Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
114 Cards in this Set
- Front
- Back
This mode of block encryption increments the IV base on a Counter
|
Counter Mode
|
|
Does not use chaining, Cipher text not used to encrypt other block, Does not provide much randomness, used for small amounts of data
|
ECB
|
|
CBC
|
Chaining mode that provides large amounts of randomness and data
|
|
Chaining mode used in Noisy environments and implemented with the new 802.11i standard.
|
OFB
|
|
El Gamal, Deffie Helman and ECC
|
Asymmetric Algorithms
|
|
Mathematical Methods Used for Asymmetric Algorithms
|
Discrete Logarithms, Factoring
|
|
Provides Access control and authentication and non repudiation
|
Asymmetric Algorithms
|
|
Types of Symmetric Algorithms
|
Rc (series) Des (series) AES, 2fish, Blowfish, Safer
|
|
The two methods that Symmetric Algorithms use
|
Block and Stream
|
|
Encrypts bit by bit, each bit is Xor'd with a key stream to create the cipher text.
|
Stream Cipher
|
|
Splits a message into blocks, separately encrypts each block, generally a software implementation. Encrypted through many rounds.
|
Block Ciphers
|
|
Characteristics of a good algorithm
|
Strength, Correct algorithm, and right key size.
|
|
Increases the work fact for reverse engineering
|
Confusion/Substitution
|
|
Changes the plain-text in any way that affects many parts of the resulting cipher text.
|
Diffusion/Transposition
|
|
0-0=0 or 1-1=1
0,1=1 |
XOR rule
|
|
What are the characteristics of Symmetric Cryptography
|
Sender and Receiver have the same key, uses initialization vectors.
|
|
Wrong Algorithm Chosen (Rc4). a bit can be flipped without the receivers knowledge (man in the middle), Keys are never changed, IV has the same variable.
|
Holes in wireless security
|
|
What are the strengths if Symmetric Cryptography
|
Use the Key-IV-Key Stream, statistically unbiased, Key stream not related to the key.
|
|
What are the Weaknesses of Symmetric Cryptography
|
Only provide confidentiality, cannot provide authenticity or non repudiation. scalability, key management,
|
|
Out of Band
|
The key cannot be delivered via email or internet transmission
|
|
N(N-1)/2
|
the calculation to figure out how many symmetric keys are needed.
|
|
Uses a Public and Private Key
|
Asymmetric Cryptography
|
|
Also called a Secret of Session Key
|
Symmetric Key
|
|
Advantages of Asymmetric Cryptography
|
Each person has a public/private key pair, Highly scalable, Public key doesn't need to be protected, provides authenticity and non repudiation.
|
|
Describe the encryption process using Asymmetric and symmetric methods together.
|
Msg is written, Encrypted with symmetric cryptography, the symmetric key is encrypted with asymmetric cryptography, msg is sent.
|
|
The Defacto Standard
|
RSA
|
|
Uses a one way function and factoring
|
RSA
|
|
Used for Wireless and PDA
|
ECC
|
|
ECC key sizes
|
160-320-600-1200
|
|
DES Block Size
|
64 bit 56 bit and 8 for parity
|
|
Modes of DES
|
EEE
3DES EDE3 |
|
Most common mode used in AES and DES
|
Cipher Block Chaining or CBC
|
|
Why is Data Integrity Important?
|
Because the data should be protect from unauthorized modification
|
|
Creates a finger print for a msg also called a msg digest
|
Hash
|
|
Accepts a variable length string and generates a fixed length value
|
Hash
|
|
MD (series) SHA- (series) HAVAL, RIPE MD, TIGER
|
Types of Hashes
|
|
Desribe the Hash Function
|
Msg written, Hashed with an algorithm, Msg Digest Created and attached to Msg. Msg recieved. Hashed with algorithm. Msg Digest are compared.
|
|
How is a Mac different from a Hash
|
A Mac hashed the message together with a symmetric key and a hash uses an algorithm.
