Information Security Fundamentals - CIST 1601 Final Exam Study Guide Questions And Answers, Exams of Information Security and Markup Languages

Download Information Security Fundamentals - CIST 1601 Final Exam Study Guide Questions And Answers and more Exams Information Security and Markup Languages in PDF only on Docsity! Information Security Fundamentals - CIST 1601 Final Exam Study Guide Questions And Answers * Describe the multiple types of security systems present in many organizations. - correct answer 1.) Physical Security - protect items, objects, and places 2.) Personnel security - protect individual access to the organization 3.) Operation security - protect details of activities 4.) Communications security - protect communications media, technology, and content 5.) Network security - protect networking components, connections, and contents 6.) Information security - protect the confidentiality, availability, and integrity of information assets. List and describe the six phases of the security systems development life cycle. - correct answer 1.) Investigation - Costs, goals, feasibility, resources, and scope are analyzed, outlined, and documented by management. 2.) Analysis - Assess current system vs. the plan in phase 1. Develop requirements and integration to existing system, perform risk analysis and examine legal issues, document and analyze current threats. 3.) Logical Design - Assess current business needs vs. the plan in phase 2. Develop a security blueprint, plan Information Security Fundamentals - CIST 1601 Final Exam Study Guide Questions And Answers incident report actions and business disaster response, determine feasibility of continuation of project or outsourcing, select applications, data support and structures, consider multiple solutions for consideration, document findings. 4.) Physical Design - Technologies selected to support phase 3. Best solution is chosen, decision made to make or buy components, technologies needed to support blueprint are chosen, define successful solution, design physical security measures, approve project. 5.) Implementation - Develop or buy software, components, security solutions. Document the system, train its users, test system and review performance, and present tested package to management for approval. 6.) Maintenance and Change - Support and modify the system during its lifespan, periodically testing for business need compliance. System is monitored then patched, upgraded, and repaired as needed to meet changing threats. Outline types of data ownership and their respective responsibilities. - correct answer 1. Data Owners - Responsible for security and use of a particular set of information Information Security Fundamentals - CIST 1601 Final Exam Study Guide Questions And Answers measured against impact to the individual 5. Security of health information List three of the provisions included in the Security And Freedom Through Encryption Act of 1999. - correct answer 1. Prohibit the federal government from requiring the use of encryption for contracts, grants, and other official documents and correspondence. 2. State that the use of encryption is not probable cause to suspect criminal activity. 3. Reinforce an individual's right to use or sell encryption algorithms, without concern for regulations requiring some form of key registration. Describe five new subdivisions of information system components of SecSDLC/risk management. - correct answer 1. People - Employees and nonemployees. Employees include those who have trusted roles, authority, and accountability, and employees with no special privleges with specific assignments. Nonemployees include contractors, consultants, trusted members of other organizations, and strangers. Information Security Fundamentals - CIST 1601 Final Exam Study Guide Questions And Answers 2. Procedures - IT & Business procedures: standard and sensitive. Sensitive procedures are ones that may enable threat agents to attack or otherwise introduce risk. 3. Data & Information - Management of information in three states: transmission, processing, storage. 4. Software - Components assigned one category: Applications, operating systems, or security components. 5. Hardware - Assigned to one category: systems devices & peripherals, or devices that are part of information security control systems. Latter is protected more thoroughly and given special treatment. * List seven key areas identified by Microsoft as best security practices for home users. - correct answer 1. Using antivirus software 2. Using strong passwords 3. Verifying software security settings 4. Updating product security 5. Building personal firewalls 6. Backing up data early and often 7. Protecting against power surges and loss Information Security Fundamentals - CIST 1601 Final Exam Study Guide Questions And Answers List Microsoft's "Ten Immutable Laws of Security" in any order. - correct answer 1. If a bad guy can persuade you to run his program on your computer, it's not your computer anymore. 2. If a bad guy can alter the operating system on your computer, it's not your computer anymore. 3. If a bad guy has unrestricted physical access to your computer, it's not your computer anymore. 4. If you allow a bad guy to upload programs to your Web site, it's not your Web site anymore. 5. Weak passwords trump strong security. 6. A machine is only as secure as the administrator is trustworthy. 7. Encrypted data is only as secure as the decryption key. 8. An out-of-date virus scanner is only marginally better than no virus scanner at all. 9. Absolute anonymity isn't practical, in real life or on the Web. 10. Technology is not a panacea. What three purposes does the ISSP serve? - correct answer Addresses specific areas of technology, such as Information Security Fundamentals - CIST 1601 Final Exam Study Guide Questions And Answers networks through the use of some form of proxy access or DMZ architecture. 7.) All data that is not verifiable and authentic should be denied. List and describe the three interacting services of the Kerberos system. - correct answer 1.) The Authentication Server (AS) - authenticates clients and servers. 