WGU C836 MULTI/COMPREHENSIVE FINAL EXAM REVIEW (LATEST VERSION 2022)

Document Content and Description Below

WGU C836 MULTI/COMPREHENSIVE FINAL EXAM REVIEW (LATEST VERSION 2022) ______ regulates the financial practice and governance of corporations. This task contains the radio buttons and checkboxes for... options. The shortcut keys to perform this task are A to H and alt+1 to alt+9. A.GLBA B.FISMA C.SOX D.FERPA E.HIPAA Correct Answer- C.SOX _______ provides us with the means to trace activities in our environment back to their source. This task contains the radio buttons and checkboxes for options. The shortcut keys to perform this task are A to H and alt+1 to alt+9. A.Access B.Authentication C.Accountability D.Authorization E.Nonrepudiation Correct Answer- C.Accountability _____________ is a popular, fully-featured sniffer capable of intercepting traffic from a wide variety of wired and wireless sources. A.WiresharkB.Kismet C.Hping3 D.NetStumbler Correct Answer- A.Wireshark _____________ is a sniffer that specializes in detecting wireless devices. A.Hping3 B.Kismet C.Wireshark D.NetStumbler Correct Answer- B.Kismet A combination of a network design feature and a protective device such as a firewall; often used for systems that need to be exposed to external networks but are connected to our network (such as a web server) Correct Answer- Demilitarized Zone (DMZ) A combination of DAC and MAC, primarily concerned with the confidentiality of the resource. Two security properties define how information can flow to and from the resource: the simple security property and the * property. Correct Answer- The Bell-LaPadula model A database is vulnerable to SQL injection attacks through direct attempts to the database server or through applications software, including web applications. What is the most effective way of mitigating these attacks? A.Authenticating the user on the client-side B.Authenticating the user on the server-side C.Keeping the software patched D.Turning on database logging E.Validating user inputs Correct Answer- E.Validating user inputsA firewall technology that can analyze the actual content of the traffic that is flowing through Correct Answer- Deep packet inspection A firewall technology that functions on the same general principle as packet filtering firewalls, but is able to keep track of the traffic at a granular level. Has the ability to watch the traffic over a given connection Correct Answer- Stateful packet inspection A firewall technology that inspects the contents of each packet in network traffic individually and makes a gross determination (based on source and destination IP address, port number, and the protocol being used) of whether the traffic should be allowed to pass Correct AnswerPacket filtering A firewall that can watch packets and monitor the traffic from a given connection is using what kind of firewall technology? A.Deep packet inspection B.Stateful packet inspection C.Packet filtering Correct Answer- B.Stateful packet inspection A fully featured sniffer that is also a great tool for troubleshooting traffic; this well-known tool is used by many network operations and security teams Correct Answer- Wireshark A group of tools that can include network mapping tools, sniffers, and exploits Correct AnswerExploit framework A hardware- and software-based technology that prevents certain portions of the memory used by the operating system and applications from being used to execute code Correct AnswerExecutable space protection A model that adds three more principles to the CIA triad: possession or control, utility, and authenticity Correct Answer- Parkerian hexadA multilayered defense that will allow us to achieve a successful defense should one or more of our defensive measures fail Correct Answer- Defense in depth A particularly complex and impactful item of malware that targeted the Supervisory Control and Data Acquisition (SCADA) systems that run various industrial processes; this piece of malware raised the bar for malware from largely being a virtual-based attack to actually being physically destructive Correct Answer- Stuxnet A phrase that refers to an organization's strategy and policies regarding the use of personal vs. corporate devices Correct Answer- Bring your own device (BYOD A principle that states we should only allow a party the absolute minimum permission needed for it to carry out its function Correct Answer- The principle of least privilege A program that seeks to make users aware of the risk they are accepting through their current actions and attempts to change their behavior through targeted efforts Correct AnswerSecurity Awareness, Training, and Education (SATE) A security method that involves shifting the contents of memory around to make tampering difficult Correct Answer- Address space layout randomization (ASLR) A set of symmetric block ciphers endorsed by the US government through NIST. Shares the same block modes that DES uses and also includes other modes such as XEX-based Tweaked CodeBook (TCB) mode Correct Answer- AES A social engineering technique that targets a specific company, organization, or person, and involves knowing specifics about the target to appear valid Correct Answer- Spear phishing A social engineering technique that uses electronic communications (email, texts, or phone calls) to convince a potential victim to give out sensitive information or