|
|
A_______ is the weakest form of authentication
|
MAC
|
|
Rijndael Algorithm
|
AES
|
|
The Defacto Standard
|
RSA
|
|
Uses a one way function and factoring
|
RSA
|
|
Used for Wireless and PDA
|
ECC
|
|
ECC key sizes
|
160-320-600-1200
|
|
DES Block Size
|
64 bit 56 bit and 8 for parity
|
|
Symmetric algorithm uses 128 and 256 key sizes with a 128 bit block size
|
AES
|
|
Used for SSL and Wep- Symmetric
|
RC74
|
|
128 Key size and 64 bit block- Symmetric
|
IDEA
|
|
Variable key and block sizes- Symmetric
|
RC5
|
|
Simple Key Management for Internet Protocols (SKIP) is similar to Secure Sockets Layer (SSL),
except that it requires no prior communication in order to establish or exchange keys on a: |
session-by-session basis
|
|
Which of the following is not a basic security service defined by the OSI?
|
Routing control
|
|
Which of the following is not a common integrity goal?
|
Prevent paths that could lead to inappropriate disclosure
|
|
What is called an attach where the attacker spoofs the source IP address in an ICMP ECHO
broadcast packet so it seems to have originated at the victim's system, in order to flood it with REPLY packets? |
Smurf attack
|
|
Cryptography does not help in:
|
Detecting fraudulent disclosure
|
|
Which of the following is not an OSI architecture-defined broad category of security standards?
|
Firewall security standards
|
|
Application Level Firewalls create:
|
a virtual circuit between the workstation client and the server
|
|
Which of the following is not a compensating measure for access violations?
|
A.) Backups
B.) Business continuity planning C.) Insurance D.) Security awareness Answer: D |
|
Which of the following is *NOT* a symmetric key algorithm?
A.) Blowfish B.) Digital Signature Standard (DSS) C.) Triple DES (3DES) D.) RC5 |
D.) RC5
Answer: D |
|
Which of the following computer design approaches is based on the fact that in earlier technologies,
the instruction fetch was the longest part of the cycle? A.) Pipelining B.) Reduced Instruction Set Computers (RISC) C.) Complex Instruction Set Computers (CISC) D.) Scolar processors |
C.) Complex Instruction Set Computers (CISC)
Answer: C |
|
An IDS detects an attach using which of the following?
A.) an event-based ID or a statistical anomaly-based ID B.) a discrete anomaly-based ID or a signature-based ID CISSP Leading the way in IT testing and certification tools, www.testking.com - 110 - C.) a signature-based ID or a statistical anomaly-based ID D.) a signature-based ID or an event-based ID |
C.) a signature-based ID or a statistical anomaly-based ID
|
|
Which of the following would provide the best stress testing environment?
A.) Test environment using test data B.) Test environment using live workloads C.) Production environment using test data D.) Production environment using live workloads |
B.) Test environment using live workloads
|
|
Which Application Layer security protocol requires two pair of asymmetric keys and two digital
certificates? A.) PEM B.) S/HTTP C.) SET D.) SSL |
C.) SET
|
|
Which of the following statements regarding an off-site information processing facility is TRUE?
A.) It should have the same amount of physical access restrictions as the primary processing unit B.) It should be located in proximity to the originating site so that it can quicl be made operational C.) It should be easily identified from the outside so in the event of an emergency it can be easily found D.) Need not have the same level of environmental monitoring as the originating site since this would be cost prohibitive |
A.) It should have the same amount of physical access restrictions as the primary processing unit
|
|
What type of cable is used with 100Base-TX Fast Ethernet?
A.) Fiber-optic cable B.) Four pairs of Category 3, 4, or 5 unshielded twisted-pair (UTP) wires. C.) Two pairs of Category 5 unshielded twisted-pair (UTP) or Category 1 shielded twisted-pair (STP) wires D.) RG-58 Cable |
C.) Two pairs of Category 5 unshielded twisted-pair (UTP) or Category 1 shielded twisted-pair (STP) wires
|
|
a table of subjects and objects indicating what actions individual subjects can
take upon individual objects |
An access control matrix
|
|
Risk analysis is MOST useful when applied during which phase of the system development process?
A.) Project identification B.) Requirements definition C.) System construction D.) Implementation planning |
A.) Project identification
|
|
Which OSI/ISO layer is IP implemented at?
