CSIA Intro to Cybersecurity – Exam 1 with Complete Solution

Document Content and Description Below

Information security architecture often relies on boundaries outside the computer to protect important information or programs from error prone or malicious programs. - ANSWER False A security anal... yst is performing a security assessment. The analyst should not: - ANSWER Take actions to mitigate a serious risk A rational security decision, such as locking your vehicle when not in use, is an example of: - ANSWER reasoned paranoia - ANSWER 3 What is a worm? - ANSWER Malware A vulnerability is a security measure intended to protect an asset. - ANSWER False Victims can protect themselves against zero-day attacks. - ANSWER False ______________ a person who has learned specific attacks on computer systems and can use those specific attacks. - ANSWER Cracker When disclosing a security vulnerability in a system or software, the manufacturer should avoid: - ANSWER Including enough detail to allow an attacker to exploit the vulnerability The term "security theater" refers to security measures intended to make potential victims feel safe and secure without regard to their effectiveness. - ANSWER true Security Category RMF begins with a high level estimate of the impact caused by cyber security failures. - ANSWER true A threat agent is a person who did attack our assets, an attacker might attack an asset. - ANSWER false CIA properties do not include: - ANSWER authentication Authentication is a security service that ensures information is reliably available. - ANSWER False Zero Day vulnerability is one that has been reported to the software's vendor and the general public. - ANSWER False The fundamental job of every operating system is to run programs, and this relies on: - ANSWER -process management -random access memory (RAM) management -input/output (I/O) management One of the vulnerabilities the Morris worm used was a networking service called finger. The purpose of the finger service is to: - ANSWER report the status of the individual computer users The type of computer-based access control that involves a process that uses secret or hidden information in order to retrieve particular data items is: - ANSWER puzzle The process of loading and running a program from a mass storage device like a hard drive or CD-ROM is called: - ANSWER bootstrapping A type of security control that takes measures to help restore a system is referred to as: - ANSWER corrective Steganography is a type of vault computer-based access control. - ANSWER False A computer's Basic Input/Output System (BIOS) is a computer program stored in read-only memory (ROM). - ANSWER True A stack provides a simple, structured way to give temporary storage to a procedure, including a place to save the return address. - ANSWER True Part of the reason why the Morris worm was successful was that the finger process had Least Privilege instead of Most Privilege. - ANSWER False Everything a computer does, right or wrong, results from running a computer program written by people. - ANSWER True To switch between two processes, the operating system maintains a collection of data called the ____________ - ANSWER Process State ____________ flaws in the software such as finger service are often exploited. - ANSWER Buffer Overflow As with CERT Advisories, the system relies on the discovery of vulnerabilities by vendors or other interested parties, and the reporting of these vulnerabilities through the ___________ process. - ANSWER CVE As with threat agents, attacks do not affect non-cyber resources. - ANSWER False In a hierarchical file system directory, the topmost directory is called the: - ANSWER Root The main purpose of a software patch is to: - ANSWER fix a bug in a program a zero-day exploit: - ANSWER has no software patch An interpreter is a program that interprets the text of a program one word at a time, and performs the actions specified in the text. The following are examples of interpreters except: - ANSWER Java When a system process starts another, the parent process often inherits the child's access rights. - ANSWER False The window of vulnerability is the period of time during which a system is unprotected from an exploit. - ANSWER True All modern systems use a hierarchical directory to organize files into groups. - ANSWER True A compiler is a program that "interprets" the text of our program a word at a time. - ANSWER False Default permit: Everything is allowed except sites on the prohibited list. - ANSWER True Application programs are the only executable files on a typical operating system. - ANSWER False We call scripts macros, especially when we embed them in other documents. - ANSWER True A security database that contains entries for users and their access rights for files and folders is: - ANSWER an access control list (ACL) The condition in which files automatically take on the same permissions as the folder in which they reside is called: - ANSWER dynamic inheritance In Windows, when you COPY (not MOVE) a file from one folder to another and the folders have different access permissions, the file: - ANSWER takes on the access rights on the destination folder In Windows, when