2.) Key Distribution Center (KDC) - Generates, issues session keys. 3.) Kerberos Ticket Granting Service (TGS) - Provides tickets to clients who request services. A ticket is an ID card for a client that is verified with the Kerberos server to ensure that they are a valid member of the system and are authorized to receive the requested services. Tickets include the client name, network address, validation starting and ending time, and session key, all encrypted in the private key of the server from which the client is requesting services. What must a VPN that proposes to offer a secure and reliable capability while relying on public networks accomplish? - correct answer 1.) Encapsulation of Information Security Fundamentals - CIST 1601 Final Exam Study Guide Questions And Answers incoming and outgoing data. - The native protocol of the client is embedded within the frames of a protocol that can be routed over the public network and be usable by the server network environment. 2.) Encryption of incoming and outgoing data. - Keeps the data contents private while they are in transit over the public network, but still usable by client and server computers and local networks on either end of the VPN connection. 3.) Authentication of the remote computer/remote user. - Authentication and the subsequent authorization of the user to perform specific actions are predicated on accurate and reliable identification of the remote system and/or user. A(n) ______ occurs when an attacker attempts to gain entry or disrupt the normal operations of an information system, almost always with the intent to do harm. - correct answer intrusion The ongoing activity from alarm events that are accurate and noteworthy but not necessarily significant as potentially successful attacks is called ____. - correct answer noise Information Security Fundamentals - CIST 1601 Final Exam Study Guide Questions And Answers Three methods dominate the IDPSs detection methods: ____-based approach, statistical anomaly-based approach or the stateful packet inspection approach. - correct answer signature A signature-based IDPS is sometimes called a(n) ____- based IDPS. - correct answer knowledge A(n) ____ system contains pseudo-services that emulate well-known services, but is configured in ways that make it look vulnerable to attacks. - correct answer honeypot * List and describe at least four reasons to acquire and use an intrusion detection and prevention system (IDPS). (p. 295, ch. 7) - correct answer 1.) To prevent problem behaviors by increasing the perceived risk of discovery and punishment for those who would attack or otherwise abuse the system 2.) To detect attacks and other security violations that are not prevented by other security measures 3.) To detect and deal with the preambles to attacks 4.) To document the existing threat to an organization Information Security Fundamentals - CIST 1601 Final Exam Study Guide Questions And Answers The science of encryption is known as _______. - correct answer cryptology The process of hiding messages within the digital encoding of a picture or graphic is called ______. - correct answer stenography A mathematical ____ is a "secret mechanism that enables you to easily accomplish the reverse function in a one- way function." - correct answer trapdoor * Describe how hash functions work and what they are used for. (p. 362, ch. 8) - correct answer Hash functions are mathematical algorithms that are used by making a message summary (called a digest or fingerprint) that will confirm the identity of a specific message and the integrity of the message, confirming that there haven't been any changes to the content since it was sent. Hash functions do not require keys, but can use a code called a MAC that will allow only specific users, or key holders, to access the message digest. Hash functions are one-way and are used for password verification to confirm the user's identity. A hash value is created based on original Information Security Fundamentals - CIST 1601 Final Exam Study Guide Questions And Answers input from the user (the password) and is stored for later user. When the password is entered later by a user, a new hash value is made and is compared to the original in order to confirm identity. * Describe symmetric and asymmetric encryptions. (p. 364-366, ch. 8) - correct answer Symmetric encryption methods use a single secret key to both encipher and decipher a message. They use mathematical operations that can be programmed into extremely fast computing algorithms in order for the encryption and decryption process to go quickly even on a small computer. Both sender and recipient of the message must have the key, and if the key is lost, the message can be accessed and decrypted by others without the sender ever knowing. The key must be delivered to the receiver in another way, in a process conducted out of band on another channel or band other than the message itself, to avoid interception by others. Asymmetric encryption, on the other hand, uses two keys instead of one. The keys are different, but related, and either key can be used to encrypt or decrypt the message. Asymmetric encryption is also known as public-key encryption, because a message encrypted with key A can only be decrypted with key B and vice versa. One key is often used as a private key and the other a public key that can be used by anyone. Information Security Fundamentals - CIST 1601 Final Exam Study Guide Questions And Answers Describe digital certificates. - correct answer Digital certificates are public-key document or container files that allow computer programs to validate the key and identify to whom it belongs. They contain a key value and identifying information about the entity that controls the key. Certificates are usually issued and certified by a third party, usually a certificate authority, and contains a digital signature that certifies the file origin and integrity. They help ensure to users that their files are authentic by using a cryptographic key. ____ occurs when an authorized person