Question 1

If the time an attacker takes to break through the organization's preventive controls is greater than the sum of the time required to detect the attack and the time required to respond to the attack,then security is

A) effective.
B) ineffective.
C) overdone.
D) undermanaged.

A

Accepted Answer

This scenario describes an effective security posture. If the time it takes for an attacker to breach preventive controls is longer than the combined time to detect and respond, it means that the organization has layered security controls in place that are effective in preventing or slowing down an attacker from compromising the system. The longer the time it takes for the attacker to breach controls, the more time the security team has to detect and respond, ultimately minimizing the damage.

Question 2

This protocol specifies the structure of packets sent over the internet and the route to get them to the proper destination.&#10;A) Access control list&#10;B) Internet protocol&#10;C) Packet switching protocol&#10;D) Transmission control protocol

Accepted Answer

The protocol that specifies the structure of packets sent over the internet and the route to get them to the proper destination is the Internet Protocol (IP).

Question 3

This network access control determines which IP packets are allowed entry to a network and which are dropped.&#10;A) Access control list&#10;B) Deep packet inspection&#10;C) Stateful packet filtering&#10;D) Static packet filtering

Accepted Answer

Access control lists (ACLs) are used to determine which IP packets are allowed or denied entry to a network based on predefined rules.

Question 4

Which of the following is an example of a preventive control?&#10;A) Encryption&#10;B) Log analysis&#10;C) Intrusion detection&#10;D) Emergency response teams

Accepted Answer

Encryption is a preventive control because it is used to protect data from unauthorized access by making it unreadable without the decryption key.

Answer: D
 Emergency response teams are also a preventive control because they are trained to respond quickly to any security incidents and prevent them from escalating.

Question 5

Which of the following is an example of a detective control?&#10;A) Physical access controls&#10;B) Encryption&#10;C) Log analysis&#10;D) Emergency response teams

Accepted Answer

Log analysis is an example of a detective control as it involves analyzing logs to identify potential security breaches or incidents that have already occurred. Detective controls are designed to identify and respond to security breaches after they have occurred. Physical access controls (A) and encryption (B) are examples of preventive controls, which are designed to prevent security breaches from occurring in the first place. Emergency response teams (D) are an example of a corrective control, which is designed to correct the situation after a security breach has been identified.

Question 6

Multi-factor authentication&#10;A) involves the use of two or more basic authentication methods.&#10;B) is a table specifying which portions of the systems users are permitted to access.&#10;C) provides weaker authentication than the use of effective passwords.&#10;D) requires the use of more than one effective password.

Accepted Answer

Multi-factor authentication involves the use of two or more basic authentication methods, which provides stronger security than relying on a single factor such as a password. Option B refers to an access control list, option C is incorrect since multi-factor authentication provides stronger security than a password alone, and option D is incorrect since using multiple passwords is not considered true multi-factor authentication.

Question 7

Restricting access of users to specific portions of the system as well as specific tasks,is&#10;A) authentication.&#10;B) authorization.&#10;C) identification.&#10;D) threat monitoring.

Accepted Answer

Authorization is the process of restricting access of users to specific portions of the system as well as specific tasks. Authentication is the process of verifying the identity of a user, identification is the act of identifying a user, and threat monitoring is the process of monitoring the system for potential security threats.

Question 8

This protocol specifies the procedures for dividing files and documents into packets to be sent over the Internet.&#10;A) Access control list&#10;B) Internet protocol&#10;C) Packet switching protocol&#10;D) Transmission control protocol

Accepted Answer

The answer of This protocol specifies the procedures for dividing...

Question 9

Which of the following is not one of the three fundamental information security concepts?&#10;A) Information security is a technology issue based on prevention.&#10;B) Security is a management issue, not a technology issue.&#10;C) The idea of defense-in-depth employs multiple layers of controls.&#10;D) The time-based model of security focuses on the relationship between preventive, detective and corrective controls.

Accepted Answer

The three fundamental information security concepts are confidentiality, integrity, and availability. These concepts guide security strategies and aim to protect the confidentiality and privacy of sensitive information, maintain data integrity, and ensure that authorized users have access to the data they need. The concept that information security is solely a technology issue based on prevention is incorrect and does not align with the fundamental concepts.

Question 10

Which of the following is not a useful control procedure to control access to system outputs?&#10;A) Allowing visitors to move through the building without supervision&#10;B) Coding reports to reflect their importance&#10;C) Requiring employees to log out of applications when leaving their desk&#10;D) Restricting access to rooms with printers

Accepted Answer

Allowing visitors to move through the building without supervision is not a useful control procedure to control access to system outputs as they may accidentally or intentionally gain access to sensitive information or technology. The other options mentioned are useful control procedures to control access to system outputs.

