2
ISSAP stands for Information Systems Security Architecture Professional.
Answer:
True False
CorrectMarks for this submission: 2/2.
Question23Marks: 2
The information security function can be placed within the ____.
Choose one answer.
a. insurance and risk management function
b. administrative services function
c. legal department
d. All of the above
CorrectMarks for this submission: 2/2.
Question24Marks: 2
ISSMP stands for Information Systems Security Monitoring Professional.
Answer:
True False
CorrectMarks for this submission: 2/2.
Question25Marks: 2
Security ____________________ are accountable for the day-to-day operation of the information security program.
Answer:
CorrectMarks for this submission: 2/2.
Question26Marks: 2
Related to the concept of separation of duties is that of ____________________, the requirement that two individuals review and approve each other’s work before the task is categorized as finished.
Answer:
CorrectMarks for this submission: 2/2.
Question27
managers
tw o-person control
Marks: 2
The breadth and depth covered in each of the domains makes the ____ one of the most difficult-to-attain certifications on the market.
Choose one answer.
a. NSA
b. CISO
c. CISSP
d. ISEP
CorrectMarks for this submission: 2/2.
Question28Marks: 2
ISSEP was developed under a joint agreement between the FBI and the United States National Security Agency, Information Assurance Directorate.
Answer:
True False
CorrectMarks for this submission: 2/2.
Question29Marks: 2
All of the existing certifications are fully understood by hiring organizations.
Answer:
True False
CorrectMarks for this submission: 2/2.
Question30Marks: 2
System Administration, Networking, and Security Organization is better known as ____.
Choose one answer.
a. SANO
b. SAN
c. SANS
d. SANSO
CorrectMarks for this submission: 2/2.
Question31Marks: 2
Once an information security function’s organizational position has been determined, the challenge is to design a(n) ____________________ structure for the information security function that balances the competing needs of each of the communities of interest.
Answer:
CorrectMarks for this submission: 2/2.
Question32Marks: 2
ISSEP stands for Information Systems Security Expert Professional.
Answer:
True False
CorrectMarks for this submission: 2/2.
Question33Marks: 2
The Information Systems ____________________ and Control Association offers the CISA certification for auditing, networking, and security professionals.
Answer:
CorrectMarks for this submission: 2/2.
Question34Marks: 2
Separation of ____________________ is used to reduce the chance of an individual violating information security and breaching the confidentiality, integrity, or availability of information.
reporting
Audit
Answer:
CorrectMarks for this submission: 2/2.
Question35Marks: 2
A mandatory furlough provides the organization with the ability to audit the work of an individual.
Answer:
True False
CorrectMarks for this submission: 2/2.
Question36Marks: 2
____ are the real techies who create and install security solutions.
Choose one answer.
a. Builders
b. Administrators
c. Senior managers
d. Definers
CorrectMarks for this submission: 2/2.
Question37Marks: 2
The organization should conduct a behavioral feasibility study before the ____________________ phase.
Answer:
CorrectMarks for this submission: 2/2.
Question38Marks: 2
GIAC stands for Global Information Architecture Certification.
duties
implementation
Answer:
True False
CorrectMarks for this submission: 2/2.
Question39Marks: 2
Many information security professionals enter the field from traditional ____ assignments.
Choose one answer.
a. HR
b. BA
c. IT
d. All of the above
CorrectMarks for this submission: 2/2.
Question40Marks: 2
Builders operate and administrate the security tools and the security monitoring function and continuously improve the processes, performing all the day-to-day work.
Answer:
True False
IncorrectMarks for this submission: 0/2.
Question41Marks: 2
Friendly departures include termination for cause, permanent downsizing, temporary lay-off, or some instances of quitting.
Answer:
True False
CorrectMarks for this submission: 2/2.
Question42Marks: 2
ISACA stands for Information Systems Automation and Control Association.
Answer:
True False
CorrectMarks for this submission: 2/2.
Question43Marks: 2
Job ____________________ can greatly increase the chance that an employee’s misuse of the system or abuse of the information will be detected by another.
