SlideShare ist ein Scribd-Unternehmen logo

Uw madison information systems 365 information security exam - answer key presentation

Als PPT, PDF herunterladen
Nicholas Davis
Nicholas Davis
Technologie
1 von 59
Information Systems 365 Exam Answers, Discussion and Class Project
Did You Vote? Flat Cow Did!
Flat Cow Gets His Ballot
Flat Cow Reads the Complex Instructions
Flat Cow’s Bovine Voice is “herd”…Check him out on Facebook
Exam • In general, they were pretty good • The average, after curving, was a 91!! • If you did not do as well as you had hoped, PLEASE come talk to me about EXTRA CREDIT
What are the Five Pillars of Information Security? • Protection, Automation, Detection, Reaction, Prevention • Detection, Integration, Globalization, Deletion, Operation • Implementation, Protection, Dissemination, Interaction, Prevention • Prevention, Protection, Communication, Obfuscation, Reaction • Documentation, Protection, Reaction, Detection, Prevention • Interaction, Prevention, Alteration, Reaction, Obliteration • Documentation, Prevention, Reaction, Interpolation, Detection
In the course reading “How to Sell Security”, the author describes the idea of Prospect Theory. According to the article and lecture slides, which of the following responses best summarizes Prospect Theory? • When presented with the potential opportunity for gain, people generally prefer to take risks. When presented with the potential for loss, people are less likely to embrace risk. • When presented with the potential opportunity for gain, people generally behave randomly. When presented with the potential for loss, people are more likely to embrace risk. • When presented with the potential opportunity for gain, people generally prefer not to take risks. When presented with the potential for loss, people are more likely to embrace risk. • When presented with the potential opportunity for gain, people generally prefer not to take risks. When presented with the potential for loss, people are more likely to behave randomly. • When presented with the potential opportunity for loss or gain, people generally behave randomly in both situations. • When presented with the potential opportunity for loss or gain, people generally drive to closest casino and bet all their money at the Roulette Wheel. • None of the above
Technical Controls are: • Strong and consistent, treating everyone equally • Usually outdated and unreliable • Can be audited with a high level of assurance • Usually cheaper to implement in the short term, when compared to equivalent Administrative Controls • A and B • B and C • A and C
Technical Controls: • Are usually more costly than equivalent Administrative Controls • Can break, either failing open or failing closed, neither of which may be desirable in a given situation. • Are what corporations implement when they want to engage in blame shifting. • Are generally more complex than equivalent Administrative Controls • All of the above • None of the above • A, B and D
Administrative Controls are usually: • Less expensive than Technical Controls • Sufficient to meet HIPAA and SOX compliance • Easy to implement • Very flexible • Used in large enterprise environments, but rarely in small businesses • A, B, C, D • A, C and D
Data Classification is the conscious decision to assign a level of sensitivity to data as it is being created, amended, enhanced, stored, or transmitted. The classification of the data should then determine the extent to which the data needs to be secured. The generic data classification grading scale outlined in the class handout and lecture slides included all of the following data designations: • Highly Confidential, Proprietary, Top Secret, Open Records, Physically Secured • Internal Use Only, Semi-Secret, Highly Confidential, Proprietary, Top Secret • Public Documents, Highly Confidential, Proprietary, Transport Limited, Semi-Secured • Internal Use Only, Public Documents, Top Secret, Highly Confidential, Proprietary • Top Secret, Highly Confidential, Open Records, Public Records, Management View Only • Proprietary, Open Records, Top Secret, Destroy After Viewing, For Hannah Montana Only • None of the above
Authentication is defined as the act of: • Verifying a claim of identity • Determining which informational resources a person or entity may be authorized to access • Determining which actions a person or entity will be allowed to perform (read, write, delete, etc.) • A and B • A and C • A, B and C • None of the above
Asymmetrically Encrypted data has which of the following properties? • It transforms usable information into a form that renders it unusable by anyone other than an authorized user. • Can be transformed back into its original usable form only by the original person who encrypted the data. • It is used to protect information from unauthorized or accidental disclosure while the information is in transit (either electronically or physically) and while information is in storage. • Can be transformed back into its original usable form by anyone who possesses the appropriate decryption key. • Can’t be used as part of a Defense in Depth strategy for data protection • A, C, D • A, C, D and E
If your organization engages in information systems outsourcing, which of the following outsourcing security principles should be applied? • A. Practice defense in depth • B. Follow the principle of least privilege • C. Follow the principle of random privilege • D. Compartmentalize • E. Promote privacy and accountability • F. Be reluctant to trust • G. A, B, D, E, F • H. All of the above • I. None of the above
In the reading “The Truth About Chinese Hackers”, which of the following viewpoints were expressed by the author? • Cyber Attacks originating in China don't seem to be coordinated by the Chinese military. • The hackers in China perform hacking for two reasons: fame and glory, and as an attempt to make a living. • The Chinese government knows the leaders of the hacker movement and chooses to look the other way. • If anything, the fact that these groups aren't being run by the Chinese government makes the problem worse. • All of the above • None of the above • A, C and D
In the reading “Cyberwar: Myth or Reality”, which of the following viewpoints were expressed by the author? • The best thing to do if you are a Cyberwar hacker is to infiltrate enemy computers and networks, spy on them, and surreptitiously disrupt select pieces of their communications when appropriate. • Within two days of the start of a war between the U.S. and Russia, the Internet will be totally unreliable. • The idea of Cyberwar is a clever scare tactic that hardware and software vendors perpetuate in order to sell more security related technologies and make more profit. • A and B • A and C • All of the above • None of the above
In the reading “Make Vendors Liable For Software Bugs”, which of the following viewpoints were expressed by the author? • Software vendors are in the best position to improve software security; as they have the capability. • There is a general rule in security to align interest with capability. • Interest must be aligned with capability, but you need to be careful how you generate interest. • Software vendors sometimes purposely and intentionally create software code with bugs, just so they can look like they care when they distribute software patches to fix the security holes • A, B, and C • A and D • All of the above
Which of the following statements does an accurate job of describing Dual Factor Authentication? • Providing proof of something you know and providing proof of something you have • Providing proof of something you know and providing proof something you are (fingerprint, retina scan, etc.) • Providing written proof of your age and providing written proof of your name • Providing proof of something you have and providing proof of something you are (fingerprint, retina scan, etc.) • Providing multiple passwords in order to gain access to a sensitive software application • A, B and D • A, B, D and E • All of the above • None of the above
Which of the following guidelines should included when establishing a strong password policy? • Passwords should be as long as possible (never shorter than 6 characters) • Passwords should introduce the use of multiple blank spaces in every password issued, if possible • Passwords should include mixed-case letters, if possible • Passwords should Include digits and punctuation marks, if possible • Obligate all users to change their password on their birthday and all non-religious holidays • Passwords should expire on a regular basis and may not be re-used • Users should be encouraged to create passwords which rhyme so that they are easy to remember • Passwords may not contain any portion of your name, birthday, address or other publicly available information • All of the above should be included when establishing a strong password policy • B, and on E only should be included when establishing a strong password policy • A, C, D, F and H should be included when establishing a strong password policy • A, B, C, D, F and H should be included when establishing a strong password policy