Question 11

Perimeter defense is an example of which of the following preventive controls that are necessary to provide adequate security?&#10;A) Training&#10;B) Controlling physical access&#10;C) Controlling remote access&#10;D) Host and application hardening

Accepted Answer

The answer of Perimeter defense is an example of which...

Question 12

A special purpose hardware device or software running on a general purpose computer,which filters information that is allowed to enter and leave the organization's information system,is known as a(n)&#10;A) demilitarized zone.&#10;B) intrusion detection system.&#10;C) intrusion prevention system.&#10;D) firewall.

Accepted Answer

The answer of A special purpose hardware device or software...

Question 13

The Trust Services Framework reliability principle that states that users must be able to enter,update,and retrieve data during agreed-upon times is known as&#10;A) availability.&#10;B) security.&#10;C) maintainability.&#10;D) integrity.

Accepted Answer

The answer of The Trust Services Framework reliability principle that...

Question 14

According to the Trust Services Framework,the reliability principle of integrity is achieved when the system produces data that&#10;A) is available for operation and use at times set forth by agreement.&#10;B) is protected against unauthorized physical and logical access.&#10;C) can be maintained as required without affecting system availability, security, and integrity.&#10;D) is complete, accurate, and valid.

Accepted Answer

The answer of According to the Trust Services Framework,the reliability...

Question 15

Which of the following is not one of the essential criteria for successfully implementing each of the principles that contribute to systems reliability,as discussed in the Trust Services Framework?&#10;A) Developing and documenting policies&#10;B) Effectively communicating policies to all outsiders&#10;C) Designing and employing appropriate control procedures to implement policies&#10;D) Monitoring the system and taking corrective action to maintain compliance with policies

Accepted Answer

The answer of Which of the following is not one...

Question 16

Which of the following is an example of a corrective control?&#10;A) Physical access controls&#10;B) Encryption&#10;C) Intrusion detection&#10;D) Incident response teams

Accepted Answer

The answer of Which of the following is an example...

Question 17

Verifying the identity of the person or device attempting to access the system is&#10;A) authentication.&#10;B) authorization.&#10;C) identification.&#10;D) threat monitoring.

Accepted Answer

The answer of Verifying the identity of the person or...

Question 18

An access control matrix&#10;A) does not have to be updated.&#10;B) is a table specifying which portions of the system users are permitted to access.&#10;C) is used to implement authentication controls.&#10;D) matches the user's authentication credentials to his authorization.

Accepted Answer

The answer of An access control matrix&#10;A) does not have...

Question 19

Which of the following is not a requirement of effective passwords?&#10;A) Passwords should be changed at regular intervals.&#10;B) Passwords should be no more than 8 characters in length.&#10;C) Passwords should contain a mixture of upper and lowercase letters, numbers and characters.&#10;D) Passwords should not be words found in dictionaries.

Accepted Answer

The answer of Which of the following is not a...

Question 20

Which of the following preventive controls are necessary to provide adequate security for social engineering threats?&#10;A) Controlling remote access&#10;B) Encryption&#10;C) Host and application hardening&#10;D) Awareness training

Accepted Answer

The answer of Which of the following preventive controls are...

Question 21

This creates logs of network traffic that was permitted to pass the firewall.&#10;A) Intrusion detection system&#10;B) Log analysis&#10;C) Penetration test&#10;D) Vulnerability scan

Accepted Answer

The answer of This creates logs of network traffic that...

Question 22

In recent years,many of the attacks carried out by hackers have relied on this type of vulnerability in computer software.&#10;A) Code mastication&#10;B) Boot sector corruption&#10;C) Weak authentication&#10;D) Buffer overflow

Accepted Answer

The answer of In recent years,many of the attacks carried...

Question 23

The process that uses automated tools to identify whether a system possesses any well-known security problems is known as a(n)&#10;A) intrusion detection system.&#10;B) log analysis.&#10;C) penetration test.&#10;D) vulnerability scan.

Accepted Answer

The answer of The process that uses automated tools to...

Question 24

The ________ disseminates information about fraud,errors,breaches and other improper system uses and their consequences.&#10;A) chief information officer&#10;B) chief operations officer&#10;C) chief security officer&#10;D) computer emergency response team

Accepted Answer

The answer of The ________ disseminates information about fraud,errors,breaches and...

