Business Data Networks and Security, 11e (Panko)-Appendix: Managing the Security Process-Graded A+

Document Content and Description Below

Business Data Networks and Security, 11e (Panko) Appendix: Managing the Security Process 1) The Target attackers probably first broke into Target using the credentials of a(n) ________. A) low-le... vel Target employee B) Target IT employee C) Target security employee D) employee in a firm outside Target Difficulty: Basic Question: 1a Objective: Discuss failures to stop the target breach. AACSB: Applying Information Technology 2) Target received warnings during the attack. This happened ________. A) on the vendor server B) when the POS download server was compromised C) when the exfiltration server was compromised D) none of the above Difficulty: Deeper Question: 1e Objective: Discuss failures to stop the target breach. AACSB: Applying Information Technology 3) In a kill chain, ________. A) stopping the attack at a single step stops the attack B) stopping the attack at multiple steps stops the attack C) stopping the attack at all steps stops the attack D) none of the above Difficulty: Basic Question: 1f Objective: Discuss failures to stop the target breach. AACSB: Applying Information Technology, Analytical Thinking, Application of Knowledge 4) Security is primarily about ________. A) technology B) planning C) management D) none of the above Difficulty: Deeper Question: 1hh Objective: Explain why security is about management more than technology. AACSB: Applying Information Technology, Application of Knowledge 5) Firewall operation takes place during the ________ phase. A) plan B) protect C) response D) none of the above Difficulty: Basic Question: 2a Objective: Explain the Plan-Protect-Respond cycle. AACSB: Applying Information Technology, Application of Knowledge 6) Which phase of the plan-protect-respond cycle takes the largest amount of work? A) plan B) protect C) respond D) The phases require about equal amounts of effort. Difficulty: Deeper Question: 2b Objective: Explain the Plan-Protect-Respond cycle. AACSB: Applying Information Technology, Analytical Thinking, Application of Knowledge 7) The goal of security is to eliminate risk. Answer: FALSE Difficulty: Basic Question: 3a Objective: Describe and apply major security planning principles. AACSB: Applying Information Technology, Application of Knowledge 8) Balancing threats against protection costs is called ________. A) economic justification B) risk analysis C) comprehensive security D) The Illusion of Cost Difficulty: Basic Question: 3b Objective: Describe and apply major security planning principles. AACSB: Applying Information Technology 9) Attackers only need to find a single weakness to break in. Consequently, companies must ________. A) have comprehensive security B) have insurance C) do risk analysis D) only give minimum permissions Difficulty: Basic Question: 4a Objective: Describe and apply major security planning principles. AACSB: Applying Information Technology 10) A building with some unlocked exterior doors most specifically violates the principle of ________. A) network segmentation B) protecting single points of takeover C) comprehensive security D) risk analysis Difficulty: Basic Question: 4b Objective: Describe and apply major security planning principles. AACSB: Applying Information Technology, Analytical Thinking, Application of Knowledge 11) An attacker must break through two firewalls to get to a host. This most specifically illustrates the ________ principle. A) comprehensive security B) risk assurance C) weakest link protection D) defense in depth Difficulty: Basic Question: 5a Objective: Describe and apply major security planning principles. AACSB: Applying Information Technology 12) Vulnerabilities are occasionally found in even the best security products. Consequently, companies must specifically ________. A) outsource security B) have defense in depth C) do risk analysis D) only give minimum permissions Difficulty: Deeper Question: 5b Objective: Describe and apply major security planning principles. AACSB: Applying Information Technology, Analytical Thinking, Application of Knowledge 13) There is a single countermeasure in ________. A) weakest links B) defense in depth C) both A and B D) neither A nor B Difficulty: Deeper Question: 5c Objective: Describe and apply major security planning principles. AACSB: Applying Information Technology, Application of Knowledge 14) A central firewall management program that specifically pushes changes to firewalls is ________. A) a weakest link B) defense in depth C) a single point of takeover D) risk analysis thinking Difficulty: Basic Question: 6a Objective: Describe and apply major security planning principles. AACSB: Applying Information Technology, Application of Knowledge 15) Companies should ________ single points of takeover. A) eliminate B) give special attention to C) minimize D) authorize Difficulty: Deeper Question: 6b Objective: Describe and apply major security planning principles. AACSB: Applying Information Technology 16) Allowing a user access to edit files in a specific directory is an example of ________. A) authentication B) authorizations C) defense in depth D) network segregation Difficulty: Basic Question: 7a Objective: Describe and apply major security planning principles. AACSB: Applying Information Technology, Application of Knowledge 17) If someone has