Answer:
CorrectMarks for this submission: 2/2.
Question44Marks: 2
The applicant for the CISM must provide evidence of ____ years of professional work experience in the field of information security, with a waiver or substitution of up to two years for education or previous certification.
Choose one answer.
a. five
b. eight
c. ten
d. twelve
CorrectMarks for this submission: 2/2.
Question45Marks: 2
Many organizations use a(n) ____ interview to remind the employee of contractual obligations, such as nondisclosure agreements, and to obtain feedback on the employee’s tenure in the organization.
Choose one answer.
a. hostile
rotation
b. departure
c. exit
d. termination
CorrectMarks for this submission: 2/2.
Question46Marks: 2
The model used often by large organizations places the information security department within the ____ department.
Choose one answer.
a. management
b. information technology
c. financial
d. production
CorrectMarks for this submission: 2/2.
Question47Marks: 2
The SSCP exam consists of ____ multiple-choice questions, and must be completed within three hours.
Choose one answer.
a. 75
b. 100
c. 125
d. 225
CorrectMarks for this submission: 2/2.
Question48Marks: 2
Information security should be visible to the users.
Answer:
True False
CorrectMarks for this submission: 2/2.
Question49Marks: 2
Once a candidate has accepted a job offer, the ____________________ becomes an important security instrument.
Answer:
CorrectMarks for this submission: 2/2.
Question50Marks: 2
In most cases, organizations look for a technically qualified information security generalist who has a solid understanding of how an organization operates.
Answer:
True False
CorrectMarks for this submission: 2/2.
Chapter 12 Review Questions
Review of attempt 1
Question1
Marks: 2
The ____ mailing list includes announcements and discussion of an open-source IDPS.
Choose one answer.
a. Nmap-hackers
b. Packet Storm
employment contract
Finish review
Finish review
c. Security Focus
d. Snort-sigs
CorrectMarks for this submission: 2/2.
Question2Marks: 2
A maintenance model such as the ISO model deals with methods to manage and operate systems.
Answer:
True False
IncorrectMarks for this submission: 0/2.
Question3Marks: 2
The optimum approach for escalation is based on a thorough integration of the monitoring process into the ____.
Choose one answer.
a. IDE
b. CERT
c. ERP
d. IRP
CorrectMarks for this submission: 2/2.
Question4Marks: 2
The ____ process is designed to find and document the vulnerabilities that may be present because there are misconfigured systems in use within the organization.
Choose one answer.
a. ASP
b. ISP
c. SVP
d. PSV
CorrectMarks for this submission: 2/2.
Question5Marks: 2
As the help desk personnel screen problems, they must also track the activities involved in resolving each complaint in a help desk ____________________system.
Answer:
CorrectMarks for this submission: 2/2.
Question6Marks: 2
A trouble ticket is closed when a user calls about an issue.
Answer:
True False
CorrectMarks for this submission: 2/2.
Question7Marks: 2
A(n) ____________________ risk is one that is higher than the risk appetite of the organization.
Answer:
CorrectMarks for this submission: 2/2.
Question8Marks: 2
The proven cases of real vulnerabilities can be considered vulnerability ____________________.
Answer:
CorrectMarks for this submission: 2/2.
Question9
information
signif icant
instances
Marks: 2
A(n) war game puts a subset of plans in place to create a realistic test environment.
Answer:
True False
CorrectMarks for this submission: 2/2.
Question10Marks: 2
There are ____ common vulnerability assessment processes.
Choose one answer.
a. two
b. three
c. four
d. five
CorrectMarks for this submission: 2/2.
Question11Marks: 2
CERTs stands for computer emergency recovery teams.
Answer:
True False
CorrectMarks for this submission: 2/2.
Question12Marks: 2
As an alternative view of the way data flows into the monitoring process, a(n) ____ approach may prove useful.
Choose one answer.
a. DTD
b. DFD
c. Schema
d. ERP
CorrectMarks for this submission: 2/2.
Question13Marks: 2
The process of collecting detailed information about devices in a network is often referred to as ____________________.
Answer:
CorrectMarks for this submission: 2/2.