you MOVE (not COPY) a file from one folder to another and the folders have different access permissions, the file: - ANSWER retains its original access rights A primary use of event logs is to: - ANSWER serve as an audit trail The law that establishes security measures that must be taken on health-related information is: - ANSWER HIPAA Regarding access permissions in Windows, the owner of a shared folder may read, modify, and delete other user's files. - ANSWER True The computer keeps record of what it does and those set of files are called the event log or the audit trail. - ANSWER True If the "root" user accesses a file, the system grants full access. - ANSWER True Some operating systems provide ways of temporarily granting administrative to people logged in to regular accounts. - ANSWER True ACL implementation in Microsoft windows provides flexible and sophisticated inheritance. Files and folders automatically inherent changes made to an enclosing folder access rights. - ANSWER True The term for recovering from computer-related attacks, incidents, and compromises is: - ANSWER remediation The Fourth Amendment prevents arbitrary searches of areas where users expect their privacy to be protected. This is referred to as: - ANSWER reasonable expectation of privacy The following are steps a digital forensic investigator takes when collecting evidence except: - ANSWER analyze the evidence When collecting digital evidence from a crime scene, often the best strategy for dealing with a computer that is powered on is to: - ANSWER unplug it A typical hard drive has an arm, a read/write head, and: - ANSWER platters The sector(s) at the beginning of a hard disk that identify the starting block of each partition is called the: - ANSWER master boot record The part of a FAT volume that stores files and subdirectories is the: - ANSWER clusters The major file system used with Windows today is: - ANSWER NTFS The file system that organizes a volume's contents around five master files, such as the catalog file and the extents overflow file, is: - ANSWER HFS+ The file system that uses a master file table is: - ANSWER NTFS A compromised computer is no longer trustworthy because it may have been subverted. - ANSWER True The role of a hard drive controller is to operate the head assembly and select the correct sector. - ANSWER True A checksum can correct smaller errors in a sector and detect larger errors. - ANSWER False At a crime scene, the computer must be analyzed on the spot and documented after they are considered safe. - ANSWER False The following are fundamental strategies for authenticating people on computer systems - ANSWER -Something you know -Something you have -Something you are NOT Something you make An authentication system that requires the user to provide two different passwords and a fingerprint scan is an example of: - ANSWER two-factor authentication Hashing - ANSWER transforms readable text into gibberish An attack that blocks access to a system by other users is called: - ANSWER Denial of Service An attack in which someone tries to trick a system administrator into divulging a password is called: - ANSWER Social Engineering In a password system, the total number of possible passwords is called the: - ANSWER Search Space Low-hanging fruit refers to the easiest targets in an attack. (True or False) - ANSWER True The one-way hash is a cryptographic function. (True or False) - ANSWER True MD5 is one of the most recent forms of hash functions. (True or False) - ANSWER False: SHA-224,SHA-256, SHA-384 and SHA-512 are more recent Entropy refers to the strength of a password system. (True or False) - ANSWER False: Entropy is a measure of the uncertainty in the value of a variable that takes on random variables When you are biased in selecting a password, you choose your password from the entire search space. (True or False) - ANSWER False When an attacker is attacking a password system, the average attack space estimates the number of guesses required before success is likely. (True or False) - ANSWER True When selecting a password, random collections of letters contain far less entropy than written words. (True or False) - ANSWER False Some challenge-response systems use a token as part of the user identification process. (True or False) - ANSWER True Authentication does what: - ANSWER Associates an individual with an identity while ACCESS CONTROL will check and grant access rights Two factor authentication is using two passwords (True or False) - ANSWER False - need to use two DIFFERENT factors of authentication, not two instances of the same factor. The most recent listed hash algorithm is what? - ANSWER SHA-512 Network-based guessing is the most powerful modern attack on passwords. (True or False) - ANSWER False The offline attack is the most powerful modern attack on passwords There are three types of tokens; they do not include which? - ANSWER Token types -Passive tokens -challenge response tokens -one time password tokens Not a token type -Offensive tokens Biometric readers have a large allowance for error in reading and conditions of the body. (True or False) - ANSWER False [Show More]

Last updated: 1 year ago

Preview 1 out of 10 pages