focusNode
Didn't know it?
click below
Knew it?
click below
Embed Code - If you would like this activity on your web page, copy the script below and paste it into
your web page.
Normal Size Small Size show me how
A series of instructions that can be grouped together as a single command and are often used to automate a complex set of tasks or a repeated series of tasks are known as: | A macro |
A virus that infects an executable program file is known as? | program virus |
Computer code that is typically added to a legitimate program but lies dormant until it is triggered by a specific logical event is known as a? | logic bomb |
In information security, an example of a threat agent can be ____. | a virus that attacks a computer network a force of nature such as a tornado that could destroy computer equipment A person attempting to break into a secure computer network All of the above |
In information security, what constitutes a loss? | a delay in transmitting information that results in a financial penalty the loss of good will or a reputation all of the above theft of information |
In what kind of attack can attackers make use of hundreds of thousands of computers under their control in an attack against a single server or network? | distributed |
A situation that involves exposure to danger | Risk |
A premeditated, politically motivated attack against information, computer systems, computer programs, and data, which often results in violence. | cyberterrorism |
A person or element that has the power to carry out a threat | Threat agent |
The means by which an attack could occur | Threat vector |
An item that has value. | Asset |
Automated attack package that can be used without an advanced knowledge of computers | exploit kit |
A type of action that has the potential to cause harm | threat |
A flaw or weakness that allows a threat agent to bypass security | vulnerability |
Attacker who attacks for ideological reasons that are generally not as well defined as a cyberterrorist's motivation | hacktivist |
Automated attack package that can be used without an advanced knowledge of computers | exploit Kit |
A software program that delivers advertising content in a manner that is unexpected and unwanted by the user | adware |
Computer code that lies dormant until it is triggered by a specific logical event | logic bomb |
A logical computer network of zombies under the control of an attacker. | Botnet |
A false warning designed to trick users into changing security settings on their computer | Hoax |
A phishing attack that uses telephone calls instead of e-mails | vishing |
Software code that gives access to a program or a service that circumvents normal security protections | backdoor |
A computer virus that is written in a script known as a macro | macro virus |
Software or a hardware device that captures and stores each keystroke that a user types on the computer's keyboard. | keylogger |
A phishing attack that targets only specific users | spear phishing |
Malicious computer code that, like its biological counterpart, reproduces itself on the same computer | computer virus |
What type of system security malware allows for access to a computer, program, or service without authorization? | backdoor |
Malware that locks or prevents a device from functioning properly until a fee has been paid is known as: | ransomware |
Of the three types of mutating malware, what type changes its internal code to one of a set number of predefined mutations whenever it is executed? | oligomorphic Malware |
The physical procedure whereby an unauthorized person gains access to a location by following an authorized user is known as? | tailgating |
The physical procedure whereby an unauthorized person gains access to a location by following an authorized user is known as? | spim |
What type of attack is targeted against a smaller group of specific individuals, such as the major executives working for a manufacturing company? | watering hole |
Which of the following is not one of the four methods for classifying the various types of malware? | source |
One of the armored virus infection techniques utilizes encryption to make virus code more difficult to detect, in addition to separating virus code into different pieces and inject these pieces throughout the infected program code. What is the name | swiss cheese |
Script kiddies acquire which item below from other attackers to easily craft an attack: | exploit kit |
Select below the information protection item that ensures that information is correct and that no unauthorized person or malicious software has altered that data. | Integrity |
Select below the term that is used to describe individuals who want to attack computers yet lack the knowledge of computers and networks needed to do so: | script kiddies |
Select below the type of malware that appears to have a legitimate use, but actually contains or does something malicious: | Trojan |
The ____ Act requires banks and financial institutions to alert customers of their policies and practices in disclosing customer information. | Gramm-Leach-Bliley |
The security protection item that ensures that the individual is who they claim to be (the authentic or genuine person) and not an imposter is known as? | Authentication |
Which term below is frequently used to describe the tasks of securing information that is in a digital format? | Information Security |
The two types of malware that require user intervention to spread are: | viruses and trojans |
Those who wrongfully disclose individually identifiable health information can be fined up to what amount per calendar year? | 1,500,000 |
To date, the single most expensive malicious attack occurred in 2000, which cost an estimated $8.7 billion. What was the name of this attack? | love bug |
