Studied by 21 people
Looks like no one added any tags here yet for you.
The Fabrication attack type most commonly affects which principle(s) of the CIA triad?
A. Availability
B. Integrity
C. Confidentiality
D. Integrity and Availability
E. Confidentiality and Integrity
Integrity and Availability
The Interception attack type most commonly affects which principle(s) of the CIA triad? This task contains the radio buttons and checkboxes for options. The shortcut keys to perform this task are A to H and alt+1 to alt+9.
A.Integrity and Availability
B.Confidentiality and Integrity
C.Availability
D.Integrity
E.Confidentiality
Confidentiality
Something that has the potential to cause harm to our assets is known as a(n) ________.
A.Threat
B.Impact
C.Risk
D.Vulnerability
Threat
Controls that protect the systems, networks, and environments that process, transmit, and store our data are called _______.
A.Logical controls
B.Administrative controls
C.Physical controls
Logical Control
What is the first and arguably one of the most important steps of the risk management process?
A.Assess risks
B.Mitigate risks
C.Identify threats
D.Assess vulnerabilities
E.Identify assets
Identify assets
Protects information and information systems from unauthorized access, use, disclosure, disruption, modification, or destruction
information security
A type of attack, primarily against confidentiality
Interception
Something that has the potential to cause harm to our assets
Threat
A weakness that can be used to harm us
Vulnerability
The likelihood that something bad will happen
Risk
An attack that involves tampering with our assets
Modification attack
A model that adds three more principles to the CIA triad: possession or control, utility, and authenticity
Parkerian hexad
The physical disposition of the media on which the data is stored
Possession or control
An attack that involves generating data, processes, communications, or other similar activities with a system
Fabrication attack
A multilayered defense that will allow us to achieve a successful defense should one or more of our defensive measures fail
Defense in depth
Sometimes called technical controls, these protect the systems, networks, and environments that process, transmit, and store our data
Logical controls
Controls that protect the physical environment in which our systems sit, or where our data is stored
Physical controls
The risk management phase that consists of all of the activities that we can perform in advance of the incident itself, in order to better enable us to handle it
Preparation phase
The risk management phase where we detect the occurrence of an issue and decide whether it is actually an incident so that we can respond to it appropriately
Detection and analysis phase
The biometric characteristic that measures how well a factor resists change over time and with advancing age is called __________.
A. Collectability
B. Acceptability
C.Universality
D.Uniqueness
E.Permanence
E.Permanence
What type of authentication can prevent a man-in-the-middle attack? This task contains the radio buttons and checkboxes for options.
A.Multifactor
B.Mutual
C.Something you know
D.Something you are
ESomething you do
B.Mutual
An authentication mechanism in which both parties authenticate each other
Mutual authentication
Describes the ease with which a system can be tricked by a falsified biometric identifier
Circumvention
A user who creates a network share and sets permissions on that share is employing which model of access control? This task contains the radio buttons and checkboxes for options. The shortcut keys to perform this task are A to H and alt+1 to alt+9.
A. Mandatory access control
B. Discretionary access control
C. Attribute-based access control
D. Role-based access control
Discretionary access control
What type of access control can prevent the confused deputy problem? This task contains the radio buttons and checkboxes for options. The shortcut keys to perform this task are A to H and alt+1 to alt+9.
A.ACLs
B.A password policy
C.Capability-based security
D.A locked door
Capability-based security
Confidential Services Inc. is a military-support branch consisting of 1,400 computers with Internet access and 250 servers. All employees are required to have security clearances. From the options listed below, what access control model would be most appropriate for this organization? This task contains the radio buttons and checkboxes for options. The shortcut keys to perform this task are A to H and alt+1 to alt+9.
A.Discretionary access control
B.Role-based access control
C.Attribute-based access control
D.Mandatory access control
D.Mandatory access control
A VPN connection that is set to time out after 24 hours is demonstrating which model of access control? This task contains the radio buttons and checkboxes for options. The shortcut keys to perform this task are A to H and alt+1 to alt+9.
A.Mandatory access control
B.Role-based access control
C.Attribute-based access control
D.Discretionary access control
Attribute-based access control
Lesson: Authorization and Access Control
Objective: More Advanced
States that we should allow only the bare minimum access required in order for a given party (person, user account, or process) to perform a needed functionality
Principle of least privilege
Typically built to a certain resource, these contain the identifiers of the party allowed to access the resource and what the party is allowed to do.