Question 25

When new employees are hired by Folding Squid Technologies,they are assigned user names and passwords and provided with laptop computers that have an integrated fingerprint reader.In order to log in,the user's fingerprint must be recognized by the reader.This is an example of a(an)

A) authorization control.
B) biometric device.
C) remote access control.
D) defense in depth.

Accepted Answer

The answer of When new employees are hired by Folding...

Question 26

This is used to identify rogue modems (or by hackers to identify targets).&#10;A) War chalking&#10;B) War dialing&#10;C) War driving&#10;D) none of the above

Accepted Answer

The answer of This is used to identify rogue modems...

Question 27

The security technology that evaluates IP packet traffic patterns in order to identify attacks against a system is known as&#10;A) an intrusion prevention system.&#10;B) stateful packet filtering.&#10;C) static packet filtering.&#10;D) deep packet inspection.

Accepted Answer

The answer of The security technology that evaluates IP packet...

Question 28

The process that maintains a table that lists all established connections between the organization's computers and the Internet,to determine whether an incoming packet is part of an ongoing communication initiated by an internal computer is known as

A) access control list.
B) deep packet inspection.
C) stateful packet filtering.
D) static packet filtering.

Accepted Answer

The answer of The process that maintains a table that...

Question 29

It was 9:08 A.M.when Jiao Jan,the Network Administrator for Folding Squid Technologies,was informed that the intrusion detection system had identified an ongoing attempt to breach network security.By the time that Jiao had identified and blocked the attack,the hacker had accessed and downloaded several files from the company's server.Using the notation for the time-based model of security,in this case

A) P > D
B) D > P
C) C > P
D) P > C

Accepted Answer

The answer of It was 9:08 A.M.when Jiao Jan,the Network...

Question 30

A well-known hacker started his own computer security consulting business shortly after being released from prison.Many companies pay him to attempt to gain unauthorized access to their network.If he is successful,he offers advice as to how to design and implement better controls.What is the name of the testing for which the hacker is being paid?

A) Penetration test
B) Vulnerability scan
C) Deep packet inspection
D) Buffer overflow test

Accepted Answer

The answer of A well-known hacker started his own computer...

Question 31

The most common input-related vulnerability is&#10;A) buffer overflow attack.&#10;B) hardening.&#10;C) war dialing.&#10;D) encryption.

Accepted Answer

The answer of The most common input-related vulnerability is&#10;A) buffer...

Question 32

The process of turning off unnecessary features in the system is known as&#10;A) deep packet inspection.&#10;B) hardening.&#10;C) intrusion detection.&#10;D) war dialing.

Accepted Answer

The answer of The process of turning off unnecessary features...

Question 33

When new employees are hired by Folding Squid Technologies,they are assigned user names and appropriate permissions are entered into the information system's access control matrix.This is an example of a(an)

A) authentication control.
B) biometric device.
C) remote access control.
D) authorization control.

Accepted Answer

The answer of When new employees are hired by Folding...

Question 34

This is an authorized attempt by an internal audit team or an external security consultant to attempt to break into the organization's information system.&#10;A) Intrusion detection system&#10;B) Log analysis&#10;C) Penetration test&#10;D) Vulnerability scan

Accepted Answer

The answer of This is an authorized attempt by an...

Question 35

Compatibility tests utilize a(n)________,which is a list of authorized users,programs,and data files the users are authorized to access or manipulate.&#10;A) validity test&#10;B) biometric matrix&#10;C) logical control matrix&#10;D) access control matrix

Accepted Answer

The answer of Compatibility tests utilize a(n)________,which is a list...

Question 36

In 2007,a major U.S.financial institution hired a security firm to attempt to compromise its computer network.A week later,the firm reported that it had successfully entered the system without apparent detection and presented an analysis of the vulnerabilities that had been found.This is an example of a

A) preventive control.
B) detective control.
C) corrective control.
D) standard control.

Accepted Answer

The answer of In 2007,a major U.S.financial institution hired a...

Question 37

Meaningful Discussions is a social networking site that boasts over a million registered users and a quarterly membership growth rate in the double digits.As a consequence,the size of the information technology department has been growing very rapidly,with many new hires.Each employee is provided with a name badge with a photo and embedded computer chip that is used to gain entry to the facility.This is an example of a(an)

A) authentication control.
B) biometric device.
C) remote access control.
D) authorization control.

Accepted Answer

The answer of Meaningful Discussions is a social networking site...

Question 38

Which of the following is commonly true of the default settings for most commercially available wireless access points?&#10;A) The security level is set at the factory and cannot be changed.&#10;B) Wireless access points present little danger of vulnerability so security is not a concern.&#10;C) Security is set to the lowest level that the device is capable of.&#10;D) Security is set to the highest level that the device is capable of.

