Term
| If VoIP traffic needs to traverse through a WAN with congestion, you need |
|
Definition
|
|
Term
| T/F The up-to-date Common Vulnerabilities & Exposure list is maintained and managed by the U.S. Department of Finance. |
|
Definition
|
|
Term
| T/F The Delphi method is the estimated loss due to a specific realized threat. The formula to calculate this loss is =SLE × ARO. |
|
Definition
|
|
Term
| What is meant by multi-tenancy? |
|
Definition
| A database feature that allows different groups of users to access the database without being able to access each other’s data. |
|
|
Term
| Which of the following is the definition of system owner? |
|
Definition
| The person responsible for the daily operation of a system and for ensuring that the system continues to operate in compliance with the conditions set out by the AO. |
|
|
Term
| A security awareness program includes |
|
Definition
All:
teaching employees about security objectives
motivating users to comply with security policies
informing users about trends and threats in society |
|
|
Term
| T/F System owners are in control of data classification. |
|
Definition
|
|
Term
| Voice and unified communications are ________ applications that use 64-byte IP packets. |
|
Definition
|
|
Term
| T/F A way to protect your organization from personnel-related security violationsis to use job rotation. This minimizes risk by rotating employees among various systems or duties, which prevents collusion. |
|
Definition
|
|
Term
| What term is used to describe communication that doesn’t happen in real time but rather consists of messages (voice or e-mail) that are stored on a server and downloaded to endpoint devices? |
|
Definition
| store-and-forward communications |
|
|
Term
| What is meant by promiscuous mode? |
|
Definition
| The mode in which sniffers operate; it is nonintrusive and does not generate network traffic. This means that every data packet is captured and can be seen by the sniffer. |
|
|
Term
| The act of transforming clear text data into undecipherable cipher text is the definition of __________. |
|
Definition
|
|
Term
| ________ is the difference between the security controls you have in place and the controls youneed to have in place in order to address all vulnerabilities. |
|
Definition
|
|
Term
| The recovery point objective (RPO) identifies the amount of _________ that is acceptable. |
|
Definition
|
|
Term
| T/F The term Bring Your Own Device (BYOD) refers to an organizational policy of allowing or even encouraging employees, contractors, and others to connect their own personal equipment to the corporate network; this offers cost savings and other benefits but also presents security risks. |
|
Definition
|
|
Term
| T/F Until the mid-1980s, personal and business communications involved three primary tools: telephone, answering machines and voicemail, and the Internet. |
|
Definition
|
|
Term
| SIP is a ___________ protocol used to support real-time communications. |
|
Definition
|
|
Term
| A ________ is a collection of computers connected to one another or to a common connection medium. |
|
Definition
|
|
Term
| T/F A DoS attack is a coordinated attempt to deny service by causing a computer to perform an unproductive task. |
|
Definition
|
|
Term
| ________ is the basis for unified communications and is the protocol used by real-timeapplications such as IM chat, conferencing, and collaboration. |
|
Definition
| Session Initiation Protocol (SIP) |
|
|
Term
| T/F Authority-level policy is adatabase feature that allows different groups of users to access the database without being able to access each other’s data. |
|
Definition
|
|
Term
| Which of the following adequately defines continuous authentication? |
|
Definition
| An authentication method in which a user is authenticated at multiple times or event intervals. |
|
|
Term
| What is meant by call control? |
|
Definition
| The software in a phone system that performs the call switching from an inboundtrunk to a phone extension. |
|
|
Term
| What is meant by digital subscriber line (DSL)? |
|
Definition
| A high-speed digital broadband service that uses copper cabling for Internet access. |
|
|
Term
| What is the Project Management Body of Knowledge (PMBOK)? |
|
Definition
| A collection of the knowledge and best practices of the project management profession. |
|
|
Term
| T/F The network security group is responsible for the Internet-to-WAN Domain. |
|
Definition
|
|
Term
| What name is given to a high-speed broadband networking technology that uses a 53-byte cell to support real-time voice, video, or data communications? |
|
Definition
| dense wavelength division multiplexing (DWDM) |
|
|
Term
| What is meant by risk register? |
|
Definition
| A list of identified risks that results from the risk-identification process. |
|
|
Term
| A method of restricting resource access to specific periods of time is called ________. |
|
Definition
|
|
Term
| ________ is a method that black-hat hackers use to attempt to compromise logon and password access controls, usually following a specific attack plan, including the use of social engineering to obtain user information. |
