Information Security
velikocak
HomeworkInformationSecurity.docxQuestion 1
Malicious cyber activity directed at private and public entities can manifest itself in which of the following ways?
|
|
|
Denial of service through DOS attacks, and data and property destruction. |
|
|
|
Business disruption (sometimes for the purpose of collecting ransoms) and theft of proprietary data. |
|
|
|
Theft or corruption of intellectual property, and sensitive financial and strategic information. |
|
|
|
All of the above. |
Question 2
A cyber activity is considered malicious when it compromises at least one component of what is known as the “CIA triad”: confidentiality, integrity, and availability.
True
False
Question 3
A DOS attack which interferes with a firm’s web-based services is categorized as an attack on availability.
True
False
Question 4
A cyber-theft of funds from a bank’s customer account is considered an attack on confidentiality.
True
False
Question 5
A cyber-enabled theft of the personally identifiable information (PII) of a firm’s customers or employees compromises data confidentiality.
True
False
Question 6
A basic conceptual framework that describes the functions of a networking or telecommunications system is referred to as the Open Systems Interconnection (OSI) model.
True
False
Question 7
The TCP/IP model has become the defacto standard for real-world implementation of networking.
True
False
Question 8
Network Analysis uses the Signature Analysis method for the following action(s)
|
|
|
Testing |
|
|
|
Hunting |
|
|
|
Campaign Detection |
|
|
|
All of the responses |
Question 9
In general, a Network Forensic Examination includes the following steps, in the following order:
|
|
|
Incident response, identification, preservation, collection, examination, analysis, presentation
|
|
|
|
Identification, preservation, collection examination, analysis, presentation, Incident Response |
|
|
|
Identification, presentation, collection, examination, analysis, preservation, incident response. |
|
|
|
Analysis, collection, examination, Identification, Incident Response, presentation, preservation |
Question 10
Network behavior analysis (NBA) helps in enhancing network safety by monitoring traffic and noting unusual activity or departures from a normal network operation.
True
False
Question 11
Under GDPR, a controller is the entity that determines the purposes, conditions and means of the processing of personal data.
True
False
Question 12
The eHIPAA Privacy Rule defines "covered entities" as which of the following:
|
|
|
Health plans |
|
|
|
Health care providers |
|
|
|
Health care services |
|
|
|
All of the above |
Question 13
The first step in the Configuration Management Process is
|
|
|
Detail design and development phase |
|
|
|
Preliminary design phase |
|
|
|
Conceptual design phase |
|
|
|
Production and construction phase |
Question 14
Under GLBA, financial institutions must provide their clients a privacy notice that explains the following:
|
|
|
What information the company gathers about the client |
|
|
|
Where this information is shared |
|
|
|
How the company safeguards that information |
|
|
|
All of the above |
Question 15
NIST 800-53, rev 4 provides a catalog of security and privacy controls for federal information systems which federal agencies implement as part of an organization-wide process that manages information security and privacy risk.
True
False
Question 16
GDPR enhanced individual control over the use of personal data by introducing two new rights – the right to be forgotten and the right to data portability.
True
False
Question 17
The HIPAA Security Rule requires covered entities to do all of the following, except:
|
|
|
Ensure the confidentiality, integrity, and availability of all e-PHI they create, receive, maintain or transmit |
|
|
|
Protect against reasonably anticipated, impermissible uses or disclosures |
|
|
|
Identify and protect against every possible identified threats to the security or integrity of the information |
|
|
|
Ensure compliance by their workforce |
Question 18
Which of the following reflect good uses of application hosting?
|
|
|
Applications available only internally in the organizations |
|
|
|
Applications that format data for display |
|
|
|
Shopping cart services |
|
|
|
Email services |
|
|
|
A and B |
|
|
|
C and D |
Question 19
Application hosting is also commonly called SAAS, or software as a service.
True
False
Question 20
The use of duplicate servers as a deception strategy is simplified when the organization utilizes DHCP.
True
False
Question 21
The term “protected element” refers to a proxy’s network clients or servers.
True
False
Question 22
Several benefits of using a honeypot or honeynet include.
|
|
|
Deception and frustration of an attacker. |
|
|
|
the ability to study an attacker. |
|
|
|
Little initial work because one can use the default parameters for deception |
|
|
|
Determined attackers are generally slow to recognize honeypots or honeynet. |
|
|
|
A and B |
|
|
|
C and D |
|
|
|
All of the above |
Question 23
Datagrams, used in UDP transfers, help guarantee the accuracy of data being transmitted and are commonly used when ensure that data is transmitted correctly
True
False
Question 24
TCP transmissions are usually referred to as “packets” as distinguished from “datagrams.”
True
False
Question 25
Information transmitted in segments is referred to as a “packet” of a “datagram” depending on where it is travelling
True
False
Question 26
A “datagram” can include the following: IP header fields, TCP header fields, UDP header fields, AH header fields and ESP psychic connections.
True
False
Question 27
The term “protected element" refers to a proxies network clients or servers.