A.) Session layer B.) Transport layer C.) Network layer D.) Data link layer |
C.) Network layer
|
|
Which of the following is a LAN transmission protocol?
A.) Ethernet B.) Ring Topology C.) Unicast D.) Polling |
D.) Polling
|
|
Which of the following is a telecommunication device that translates data from digital to analog form
and back to digital? A.) Multiplexer B.) Modem C.) Protocol converter D.) Concentrator |
B.) Modem
|
|
Which of the following can be defined as an attribute in one relation that has values matching the
primary key in another relation? A.) foreign key B.) candidate key C.) Primary key D.) Secondary key |
A.) foreign key
|
|
A 'Psuedo flaw' is which of the following?
A.) An apparent loophole deliberately implanted in an operating system program as a trap for intruders B.) An omission when generating Psuedo-code C.) Used for testing for bounds violations in application programming D.) A normally generated page fault causing the system to halt |
A 'Psuedo flaw' is which of the following?
|
|
Which of the following statements pertaining to the trusted computing base (TCB) is false?
A.) It addresses the level of security a system provides B.) It originates from the Orange Book C.) It includes hardware, firmware, and software D.) A higher TCB rating will require that details of their testing procedures and documentation be reviewed with more granularity |
A.) It addresses the level of security a system provides
|
|
Which of the following is responsible for the most security issues?
A.) Outside espionage B.) Hackers C.) Personnel D.) Equipment Failure |
C.) Personnel
|
|
Which of the following department managers would be best suited to oversee the development of an
information security policy? A.) Information Systems B.) Human Resources C.) Business operations D.) Security administration |
C.) Business operations
|
|
When preparing a business continuity plan, who of the following is responsible for identifying and
prioritizing time-critical systems? A.) Executive management staff B.) Senior business unit management C.) BCP committee D.) Functional business units |
B.) Senior business unit management
|
|
Which of the following is an advantage of a qualitative over quantitative risk analysis?
A.) It prioritizes the risks and identifies areas for immediate improvement in addressing the vulnerabilities. B.) It prioritizes the risks and identifies areas for immediate improvement in addressing the vulnerabilities C.) It provides specific quantifiable measurements of the magnitude of the impacts D.) It makes cost-benefit analysis of recommended controls easier |
A.) It prioritizes the risks and identifies areas for immediate improvement in addressing the vulnerabilities.
|
|
Which of the following statements pertaining to the security kernel is incorrect?
A.) It is made up of mechanisms that fall under the TCB and implements and enforces the reference monitor concept. B.) It must provide isolation for the processes carrying out the reference monitor concept and they must be tamperproof C.) It must be small enough to be able to be tested and verified in a complete and comprehensive manner D.) Is an access control concept, not an actual physical component |
D.) Is an access control concept, not an actual physical component
|
|
In the TCP/IP protocol stack, at what level is the SSL (Secure Sockets Layer) protocol provides?
A.) Application B.) Network C.) Presentation D.) Session |
B.) Network
|
|
Which of the following statements pertaining to the Trusted Computer System Evaluation Criteria
(TCSEC) is incorrect? A.) With TCSEC, functionality and assurance are evaluated separately. B.) TCSEC provides a means to evaluate the trustworthiness of an information system C.) The Orange Book does not cover networks and communications D.) Database management systems are not covered by the TCSEC |
A.) With TCSEC, functionality and assurance are evaluated separatel
|
|
Which question is NOT true concerning Application Control?
A.) It limits end users use of applications in such a way that only particular screens are visible B.) Only specific records can be requested choice C.) Particular uses of application can be recorded for audit purposes D.) Is non-transparent to the endpoint applications so changes are needed to the applications involved |
D.) Is non-transparent to the endpoint applications so changes are needed to the applications involved
|
|
A central authority determines what subjects can have access to certain objects based on the
organizational security policy is called: A.) Mandatory Access Control B.) Discretionary Access Control C.) Non-Discretionary Access Control D.) Rule-based Access Control |
C.) Non-Discretionary Access Control
|
|
A storage information architecture does not address which of the following?