been properly authenticated, they should receive ________ permissions. A) all B) no C) maximum D) minimum Difficulty: Basic Question: 7a Objective: Describe and apply major security planning principles. AACSB: Applying Information Technology 18) ________ are actions people can take on a resource. A) Provisions B) Authorizations C) Authentications D) Risks Difficulty: Basic Question: 7a Objective: Describe and apply major security planning principles. AACSB: Applying Information Technology 19) Another term for authorization is ________. A) permission B) authentication C) scope D) establishing the creator of a file Difficulty: Basic Question: 7b Objective: Describe and apply major security planning principles. AACSB: Applying Information Technology, Analytical Thinking, Application of Knowledge 20) On sensitive resources, authenticated parties should get ________. A) least permissions B) standard permissions C) no permissions D) maximum permissions Difficulty: Basic Question: 7c Objective: Describe and apply major security planning principles. AACSB: Applying Information Technology 21) To address uniformity of credentials verification throughout a large company, credentials verification information is usually stored in a single ________. A) authenticator B) verifier C) authentication server D) directory server or synchronized directory servers Difficulty: Difficult Question: 8a Objective: Describe and apply major security planning principles. AACSB: Applying Information Technology, Analytical Thinking, Application of Knowledge 22) By changing credentials verification information on a(n) ________, a firm can immediately cut off all access to corporate resources. A) authenticator B) verifier C) authentication server D) border firewall Difficulty: Basic Question: 8b Objective: Describe and apply major security planning principles. AACSB: Applying Information Technology, Analytical Thinking, Application of Knowledge 23) Ideally, access control should be based on ________. A) individuals B) roles C) standard authorizations D) a three-headed dog named Fluffy Difficulty: Basic Question: 8c Objective: Describe and apply major security planning principles. AACSB: Applying Information Technology 24) Errors in assigning permission are reduced if assignments are based on ________. A) individuals B) roles C) standard authorizations D) none of the above Difficulty: Basic Question: 8d Objective: Describe and apply major security planning principles. AACSB: Applying Information Technology, Application of Knowledge 25) Companies should have ________ for each site. A) multiple security domains B) a single security domain C) at least two DMZs D) multiple DMZs Difficulty: Deeper Question: 9a Objective: Describe and apply major security planning principles. AACSB: Applying Information Technology, Analytical Thinking, Application of Knowledge 26) DMZs are places for ________. A) servers that are not accessible to clients outside the firm B) servers that are freely accessible to clients outside the firm C) servers that are freely accessible to clients inside the firm D) servers that are inaccessible to any clients Difficulty: Deeper Question: 9b Objective: Describe and apply major security planning principles. AACSB: Applying Information Technology, Analytical Thinking, Application of Knowledge 27) Servers in the Demilitarized Zone (DMZ) are rarely attacked by clients on the Internet. Difficulty: Basic Question: 9c Objective: Describe and apply major security planning principles. AACSB: Applying Information Technology 28) Servers in the DMZ should be freely accessible to clients ________. A) on the Internet B) inside the firm C) outside the DMZ D) all of the above Difficulty: Deeper Question: 9d Objective: Describe and apply major security planning principles. AACSB: Applying Information Technology, Analytical Thinking, Application of Knowledge 29) There should be relatively free access ________. A) between the Internet and the DMZ B) between the DMZ and the firm's internal network C) both A and B D) neither A nor B Difficulty: Deeper Question: 9e Objective: Describe and apply major security planning principles. AACSB: Applying Information Technology, Analytical Thinking, Application of Knowledge 30) Security must be considered at the ________ level. A) information systems B) organizational systems C) both A and B D) neither A nor B Difficulty: Deeper Question: 10a Objective: Describe and apply major security planning principles. AACSB: Applying Information Technology, Analytical Thinking, Application of Knowledge 31) Compared to ________, ________ are more structured. A) procedures; processes B) processes; procedures C) both A and B D) neither A nor B Difficulty: Basic Question: 10b Objective: Describe and apply major security planning principles. AACSB: Applying Information Technology, Analytical Thinking, Application of Knowledge 32) In movie theaters, having one person sell tickets and another collect them prevents ________. A) a single person from stealing on his own. B) collusion C) the crossing of security domains D) all of the above Difficulty: Deeper Question: 10c Objective: Describe and apply major security planning principles. AACSB: Applying Information Technology, Analytical Thinking, Application of Knowledge 33) If a person knows his or her role in an organizational system, ________. A) they are dangerous B) they are likely to report security violations