perform some action Correct Answer- PhishingA specialized type of firewall that can serve as a choke point, log traffic for later inspection, and provide a layer of security for the devices behind it Correct Answer- Proxy server A specialized type of firewall that provides security and performance features, functions as a choke point, allows for logging traffic for later inspection, and serves as a single source of requests for the devices behind it is known as a(n) ____________ A.Proxy server B.FTP server C.Packet sniffer D.Web server E.Intrusion detection system Correct Answer- A.Proxy server A surveillance video log contains a record, including the exact date and time, of an individual gaining access to his company's office building after hours. He denies that he was there during that time, but the existence of the video log proves otherwise. What benefit of accountability does this example demonstrate? This task contains the radio buttons and checkboxes for options. The shortcut keys to perform this task are A to H and alt+1 to alt+9. A.Deterrence B.Nonrepudiation C.Intrusion detection and prevention D.Authentication E.Authorization Correct Answer- B.Nonrepudiation A system that monitors the network to which it is connected for unauthorized activity Correct Answer- Network intrusion detection system (NIDS)A system used to analyze the activities on or directed at the network interface of a particular host Correct Answer- Host intrusion detection system (HIDS) A technique involving a fake identity and a believable scenario that elicits the target to give out sensitive information or perform some action which they would not normally do for a stranger Correct Answer- Pretexting A technique used by an attacker that relies on the willingness of people to help others Correct Answer- Social engineering A tool developed by Microsoft for testing certain pattern-matching expressions for potential vulnerabilities Correct Answer- SDL Regex Fuzzer A tool developed by Microsoft to find flaws in file-handling source code Correct AnswerMiniFuzz File Fuzzer A tool that can map the network topology and help locate firewall vulnerabilities Correct Answer- Hping3 A tool that deliberately displays vulnerabilities in an attempt to bait attackers is called _____________. A.A vulnerability assessment scanner B.A honeypot C.A fuzzer D.A sniffer E.A port scanner Correct Answer- B.A honeypotA type of attack on the web server that can target vulnerabilities such as lack of input validation, improper or inadequate permissions, or extraneous files left on the server from the development process Correct Answer- Server-side attack A type of attack that can occur when we fail to properly design our security mechanisms when implementing cryptographic controls in our applications Correct Answer- Cryptographic attack A type of attack that can occur when we fail to use authorization best practices for our applications Correct Answer- Authorization attack A type of attack that can occur when we fail to use strong authentication mechanisms for our applications Correct Answer- Authentication attack A type of attack that can occur when we fail to validate the input to our applications or take steps to filter out unexpected or undesirable content Correct Answer- Input validation attack A type of attack that is more common in systems that use ACLs rather than capabilities Correct Answer- The confused deputy problem A type of attack that misuses the authority of the browser on the user's computer Correct Answer- Cross-site request forgery (CSRF) A type of attack that takes advantage of weaknesses in the software loaded on client machines, or one that uses social engineering techniques to trick us into going along with the attack Correct Answer- Client-side attack A type of attack, primarily against confidentiality Correct Answer- Interception A type of cipher that encrypts each bit in the plaintext message, 1 bit at a time Correct AnswerStream cipherA type of cipher that takes a predetermined number of bits in the plaintext message (commonly 64 bits) and encrypts that block Correct Answer- Block cipher A type of software development problem that occurs when we do not properly account for the size of the data input into our applications Correct Answer- Buffer overflows/overruns A type of software development vulnerability that occurs when multiple processes or multiple threads within a process control or share access to a particular resource, and the correct handling of that resource depends on the proper ordering or timing of transactions Correct Answer- Race conditions A type of tool that analyzes web pages or web-based applications and searches for common flaws such as XSS or SQL injection flaws, and improperly set permissions, extraneous files, outdated software versions, and many more such items Correct Answer- Web application analysis tool A type of tool that can detect various security flaws when examining hosts Correct AnswerScanner A type of tool that deliberately displays vulnerabilities or attractive data so it can detect, monitor, and sometimes tamper with the activities of an attacker Correct Answer- Honeypot A type of tool that uses signature matching or anomaly detection (heuristics) to detect malware threats, either in real-time or by performing scans of files and processes Correct Answer- Antimalware tool A type of tool that works by bombarding our