A.) archiving of data B.) collection of data C.) management of data D.) use of data |
A.) archiving of data
|
|
Valuable paper insurance coverage does not cover damage to which of the following?
A.) Inscribed, printed and written documents B.) Manuscripts C.) Records D.) Money and Securities |
D.) Money and Securities
|
|
Which of the following offers advantages such as the ability to use stronger passwords, easier
password administration, and faster resource access? A.) Smart cards B.) Single Sign-on (SSO) C.) Kerberos D.) Public Key Infrastructure (PKI) |
B.) Single Sign-on (SSO)
|
|
Which of the following is a physical control?
A.) Monitoring of system activity B.) Environmental controls C.) Identification and authentication methods D.) Logical access control mechanisms |
B.) Environmental controls
|
|
Which of the following layers is not used by the Rijndael algorithm?
A.) Non-linear layer B.) Transposition layer C.) Key addition layer D.) The linear mixing layer |
B.) Transposition layer
|
|
Which of the following services is not provided by the digital signature standard (DSS)?
A.) Encryption B.) Integrity C.) Digital signature D.) Authentication |
A.) Encryption
|
|
This backup method makes a complete backup of every file on the server every time it is run by:
A.) full backup method B.) incremental backup method C.) differential backup method D.) tape backup method |
A.) full backup method
|
|
What is the main responsibility of information owner
A.) making the determination to decide what level of classification the information requires B.) running regular backups C.) audit the users when they require access to the information D.) periodically checking the validity and accuracy for all data in the information system |
A.) making the determination to decide what level of classification the information requires
|
|
Which of the following was developed in order to protect against fraud in electronic fund transfers
(EFT)? A.) Secure Electronic Transaction (SET) B.) Message Authentication Code (MAC) C.) Cyclic Redundency Check (CRC) D.) Secure Hash Standard (SHS) |
B.) Message Authentication Code (MAC)
|
|
Which type of attack involves the alteration of a packet at the IP level to convince a system that it is
communicating with a known entity in order to gain access to a system? A.) TCP sequence number attack B.) IP spoofing attack C.) Piggybacking attack D.) Teardrop attack |
B.) IP spoofing attack
|
|
What is the main concern with single sign-on?
A.) Maximum unauthorized access would be possible if a password is disclosed B.) The security administrator’s workload would increase C.) The users’ password would be to hard to remember D.) User access rights would be increased |
A.) Maximum unauthorized access would be possible if a password is disclosed
|
|
Which of the following threats is not addressed by digital signature and token technologies?
A.) Spoofing B.) replay attacks C.) password compromise D.) denial-of-service |
D.) denial-of-service
|
|
Which of the following is the biggest concern with firewall security?
A.) Internal hackers B.) Complex configuration rules leading to misconfiguration C.) Buffer overflows D.) Distributed denial of service (DDOS) attacks |
B.) Complex configuration rules leading to misconfiguration
|
|
Unshielded (UTP) does not require the fixed spacing between connections that is:
Leading the way in IT testing and certification tools, www.testking.com - 120 - A.) necessary with telephone-type connections B.) necessary with coaxial-type connections C.) necessary with twisted pair-type connections D.) necessary with fiber optic-type connections |
B.) necessary with coaxial-type connections
|
|
Which Orange Book security rating requires that formal techniques are used to prove the equivalence
between the TCB specifications and the security policy model? A.) B2 B.) B3 C.) A1 D.) A2 |
C.) A1
|
|
the following need not be reviewed before bringing the systems back to service?
A.) Access control lists B.) System services and their configuration C.) Audit trails D.) User accounts |
C.) Audit trails
|
|
Which of the following encryption algorithms does not deal with discrete logarithms?
A.) El Gamal B.) Diffie-Hellman C.) RSA D.) Elliptic Curve |
C.) RSA
|
|
RAID levels 3 and 5 run:
A.) faster on hardware B.) slower on hardware C.) faster on software D.) at the same speed on software and hardware |
A.) faster on hardware
|
|
Which of the following is true of network security?
A.) A firewall is not a necessity in today’s connected world B.) A firewall is a necessity in today’s connected world C.) A whitewall is a necessity in today’s connected world D.) A black firewall is a necessity in today’s connected world |
B.) A firewall is a necessity in today’s connected world
|
|
Which of the following statements pertaining to firewalls is incorrect?