In lecture, we discussed several specific technologies for strong authentication. Which of the following authentication products can be beaten simply by using a photocopier to copy the user’s credential? • RSA SecurID One Time Password (OTP) device • Initech brand facial recognition Intruder Gate • Verisign brand personal digital certificates • Any Biometric retina scanner • DigiVault brand Zoster Fingerprint Assurance • Entrust brand Identity Guard • A, E and F • B and E • None of the above can be beaten simply by using a photocopier to copy the credential
Which of the following is a true statement about digital certificates? • Digital certificates are ALWAYS used in as the core technology in SSL connections to secure websites • A digital certificate can be thought of as a digital passport, which is either contained on a secure device, or on a hard disk • A digital certificate secured with a password, which makes it a dual factor authentication solution • A digital certificate can be used to authenticate machines as well as humans • Digital certificates have a low variable cost to produce individually, but a high fixed cost to setup the supporting system infrastructure • Can contain authorization data, such as birthday as well as authentication data, but this is rare • B, D, F and G • All of the above are true statements • None of the above are true statements
Which of the following is a true statement about Knowledge Based Authentication? • Knowledge Based Authentication authenticates the user via verification of life events, usually financial in nature • Most of this Knowledge Based Authentication information is publicly available and can be easily stolen by an outsider • The credit reports on which Knowledge Based Authentication is based often contain factual errors • A and C are true statements about Knowledge Based Authentication • B and C are true statements about Knowledge Based Authentication • All of the above are true statements about Knowledge Based Authentication • None of the above are true statements about Knowledge Based Authentication
In the reading entitled “Crypto AG, the NSA’s Trojan Whore”, in which country was Hans Buehler (a top Crypto AG salesman) arrested in 1992, under suspicion of leaking encryption codes to Western intelligence? • Iraq • Iran • Russia • Syria • North Korea • Libya • Canada • None of the above
Which of the following is the correct definition for Symmetric Encryption? • A. A single shared key is used for both encryption and decryption. • B. A pair of related but different keys is used, one for Encryption and the other for Decryption. • C. Both A and B are correct definitions for Symmetric Encryption • D. None of the above are correct definitions for Symmetric Encryption
Which of the following is the correct definition for Asymmetric Encryption? • A. A single shared key is used for both encryption and decryption. • B. A pair of related but different keys is used, one for Encryption and the other for Decryption. • C. Both A and B are correct definitions for Asymmetric Encryption • D. None of the above are correct definitions for Asymmetric Encryption
Which of the following best describes Steganography? • A. The process of protecting sensitive information in non- production databases from inappropriate visibility. After sanitization, the database remains perfectly usable. The look- and-feel is preserved, but the information content is secure. • B. The study of the principles and techniques by which information is overtly converted into a version that is difficult (ideally, impossible) for any unauthorized person to convert to the original information, while still allowing the intended reader to do so. • C. The art and science of writing hidden messages in such a way that no one apart from the sender and intended recipient even realizes there is a covert (hidden) message • D. A and C • E. A and B • F. None of the above definitions describe Steganography • G. All of the above definitions describe Steganography
The three primary uses for personal digital certificates are: • A. Authentication, Password Control, Shoulder Surfing • B. Digital Signing, Authentication, Data Retention • C. Encryption, Software Forensics, ISO Compliance • D. Encryption, Outsourcing, Digital Signing • E. Authentication, Digital Signing, Encryption • F. All of the above • G None of the above • H. A, B and C, except in cases in which the end user is a cow
Using the alphabet letter shifting method, decrypt the message below, using the following formula, in which "e" represents the encrypted letter and "d" represents the decrypted letter. "d" = "e" + 3 Assume a 26 letter, circular alphabet in which the letter A=1, B=2, C=3, D=4, E=5, F=6, G=7, etc. • The secret message is: ZLTP XOB PILT • A. "COWS ARE COOL" • B. "COWS ARE FAST" • C. "COWS ARE SLOW" • D. "APES CAN WALK" • E. "COWS EAT APES" • F. None of the above
A Public Key Infrastructure (PKI) can perform which of the following functions? • A. Revoke digital certificates • B. Issue digital certificates • C. Distribute digital certificates • D. Make copies of digital certificates issued by other organizations • E. A, B and C • F. B, C and D • G. All of the above • H. None of the above
The relationship between Public Keys and Private Keys in a PKI is: • A. The Public Key is used to both encrypt and decrypt data and the Private Key is used for creating a digital signature only. • B. The Public Key is used for creating a digital signature only and the Private Key is used for both encrypting and decrypting data. • C. The Public Key is used for encrypting data and the Private Key is used for creating a digital signature and for decrypting data. • D. The Public Key is used for encrypting data and creating a digital signature and the Private Key is used for decrypting data and also for creating a digital signature • E. The Public Key is used for encrypting data, the Private Key is used for decrypting data, and an Intermediary Key is used for creating a digital signature. • F. A and E • G. All of the above are true.
The relationship between Public Keys and Private Keys in a PKI is: • A. The Public Key is used to both encrypt and decrypt data and the Private Key is used for creating a digital signature only. • B. The Public Key is used for creating a digital signature only and the Private Key is used for both encrypting and decrypting data. • C. The Public Key is used for encrypting data and the Private Key is used for creating a digital signature and for decrypting data. • D. The Public Key is used for encrypting data and creating a digital signature and the Private Key is used for decrypting data and also for creating a digital signature • E. The Public Key is used for encrypting data, the Private Key is used for decrypting data, and an Intermediary Key is used for creating a digital signature. • F. A and E • G. All of the above are true.
The term “Key Escrow” refers to: • The location where public and private keys are grown before they are distributed to users. • The ISO-9000 compliant method by which encryption, decryption and digital signing take place. • An arrangement in which the keys needed to decrypt encrypted data are copied and securely held in storage so that, under certain circumstances, an authorized third party may gain access to those keys. • A place where digital certificates go to retire when they get old. • C and D • A and B • All of the above • None of the above
Digital certificates all have expiration dates. Select the statement which best describes the benefits and drawbacks of short and long certificate lifetimes. • Certificates with short lifetimes provide a greater assurance of validity, but create greater operational difficulties in terms of renewal due to their need to be renewed on a more frequent basis. Certificates with long lifetimes provide less assurance of validity, but from an operational standpoint are easier to manage because they require less frequent renewal. • Certificates with long lifetimes provide a greater assurance of validity, but create greater operational difficulties in terms of renewal due to their need to be renewed on a less frequent basis. Certificates with short lifetimes provide less assurance of validity, but from an operational standpoint are easier to manage because they require more frequent renewal. • The length of a certificate lifetime, whether it is short or long has no impact on the operational support required to manage a PKI, because digital certificates renew automatically by using a Certificate Revocation List (CRL). • Certificates with short lifetimes are easier to renew than certificates with long lifetimes because certificates with short lifetimes are fresher and not as entrenched in the end user’s computer. • None of the above is true. • All of the above are true.