Under which law are health care enterprises required to guard protected health information and implement policies and procedures whether it be in paper or electronic format? | HIPPA |
What kind of software program delivers advertising content in a manner that is unexpected and unwanted by the user, and is typically included in malware? | Adware |
What term below is used to describe a means of gathering information for an attack by relying on the weaknesses of individuals? | social engineering |
What term is used to describe a loose network of attackers, identity thieves, and financial fraudsters? | cybercriminals |
What type of malware consists of a set of software tools used by an attacker to hide the actions or presence of other types of malicious software, such as Trojans, viruses, or worms? | rootkit |
What type of malware is heavily dependent on a user in order to spread? | virus |
What type of theft involves stealing another person’s personal information, such as a Social Security number, and then using the information to impersonate the victim, generally for financial gain? | identity Theft |
What type of undocumented yet benign hidden feature launches after a special set of commands, key combinations, or mouse clicks, and was no longer included in Microsoft software after the start of their Trustworthy Computing initiative? | Easter egg |
Which of the following is malicious computer code that reproduces itself on the same computer? | virus |
Which of the three protections ensures that only authorized parties can view information? | confidentiality |
Which position below is considered an entry-level position for a person who has the necessary technical skills? | Security technician |
What country is now the number one source of attack traffic? | Indonesia |
A document that describes in detail how a CA uses and manages certificates, as well as how end users register for a digital certificate, is known as? | certificate practice statement |
A firewall that keeps a record of the state of a connection between an internal computer and an external device is using what technology below? | Stateful Packet Filtering |
A framework for all of the entities involved in digital certificates for digital certificate management is known as: | Public Key Infrastructure |
A key that is generated by a symmetric cryptographic algorithm is said to be a: | Private Key |
A sensitive connection between a client and a web server uses what class of certificate? | class 2 |
After the DES cipher was broken and no longer considered secure, what encryption algorithm was made as its successor? | 3DES |
At what stage can a certificate no longer be used for any type of authentication? | expiration |
Because of the limitations of a hierarchical trust model, what type of trust model is used for CAs on the Internet? | Distributed trust |
Cryptography that attempts to use the microscopic behaviors of objects to develop and share keys while also detecting eavesdropping is known as what type of cryptography? | Quantum Cryptography |
Data that is in an unencrypted form is referred to as which of the following? | cleartext |
In cryptography, which of the five basic protections ensures that the information is correct and no unauthorized person or malicious software has altered that data? | Integrity |
If using the MD5 hashing algorithm, what is the length to which each message is padded? | 512 bits |
A framework for managing all of the entities involved in creating, storing, distributing, and revoking digital certificates | Public Key Infrastructure(PKI) |
A trusted third-party agency that is responsible for issuing digital certificates | Certificate Authority(CA) |
A trust model with one CA that acts as a facilitator to interconnect all other CAs | Bridge Trust Model |
A technology used to associate a user's identity to a public key, in which the user's public key is digitally signed by trusted third party. | Digital certificate |
A trust model in which two individuals trust each other because each individually trusts a third party. | Third-party trust |
The type of trust relationship that can exist between individuals or entities. | Trust model |
A publicly accessible centralized directory of digital certificates that can be used to view the status of a digital certificate | Certificate Repository (CR) |
A process in which keys are managed by a third party, such as a trusted CA | Key Escrow |
Symmetric keys to encrypt and decrypt information exchanged during a handshake session between a web browser and web server | session keys |
A trust model that has multiple CAs that sign digital certificates | distributed trust model |
A symmetric cipher that was approved by the NIST in late 2000 as a replacement for DES | Advanced Encryption Standard(AES) |
An algorithm that uses elliptic curves instead of prime numbers to compute keys | Elliptic curve cryptography(ECC) |
An asymmetric encryption key that does not have to be protected. | Public Key |
A symmetric block cipher that uses a 56-bit key and encrypts data in 64-bit blocks | data Encryption standard (DES) |
A temporary key that is used only once before it is discarded. | Ephemeral key |
An asymmetric encryption key that does have to be protected. | Private Key |
A cipher that manipulates an entire block of plaintext at one time. | Block cipher |
A key exchange that requires all parties to agree upon a large prime number and related integer so that the same key can be separately created. | Diffie-Hellman (DHE) |
An algorithm that takes one character and replaces it with one character. | Stream cipher |
Data that has been encrypted. | ciphertext |
SSL and TLS keys of what length are generally considered to be strong? | 4096 |
The Authentication Header (AH) protocol is a part of what encryption protocol suite below? | IPSec |
The SHA-1 hashing algorithm creates a digest that is how many bits in length? | 160 bits |