True
False
Question 28
Which of the following is NOT an advantage ?
|
|
|
Login failures track would-be attackers |
|
|
|
Login timeouts after several failed attempts block and thwart repeated attacks by an attacker |
|
|
|
Login failure documentation helps systems administrators target needed changes to storage and access mechanisms. |
|
|
|
Multiple login failures indicate thwarted attacks and mean the system is worry-free. |
Question 29
Proxies inspect outside traffic before it passes into internal systems
True
False
Question 30
A stateful router is one that remembers common and accepted paths for reconnection and will not suffer from a query overload.
True
False
Question 31
A host’s defense against an exploiter’s asymmetric advantage includes which of the following (Choose all that apply):
|
|
|
Defenders choose what systems to run |
|
|
|
Defenders choose how to connect systems |
|
|
|
Defenders generally maintain the default settings on vendor devices |
|
|
|
Defenders choose which policies to implement |
Question 32
Which one of the following is a disadvantage of mathematical mode.
|
|
|
Mathematical models are clear and unambiguous |
|
|
|
Mathematical models can address every predictable human variation and situation |
|
|
|
Mathematical models are static and do not need revision over time |
|
|
|
Mathematical models permit infinite complexity |
Question 33
What features of application-level proxies make them more vulnerable to adversaries, and what are ways to mitigate them?
Question 34
Match the model to its description
|
|
Question 35
You have been hired to organize a new network which will be accessible to attack from outside users, what are two deception strategies you can use to mitigate these attacks and why are they effective?
Question 36
You have been hired by a company whose former employee stole then deleted all user passwords. They do not wish to suffer this type of loss again. What do you tell them to do?
Question 37
Basic factors for authentication include
|
|
|
What the subject knows |
|
|
|
What the subject has |
|
|
|
What the subject is |
|
|
|
Where the subject is |
|
|
|
All of the above |
|
|
|
None of the above |
|
|
|
A,B,C |
Question 38
Which of the following are examples of multi-factor authentication:
|
|
|
Combining a password with the subject’s mother’s maiden name |
|
|
|
Combining a password with the subject’s place of birth |
|
|
|
Combining a password with the subject’s fingerprint |
|
|
|
Combining a password with a security token |
|
|
|
None of the above |
|
|
|
All of the above |
|
|
|
A and B |
|
|
|
C and D |
Question 39
CAPTCHA is an authentication method that demonstrates:
|
|
|
What a subject knows |
|
|
|
Where a subject is |
|
|
|
What the subject is |
|
|
|
Whether the subject is authorized to access the network |
Question 40
What is Role-Based Access Control (“RBAC”)? Is it a good approach? Advantages? Disadvantages?
Question 41
Common change management drivers include which of the following:
|
|
|
Technology evolution
|
|
|
|
Consumer habit changes
|
|
|
|
Pressure from new business entrants
|
|
|
|
All of the above |
Question 42
What is Change Management? What is Configuration Management? How are they different?
Question 43
How would you document Change Management?
Question 44
Compare and contrast: Privacy and Security
Question 45
HIPAA relates to what industry?
|
|
|
Financial, i.e., banks, investment houses, lenders
|
|
|
|
Education
|
|
|
|
Manufacturing
|
|
|
|
Healthcare |
Question 46
Gramm-Leach-Bliley relates to what kind of information?
|
|
|
non-public financial information
|
|
|
|
personnel records
|
|
|
|
educational records |
|
|
|
medical records |
Question 47
FERPA applies to which entities?
|
|
|
Healthcare professionals and business associates
|
|
|
|
educational agencies and institutions that receive funds under any program administered by the Department of Education
|
|
|
|
Banks and other financial institutions
|
|
|
|
Manufacturers of internet-connected devices |
Question 48
What is the best way to mitigate liability from a network breach?
|
|
|
Faithfully execute your restoration and remediation plan
|
|
|
|
Lobby your regulatory agency for minimal fines
|
|
|
|
Blame a third party for the breach
|
|
|
|
None of the above |
Question 49
Discuss the sources of liability that may arise after a network breach. Consider whether liability may arise from harm to customers, violation of laws or rules. Bonus for specific industry focus.
Question 50
A PIA stands for
|
|
|
Private Industry Assessment
|
|
|
|
Privacy Industry Assessment
|
|
|
|
Privacy Impact Assessment
|
|
|
|
Privacy Impact Analysis |
Question 51
The Privacy Act determined that policy guidance, assistance and oversight of implementation of the Act is provided by the Office of Management and Budget (OMB)
True
False
Question 52
What is FOIA?
|
|
|
Federal Organization Information Act
|
|
|
|
Freedom of Information Act
|
|
|
|
Federation of Information Act |
|
|
|
Federal Organization Information Agreement
|
Question 53
NIST issues Special Publications to provide guidance for federal information systems.
True
False
Question 54
Federal agencies have adopted a risk-based approach to operating their agency’s information security systems and they rely on the ATO process to accomplish this. Briefly explain the ATO process.
Question 55
NIST has developed information security standards such as Federal Information Processing Standards (FIPS), which are mandatory for the Federal agencies to follow. FIPS 200 is used to determine the system impact level, based on the categorization. FIPS 200 established a “high water mark” as the highest potential impact value assigned to each security objective for each type of information resident on those information systems. Explain what that means and provide an example of your analysis.