Access control lists (ACLs)
In this method of security, a person's capabilities are oriented around the use of a token that controls their access (e.g. a personal badge)
Capability-based security
A type of attack that is more common in systems that use ACLs rather than capabilities
The confused deputy problem
A type of attack that misuses the authority of the browser on the user's computer
Cross-site request forgery (CSRF)
Access is determined by the owner of the resource in question
Discretionary access control (DAC)
Similar to MAC in that access controls are set by an authority responsible for doing so, rather than by the owner of the resource. In this model, access is based on the role the individual is performing
Role-based access control (RBAC)
Access is based on attributes (of a person, a resource, or an environment)
Attribute-based access control
Designed to prevent conflicts of interest; commonly used in industries that handle sensitive data. Three main resource classes are considered in this model: objects, company groups, and conflict classes.
The Brewer and Nash model
A combination of DAC and MAC, primarily concerned with the confidentiality of the resource. Two security properties define how information can flow to and from the resource: the simple security property and the * property.
The Bell-LaPadula model
Primarily concerned with protecting the integrity of data, even at the expense of confidentiality. Two security rules: the simple integrity axiom and the * integrity axiom.
The Biba model
An access control model that includes many tiers of security and is used extensively by military and government organizations and those that handle data of a very sensitive nature
Multilevel access control model
What process ensures compliance with applicable laws, policies, and other bodies of administrative control, and detects misuse? This task contains the radio buttons and checkboxes for options. The shortcut keys to perform this task are A to H and alt+1 to alt+9.
A.Nonrepudiation
B.Deterrence
C.Auditing
D.Accountability
E.Authorization
C.Auditing
Lesson: Auditing and Accountability
Objective: Introduction
Nessus is an example of a(n) _______________ tool. This task contains the radio buttons and checkboxes for options. The shortcut keys to perform this task are A to H and alt+1 to alt+9.
A.Fuzzing
B.Anti-virus
C.Anti-malware
D.Vulnerability scanning
E.Penetration testing
D.Vulnerability scanning
A surveillance video log contains a record, including the exact date and time, of an individual gaining access to his company's office building after hours. He denies that he was there during that time, but the existence of the video log proves otherwise. What benefit of accountability does this example demonstrate? This task contains the radio buttons and checkboxes for options. The shortcut keys to perform this task are A to H and alt+1 to alt+9.
A.Deterrence
B.Nonrepudiation
C.Intrusion detection and prevention
D.Authentication
E.Authorization
B.Nonrepudiation
_______ provides us with the means to trace activities in our environment back to their source. This task contains the radio buttons and checkboxes for options. The shortcut keys to perform this task are A to H and alt+1 to alt+9.
A.Access
B.Authentication
C.Accountability
D.Authorization
E.Nonrepudiation
C.Accountability
Backordered Parts is a defense contractor that builds communications parts for the military. The employees use mostly Web-based applications for parts design and information sharing. Due to the sensitive nature of the business, Backordered Parts would like to implement a solution that secures all browser connections to the Web servers. What encryption solution best meets this company's needs? This task contains the radio buttons and checkboxes for options.
A.Elliptic Curve Cryptography (ECC)
B.Digital signatures
C.Advanced Encryption Standard (AES)
D.Blowfish
A.Elliptic Curve Cryptography (ECC)
Lesson: Cryptography
Objective: Alert!
Question 3 : We are somewhat limited in our ability to protect which type of data? This task contains the radio buttons and checkboxes for options. The shortcut keys to perform this task are A to H and alt+1 to alt+9.
A.Data at rest
B.Data in motion
C.Data in use
C.Data in use
he science of breaking through encryption is known as _____. This task contains the radio buttons and checkboxes for options. The shortcut keys to perform this task are A to H and alt+1 to alt+9.
A.Ciphertext
B.Cryptology
C.Cryptography
D.Cryptanalysis
D.Cryptanalysis
The specifics of the process used to encrypt the plaintext or decrypt the ciphertext
Cryptographic algorithm
Also known as private key cryptography, this uses a single key for both encryption of the plaintext and decryption of the ciphertext
Symmetric key cryptography
Example: AES
A type of cipher that takes a predetermined number of bits in the plaintext message (commonly 64 bits) and encrypts that block
Block cipher
A type of cipher that encrypts each bit in the plaintext message, 1 bit at a time
Stream cipher
A set of symmetric block ciphers endorsed by the US government through NIST. Shares the same block modes that DES uses and also includes other modes such as XEX-based Tweaked CodeBook (TCB) mode
AES
Also known as public key cryptography, this method uses two keys: a public key and a private key.