Which of the following is true in relation to Trusted Root Authorities? • A Trusted Root Authority is a digital certificate issuer recognized by all computers around the globe. • Root Certificates from Trusted Root Authorities are stored in each computer’s central certificate store. • To become a Trusted Root Authority in an Operating System or Internet Browser, your organization must undergo a stringent audit and pay a substantial sum of money, in most cases. • Users should remove Trusted Root Authorities from their computer at least once per year because Trusted Root Authorities digitally degrade over time and lose reliability after 14 months, in most cases. • Verisign is a well known Trusted Root Authority. • Your UW-Madison digital certificate is chained to a Root Authority which is not trusted outside of the University of Wisconsin System. • A, B, C, and D • A, B, C, and E • A, B, C, E and F • All of the above are true. • None of the above is true.
A digital signature on an email provides proof of which of the following: • That the email did indeed come from the purported (claimed) author, invalidating plausible denial. • That the email was sent at the time and date indicated within the email. • That the contents of the email have not been altered from the original form. • A and B • B and C • A and C • All of the above • None of the above
The following statements about Social Engineering is/are true: • Social Engineering involves the use of psychological tricks in order to get useful information about a system. • Social Engineering involves using psychological tricks to build inappropriate trust relationships with insiders • Kevin Mitnick is one of the world’s best known Social Engineers, and he has been quoted as saying “The weakest link in the security chain is the human element” • Social Engineering is successful because people are generally helpful, especially to those who are nice, knowledgeable and/or insistent. • The primary methods of Social Engineering are: flattery, authority Impersonation and threatening behavior. • A well known Social Engineering technique involves using financial bribery to get the information desired by the Social Engineer. • A, B and C • A, B, D and E • A, B, C, D and E • All of the above • Non of the above
Which of the following defense techniques should Administrators use to keep Social Engineering from working? • Train employees to recognize situations in which they are being Socially Engineered. • Teach employees to use Pretexting as a counter measure against suspected Social Engineers. • Train employees to punch suspected Social Engineers in the face • Perform Social Engineering role playing drills with employees • Train employees on how to follow policies so that they will not become victims of Social Engineering. • A, D and E • A, B, D and E • All of the above • None of the above
Which of the following is/are true statement(s) about Road Apples? • A Road Apple uses physical media and relies on the curiosity or greed of the victim. • Using a Road Apple to infiltrate a company’s systems is also known as “Baiting”. • An example of a Road Apple is a USB drive or CD found in the parking lot, labeled with information which makes the potential victim curious about what is contained on the media. • A Road Apple which does not function as intended, is commonly referred to as a “Rotten Road Apple” • One way to partially combat Road Apples is to disable the “Autorun on inserted media” function on all corporate computers, although this method may not be 100% effective. • “Apple Seeding” is a term commonly used for viruses that spread across organizational boundaries, caused by Road Apples. • A, B, and C • A, B, C, D and F • A, B, C, and E • All of the above • None of the above
Which of the following statements are false, in relation to Digital Forensics? • A. Digital Forensics can pertain to legal evidence found in computers, digital storagedevices and media. • B. The goal of Digital Forensics is to explain the current state of a “digital artifact.” • C. In the realm of Digital Forensics, a digital artifact is a computer system, storage media (such as a hard disk or CD- ROM), an electronic document (e.g. an email message or JPEG image) or even a sequence of packets moving over a computer network. • D. Digital Forensics tools can be used to recover data in the event of a hardware or software failure. • E. Digital Forensics can be used to analyze a computer system after a break-in, for example, to determine how the attacker gained access and what the attacker did. • F. Digital Forensics can be used to gather evidence against an employee that an organization wishes to terminate. • G. Digital Forensics can be used to gain information about how computer systems work for the purpose of debugging, performance optimization, or reverse-engineering. • I. All of the above are false. • J. None of the above are false.
What does the term "Chain of Custody" mean? • A. The organizational management and reporting structure of an information systems organization • B. The statistical method used to determine who is to blame for a security breach in an organization • C. The ability to demonstrate who has had access to the digital information being used as evidence • D. The ISO-9000 endorsed method for tracking down how a virus was introduced into a secured network. • E. The method used to covertly install malicious software within a network, by using a Trojan or Worm. • F. The method used by Superhacker Kevin Mitnick, to hack mainframe computers in Malaysia. • G. C and D • H. None of the above
What are the five generic steps used in the Digital Forensics process? • A. Preparation of the investigator, Staging of the crime scene, Examination, Analysis, Reporting • B. Preparation of the investigator, Collection of data, Examination, Fortification of data, Analysis • C. Preparation of the investigator, Creation of data, Manipulation of data, Examination, Reporting • D. Preparation of the investigator, Creation of data, Examination, Analysis, Reporting • E. Preparation of the investigator, Collection of data, Examination, Analysis, Reporting • F. Preparation of the investigator, Collection of data, Alteration of data, Analysis, Examination • G. Preparation of the investigator, Collection of data, Examination, Analysis, Reporting • H. None of the above
Which of the following are important data handling processes? • A. Establish and maintain the chain of custody. • B. Handle the original evidence as little as possible to avoid changing the data. • C. If important data is missing, do your best to re-create it using an educated guess, based on everything you know about the situation and your experience in similar situations. • D. Document everything that has been done. • E. Only use tools and methods that have been tested and evaluated to validate their accuracy and reliability. • F. Wash your hands thoroughly before handling any internal hard disks. • G. Your first priority should be to immediately make two backup copies of the data, regardless of the situation. • H. Turn off the computer containing the important data as soon as you arrive on the scene, to avoid any potential further loss of data. • I. All of the above are important data handling processes. • J. None of the above are important data handling processes. • J. A, B, C, D, and E • K. A, B, D, and E • L. A, B, D, E, and H
What makes Knoppix a good tool for use in Digital Forensics collection situations? • A. Knoppix can be loaded directly from a CD. • B. Knoppix can be loaded from a USB flash drive. • C. Knoppix already comes pre-loaded on most machines, and can be loaded directly from where it resides in the boot sector of the hard disk. • D. Knoppix will not alter data on the hard disk • E. A, B and D • F. All of the above are things which make Knoppix a good tool for use in Digital Forensics collection situations. • G. None of the above are things which make Knoppix a good tool for use in Digital Forensics collection situations because Knoppix is fake vaporware, which does not even exist!!!
Which piece of Digital Forensics evidence was critical in the capture of the BTK Killer? • A. Fingerprints left on a floppy disk, which was sent to the police by the suspect. • B. A digital photograph taken with a hidden camera setup in the suspect's home. • C. Data gathered from the suspect's MySpace webpage. • D. Emails from the suspect which were collected by AT&T's NARUS device, based on keyword filtering, which were then turned over to the FBI for analysis. • E. Metadata which was unknowingly included in a Microsoft Word document, which was sent on a floppy disk to the police, by the suspect. • F. A, and E • G. All of the above • H. None of the above