|
Definition
| Brute-force password attack |
|
|
Term
| T/F A benchmark is the standard by which a system is compared to determine whether it is securely configured. One technique in an audit is to compare the current setting of a computer or device with a benchmark to help identify differences. |
|
Definition
|
|
Term
| ________ states that users must never leave sensitive information in plain view on an unattended desk or workstation. |
|
Definition
| Clean desk/clear screen policy |
|
|
Term
| T/F Many jurisdictions require audits by law. |
|
Definition
|
|
Term
| T/F The difference between black-hat hackers and white-hat hackers is that black-hat hackers are mainly concerned with finding weaknesses for the purpose of fixing them, and white-hat hackers want to find weaknesses just for the fun of it or to exploit them. |
|
Definition
|
|
Term
| What is meant by rootkit? |
|
Definition
| A type of malware that modifies or replaces one or more existing programs to hide the fact that a computer has been compromised. |
|
|
Term
| T/F AnSOC 1 report is commonly implemented for organizations that must comply with Sarbanes-Oxley (SOX) or the Gramm-Leach-Bliley Act (GLBA). |
|
Definition
|
|
Term
| T/F Having too many risks in the risk register is much better than overlooking any severe risk that does occur. |
|
Definition
|
|
Term
| The physical part of the LAN Domain includes a __________, which is an interface between the computer and the LAN physical media. |
|
Definition
| network interface card (NIC) |
|
|
Term
| What is meant by certification? |
|
Definition
| The technical evaluation of a system to provide assurance that you have implemented the system correctly. |
|
|
Term
| Which of the following is the definition of business drivers? |
|
Definition
| The collection of components, including people, information, and conditions, that support business objectives. |
|
|
Term
| What is a Security Information and Event Management (SIEM) system? |
|
Definition
| Software and devices that assist in collecting, storing, and analyzing the contents of log files. |
|
|
Term
| T/F An attacker will use exploit software when performing vulnerability assessments and intrusive penetration testing. |
|
Definition
|
|
Term
| The goal of ____________ is to quantify possible outcomes of risks, determine probabilities of outcomes, identify high-impact risks, and develop plans based on risks. |
|
Definition
| quantitative risk analysis |
|
|
Term
| Because personnel are so important to solid security, one of the best security controls you can develop is a strong security ___________ and awareness program. |
|
Definition
|
|
Term
| As users upgrade LANs to GigE or 10GigE, switches must support ________ and data IP traffic. |
|
Definition
|
|
Term
| T/F Successfully connecting to a computer using a modem makes it impossible to access the rest of the organization’s network. |
|
Definition
|
|
Term
| E-commerce changed how businesses sell, and the ________ changed how they market. |
|
Definition
|
|
Term
| The ___________ framework defines the scope and contents of three levels of audit reports. |
|
Definition
| Service Organization Control (SOC) |
|
|
Term
| T/F Voice and data traffic should be segmented on different backbone links to optimize performance, segment voice, and data traffic on separate GigE or 10GigEfiber-optic trunks. |
|
Definition
|
|
Term
| T/F The International Information Systems Security Certification Consortium (ISC)2, has two certifications: Systems Security Certified Practitioner (SSCP®) and Certified Information Systems Security Professional (CISSP®). CISSP candidates must pass a difficult and comprehensive exam and have at least 5 years of professional information security experience. |
|
Definition
|
|
Term
| ________ is an authorization method in which access to resources is decided by the user’s formal status. |
|
Definition
|
|
Term
| T/F Resources are protected objects in a computing system, such as files, computers, or printers. |
|
Definition
|
|
Term
| An organization’s facilities manager might give you a security card programmed with your employee ID number, also known as a ________. |
|
Definition
|
|
Term
| T/F The weakest link in the security of an IT infrastructure is the server. |
|
Definition
|
|
Term
| You can use quantitative risk analysis for all risks on the risk register;however, the amount of effort required may be overkill for _____________ risks. |
|
Definition
low probability
low impact |
|
|
Term
| T/F The audit itself sets new policies. |
|
Definition
|
|
Term
| What is meant by application convergence? |
|
Definition
| The integration of applications to enhance productivity. Unified communications is an example of application convergence. Unified communications integrates recorded voice messages into e-mail so that voice messages are retrievable via e-mail. |
|
|
Term
| The ____________ represents the fourth layer of defense for a typical IT infrastructure. |
|
Definition
|
|
Term
| Which of the following defines network mapping? |
|
Definition