Which type of cryptographic algorithm takes an input string of any length, and returns a string of any requested variable length? | sponge |
Which of the following is not one of the functions of a digital signature? | Protect the public key |
When two individuals trust each other because of the trust that exists between the individuals and a separate entity, what type of trust has been established? | third-party |
What type of trust model has a single CA that acts as a facilitator to interconnect all other CAs? | bridge trust |
What type of cryptography uses two keys instead of just one, generating both a private and a public key? | Asymmetric |
What type of cryptographic algorithm is considered to be a one-way algorithm, in that its contents can't be used to reveal the original set of data? | hash |
What type of cryptographic algorithm can be used to ensure the integrity of a file's contents? | hashing |
What kind of certificate is typically used by an individual to secure e-mail transmissions? | personal digital |
What is the name of the open source asymmetric cryptography system that runs on Windows, UNIX, and Linux systems, and is compatible with PGP? | GPG |
What is the name of the cryptographic hash function that has international recognition and has been adopted by standards organizations such as the ISO, that creates a digest of 512 bits and will not be subject to patents? | Whirlpool |
What is the name for an organization that receives, authenticates, and processes certificate revocation requests? | Registration Authority |
What is the block cipher algorithm that operates on 64-bit blocks and can have a key length from 32 to 448 bits known as? | Blowfish |
What cryptographic transport algorithm is considered to be significantly more secure than SSL? | TLS |
What cryptographic method, first proposed in the mid-1980s, makes use of sloping curves instead of large prime numbers? | ECC |
The simplest type of stream cipher, one in which one letter or character is exchanged for another, is known as what? | Substitution |
Using what mechanism below can the non-repudiation of an e-mail and it's content be enforced? | asymmetric Encryption |
The process by which keys are managed by a third party, such as a trusted CA, is known as? | key Escrow |
The asymmetric cryptography algorithm most commonly used is: | RSA |
The NTRUEncrypt cryptographic algorithm makes use of which of the following cryptographic techniques? | Lattice-Based |
Select below the type of certificate that is often issued from a server to a client, with the purpose of ensuring the authenticity of the server: | server digital |
Select below the term that is used to describe a trusted third-party agency that is responsible for issuing digital certificates: | certification Authority |
Select below the technology that can be used to examine content through application-level filtering: | Web security gateway |
Select below the standard that is based on the Rijndael algorithm, and was approved by NIST in late 2000 as a replacement for DES: | AES |
Select below the hashing algorithm that takes plaintext of any length and generates a digest 128 bits in length: | MD2 |
On what principle did Julius Caesar's cyptographic messages function? | Each Alphabetic letter was shifted three places down in the alphabet |
What type of web server application attacks introduce new input to exploit a vulnerability? | injection attacks |
Which of the following is a server that routes incoming requests coming from an external network to the correct internal server? | reverse proxy |
If a network is completely isolated by an air gap from all other outside networks it is using what type of configuration? | Physical network segregation |
What vendor neutral protocol implements support for VLAN tagging? | 802.1Q |
Which of the following is a software-based application that runs on a local host computer that can detect an attack as it occurs? | Host-Based intrusion Detection system |
What type of network access control uses Active Directory to scan a device to verify that it is in compliance? | Agentless NAC |
What are the two types of cross-site attacks? (Choose all that apply.) | Cross-site request forgery attacks Cross-site scripting Attacks |
DNS poisoning can be prevented using the latest edition of what software below? | BIND |
What protocol suite below is the most commonly used protocol for local area network (LAN) communication? | TCP/IP |
An administrator has two servers that host the same web content, but only one server is utilized at a given time. What can be configured that can help to evenly distribute work across the network, and make use of both servers in a manner that is tran | Load Balancing |
What type of monitoring compares network traffic, activities, transactions, or behavior against a database of known attack patterns? | Signature-based |
Which Cloud computing service model uses the cloud computing vendor to provide access to the vendor's software applications running on a cloud infrastructure? | software as a service |
What specific ways can a session token be transmitted? (Choose all that apply.) | In the URL, in the header of the HTTP requisition |
Which layer of the OSI model contains the TCP protocol, which is used for establishing connections and reliable data transport between devices? | transport layer |
What technology will examine the current state of a network device before allowing it can to connect to the network and force any device that does not meet a specified set of criteria to connect only to a quarantine network? | network access control |
Which of the following is defined as a security analysis of the transaction within its approved context? | content inspection |
The exchange of information among DNS servers regarding configured zones is known as: | zone transfer |