applications with all manner of data and inputs from a wide variety of sources, in the hope that we can cause the application to fail or to perform in unexpected ways Correct Answer- FuzzerA user who creates a network share and sets permissions on that share is employing which model of access control? This task contains the radio buttons and checkboxes for options. The shortcut keys to perform this task are A to H and alt+1 to alt+9. A. Mandatory access control B. Discretionary access control C. Attribute-based access control D. Role-based access control Correct Answer- Discretionary access control A VPN connection that is set to time out after 24 hours is demonstrating which model of access control? This task contains the radio buttons and checkboxes for options. The shortcut keys to perform this task are A to H and alt+1 to alt+9. A.Mandatory access control B.Role-based access control C.Attribute-based access control D.Discretionary access control Correct Answer- Attribute-based access control Lesson: Authorization and Access Control Objective: More Advanced A weakness that can be used to harm us Correct Answer- Vulnerability A web server analysis tool that performs checks for many common server-side vulnerabilities, and creates an index of all the files and directories it can see on the target web server (a process known as spidering) Correct Answer- Nikto/Wikto A well-known Linux tool used to detect wireless access points Correct Answer- KismetA well-known port scanner that can also search for hosts on a network, identify the operating systems those hosts are running, and detect the versions of the services running on any open ports Correct Answer- Nmap A well-known vulnerability assessment tool (it also includes a port scanner) Correct AnswerNessus A well-known web analysis tool that offers a free and a professional version; the pro version includes advanced tools for conducting more in-depth attacks Correct Answer- Burp Suite A Windows tool used to detect wireless access points Correct Answer- NetStumbler Access is based on attributes (of a person, a resource, or an environment) Correct AnswerAttribute-based access control Access is determined by the owner of the resource in question Correct Answer- Discretionary access control (DAC) Also known as a network or protocol analyzer, this type of tool can intercept traffic on a network Correct Answer- Packet sniffer Also known as private key cryptography, this uses a single key for both encryption of the plaintext and decryption of the ciphertext Correct Answer- Symmetric key cryptography Example: AES Also known as public key cryptography, this method uses two keys: a public key and a private key. Correct Answer- Asymmetric key cryptographyAlso referred to as message digests, these functions do not use a key Correct Answer- Hash functions Altering a web server config file Interception Interruption Modification Fabrication Correct Answer- Modification An access control model that includes many tiers of security and is used extensively by military and government organizations and those that handle data of a very sensitive nature Correct Answer- Multilevel access control model An attack carried out by placing code in the form of a scripting language into a web page, or other media, that is interpreted by a client browser Correct Answer- Cross-site scripting (XSS) An attack that involves generating data, processes, communications, or other similar activities with a system Correct Answer- Fabrication attack An attack that involves tampering with our assets Correct Answer- Modification attack An authentication mechanism in which both parties authenticate each other Correct AnswerMutual authentication An intrusion detection system that maintains a database of signatures that might signal a particular type of attack and compares incoming traffic to those signatures Correct AnswerSignature-based IDSAn intrusion detection system that takes a baseline of normal network traffic and activity and measures current traffic against this baseline to detect unusual events Correct AnswerAnomaly-based IDS Backordered Parts is a defense contractor that builds communications parts for the military. The employees use mostly Web-based applications for parts design and information sharing. Due to the sensitive nature of the business, Backordered Parts would like to implement a solution that secures all browser connections to the Web servers. What encryption solution best meets this company's needs? This task contains the radio buttons and checkboxes for options. A.Elliptic Curve Cryptography (ECC) B.Digital signatures C.Advanced Encryption Standard (AES) D.Blowfish Correct Answer- A.Elliptic Curve Cryptography (ECC) Lesson: Cryptography Objective: Alert! Certain points in the network, such as routers, firewalls, or proxies, where we can inspect, filter, and control network traffic Correct Answer- Choke points Confidential Services Inc. is a military-support branch consisting of 1,400 computers with Internet access and 250 servers. All employees are required to have security clearances. From the options listed below, what access control model would be most appropriate for this organization? This task contains the radio buttons and checkboxes for options. The shortcut keys to perform this task are A to H and alt+1 to alt+9. A.Discretionary [Show More]

Last updated: 1 year ago

Preview 1 out of 33 pages