Asymmetric key cryptography
Uses the RSA algorithm, an asymmetric algorithm, to secure web and email traffic
Secure Sockets Layer (SSL) protocol
Also referred to as message digests, these functions do not use a key
Hash functions
Infrastructure that includes the CAs that issue and verify certificates and the registration authorities (RAs) that verify the identity of the individuals associated with the certificates
Public key infrastructure (PKI)
______ regulates the financial practice and governance of corporations. This task contains the radio buttons and checkboxes for options. The shortcut keys to perform this task are A to H and alt+1 to alt+9.
A.GLBA
B.FISMA
C.SOX
D.FERPA
E.HIPAA
C.SOX
Regulations mandated by law, usually requiring regular audits and assessments
Regulatory Compliance
This act safeguards privacy through the establishment of procedural and substantive rights in personal data
The Federal Privacy Act of 1974
Question : Risk can be higher when ___________ services are used for computing operations. This task contains the radio buttons and checkboxes for options. The shortcut keys to perform this task are A to H and alt+1 to alt+9.
A.auditing
B.competitive intelligence
C.cloud computing
D.OPSEC
C.cloud computing
Laws of OPSEC
1.If you don't know what to protect, how do you know you are protecting it?
2.If you don't know the threat, how do you know what to protect?
3.If you are not protecting it (i.e. the information), THE DRAGON WINS!
1.If you don't know the threat, how do you know what to protect?
2.If you don't know what to protect, how do you know you are protecting it?
3.If you are not protecting it (i.e. the information), THE DRAGON WINS!
During what phase of the operations security process do we match threats and vulnerabilities? T
A.Assessment of risks
B.Analysis of vulnerabilities
C.Analysis of threats
D.Identification of critical information
E.Application of countermeasures
A.Assessment of risks
Haas' second law of operations security, "If you don't know what to protect, how do you know you are protecting it?," maps to what step in the operations security process?
A.Analysis of threats
B.Analysis of vulnerabilities
C.Assessment of risks
D.Application of countermeasures
E.Identification of critical information
E.Identification of critical information
You are leaving for an extended vacation and want to take steps to protect your home. You set a timer to turn lights and the TV on and off at various times throughout the day, suspend the mail delivery, and arrange for a neighbor to come in and water the plants. What step in the operations security process do these actions demonstrate? This task contains the radio buttons and checkboxes for options. The shortcut keys to perform this task are A to H and alt+1 to alt+9.
A.Identification of critical information
B.Analysis of threats
C.Analysis of vulnerabilities
D.Assessment of risks
E.Application of countermeasures
E.Application of countermeasures
The process of intelligence gathering and analysis to support business decisions is known as _______.
A.Competitive intelligence
B.Competitive business
C.Business intelligence
D.Business competition
E.Counter intelligence
A.Competitive intelligence
The study that was conducted to discover the cause of the information leak during the Vietnam War was codenamed ________ and is now considered a symbol of OPSEC.
A.Sun Tzu
B.Vietnam Viper
C.The Art of War
D.Purple Dragon
D.Purple Dragon
The process of intelligence gathering and analysis in order to support business decisions
Competitive intelligence
Name the five steps of the operations security process
1.Identification of critical information
2.Analysis of threats
3.Analysis of vulnerabilities
4.Assessment of risks
5.Application of countermeasures
1.Identification of critical information
2.Analysis of threats
3.Analysis of vulnerabilities
4.Assessment of risks
5.Application of countermeasures
Haas' Laws of Operations Security: The First Law
If you don't know the threat, how do you know what to protect?
Haas' Laws of Operations Security: The Second Law
If you don't know what to protect, how do you know you are protecting it?
Haas' Laws of Operations Security: The Third Law
If you are not protecting it, the dragon wins!