Accepted Answer

The answer of Which of the following is commonly true...

Question 39

The process that screens individual IP packets based solely on the contents of the source and/or destination fields in the packet header is known as&#10;A) access control list.&#10;B) deep packet inspection.&#10;C) stateful packet filtering.&#10;D) static packet filtering.

Accepted Answer

The answer of The process that screens individual IP packets...

Question 40

The process that allows a firewall to be more effective by examining the data in the body of an IP packet,instead of just the header,is known as&#10;A) deep packet inspection.&#10;B) stateful packet filtering.&#10;C) static packet filtering.&#10;D) an intrusion prevention system.

Accepted Answer

The answer of The process that allows a firewall to...

Question 41

Explain social engineering.

Accepted Answer

The answer of Explain social engineering....

Question 42

There are &#34;white hat&#34; hackers and &#34;black hat&#34; hackers.Cowboy451 was one of the &#34;black hat&#34; hackers.He had researched an exploit and determined that he could penetrate the target system,download a file containing valuable data,and cover his tracks in eight minutes.Six minutes into the attack he was locked out of the system.Using the notation of the time-based model of security,which of the following must be true?&#10;A) P < 6&#10;B) D = 6&#10;C) P = 6&#10;D) P > 6

Accepted Answer

The answer of There are &#34;white hat&#34; hackers and &#34;black...

Question 43

Information technology managers are often in a bind when a new exploit is discovered in the wild.They can respond by updating the affected software or hardware with new code provided by the manufacturer,which runs the risk that a flaw in the update will break the system.Or they can wait until the new code has been extensively tested,but that runs the risk that they will be compromised by the exploit during the testing period.Dealing with these issues is referred to as

A) change management.
B) hardening.
C) patch management.
D) defense in depth.

Accepted Answer

The answer of Information technology managers are often in a...

Question 44

Describe the function of a computer incident response team (CIRT)and the steps that a CIRT should perform following a security incident.

Accepted Answer

The answer of Describe the function of a computer incident...

Question 45

Explain the value of penetration testing.

Accepted Answer

The answer of Explain the value of penetration testing....

Question 46

Describe four requirements of effective passwords .

Accepted Answer

The answer of Describe four requirements of effective passwords ....

Question 47

On February 14,2008,students enrolled in an economics course at Swingline College received an email stating that class would be cancelled.The email claimed to be from the professor,but it wasn't.Computer forensic experts determined that the email was sent from a computer in one of the campus labs at 9:14 A.M.They were then able to uniquely identify the computer that was used by means of its network interface card's ________ address.Security cameras revealed the identity of the student responsible for spoofing the class.

A) TCP/IP
B) MAC
C) DMZ
D) IDS

Accepted Answer

The answer of On February 14,2008,students enrolled in an economics...

Question 48

Identify six physical access controls.

Accepted Answer

The answer of Identify six physical access controls....

Question 49

Murray Snitzel called a meeting of the top management at Snitzel Capital Management.Number one on the agenda was computer system security."The risk of security breach incidents has become unacceptable," he said,and turned to the Chief Information Officer."This is your responsibility! What do you intend to do?" Which of the following is the best answer?

A) Evaluate and modify the system using the Trust Services framework
B) Evaluate and modify the system using the COSO Internal Control Framework.
C) Evaluate and modify the system using the CTC checklist.
D) Evaluate and modify the system using COBOL.

Accepted Answer

The answer of Murray Snitzel called a meeting of the...

Question 50

Which of the following is the most effective method of protecting against social engineering attacks on a computer system?&#10;A) stateful packet filtering&#10;B) employee awareness training&#10;C) a firewall&#10;D) a demilitarized zone

Accepted Answer

The answer of Which of the following is the most...

Question 51

Identify three ways users can be authenticated and give an example of each.

Accepted Answer

The answer of Identify three ways users can be authenticated...

Question 52

All employees of E.C.Hoxy are required to pass through a gate and present their photo identification cards to the guard before they are admitted.Entry to secure areas,such as the Information Technology Department offices,requires further procedures.This is an example of a(an)

A) authentication control.
B) authorization control.
C) physical access control.
D) hardening procedure.

Accepted Answer

The answer of All employees of E.C.Hoxy are required to...

Question 53

The most effective way to protect network resources,like email servers,that are outside of the network and are exposed to the Internet is&#10;A) stateful packet filtering.&#10;B) employee training.&#10;C) a firewall.&#10;D) a demilitarized zone.

Accepted Answer

The answer of The most effective way to protect network...

Deck 8: Information Systems Controls for System Reliability Part 1: Information Security