Which of the following are considered to be interception attacks? (Choose all that apply.) | man in the middle, replay attacks |
A web server must be accessible to untrusted outside users. What can be done to isolate this host and any additional hosts with similar requirements from more secured hosts on a network? | Create a DMZ, add Necessary hosts |
The management in your corporate office needs to group users on the network together logically even though they are attached to separate network switches. How can this be done? | create a VLan and add the users computer / ports to the VLAN |
An attack that takes advantage of the procedures for initiating a session is known as what type of attack? | SYN flood attack |
Select the technology that can be used to examine content through application-level filtering. | web security gateway |
What kind of networking device forwards packets across different computer networks by reading destination addresses? | router |
A firewall that keeps a record of the state of a connection between an internal computer and an external device is using what technology below? | stateful packet filtering |
What specific type of hardware card inserts into a web server that contains one or more co-processors to handle SSL/TLS | SSL/TLS accelerator |
Select the TCP/IP protocol that resolves a symbolic name to its corresponding IP address using a database consisting of an organized hierarchy tree. | DNS |
What type of additional attack does ARP spoofing rely on? | DNS poisoning |
Which of the following is a system of security tools that are used to recognize and identify data that is critical to the organization and ensure that it is protected? | data loss prevention |
What type of an attack is being executed if an attacker substituted an invalid MAC address for the network gateway so no users can access external networks? | ARP poisoning |
How can a network of physical devices be grouped into logical units, regardless of what network switches they may be connected to? | Vlan |
Where are MAC addresses stored for future reference? | ARP Cache |
Which of the following protocols is unsecured? | FTP |
What two locations can be a target for DNS poisoning? (Choose all that apply.) | Local Host table, External DNS server |
Which technology is a means of managing and presenting computer resources by function without regard to their physical layout or location? | virtualization |
At what level of the OSI model does the IP protocol function? | network Layer |
An early networking device that functioned at layer 1 of the OSI model and added devices to a single segment is known as which of the following choices? | hub |
What type of computing environment allows servers, storage, and the supporting networking infrastructure to be shared by multiple enterprises over a remote network connection that had been contracted for a specific period? | hosted services |
At what point in a vulnerability assessment would an attack tree be utilized? | Threat evaluation |
Which of the following is NOT true about privacy? | Today, individuals can achieve any level of privacy that is desired. |
Which of these is NOT a state of a port that can be returned by a port scanner? | Busy |
Which of these should NOT be classified as an asset? | Accounts payable |
Which of the following tools is a Linux command-line protocol analyzer? | Tcpdump |
Which of the following must be kept secure as mandated by HIPAA? | PHI |
Which of the following data sensitivity labels is the highest level of data sensitivity? | Confidential |
Which of the following is a systematic and methodical evaluation of the exposure of assets to attackers, forces of nature, and any other entity that could cause potential harm? | Vulnerability assessment |
If a software application aborts and leaves the program open, which control structure is it using? | Fail-open |
Which statement regarding a honeypot is NOT true? | It cannot be part of a honeynet. |
Which of the following constructs scenarios of the types of threats that assets can face to learn who the attackers are, why they attack, and what types of attacks may occur? | Threat modeling |
Which of the following is NOT a risk associated with the use of private data? | Devices being infected with malware |
Which of the following sends "probes" to network devices and examines the responses to evaluate whether a specific device needs remediation? | Active scanner |
Which statement regarding vulnerability appraisal is NOT true? | Vulnerability appraisal is always the easiest and quickest step. |
Which of the following is a command-line alternative to Nmap? | Netcat |
Which of the following command-line tools tests a connection between two network devices? | Ping |
Which of the following is NOT an issue raised regarding how private data is gathered and used? | By law, all encrypted data must contain a "backdoor" entry point. |
Which of the following is NOT a function of a vulnerability scanner? | Alerts users when a new patch cannot be found |
If a tester is given the IP addresses, network diagrams, and source code of customer applications, the tester is using which technique? | White box |
Which of the following data sensitivity labels has the lowest level of data sensitivity? | Public |
The chain of _____ documents that the evidence was under strict control at all times and no unauthorized person was given the opportunity to corrupt the evidence. | custody |
Which level of RAID uses disk mirroring and is considered fault-tolerant? | Level 1 |
What is the amount of time added to or subtracted from Coordinated Universal Time to determine local time? | Time offset |
When an unauthorized event occurs, what is the first duty of the cyber-incident response team? | To secure the crime scene |
What does an incremental backup do? | Copies all files changed since the last full or incremental backup |