The first step in the OPSEC process, and arguably the most important: to identify the assets that most need protection and will cause us the most harm if exposed
Identification of critical information
The second step in the OPSEC process: to look at the potential harm or financial impact that might be caused by critical information being exposed, and who might exploit that exposure
Analysis of threats
The third step in the OPSEC process: to look at the weaknesses that can be used to harm us
Analysis of vulnerabilities
The fourth step in the OPSEC process: to determine what issues we really need to be concerned about (areas with matching threats and vulnerabilities)
Assessment of risks
The fifth step in the OPSEC process: to put measures in place to mitigate risks
Application of countermeasures
Name the most common security awareness issues
Protecting data, passwords, social engineering, network usage, malware, the use of personal equipment, clean desk, policy knowledge
Name the most common security awareness issues
Protecting data, passwords, social engineering, network usage, malware, the use of personal equipment, clean desk, policy knowledge
A technique used by an attacker that relies on the willingness of people to help others
Social engineering
A technique involving a fake identity and a believable scenario that elicits the target to give out sensitive information or perform some action which they would not normally do for a stranger
Pretexting
A social engineering technique that uses electronic communications (email, texts, or phone calls) to convince a potential victim to give out sensitive information or perform some action
Phishing
A social engineering technique that targets a specific company, organization, or person, and involves knowing specifics about the target to appear valid
Spear phishing
A program that seeks to make users aware of the risk they are accepting through their current actions and attempts to change their behavior through targeted efforts
Security Awareness, Training, and Education (SATE)
What planning process ensures that critical business functions can continue to operate during an emergency?
A.Incident response planning
B.Risk management planning
C.Operations security planning
D.Disaster recovery planning
E.Business continuity planning
E.Business continuity planning
What planning process ensures that we can respond appropriately during and after a disaster?
A.Incident response planning
B.Risk management process
C.Operations security process
D.Disaster recovery planning
E.Business continuity planning
D.Disaster recovery planning
Your company has an office full of expensive computer equipment to protect. You recommend a variety of approaches, including a security guard stationed at the entrance, a high fence around the property, and key card entry to all nonpublic areas. What security concept are you recommending to protect your company's assets?
A.Defense in depth
B.Nonrepudiation
C.Capability-based security
D.Access control lists
E.Principle of least privilege
A.Defense in depth
Which of the options below demonstrates all three types of physical security controls: deterrent, detective, and preventive?
A.A burglar alarm
B.A guard dog
C.A locked door
D.A warning sign
E.An employee policy
B.A guard dog
Name three main types of physical controls
Deterrent, detective, and preventive
Deterrent, detective, and preventive
Hping3: A tool used to test the security of firewalls.
Hping3: A tool used to test the security of firewalls.
Kismet: A tool used to detect unauthorized wireless access points.
Kismet: A tool used to detect unauthorized wireless access points.
Nmap: A versatile tool able to scan ports, search for hosts on the network, and other operations.
Nmap: A versatile tool able to scan ports, search for hosts on the network, and other operations.
Tcpdump: This command-line packet sniffing tool runs on Linux and UNIX operating systems.
Tcpdump: This command-line packet sniffing tool runs on Linux and UNIX operating systems.
Wireshark: A graphical interface protocol analyzer capable of filtering, sorting, and analyzing both wired and wireless network traffic.
Wireshark: A graphical interface protocol analyzer capable of filtering, sorting, and analyzing both wired and wireless network traffic.
_____________ is a sniffer that specializes in detecting wireless devices.
A.Hping3
B.Kismet
C.Wireshark
D.NetStumbler
B.Kismet
A tool that deliberately displays vulnerabilities in an attempt to bait attackers is called _____________.
A.A vulnerability assessment scanner
B.A honeypot
C.A fuzzer
D.A sniffer
E.A port scanner
B.A honeypot
A firewall that can watch packets and monitor the traffic from a given connection is using what kind of firewall technology?
A.Deep packet inspection
B.Stateful packet inspection
C.Packet filtering
B.Stateful packet inspection
_____________ is a popular, fully-featured sniffer capable of intercepting traffic from a wide variety of wired and wireless sources.
A.Wireshark
B.Kismet
C.Hping3
D.NetStumbler
A.Wireshark
A specialized type of firewall that provides security and performance features, functions as a choke point, allows for logging traffic for later inspection, and serves as a single source of requests for the devices behind it is known as a(n) ____________
A.Proxy server
B.FTP server
C.Packet sniffer
D.Web server
E.Intrusion detection system
A.Proxy server
This method of security involves a well-configured and patched network, and incorporating elements such as network segmentation, choke points, and redundancy
Security in network design
The act of dividing a network into multiple smaller networks, each acting as its own small network (subnet)
Network segmentation
Certain points in the network, such as routers, firewalls, or proxies, where we can inspect, filter, and control network traffic
Choke points
A firewall technology that inspects the contents of each packet in network traffic individually and makes a gross determination (based on source and destination IP address, port number, and the protocol being used) of whether the traffic should be allowed to pass
Packet filtering
Note 
Flashcard (36)