Question14Marks: 2
All systems that are mission critical should be enrolled in PSV measurement.
Answer:
True False
CorrectMarks for this submission: 2/2.
Question15Marks: 2
A performance ____________________ is an expected level of performance against which all subsequent levels of performance are compared.
Answer:
CorrectMarks for this submission: 2/2.
Question16Marks: 2
The primary objective of the planning and risk ____________________ domain is to keep a lookout over the entire information security program.
Answer:
characterization
baseline
assessment
CorrectMarks for this submission: 2/2.
Question17Marks: 2
The primary goal of the readiness and ____________________ domain is to keep the information security program functioning as designed and to keep it continuously improving over time.
Answer:
CorrectMarks for this submission: 2/2.
Question18Marks: 2
An effective information security governance program requires constant change.
Answer:
True False
CorrectMarks for this submission: 2/2.
Question19Marks: 2
Detailed ____ on the highest risk warnings can include identifying which vendor updates apply to which vulnerabilities as well as which types of defenses have been found to work against the specific vulnerabilities reported.
Choose one answer.
a. escalation
b. intelligence
c. monitoring
d. elimination
CorrectMarks for this submission: 2/2.
Question20Marks: 2
ISO 27001 Information Security Handbook: A Guide for Managers provides managerial guidance for the establishment and implementation of an information security program.
review
Answer:
True False
IncorrectMarks for this submission: 0/2.
Question21Marks: 2
A(n) ____________________ analysis is a procedure that compares the current state of a network segment (the systems and services it offers) against a known previous state of that same network segment (the baseline of systems and services).
Answer:
CorrectMarks for this submission: 2/2.
Question22Marks: 2
Organizations should perform a(n) ____________________ assessment of their information security programs.
Answer:
CorrectMarks for this submission: 2/2.
Question23Marks: 2
The ____ list is intended to facilitate the development of a free network exploration tool.
Choose one answer.
a. Nmap-hackers
b. Packet Storm
c. Security Focus
d. Snort-sigs
CorrectMarks for this submission: 2/2.
Question24
difference
annual
Marks: 2
A(n) ____ is a statement of the boundaries of the RA.
Choose one answer.
a. scope
b. disclaimer
c. footer
d. head
CorrectMarks for this submission: 2/2.
Question25Marks: 2
The ____ commercial site focuses on current security tool resources.
Choose one answer.
a. Nmap-hackers
b. Packet Storm
c. Security Laser
d. Snort-sigs
CorrectMarks for this submission: 2/2.
Question26Marks: 2
All telephone numbers controlled by an organization should be tested for modem vulnerability, unless the configuration of the phone equipment on premises can assure that no number can be dialed from the worldwide telephone system.
Answer:
True False
IncorrectMarks for this submission: 0/2.
Question27Marks: 2
Rehearsals that closely match reality are called ____________________ games.
Answer:
CorrectMarks for this submission: 2/2.
Question28Marks: 2
The Analysis step of Internet vulnerability assessment is when a knowledgeable and experienced vulnerability analyst screens the test results for the ____________________vulnerabilities logged during scanning.
Answer:
CorrectMarks for this submission: 2/2.
Question29Marks: 2
The steps of the Internet vulnerability assessment include ____, which is when the penetration test engine is unleashed at the scheduled time using the planned target list and test selection.
Choose one answer.
a. scanning
b. target selection
c. test selection
d. analysis
CorrectMarks for this submission: 2/2.
Question30Marks: 2
The primary goal of the ____________________ monitoring domain is to maintain an informed awareness of the state of all of the organization’s networks, information systems, and information security defenses.
Answer:
CorrectMarks for this submission: 2/2.
w ar
candidate
internal
Question31Marks: 2
UN-CERT is a set of moderated mailing lists full of detailed, full-disclosure discussions and announcements about computer security vulnerabilities.
Answer:
True False
CorrectMarks for this submission: 2/2.
Question32Marks: 2
The primary mailing list, called simply ____, provides time-sensitive coverage of emerging vulnerabilities, documenting how they are exploited, and reporting on how to remediate them. Individuals can register for the flagship mailing list or any one of the entire family of its mailing lists.