What does the abbreviation RAID represent? | Redundant Array of Independent Drives |
A(n) _____ is always running off its battery while the main power runs the battery charger. | on-line UPS |
Which question is NOT a basic question to be asked regarding creating a data backup? | How long will it take to finish the backup? |
What is the maximum length of time that an organization can tolerate between data backups? | Recovery point objective (RPO) |
Which of the following is NOT a category of fire suppression systems? | Wet chemical system |
Margaux has been asked to work on the report that will analyze the exercise results with the purpose of identifying strengths to be maintained and weaknesses to be addressed for improvement. What report will she be working on? | After-action report |
What is the average amount of time that it will take a device to recover from a failure that is not a terminal failure? | MTTR |
Which of the following can a UPS NOT perform? | Prevent certain applications from launching that will consume too much power |
Dilma has been tasked with creating a list of potential employees to serve in an upcoming tabletop exercise. Which employees will be on her list? | Individuals on a decision-making level |
Which of these is an example of a nested RAID? | Level 0+1 |
Which type of site is essentially a duplicate of the production site and has all the equipment needed for an organization to continue running? | Hot site |
Which of the following is NOT required for a fire to occur? | A spark to start the process |
Raul has been asked to help develop an outline of procedures to be followed in the event of a major IT incident or an incident that directly impacts IT. What type of planning is this? | IT contingency planning |
An electrical fire like that which would be found in a computer data center is known as what type of fire? | Class C |
Which of these is NOT a characteristic of a disaster recovery plan (DRP)? | It is a private document used only by top-level administrators for planning. |
Which statement is NOT something that a security policy must do? | Balance protection with productivity. |
Which policy defines the actions users may perform while accessing systems and networking equipment? | Acceptable use policy |
Which of the following threats would be classified as the actions of a hactivist? | External threat |
Which of the following risk control types would use video surveillance systems and barricades to limit access to secure sites? | technical |
Tomassa is asked to determine the expected monetary loss every time a risk occurs. Which formula will she use? | SLE |
What describes the ability of an enterprise data center to revert to its former size after expanding? | Elasticity |
Bob needs to create an agreement between his company and a third-party organization that demonstrates a "convergence of will" between the parties so that they can work together. Which type of agreement will Bob use? | MOU |
For adult learners, which approach is often preferred? | Andragogical |
Simona needs to research a control that attempts to discourage security violations before they occur. Which control will she research? | Deterrent control |
Which of the following covers the procedures of managing object authorizations? | Privilege management |
Which of these is NOT a response to risk? | resistance |
Which of the following is NOT a time employee training should be conducted? | After monthly patch updates. |
What is a collection of suggestions that should be implemented? | Guideline |
Bria is reviewing the company's updated personal email policy. Which of the following will she NOT find in it? | Employees should not give out their company email address unless requested. |
Which of the following is NOT a security risk of social media sites for users? | Social media sites use popup ads. |
While traveling abroad, Giuseppe needs to use public Internet cafe computers to access the secure network. Which of the following non-persistence tools should he use? | Live boot media |
Which of the following approaches to risk calculation typically assigns a numeric value (1-10) or label (High, Medium, or Low) represents a risk? | Qualitative risk calculation |
Which of the following is the average amount of time that it will take a device to recover from a failure that is not a terminal failure? | MTTR |
Agnella was asked to create a report that listed the reasons why a contractor should be provided penetration testing authorization. Which of the following would she NOT list in her report? | Access to resources |
Which statement does NOT describe a characteristic of a policy? | Policies communicate a unanimous agreement of judgment. |
Which refers to an attack in which the attacker attempts to impersonate the user by using his or her session token?
An attack in which the attacker attempts to impersonate the user by using his or her session token is known as: Session hijacking.
Which type of attack broadcasts a network request to multiple computers but changes the address from which the request came to the victim's computer quizlet?
A SYN flood attack broadcasts a network request to multiple computers but changes the address from which the request came to the victim's computer.
When an attack is designed to prevent unauthorized users from accessing a system it is called what kind of attack?
Fault Line Attacks use weaknesses between interfaces of systems to exploit gaps in coverage. A security service that provides protection of system resources against unauthorized access. The two basic mechanisms for implementing this service are ACLs and tickets.
What protocol can be used by a host on a network to find the MAC address of another device based on an IP address?
ARP (Address Resolution Protocol) is the protocol in charge of finding MAC addresses with IPs in local network segments. It operates with frames on the data link layer.