| Using tools to determine the layout and services running on an organization’s systems and networks. |
|
|
Term
| Malicious software can be hidden in a ________. |
|
Definition
URL link
PDF file
ZIP file
all of the above |
|
|
Term
| ________ is the process of managing changes to computer/device configuration or application software. |
|
Definition
|
|
Term
| This device uses public key infrastructure (PKI) technology—for example, a certificate signed by a trusted certification authority—and doesn’t provide one-time passwords. |
|
Definition
|
|
Term
| T/F The process of managing the baseline settings of a system device is the definition of configuration control. |
|
Definition
|
|
Term
| As your organization evolves and as threats mature, it is important to make sure your __________ still meet(s) the risks you face today. |
|
Definition
|
|
Term
| What name is given to a U.S. federal law that requires U.S. government agencies to protect citizens’ private data and have proper security controls in place? |
|
Definition
Federal Information Security Management Act (FISMA)
Encryption |
|
|
Term
| A ________ examines the network layer address and routes packets based on routing protocol path determination decisions. |
|
Definition
|
|
Term
| Which of the following is the definition of net cat? |
|
Definition
| A network utility program that reads from and writes to network connections. |
|
|
Term
| ____________ is the amount of time it takes to recover and make a system, application, and data available for use after an outage. |
|
Definition
| Recovery time objective (RTO) |
|
|
Term
| The total number of errors divided by the total number of bits transmitted is the definition of __________. |
|
Definition
|
|
Term
| A common DSL service is ________, where the bandwidth is different for downstream and upstream traffic. |
|
Definition
| asymmetric digital subscriber line (ADSL) |
|
|
Term
| What fills security gaps and software weaknesses? |
|
Definition
| Testing and quality assurance |
|
|
Term
| T/F A physically constrained user interface isa user interface that does not provide a physical means of entering unauthorized information. |
|
Definition
|
|
Term
| What name is given to an attack that uses ping or ICMP echo-request, echo-reply messages to bring down the availability of a server or system? |
|
Definition
|
|
Term
| For all the technical solutions you can devise to secure your systems, the __________ remains your greatest challenge. |
|
Definition
|
|
Term
| RTO identifies the maximum allowable ________ to recover the function. |
|
Definition
|
|
Term
| T/F Even though 3G networks provided mobile devices with connection capabilities similar to those of wired networks, they still did not use true IP network addressing. |
|
Definition
|
|
Term
| T/F The Delphi method is the estimated loss due to a specific realized threat. The formula to calculate this loss is =SLE × ARO. |
|
Definition
|
|
Term
| T/F A time-based synchronization system is a mechanism that limits access to computer systems and network resources. |
|
Definition
|
|
Term
| T/F Single loss expectancy (SLE) means the expected loss for a single threat occurrence. The formula to calculate SLE is SLE= Resource Value × EF. |
|
Definition
|
|
Term
| Which of the following is the definition of pattern-based IDS? |
|
Definition
| An intrusion detection system that uses pattern matching and state full matching to compare current traffic with activity patterns (signatures) of known network intruders. |
|
|
Term
| _________ was developed for organizations such as insurance and medical claims processors, telecommunication service providers, managed services providers, and credit card transaction processing companies. |
|
Definition
|
|
Term
| What term is used to describe a packet-based WAN service capable of supporting one-to-many and many-to-many WAN connections? |
|
Definition
|
|
Term
| When you accept a __________, you take no further steps to resolve. |
|
Definition
|
|
Term
| Which of the following is the definition of cipher text? |
|
Definition
| The opposite of clear text. Data sent as cipher text is not visible and not decipherable. |
|
|
Term
| T/F In 2011, the United States ranked second globally as a source of network attacks and highest as a source of attacks in North America, even if they originate outside the United States. |
|
Definition
|
|
Term
T/F
Sprint means one of the small project iterations used in the “agile” method of developing software, in contrast with the usual long project schedules of other ways of developing software. |
|
Definition
|
|
Term
| Security audits help ensure that your rules and __________ are up to date, documented, and subject to change control procedures. |
|
Definition
|
|
Term
| T/F Annual loss expectancy (ALE) means the process of identifying, assessing, prioritizing, and addressing risks. |
|
Definition
|
|
Term
| ________ is an authentication credential that is generally longer and more complex than a password. |
|
Definition
|
|
Term
| T/F Role-based access control (RBAC) means limiting users’ access to database views, as opposed to allowing users to access data in database tables directly. |