C) they are likely to act appropriately in unexpected circumstances D) all of the above Difficulty: Deeper Question: 10f Objective: Describe and apply major security planning principles. AACSB: Applying Information Technology 34) It is hardest to create good security ________. A) policies B) procedures C) processes D) culture Difficulty: Deeper Question: 10g Objective: Describe and apply major security planning principles. AACSB: Applying Information Technology 35) If the security principles in this chapter are implemented in organizational systems, an organizational system is likely to work securely without substantial active management. Difficulty: Deeper Question: 10j Objective: Describe and apply major security planning principles. AACSB: Applying Information Technology 36) A policy specifies ________. A) what should be done B) how to do it C) both A and B D) neither A nor B Difficulty: Basic Question: 11a Objective: Describe and apply policy-based security management. AACSB: Applying Information Technology 37) Which of the following specifies what should be done? A) policies B) implementation C) both A and B D) neither A nor B Difficulty: Basic Question: 11b Objective: Describe and apply policy-based security management. AACSB: Applying Information Technology 38) Policies are separated by implementation to take advantage of ________. A) implementer knowledge B) the delegation of work principle C) minimum permissions D) segregation of duties Difficulty: Deeper Question: 11c Objective: Describe and apply policy-based security management. AACSB: Applying Information Technology 39) Policies should drive ________. A) implementation B) oversight C) both A and B D) neither A nor B Difficulty: Deeper Question: 12a Objective: Describe and apply policy-based security management. AACSB: Applying Information Technology, Application of Knowledge 40) Oversight activities include ________. A) vulnerability testing B) creating guidelines C) both A and B D) neither A nor B Difficulty: Basic Question: 12b Objective: Describe and apply policy-based security management. AACSB: Applying Information Technology, Application of Knowledge 41) Attacking your own firm occurs in ________. A) vulnerability testing B) auditing C) both A and B D) neither A nor B Difficulty: Basic Question: 12c Objective: Describe and apply policy-based security management. AACSB: Applying Information Technology, Application of Knowledge 42) Implementation guidance is less specific than ________. A) policy B) implementation C) both A and B D) neither A nor B Difficulty: Basic Question: 13a Objective: Describe and apply policy-based security management. AACSB: Applying Information Technology, Analytical Thinking, Application of Knowledge 43) Compliance with ________ is mandatory. A) standards B) guidelines C) both A and B D) neither A nor B Difficulty: Basic Question: 13b Objective: Describe and apply policy-based security management. AACSB: Applying Information Technology, Application of Knowledge 44) Compliance with ________ is voluntary. A) guidelines B) standards C) both A and B D) neither A nor B Difficulty: Basic Question: 13b Objective: Describe and apply policy-based security management. AACSB: Applying Information Technology, Application of Knowledge 45) Which of the following MUST be followed? A) standards B) guidelines C) both A and B D) neither A nor B Difficulty: Basic Question: 13c Objective: Describe and apply policy-based security management. AACSB: Applying Information Technology, Application of Knowledge 46) Which of the following is true? A) Guidelines must be followed. B) Guidelines must be considered. C) both A and B D) neither A nor B Difficulty: Deeper Question: 13d Objective: Describe and apply policy-based security management. AACSB: Applying Information Technology, Application of Knowledge 47) The statement that people in quality control should have access to robots on the shop floor is an example of a firewall ________. A) policy B) DMZ C) ACL rule D) procedure Difficulty: Deeper Question: 14a Objective: Describe and apply policy-based security management. AACSB: Applying Information Technology, Analytical Thinking, Application of Knowledge 48) The policy server creates ________. A) DMZs B) policies C) ACLs for individual firewalls D) standards that firewalls must follow Difficulty: Deeper Question: 14b Objective: Describe and apply policy-based security management. AACSB: Applying Information Technology, Analytical Thinking, Application of Knowledge 49) Which of the following is easiest to understand? A) firewall policies B) firewall ACLs C) Firewall procedures D) Firewall processes Difficulty: Basic Question: 14c Objective: Describe and apply policy-based security management. AACSB: Applying Information Technology, Application of Knowledge 50) Successful attacks are called ________. A) breaches B) compromises C) both A and B D) neither A nor B Difficulty: Basic Question: 15a Objective: Describe how to respond to successful break-ins. AACSB: Applying Information Technology 51) Successful attacks are called ________. A) incidents B) countermeasures C) both A and B D) neither A nor B Difficulty: Basic Question: 15a Objective: Describe how to respond to successful break-ins. AACSB: Applying Information Technology 52) A key to fast and effective response is ________ A) speed B) quality C) both A and B D) neither A nor B Difficulty: Deeper Question: 15b