presents a key to open a door, and other people, who may or may not be authorized, also enter. - correct answer tailgating The most sophisticated locks are ____ locks. - correct answer biometric Class ____ fires are extinguished by agents that remove oxygen from the fire. - correct answer B The ______ lock may rely on a key that is a carefully shaped piece of metal, which is rotated to turn tumblers Information Security Fundamentals - CIST 1601 Final Exam Study Guide Questions And Answers movement of the sensor itself rather than movement in the environment. Public organizations often have "____" to spend all their remaining funds before the end of the fiscal year. - correct answer end-of-fiscal-year spend-a-thons In the ____ process, measured results are compared to expected results. - correct answer negative feedback loop The ____ level of the bull's-eye model establishes the ground rules for the use of all systems and describes what is appropriate and what is inappropriate, it enables all other information security components to function correctly. - correct answer policies _________ is a phenomenon in which the project manager spends more time documenting project tasks, collecting performance measurements, recording project task information, and updating project completion forecasts than in accomplishing meaningful project work. - correct answer Projectitis Information Security Fundamentals - CIST 1601 Final Exam Study Guide Questions And Answers The _______ operations strategy involves running the new methods alongside the old methods. - correct answer parallel One of the oldest models of change is the ______ change model. - correct answer Lewin * What are the major steps in executing the project plan? (p. 436, ch. 10) - correct answer 1.) Planning the project 2.) Supervising tasks and action steps 3.) Wrapping up the project. * What major project tasks does the WBS document? (p. 436, ch. 10) - correct answer 1.) Work to be accomplished (activities and deliverables) 2.) Individuals (or skill set) assigned to perform the task 3.) Start and end dates for the task (when known) 4.) Amount of effort required for completion in hours or work days 5.) Estimated capital expenses for the task 6.) Estimated noncapital expenses for the task Information Security Fundamentals - CIST 1601 Final Exam Study Guide Questions And Answers 7.) Identification of dependencies between and among tasks What can the organization do by managing the process of change? - correct answer - Improve communication about change across the organization - Enhance coordination between groups within the organization as change is scheduled and completed - Reduce unintended consequences by having a process to resolve conflict and disruption that change can introduce - Improve quality of service as potential failures are eliminated and groups work together - Assure management that all groups are complying with the organization's policies regarding technology governance, procurement, accounting, and information security The information security function can be placed within the ____. Information Security Fundamentals - CIST 1601 Final Exam Study Guide Questions And Answers violating information security and breaching the confidentiality, integrity, or availability of information. The control stipulates that the completion of a significant task that involves sensitive information, especially financial information, should require at least two people. If only one person had authorization, there may be no way to stop them from copying the information and removing it from the premises. ____ are a component of the security triple. a. Threats b. Assets c. Vulnerabilities d. All of the above - correct answer d. All of the above [Threats, assets, and vulnerabilities] To evaluate the performance of a security system, administrators must establish system performance ____. - correct answer baselines The primary mailing list, called simply ____, provides time- sensitive coverage of emerging vulnerabilities, documenting how they are exploited, and reporting on Information Security Fundamentals - CIST 1601 Final Exam Study Guide Questions And Answers how to remediate them. Individuals can register for the flagship mailing list or any one of the entire family of its mailing lists. - correct answer bugtraq Detailed ____ on the highest risk warnings can include identifying which vendor updates apply to which vulnerabilities as well as which types of defenses have been found to work against the specific vulnerabilities reported. - correct answer intelligence Virtually all aspects of a company's environment are _______. - correct answer dynamic A(n) ________ analysis is a procedure that compares the current state of a network segment (the systems and services it offers) against a known previous state of that same network segment (the baseline of systems and services). - correct answer difference The primary goal of the vulnerability assessment and ______ domain is to identify specific, documented vulnerabilities and remediate them in a timely fashion. - correct answer remediation Information Security Fundamentals - CIST 1601 Final Exam Study Guide Questions And Answers List the four steps to developing a CM plan. - correct answer 1.) Establish baselines 2.) Identify configuration 3.) Describe configuration control process 4.) Identify schedule for configuration audits * List the five domains of the recommended maintenance model. (p. 536, ch. 12) - correct answer 1.) External monitoring 2.) Internal monitoring 3.) Planning and risk assessment 4.) Vulnerability assessment and remediation 5.) Readiness and review * Describe viruses and worms. - correct answer A computer virus consists of segments of code that perform malicious actions. This code behaves very much like a virus pathogen attacking animals and plants, using the cells own replication machinery to propagate and attack. The code attaches itself to the existing program and takes control of that programs access to the targeted computer. The virus-controlled target program then carries out the virus's plan, by replicating itself into