Which of the following could an Intrusion Detection System (IDS) detect? • A. Employees photocopying information at Kinko's, against company policy. • B. Which files have been backed up onsite and which files have been backed up offsite. • C. When sensitive information leaves the building on CD- ROM or USB drive. • D. Host Based Attacks (privilege escalation) • E. Malware, Viruses, Trojan Horses and Worm related activities on the network • F. Attacks against a specific service, such as File Transfer Protocol (FTP) • G. Data driven attacks at the application layer. For example, an SQL injection error is a data driven attack. • H. A, B, and C • I. D, E, F, and G • J. All of the above can be detected by an Intrusion Detection system. • K. None of the above can be detected by an in Intrusion Detection system.
Which of the following correctly defines each of the three components of an Intrusion Detection System (Sensors, Console and Engine)? • A. Sensors = Monitors events, alerts and controls sensors • Console = Generate security events such as log files • Engine = Analyzes the data using artificial I ntelligence to generate alerts from the events received • B. Sensors = Analyzes the data using artificial intelligence to generate alerts from the events received • Console = Monitors events, alerts and controls sensors • Engine = Generate security events such as log files • C. Sensors = Generate security events such as log files • Console = Monitors events, alerts and controls sensors • Engine = Analyzes the data using artificial intelligence to generate alerts from the events received • None
Which of the following is/are type(s) of Intrusion Detection Systems described in the lecture slides on Intrusion Detection Systems? • A. Network Based Intrusion Detection System (NDS) • B. Protocol Based Intrusion Detection System (PIDS) • C. Language Based Intrusion Detection System (LIDS) • D. Stationary Based Intrusion Detection System (SIDS) • E. Platform Based Intrusion Detection System (PIDS) • F. Laptop Based Intrusion Detection System (LIDS) • G. Centralized Output Workflow System (COWS) • H. Stand Alone Storage Intrusion Detection System (SASIDS) • I. Application Protocol Based Intrusion Detection System (APIDS) • J. Host Based Intrusion Detection System (HIDS) • K. Hybrid System • L. A, B, I, J, K • M. A, B, C, D, E, F, I, J • N. A, B, D, F, G, H • O. A, B, D, E, F, G, I, J, • P. All of the above is/are type(s) of Intrusion Detection Systems described in the lecture slides on Intrusion Detection Systems? • Q. None of the above is/are type(s) of Intrusion Detection Systems described in the lecture slides on Intrusion Detection Systems?
How is a Firewall different from an Intrusion Detection System (IDS)? • A. Firewalls look outwardly and protect from external attacks • B. An IDS evaluates a suspected intrusion after it has taken place and signals an alarm. • C. An IDS also watches for attacks that originate from within a system. • D. A Firewall is hot to the touch (that is why it is called a Firewall), and IDS systems are always cold to the touch. • E. A and B • F. A, B, and C • G. All of the above • H. None of the above
A Unified Threat Management (UTM) appliance can perform which of the following functions? • A. Firewall • B. Spell checking • C. Provide emergency power to servers, from its internal backup batteries • D. Detect software logic bugs • E. Virus Scanning • F. Content Filtering • G. VPN • H. Anti-Spam • I. Intrusion Detection and Prevention • J. A, C, E, F, G, H and I • K. A, D, E, F, G, H and I • L. A, E, F, G, H, and I. • M. All of the above • N. None of the above
HIPAA, SOX and GLB all require similar mechanisms for protection of data. These data protection mechanisms are: • A. Authentication of sender and receiver of data • B. Recreation of missing data • C. Auditing of data • D. Protection of data, usually involving the use of encryption • E. Deletion of any data which contains personal information about customers. • F. Data Integrity Proof, usually involving use of digital signatures • G. A, C, D • H. A, C, D and F • I. A, C, D, E and F • J. A, C, D and E • K. All of the above • L. None of the above
Which of the following accurately define the terms vulnerability and exploit? • A. A security risk with one or more known instances of working and fully-implemented attacks is classified as an exploit. • B. A security risk is classified as a vulnerability if it is recognized as a possible means of attack. • C. A security risk with one or more known instances of working and fully-implemented attacks is classified as a vulnerability. • D. A security risk is classified as an exploit if it is recognized as a possible means of attack. • E. A and B accurately define and describe vulnerabilities and exploits • F. C and D accurately define and describe vulnerabilities and exploits • E. All of the above accurately define and describe vulnerabilities and exploits • F. None of the above accurately define and describe vulnerabilities and exploits
The difference between Limited Disclosure and Responsible Disclosure is: • A. Limited Disclosure means that full details of a vulnerability and/or exploit should go to a restricted community of developers and vendors, and only information about the general existence of the problem is released to the public, while Responsible Disclosure advocates that full and public disclosure should be preceded by disclosure of the vulnerability to the vendors or authors of the system. This private advance disclosure allows the vendor time to produce a fix or workaround. • B. Responsible Disclosure means that full details of a vulnerability and/or exploit should go to a restricted community of developers and vendors, and only information about the general existence of the problem is released to the public, while Limited Disclosure advocates that full and public disclosure should be preceded by disclosure of the vulnerability to the vendors or authors of the system. This private advance disclosure allows the vendor time to produce a fix or workaround. • C. Neither of the above statements correctly describe the difference between Limited Disclosure and Responsible Disclosure.
What happens in a Buffer Overflow exploit? • A. A process attempts to store data beyond the boundaries of a fixed-length storage area in memory. • B. User input is either incorrectly filtered for string literal escape characters embedded in SQL statements or user input is not strongly typed and thereby unexpectedly executed. • C. An application is ordered to access a computer file in hard disk storage that is not intended to be accessible. • D. Web applications unintentionally allow code injection by malicious web users into the web pages viewed by other users • E. A and B • F. C and sometimes D • G. All of the above • H. None of the above
Which of the following are not classified as elements of Physical Security? • A. Material obstacles such as walls and fences are put in place, to frustrate trivial attackers and delay serious ones. • B. Alarms, security lighting, and security guard patrols are used and closed-circuit television cameras are viewed by guards, to make it likely that attacks will be noticed. • C. Network traffic is monitored by an automated Intrusion Detection System, for potential Denial of Service attacks. • D. Security forces (guards) respond to alarms, to repel, catch or frustrate attackers when an attack is detected. • E. A and B are not elements of Physical Security. • F. All of the above are not elements of Physical Security.
How are "Honeypots" used as part of a network security strategy? • A. "Honeypots" are essentially decoy network- accessible resources, purposely designed and deployed with known vulnerabilities, to attract attackers. A Honeypot computer could be deployed in a network as surveillance and/or early-warning tool to warn that someone is snooping or probing the network for vulnerabilities. B. "Honeypot" is a 100% imaginary made-up term that means nothing at all. We never studied "Honeypots" in class. • C. “Honeypots” are essentially computers which are designed to trap hackers in a data hive and disable the attacking machine through intrusion quarantine so that the hacker can’t attack other machines on the network. • D. A and C • E. None of the above
The generic Change Control process we studied in class consists of how many discrete steps? • A. 4 • B. 7 • C. 3 • D. 5 • E. 8 • F. 6 • G. None of the above
Class Project • Pick a public traded company or organization with international as well as domestic operations • Fill out Security Audit Template (by hand is fine, but please print carefully, so I can read it.) • Write a five page Executive Summary • Prepare a 20-25 Powerpoint presentation and prepare for 5 minutes of questions
Rest of Today and Thursday • Meet with your team member today. • Pick company or organization and send to Nick via email • Read through template today, together • Thursday, we will cover entire template in class • Next Tuesday, Nick will give a presentation of Coca-Cola as an example, along with an Executive Summary. • Thursday the 13th of November will be a group work day…I’ll be in class to answer questions • Tuesday the 18th will be current events in IT Security, class day • Thursday the 20th of November will be a group work day…I’ll be in class to answer questions • First presentations will be the 25th of November