A.) Firewall create bottlenecks between the internal and external network B.) Firewalls allow for centralization of security services in machines optimized and dedicated to the task C.) Strong firewalls can protect a network at all layers of the OSI models D.) Firewalls are used to create security checkpoints at the boundaries of private networks |
C.) Strong firewalls can protect a network at all layers of the OSI models
|
|
Which of the following would best describe a Concealment cipher?
A.) Permutation is used, meaning that letters are scrambled B.) Every X number of words within a text, is a part of the real message C.) Replaces bits, characters, or blocks of characters with different bits, characters, or blocks. D.) Hiding data in another message so that the very existence of the data is concealed. |
B.) Every X number of words within a text, is a part of the real message
|
|
Controlled Security Mode is also known as:
A.) Multilevel Security Mode B.) Partitioned Security Mode C.) Dedicated Security Mode D.) System-high Security Mode |
B.) Partitioned Security Mode
|
|
Which of the following questions is less likely to help in assessing physical and environmental
protection? A.) Are entry codes changed periodically? B.) Are appropriate fire suppression and prevention devices installed and working? C.) Are there processes to ensure that unauthorized individuals cannot read, copy, alter, or steal printed or electronic information? D.) Is physical access to data transmission lines controlled? |
C.) Are there processes to ensure that unauthorized individuals cannot read, copy, alter, or steal printed or
electronic information? |
|
Fault tolerance countermeasures are designed to combat threats to:
A.) an uninterruptible power supply B.) backup and retention capability C.) design reliability D.) data integrity |
C.) design reliability
|
|
Secure Shell (SSH) and Secure Sockets Layer (SSL) are very heavily used for protecting
A.) Internet transactions B.) Ethernet transactions C.) Telnet transactions D.) Electronic Payment transactions |
C.) Telnet transactions
|
|
PGP uses which of the following to encrypt data?
A.) An asymmetric scheme B.) A symmetric scheme C.) A symmetric key distribution system D.) An asymmetric key distributio |
B.) A symmetric scheme
|
|
Which of the following questions is less likely to help in assessing physical access controls?
A.) Does management regularly review the list of persons with physical access to sensitive facilities? B.) Is the operating system configured to prevent circumvention of the security software and application controls? C.) Are keys or other access devices needed to enter the computer room and media library? D.) Are visitors to sensitive areas signed in and escorted? |
B.) Is the operating system configured to prevent circumvention of the security software and application
controls? |
|
Which of the following measures would be the BEST deterrent to the theft of corporate information
from a laptop which was left in a hotel room? A.) Store all data on disks and lock them in an in-room safe B.) Remove the batteries and power supply from the laptop and store them separately from the computer C.) Install a cable lock on the laptop when it is unattended D.) Encrypt the data on the hard drive |
D.) Encrypt the data on the hard drive
|
|
In a discretionary mode, which of the following entities is authorized to grant information access to
other people? A.) manager B.) group leader C.) security manager D.) user |
D.) user
|
|
Which of the following is not a valid reason to use external penetration service firms rather than
corporate resources? A.) They are more cost-effective B.) They offer a lack of corporate bias C.) They use highly talented ex-hackers D.) They insure a more complete reporting |
C.) They use highly talented ex-hackers
|
|
Which of the following is required in order to provide accountability?
A.) Authentication B.) Integrity C.) Confidentiality D.) Audit trails |
A.) Authentication
|
|
To be admissible in court, computer evidence must be which of the following?
A.) relevant B.) decrypted C.) edited D.) incriminating |
A.) relevant
|
|
What is necessary for a subject to have write access to an object in a Multi-Level Security Policy?
A.) The subject’s sensitivity label must dominate the object’s sensitivity label B.) The subject’s sensitivity label subordinates the object’s sensitivity label C.) The subject’s sensitivity label is subordinated by the object’s sensitivity label D.) The subject’s sensitivity label is dominated by the object’s sensitivity label |
D.) The subject’s sensitivity label is dominated by the object’s sensitivity label
|