Objective: Describe how to respond to successful break-ins. AACSB: Applying Information Technology, Application of Knowledge 53) Which of the following is a normal incident? A) a false alarm B) a major security breach C) both A and B D) neither A nor B Difficulty: Deeper Question: 16a Objective: Describe how to respond to successful break-ins. AACSB: Applying Information Technology, Application of Knowledge 54) Normal incidents are handled by the ________. A) on-duty staff B) CSIRT C) outside consultant D) FBI Difficulty: Basic Question: 16b Objective: Describe how to respond to successful break-ins. AACSB: Applying Information Technology, Application of Knowledge 55) Normal incidents usually require ________. A) constant rehearsal B) frequent rehearsal C) little or no rehearsal D) emergency rehearsal Difficulty: Deeper Question: 16c Objective: Describe how to respond to successful break-ins. AACSB: Applying Information Technology, Application of Knowledge 56) Major incidents are handled by the ________. A) on-duty staff B) CSIRT C) outside consultant D) FBI Difficulty: Basic Question: 17b Objective: Describe how to respond to successful break-ins. AACSB: Applying Information Technology, Application of Knowledge 57) CSIRT leaders should come from ________. A) an outside crisis vendor B) a business department C) the security department D) the IT department Difficulty: Deeper Question: 17c Objective: Describe how to respond to successful break-ins. AACSB: Applying Information Technology, Application of Knowledge 58) Which department will almost always be involved in a CSIRT? A) the IT department B) the legal department C) the human resources department D) all of the above Difficulty: Deeper Question: 17d Objective: Describe how to respond to successful break-ins. AACSB: Applying Information Technology, Application of Knowledge 59) Communication with the media should be restricted which of the following? A) the public relations department B) the legal department C) the IT department D) the security department Difficulty: Deeper Question: 17e Objective: Describe how to respond to successful break-ins. AACSB: Applying Information Technology, Application of Knowledge 60) CSIRTs rehearse an incident by talking about what should be done without actually doing it in ________. A) simulations B) live rehearsals C) desktop rehearsals (also called tabletop rehearsals) D) none of the above Difficulty: Basic Question: 18a Objective: Describe how to respond to successful break-ins. AACSB: Applying Information Technology, Application of Knowledge 61) Desktop (tabletop) rehearsals are important because they ________ compared to live rehearsals. A) are relatively inexpensive B) get into specific details C) both A and B D) neither A nor B Difficulty: Basic Question: 18b Objective: Describe how to respond to successful break-ins. AACSB: Applying Information Technology, Application of Knowledge 62) Live rehearsals are important because they ________ compared to desktop rehearsals. A) are relatively inexpensive B) get into specific details C) both A and B D) neither A nor B Difficulty: Basic Question: 18c Objective: Describe how to respond to successful break-ins. AACSB: Applying Information Technology, Application of Knowledge 63) Real-time fail-over with synchronized data centers ________. A) is expensive B) minimizes downtime C) both A and B D) neither A nor B Difficulty: Basic Question: 19a Objective: Describe how to respond to successful break-ins. AACSB: Applying Information Technology, Application of Knowledge 64) ________ stop definite attack packets. A) Firewalls B) IDSs C) both A and B D) neither A nor B Difficulty: Basic Question: 20a Objective: Describe how to respond to successful break-ins. AACSB: Applying Information Technology, Application of Knowledge 65) ________ focus on suspicious packets. A) Firewalls B) IDSs C) both A and B D) neither A nor B Difficulty: Basic Question: 20b Objective: Describe how to respond to successful break-ins. AACSB: Applying Information Technology, Application of Knowledge 66) ________ log provable attack packets. A) Firewalls B) IDSs C) both A and B D) neither A nor B Difficulty: Deeper Question: 20c Objective: Describe how to respond to successful break-ins. AACSB: Applying Information Technology, Application of Knowledge 67) The rate of alarms in IDSs is usually ________. A) about right B) somewhat more than desirable C) much more than desirable D) optimized for rapidly finding real incidents Difficulty: Basic Question: 20d Objective: Describe how to respond to successful break-ins. AACSB: Applying Information Technology, Application of Knowledge 68) Device IDSs typically send log files to the central IDS log file using the ________ protocol. A) FTP B) HTTP C) TFTP D) SysLog Difficulty: Deeper Question: 20e Objective: Describe how to respond to successful break-ins. AACSB: Applying Information Technology, Analytical Thinking, Application of Knowledge 69) In IDS log files, relevant events are ________. A) usually clustered tightly together B) usually spread out in the log file C) usually only available in log files for individual devices D) usually found in the log files of routers Difficulty: Deeper Question: 21a Objective: Describe how to respond to successful break-ins. AACSB: Applying Information Technology, Analytical Thinking, Application of Knowledge [Show More]

Last updated: 1 year ago

Preview 1 out of 18 pages