Empfohlen

IT Security in a Scientific Research Environment
IT Security in a Scientific Research EnvironmentIT Security in a Scientific Research Environment
IT Security in a Scientific Research EnvironmentNicholas Davis
 
IT Security for Healthcare Professionals
IT Security for Healthcare ProfessionalsIT Security for Healthcare Professionals
IT Security for Healthcare ProfessionalsNicholas Davis
 
Lively Walk-Through: A Lightweight Formal Method in UI/UX design
Lively Walk-Through: A Lightweight Formal Method in UI/UX designLively Walk-Through: A Lightweight Formal Method in UI/UX design
Lively Walk-Through: A Lightweight Formal Method in UI/UX designTomohiro Oda
 
Social engineering
Social engineeringSocial engineering
Social engineeringNicholas Davis
 
How ubuntu works???
How ubuntu works???How ubuntu works???
How ubuntu works???Nirma University
 
Conducting a NIST Cybersecurity Framework (CSF) Assessment
Conducting a NIST Cybersecurity Framework (CSF) AssessmentConducting a NIST Cybersecurity Framework (CSF) Assessment
Conducting a NIST Cybersecurity Framework (CSF) AssessmentNicholas Davis
 
Top Cybersecurity Challenges Facing Your Business
Top Cybersecurity Challenges Facing Your BusinessTop Cybersecurity Challenges Facing Your Business
Top Cybersecurity Challenges Facing Your BusinessNicholas Davis
 
UW-Madison, Information Systems 371 - Decision Support Systems
UW-Madison, Information Systems 371 - Decision Support SystemsUW-Madison, Information Systems 371 - Decision Support Systems
UW-Madison, Information Systems 371 - Decision Support SystemsNicholas Davis
 

Empfohlen

IT Security in a Scientific Research Environment
IT Security in a Scientific Research EnvironmentIT Security in a Scientific Research Environment
IT Security in a Scientific Research EnvironmentNicholas Davis
 
IT Security for Healthcare Professionals
IT Security for Healthcare ProfessionalsIT Security for Healthcare Professionals
IT Security for Healthcare ProfessionalsNicholas Davis
 
Lively Walk-Through: A Lightweight Formal Method in UI/UX design
Lively Walk-Through: A Lightweight Formal Method in UI/UX designLively Walk-Through: A Lightweight Formal Method in UI/UX design
Lively Walk-Through: A Lightweight Formal Method in UI/UX designTomohiro Oda
 
Social engineering
Social engineeringSocial engineering
Social engineeringNicholas Davis
 
How ubuntu works???
How ubuntu works???How ubuntu works???
How ubuntu works???Nirma University
 
Conducting a NIST Cybersecurity Framework (CSF) Assessment
Conducting a NIST Cybersecurity Framework (CSF) AssessmentConducting a NIST Cybersecurity Framework (CSF) Assessment
Conducting a NIST Cybersecurity Framework (CSF) AssessmentNicholas Davis
 
Top Cybersecurity Challenges Facing Your Business
Top Cybersecurity Challenges Facing Your BusinessTop Cybersecurity Challenges Facing Your Business
Top Cybersecurity Challenges Facing Your BusinessNicholas Davis
 
UW-Madison, Information Systems 371 - Decision Support Systems
UW-Madison, Information Systems 371 - Decision Support SystemsUW-Madison, Information Systems 371 - Decision Support Systems
UW-Madison, Information Systems 371 - Decision Support SystemsNicholas Davis
 
Lecture blockchain
Lecture blockchainLecture blockchain
Lecture blockchainNicholas Davis
 
Software Development Methodologies
Software Development MethodologiesSoftware Development Methodologies
Software Development MethodologiesNicholas Davis
 
Information systems 365 - Cloud and BYOD Security
Information systems 365 - Cloud and BYOD SecurityInformation systems 365 - Cloud and BYOD Security
Information systems 365 - Cloud and BYOD SecurityNicholas Davis
 
Information Security Awareness: at Work, at Home, and For Your Kids
Information Security Awareness: at Work, at Home, and For Your Kids Information Security Awareness: at Work, at Home, and For Your Kids
Information Security Awareness: at Work, at Home, and For Your Kids Nicholas Davis
 
Information Systems 365/765, Lecture 4, Policies, Data Classification, Traini...
Information Systems 365/765, Lecture 4, Policies, Data Classification, Traini...Information Systems 365/765, Lecture 4, Policies, Data Classification, Traini...
Information Systems 365/765, Lecture 4, Policies, Data Classification, Traini...Nicholas Davis
 
Information Systems 371 -The Internet of Things Overview
Information Systems 371 -The Internet of Things OverviewInformation Systems 371 -The Internet of Things Overview
Information Systems 371 -The Internet of Things OverviewNicholas Davis
 
Cyberwar Gets Personal
Cyberwar Gets PersonalCyberwar Gets Personal
Cyberwar Gets PersonalNicholas Davis
 
University of Wisconsin-Madison, Information Security 365/765 Course Summary,...
University of Wisconsin-Madison, Information Security 365/765 Course Summary,...University of Wisconsin-Madison, Information Security 365/765 Course Summary,...
University of Wisconsin-Madison, Information Security 365/765 Course Summary,...Nicholas Davis
 
Bringing the Entire Information Security Semester Together With a Team Project
Bringing the Entire Information Security Semester Together With a Team ProjectBringing the Entire Information Security Semester Together With a Team Project
Bringing the Entire Information Security Semester Together With a Team ProjectNicholas Davis
 
The Deep and Dark Web - Spooky Halloween Information Security Lecture -- Info...
The Deep and Dark Web - Spooky Halloween Information Security Lecture -- Info...The Deep and Dark Web - Spooky Halloween Information Security Lecture -- Info...
The Deep and Dark Web - Spooky Halloween Information Security Lecture -- Info...Nicholas Davis
 
Student Presentation Sample (Netflix) -- Information Security 365/765 -- UW-M...
Student Presentation Sample (Netflix) -- Information Security 365/765 -- UW-M...Student Presentation Sample (Netflix) -- Information Security 365/765 -- UW-M...
Student Presentation Sample (Netflix) -- Information Security 365/765 -- UW-M...Nicholas Davis
 
Information Security Fall Semester 2016 - Course Wrap Up Summary
Information Security Fall Semester 2016 - Course Wrap Up SummaryInformation Security Fall Semester 2016 - Course Wrap Up Summary
Information Security Fall Semester 2016 - Course Wrap Up SummaryNicholas Davis
 
Organizational Phishing Education
Organizational Phishing EducationOrganizational Phishing Education
Organizational Phishing EducationNicholas Davis
 
Security Operations -- An Overview
Security Operations -- An OverviewSecurity Operations -- An Overview
Security Operations -- An OverviewNicholas Davis
 
Network Design, Common Network Terminology and Security Implications
Network Design, Common Network Terminology and Security ImplicationsNetwork Design, Common Network Terminology and Security Implications
Network Design, Common Network Terminology and Security ImplicationsNicholas Davis
 
Survey Presentation About Application Security
Survey Presentation About Application SecuritySurvey Presentation About Application Security
Survey Presentation About Application SecurityNicholas Davis
 
Information Security 365/765 Lecture 13 – Legal Regulations, Industry Compli...
Information Security 365/765 Lecture 13 – Legal Regulations, Industry Compli...Information Security 365/765 Lecture 13 – Legal Regulations, Industry Compli...
Information Security 365/765 Lecture 13 – Legal Regulations, Industry Compli...Nicholas Davis
 
Demystifying Professional Certifications
Demystifying Professional CertificationsDemystifying Professional Certifications
Demystifying Professional CertificationsNicholas Davis
 
Cloud Security and Bring Your Own Device (BYOD) Security
Cloud Security and Bring Your Own Device (BYOD) SecurityCloud Security and Bring Your Own Device (BYOD) Security
Cloud Security and Bring Your Own Device (BYOD) SecurityNicholas Davis
 