Choose one answer.
a. Bug
b. Bugfix
c. Buglist
d. Bugtraq
CorrectMarks for this submission: 2/2.
Question33Marks: 2
In ____________________ selection, all areas of the organization’s premises should be scanned with a portable wireless network scanner.
Answer:
CorrectMarks for this submission: 2/2.
Question34Marks: 2
The ____________________ interconnections are network devices, communications channels, and applications that may not be owned by the organization but are essential to the continued operation of the organization’s partnership with another company.
target
Answer:
CorrectMarks for this submission: 2/2.
Question35Marks: 2
Documentation procedures are not required for configuration and change management processes.
Answer:
True False
CorrectMarks for this submission: 2/2.
Question36Marks: 2
The objective of the external ____________________ domain within the maintenance model is to provide the early awareness of new and emerging threats, threat agents, vulnerabilities, and attacks that the organization needs in order to mount an effective and timely defense.
Answer:
CorrectMarks for this submission: 2/2.
Question37Marks: 2
An intranet scan starts with an Internet search engine.
Answer:
True False
CorrectMarks for this submission: 2/2.
Question38Marks: 2
The primary goal of the vulnerability assessment and ____________________ domain is to identify specific, documented vulnerabilities and remediate them in a timely fashion.
Answer:
partner
monitoring
remediation
CorrectMarks for this submission: 2/2.
Question39Marks: 2
Digital forensics helps the organization understand what happened and how.
Answer:
True False
CorrectMarks for this submission: 2/2.
Question40Marks: 2
An example of the type of vulnerability exposed via traffic analysis occurs when an organization is trying to determine if all its device signatureshave been adequately masked.
Answer:
True False
CorrectMarks for this submission: 2/2.
Question41Marks: 2
The ____ vulnerability assessment process is designed to find and document selected vulnerabilities that are likely to be present on the internal network of the organization.
Choose one answer.
a. intranet
b. Internet
c. LAN
d. WAN
CorrectMarks for this submission: 2/2.
Question42Marks: 2
Court decisions generally do not impact agency policy.
Answer:
True False
CorrectMarks for this submission: 2/2.
Question43Marks: 2
An effective security program demands comprehensive and continuous understanding of program and system configuration.
Answer:
True False
CorrectMarks for this submission: 2/2.
Question44Marks: 2
A ____ is the recorded state of a particular revision of a software or hardware configuration item.
Choose one answer.
a. state
b. version
c. configuration
d. baseline
CorrectMarks for this submission: 2/2.
Question45Marks: 2
One approach that can improve the situational awareness of the information security function uses a process known as ____ to quickly identify changes to the internal environment.
Choose one answer.
a. baseline
b. difference analysis
c. differential
d. revision
CorrectMarks for this submission: 2/2.
Question46Marks: 2
CM assists in streamlining change management processes and prevents changes that could detrimentally affect the security posture of a system before they happen.
Answer:
True False
CorrectMarks for this submission: 2/2.
Question47Marks: 2
The ____ vulnerability assessment process is designed to find and document any vulnerability that is present on dial-up modems connected to the organization’s networks.
Choose one answer.
a. modem
b. phone
c. dial-up
d. network
CorrectMarks for this submission: 2/2.
Question48Marks: 2
A key component in the engine that drives change in the information security program is a relatively straightforward process called an information security ____________________ risk assessment.
Answer:
CorrectMarks for this submission: 2/2.
Question49Marks: 2
A(n) ____ item is a hardware or software item that is to be modified and revised throughout its life cycle.
operational
Choose one answer.
a. revision
b. update
c. change
d. configuration
CorrectMarks for this submission: 2/2.
Question50Marks: 2
The ____ is a center of Internet security expertise and is located at the Software Engineering Institute, a federally funded research and development center operated by Carnegie Mellon University.
Choose one answer.
a. Bug/CERT
b. Bugtraq/CERT
c. CC/CERT
d. CERT/CC
CorrectMarks for this submission: 2/2.