|
Definition
|
|
Term
| A parallel test evaluates the effectiveness of the ________ by enabling full processing capability at an alternate data center without interrupting the primary data center. |
|
Definition
|
|
Term
| T/F An organization can choose to plan for any interruption time frame, but in many BIAs, restoration plans assume that access to primary resources will not be possible for at least 60 days. |
|
Definition
|
|
Term
| Audio conferencing is a software-based, real-time audio conference solution for ________ callers. |
|
Definition
|
|
Term
| The primary difference between SOC 2 and SOC 3 reports is ________. |
|
Definition
|
|
Term
| T/F Initiating changes to avoid expected problems is the definition of proactive change management. |
|
Definition
|
|
Term
| T/F The process of managing the baseline settings of a system device is the definition of configuration control. |
|
Definition
|
|
Term
| Which of the following is an accurate description of cloud computing? |
|
Definition
| The practice of using computing services that are delivered over a network. |
|
|
Term
| T/F Synchronous token means a device used as a logon authenticator for remote users of a network. |
|
Definition
|
|
Term
| _____________ is the process of dividing a task into a series of unique activities performed by different people, each of whom is allowed to execute only one part of the overall task. |
|
Definition
|
|
Term
| T/F The term security kernel database describes a database made up of rules that determine individual users’ access rights. |
|
Definition
|
|
Term
| In a ________, the attacker sends a large number of packets requesting connections to the victim computer. |
|
Definition
|
|
Term
| The process of managing risks starts by identifying __________. |
|
Definition
|
|
Term
| During the late 1980s into the early 1990s, service providers converted the core switches at their central offices from ______________ to digital central office (CO) switches. |
|
Definition
|
|
Term
| The ________ in analog communications is one error for every 1,000 bits sent; in digital communications, the __________ is one error for every 1,000,000 bits sent. |
|
Definition
|
|
Term
| T/F Mandatory access control (MAC) isa means of restricting access to an object based on the object’s classification and the user’s security clearance. |
|
Definition
|
|
Term
| The tunnel can be created between a remote workstation using the public Internet and a VPN router or a secure browser and ________ Web site. |
|
Definition
| Secure Sockets Layer virtual private network (SSL-VPN) |
|
|
Term
| A(n) ___________ fingerprint scanner is a software program that allows an attackerto send logon packets to an IP host device. |
|
Definition
|
|
Term
| A___________ primarily addresses the processes, resources, equipment,and devices needed to continue conducting critical business activities when an interruption occurs that affects the business’s viability. |
|
Definition
| business continuity plan (BCP) |
|
|
Term
| What term is used to describe a reconnaissance technique that enables an attacker to use port mapping to learn which operating system and version arerunning on a computer? |
|
Definition
| operating system fingerprinting |
|
|
Term
| T/F SOC 3 reports are intended for public consumption. |
|
Definition
|
|
Term
| Which of the following is the definition of access control? |
|
Definition
| The process of protecting a resource so that it is used only by those allowed to use it; a particular method used to restrict or allow access to resources. |
|
|
Term
| What is meant by certification? |
|
Definition
| The technical evaluation of a system to provide assurance that you have implemented the system correctly. |
|
|
Term
| The goal and objective of a __________ is to provide a consistent definition for how an organization should handle and secure different types of data. |
|
Definition
| data classification standard |
|
|
Term
| T/F The term clipping level refers to a value used in security monitoring that tells controls to ignore activity that falls below a stated value. |
|
Definition
|
|
Term
| A _________ has a hostile intent, possesses sophisticated skills, and may be interested in financial gain. They represent the greatest threat to networks and information resources. |
|
Definition
|
|
Term
| A ___________ is a tool used to scan IP host devices for open ports that have been enabled. |
|
Definition
|
|
Term
| __________ tests interrupt the primary data center and transfer processing capability to an alternate site. |
|
Definition
|
|
Term
| War dialers are becoming more frequently used given the rise of digital telephony and now IP telephony or Voice over IP (VoIP). |
|
Definition
|
|
Term
| An encrypted channel used for remote access to a server or system, commonly used in Linux and UNIX servers and applications, is the definition of __________. |
|
Definition
|
|
Term
| T/F A physically constrained user interface isa user interface that does not provide a physical means of entering unauthorized information. |
|
Definition
|
|