Spooky Halloween IT Security Lecture -- The Deep Web
Spooky Halloween IT Security Lecture -- The Deep WebSpooky Halloween IT Security Lecture -- The Deep Web
Spooky Halloween IT Security Lecture -- The Deep WebNicholas Davis
 
A Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersA Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersNicole Novielli
 
Design pattern talk by Kaya Weers - 2024 (v2)
Design pattern talk by Kaya Weers - 2024 (v2)Design pattern talk by Kaya Weers - 2024 (v2)
Design pattern talk by Kaya Weers - 2024 (v2)Kaya Weers
 

Weitere ähnliche Inhalte

Mehr von Nicholas Davis

Software Development Methodologies
Software Development MethodologiesSoftware Development Methodologies
Software Development MethodologiesNicholas Davis
 
Information systems 365 - Cloud and BYOD Security
Information systems 365 - Cloud and BYOD SecurityInformation systems 365 - Cloud and BYOD Security
Information systems 365 - Cloud and BYOD SecurityNicholas Davis
 
Information Security Awareness: at Work, at Home, and For Your Kids
Information Security Awareness: at Work, at Home, and For Your Kids Information Security Awareness: at Work, at Home, and For Your Kids
Information Security Awareness: at Work, at Home, and For Your Kids Nicholas Davis
 
Information Systems 365/765, Lecture 4, Policies, Data Classification, Traini...
Information Systems 365/765, Lecture 4, Policies, Data Classification, Traini...Information Systems 365/765, Lecture 4, Policies, Data Classification, Traini...
Information Systems 365/765, Lecture 4, Policies, Data Classification, Traini...Nicholas Davis
 
Information Systems 371 -The Internet of Things Overview
Information Systems 371 -The Internet of Things OverviewInformation Systems 371 -The Internet of Things Overview
Information Systems 371 -The Internet of Things OverviewNicholas Davis
 
Cyberwar Gets Personal
Cyberwar Gets PersonalCyberwar Gets Personal
Cyberwar Gets PersonalNicholas Davis
 
University of Wisconsin-Madison, Information Security 365/765 Course Summary,...
University of Wisconsin-Madison, Information Security 365/765 Course Summary,...University of Wisconsin-Madison, Information Security 365/765 Course Summary,...
University of Wisconsin-Madison, Information Security 365/765 Course Summary,...Nicholas Davis
 
Bringing the Entire Information Security Semester Together With a Team Project
Bringing the Entire Information Security Semester Together With a Team ProjectBringing the Entire Information Security Semester Together With a Team Project
Bringing the Entire Information Security Semester Together With a Team ProjectNicholas Davis
 
The Deep and Dark Web - Spooky Halloween Information Security Lecture -- Info...
The Deep and Dark Web - Spooky Halloween Information Security Lecture -- Info...The Deep and Dark Web - Spooky Halloween Information Security Lecture -- Info...
The Deep and Dark Web - Spooky Halloween Information Security Lecture -- Info...Nicholas Davis
 
Student Presentation Sample (Netflix) -- Information Security 365/765 -- UW-M...
Student Presentation Sample (Netflix) -- Information Security 365/765 -- UW-M...Student Presentation Sample (Netflix) -- Information Security 365/765 -- UW-M...
Student Presentation Sample (Netflix) -- Information Security 365/765 -- UW-M...Nicholas Davis
 
Information Security Fall Semester 2016 - Course Wrap Up Summary
Information Security Fall Semester 2016 - Course Wrap Up SummaryInformation Security Fall Semester 2016 - Course Wrap Up Summary
Information Security Fall Semester 2016 - Course Wrap Up SummaryNicholas Davis
 
Organizational Phishing Education
Organizational Phishing EducationOrganizational Phishing Education
Organizational Phishing EducationNicholas Davis
 
Security Operations -- An Overview
Security Operations -- An OverviewSecurity Operations -- An Overview
Security Operations -- An OverviewNicholas Davis
 
Network Design, Common Network Terminology and Security Implications
Network Design, Common Network Terminology and Security ImplicationsNetwork Design, Common Network Terminology and Security Implications
Network Design, Common Network Terminology and Security ImplicationsNicholas Davis
 
Survey Presentation About Application Security
Survey Presentation About Application SecuritySurvey Presentation About Application Security
Survey Presentation About Application SecurityNicholas Davis
 
Information Security 365/765 Lecture 13 – Legal Regulations, Industry Compli...
Information Security 365/765 Lecture 13 – Legal Regulations, Industry Compli...Information Security 365/765 Lecture 13 – Legal Regulations, Industry Compli...
Information Security 365/765 Lecture 13 – Legal Regulations, Industry Compli...Nicholas Davis
 
Demystifying Professional Certifications
Demystifying Professional CertificationsDemystifying Professional Certifications
Demystifying Professional CertificationsNicholas Davis
 
Cloud Security and Bring Your Own Device (BYOD) Security
Cloud Security and Bring Your Own Device (BYOD) SecurityCloud Security and Bring Your Own Device (BYOD) Security
Cloud Security and Bring Your Own Device (BYOD) SecurityNicholas Davis
 
Spooky Halloween IT Security Lecture -- The Deep Web
Spooky Halloween IT Security Lecture -- The Deep WebSpooky Halloween IT Security Lecture -- The Deep Web
Spooky Halloween IT Security Lecture -- The Deep WebNicholas Davis
 

Mehr von Nicholas Davis (20)

Lecture blockchain
Lecture blockchainLecture blockchain
Lecture blockchain
 
Software Development Methodologies
Software Development MethodologiesSoftware Development Methodologies
Software Development Methodologies
 
Information systems 365 - Cloud and BYOD Security
Information systems 365 - Cloud and BYOD SecurityInformation systems 365 - Cloud and BYOD Security
Information systems 365 - Cloud and BYOD Security
 
Information Security Awareness: at Work, at Home, and For Your Kids
Information Security Awareness: at Work, at Home, and For Your Kids Information Security Awareness: at Work, at Home, and For Your Kids
Information Security Awareness: at Work, at Home, and For Your Kids
 
Information Systems 365/765, Lecture 4, Policies, Data Classification, Traini...
Information Systems 365/765, Lecture 4, Policies, Data Classification, Traini...Information Systems 365/765, Lecture 4, Policies, Data Classification, Traini...
Information Systems 365/765, Lecture 4, Policies, Data Classification, Traini...
 
Information Systems 371 -The Internet of Things Overview
Information Systems 371 -The Internet of Things OverviewInformation Systems 371 -The Internet of Things Overview
Information Systems 371 -The Internet of Things Overview
 
Cyberwar Gets Personal
Cyberwar Gets PersonalCyberwar Gets Personal
Cyberwar Gets Personal
 
University of Wisconsin-Madison, Information Security 365/765 Course Summary,...
University of Wisconsin-Madison, Information Security 365/765 Course Summary,...University of Wisconsin-Madison, Information Security 365/765 Course Summary,...
University of Wisconsin-Madison, Information Security 365/765 Course Summary,...
 
Bringing the Entire Information Security Semester Together With a Team Project
Bringing the Entire Information Security Semester Together With a Team ProjectBringing the Entire Information Security Semester Together With a Team Project
Bringing the Entire Information Security Semester Together With a Team Project
 
The Deep and Dark Web - Spooky Halloween Information Security Lecture -- Info...
The Deep and Dark Web - Spooky Halloween Information Security Lecture -- Info...The Deep and Dark Web - Spooky Halloween Information Security Lecture -- Info...
The Deep and Dark Web - Spooky Halloween Information Security Lecture -- Info...
 
Student Presentation Sample (Netflix) -- Information Security 365/765 -- UW-M...
Student Presentation Sample (Netflix) -- Information Security 365/765 -- UW-M...Student Presentation Sample (Netflix) -- Information Security 365/765 -- UW-M...
Student Presentation Sample (Netflix) -- Information Security 365/765 -- UW-M...
 
Information Security Fall Semester 2016 - Course Wrap Up Summary
Information Security Fall Semester 2016 - Course Wrap Up SummaryInformation Security Fall Semester 2016 - Course Wrap Up Summary
Information Security Fall Semester 2016 - Course Wrap Up Summary
 
Organizational Phishing Education
Organizational Phishing EducationOrganizational Phishing Education
Organizational Phishing Education
 
Security Operations -- An Overview
Security Operations -- An OverviewSecurity Operations -- An Overview
Security Operations -- An Overview
 
Network Design, Common Network Terminology and Security Implications
Network Design, Common Network Terminology and Security ImplicationsNetwork Design, Common Network Terminology and Security Implications
Network Design, Common Network Terminology and Security Implications
 
Survey Presentation About Application Security
Survey Presentation About Application SecuritySurvey Presentation About Application Security
Survey Presentation About Application Security
 
Information Security 365/765 Lecture 13 – Legal Regulations, Industry Compli...
Information Security 365/765 Lecture 13 – Legal Regulations, Industry Compli...Information Security 365/765 Lecture 13 – Legal Regulations, Industry Compli...
Information Security 365/765 Lecture 13 – Legal Regulations, Industry Compli...
 
Demystifying Professional Certifications
Demystifying Professional CertificationsDemystifying Professional Certifications
Demystifying Professional Certifications
 
Cloud Security and Bring Your Own Device (BYOD) Security
Cloud Security and Bring Your Own Device (BYOD) SecurityCloud Security and Bring Your Own Device (BYOD) Security
Cloud Security and Bring Your Own Device (BYOD) Security
 
Spooky Halloween IT Security Lecture -- The Deep Web
Spooky Halloween IT Security Lecture -- The Deep WebSpooky Halloween IT Security Lecture -- The Deep Web
Spooky Halloween IT Security Lecture -- The Deep Web
 

Kürzlich hochgeladen

A Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersA Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersNicole Novielli
 
Design pattern talk by Kaya Weers - 2024 (v2)
Design pattern talk by Kaya Weers - 2024 (v2)Design pattern talk by Kaya Weers - 2024 (v2)
Design pattern talk by Kaya Weers - 2024 (v2)Kaya Weers
 
Testing tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesTesting tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesKari Kakkonen
 
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfLoriGlavin3
 
Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...
Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...
Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...itnewsafrica
 
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotesMuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotesManik S Magar
 
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical InfrastructureVarsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructureitnewsafrica
 
Generative AI - Gitex v1Generative AI - Gitex v1.pptx
Generative AI - Gitex v1Generative AI - Gitex v1.pptxGenerative AI - Gitex v1Generative AI - Gitex v1.pptx
Generative AI - Gitex v1Generative AI - Gitex v1.pptxfnnc6jmgwh
 
Bridging Between CAD & GIS: 6 Ways to Automate Your Data Integration
Bridging Between CAD & GIS: 6 Ways to Automate Your Data IntegrationBridging Between CAD & GIS: 6 Ways to Automate Your Data Integration
Bridging Between CAD & GIS: 6 Ways to Automate Your Data Integrationmarketing932765
 
Modern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better StrongerModern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better Strongerpanagenda
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsPixlogix Infotech
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024Lonnie McRorey
 
Generative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdfGenerative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdfIngrid Airi González
 
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Alkin Tezuysal
 
2024 April Patch Tuesday
2024 April Patch Tuesday2024 April Patch Tuesday
2024 April Patch TuesdayIvanti
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxLoriGlavin3
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxLoriGlavin3
 
Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Farhan Tariq
 
React Native vs Ionic - The Best Mobile App Framework
React Native vs Ionic - The Best Mobile App FrameworkReact Native vs Ionic - The Best Mobile App Framework
React Native vs Ionic - The Best Mobile App FrameworkPixlogix Infotech
 
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality AssuranceInflectra
 

Kürzlich hochgeladen (20)

A Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersA Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software Developers
 
Design pattern talk by Kaya Weers - 2024 (v2)
Design pattern talk by Kaya Weers - 2024 (v2)Design pattern talk by Kaya Weers - 2024 (v2)
Design pattern talk by Kaya Weers - 2024 (v2)
 
Testing tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesTesting tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examples
 
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdf
 
Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...
Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...
Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...
 
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotesMuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
 
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical InfrastructureVarsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
 
Generative AI - Gitex v1Generative AI - Gitex v1.pptx
Generative AI - Gitex v1Generative AI - Gitex v1.pptxGenerative AI - Gitex v1Generative AI - Gitex v1.pptx
Generative AI - Gitex v1Generative AI - Gitex v1.pptx
 
Bridging Between CAD & GIS: 6 Ways to Automate Your Data Integration
Bridging Between CAD & GIS: 6 Ways to Automate Your Data IntegrationBridging Between CAD & GIS: 6 Ways to Automate Your Data Integration
Bridging Between CAD & GIS: 6 Ways to Automate Your Data Integration
 
Modern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better StrongerModern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and Cons
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024
 
Generative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdfGenerative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdf
 
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
 
2024 April Patch Tuesday
2024 April Patch Tuesday2024 April Patch Tuesday
2024 April Patch Tuesday
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
 
Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...
 
React Native vs Ionic - The Best Mobile App Framework
React Native vs Ionic - The Best Mobile App FrameworkReact Native vs Ionic - The Best Mobile App Framework
React Native vs Ionic - The Best Mobile App Framework
 
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
 

Uw madison information systems 365 information security exam - answer key presentation

  • 1. Information Systems 365 Exam Answers, Discussion and Class Project
  • 2. Did You Vote? Flat Cow Did!
  • 3. Flat Cow Gets His Ballot
  • 4. Flat Cow Reads the Complex Instructions
  • 5. Flat Cow’s Bovine Voice is “herd”…Check him out on Facebook
  • 6. Exam • In general, they were pretty good • The average, after curving, was a 91!! • If you did not do as well as you had hoped, PLEASE come talk to me about EXTRA CREDIT
  • 7. What are the Five Pillars of Information Security? • Protection, Automation, Detection, Reaction, Prevention • Detection, Integration, Globalization, Deletion, Operation • Implementation, Protection, Dissemination, Interaction, Prevention • Prevention, Protection, Communication, Obfuscation, Reaction • Documentation, Protection, Reaction, Detection, Prevention • Interaction, Prevention, Alteration, Reaction, Obliteration • Documentation, Prevention, Reaction, Interpolation, Detection
  • 8. In the course reading “How to Sell Security”, the author describes the idea of Prospect Theory. According to the article and lecture slides, which of the following responses best summarizes Prospect Theory? • When presented with the potential opportunity for gain, people generally prefer to take risks. When presented with the potential for loss, people are less likely to embrace risk. • When presented with the potential opportunity for gain, people generally behave randomly. When presented with the potential for loss, people are more likely to embrace risk. • When presented with the potential opportunity for gain, people generally prefer not to take risks. When presented with the potential for loss, people are more likely to embrace risk. • When presented with the potential opportunity for gain, people generally prefer not to take risks. When presented with the potential for loss, people are more likely to behave randomly. • When presented with the potential opportunity for loss or gain, people generally behave randomly in both situations. • When presented with the potential opportunity for loss or gain, people generally drive to closest casino and bet all their money at the Roulette Wheel. • None of the above
  • 9. Technical Controls are: • Strong and consistent, treating everyone equally • Usually outdated and unreliable • Can be audited with a high level of assurance • Usually cheaper to implement in the short term, when compared to equivalent Administrative Controls • A and B • B and C • A and C
  • 10. Technical Controls: • Are usually more costly than equivalent Administrative Controls • Can break, either failing open or failing closed, neither of which may be desirable in a given situation. • Are what corporations implement when they want to engage in blame shifting. • Are generally more complex than equivalent Administrative Controls • All of the above • None of the above • A, B and D
  • 11. Administrative Controls are usually: • Less expensive than Technical Controls • Sufficient to meet HIPAA and SOX compliance • Easy to implement • Very flexible • Used in large enterprise environments, but rarely in small businesses • A, B, C, D • A, C and D
  • 12. Data Classification is the conscious decision to assign a level of sensitivity to data as it is being created, amended, enhanced, stored, or transmitted. The classification of the data should then determine the extent to which the data needs to be secured. The generic data classification grading scale outlined in the class handout and lecture slides included all of the following data designations: • Highly Confidential, Proprietary, Top Secret, Open Records, Physically Secured • Internal Use Only, Semi-Secret, Highly Confidential, Proprietary, Top Secret • Public Documents, Highly Confidential, Proprietary, Transport Limited, Semi-Secured • Internal Use Only, Public Documents, Top Secret, Highly Confidential, Proprietary • Top Secret, Highly Confidential, Open Records, Public Records, Management View Only • Proprietary, Open Records, Top Secret, Destroy After Viewing, For Hannah Montana Only • None of the above
  • 13. Authentication is defined as the act of: • Verifying a claim of identity • Determining which informational resources a person or entity may be authorized to access • Determining which actions a person or entity will be allowed to perform (read, write, delete, etc.) • A and B • A and C • A, B and C • None of the above
  • 14. Asymmetrically Encrypted data has which of the following properties? • It transforms usable information into a form that renders it unusable by anyone other than an authorized user. • Can be transformed back into its original usable form only by the original person who encrypted the data. • It is used to protect information from unauthorized or accidental disclosure while the information is in transit (either electronically or physically) and while information is in storage. • Can be transformed back into its original usable form by anyone who possesses the appropriate decryption key. • Can’t be used as part of a Defense in Depth strategy for data protection • A, C, D • A, C, D and E
  • 15. If your organization engages in information systems outsourcing, which of the following outsourcing security principles should be applied? • A. Practice defense in depth • B. Follow the principle of least privilege • C. Follow the principle of random privilege • D. Compartmentalize • E. Promote privacy and accountability • F. Be reluctant to trust • G. A, B, D, E, F • H. All of the above • I. None of the above
  • 16. In the reading “The Truth About Chinese Hackers”, which of the following viewpoints were expressed by the author? • Cyber Attacks originating in China don't seem to be coordinated by the Chinese military. • The hackers in China perform hacking for two reasons: fame and glory, and as an attempt to make a living. • The Chinese government knows the leaders of the hacker movement and chooses to look the other way. • If anything, the fact that these groups aren't being run by the Chinese government makes the problem worse. • All of the above • None of the above • A, C and D
  • 17. In the reading “Cyberwar: Myth or Reality”, which of the following viewpoints were expressed by the author? • The best thing to do if you are a Cyberwar hacker is to infiltrate enemy computers and networks, spy on them, and surreptitiously disrupt select pieces of their communications when appropriate. • Within two days of the start of a war between the U.S. and Russia, the Internet will be totally unreliable. • The idea of Cyberwar is a clever scare tactic that hardware and software vendors perpetuate in order to sell more security related technologies and make more profit. • A and B • A and C • All of the above • None of the above
  • 18. In the reading “Make Vendors Liable For Software Bugs”, which of the following viewpoints were expressed by the author? • Software vendors are in the best position to improve software security; as they have the capability. • There is a general rule in security to align interest with capability. • Interest must be aligned with capability, but you need to be careful how you generate interest. • Software vendors sometimes purposely and intentionally create software code with bugs, just so they can look like they care when they distribute software patches to fix the security holes • A, B, and C • A and D • All of the above
  • 19. Which of the following statements does an accurate job of describing Dual Factor Authentication? • Providing proof of something you know and providing proof of something you have • Providing proof of something you know and providing proof something you are (fingerprint, retina scan, etc.) • Providing written proof of your age and providing written proof of your name • Providing proof of something you have and providing proof of something you are (fingerprint, retina scan, etc.) • Providing multiple passwords in order to gain access to a sensitive software application • A, B and D • A, B, D and E • All of the above • None of the above
  • 20. Which of the following guidelines should included when establishing a strong password policy? • Passwords should be as long as possible (never shorter than 6 characters) • Passwords should introduce the use of multiple blank spaces in every password issued, if possible • Passwords should include mixed-case letters, if possible • Passwords should Include digits and punctuation marks, if possible • Obligate all users to change their password on their birthday and all non-religious holidays • Passwords should expire on a regular basis and may not be re-used • Users should be encouraged to create passwords which rhyme so that they are easy to remember • Passwords may not contain any portion of your name, birthday, address or other publicly available information • All of the above should be included when establishing a strong password policy • B, and on E only should be included when establishing a strong password policy • A, C, D, F and H should be included when establishing a strong password policy • A, B, C, D, F and H should be included when establishing a strong password policy
  • 21. In lecture, we discussed several specific technologies for strong authentication. Which of the following authentication products can be beaten simply by using a photocopier to copy the user’s credential? • RSA SecurID One Time Password (OTP) device • Initech brand facial recognition Intruder Gate • Verisign brand personal digital certificates • Any Biometric retina scanner • DigiVault brand Zoster Fingerprint Assurance • Entrust brand Identity Guard • A, E and F • B and E • None of the above can be beaten simply by using a photocopier to copy the credential
  • 22. Which of the following is a true statement about digital certificates? • Digital certificates are ALWAYS used in as the core technology in SSL connections to secure websites • A digital certificate can be thought of as a digital passport, which is either contained on a secure device, or on a hard disk • A digital certificate secured with a password, which makes it a dual factor authentication solution • A digital certificate can be used to authenticate machines as well as humans • Digital certificates have a low variable cost to produce individually, but a high fixed cost to setup the supporting system infrastructure • Can contain authorization data, such as birthday as well as authentication data, but this is rare • B, D, F and G • All of the above are true statements • None of the above are true statements
  • 23. Which of the following is a true statement about Knowledge Based Authentication? • Knowledge Based Authentication authenticates the user via verification of life events, usually financial in nature • Most of this Knowledge Based Authentication information is publicly available and can be easily stolen by an outsider • The credit reports on which Knowledge Based Authentication is based often contain factual errors • A and C are true statements about Knowledge Based Authentication • B and C are true statements about Knowledge Based Authentication • All of the above are true statements about Knowledge Based Authentication • None of the above are true statements about Knowledge Based Authentication
  • 24. In the reading entitled “Crypto AG, the NSA’s Trojan Whore”, in which country was Hans Buehler (a top Crypto AG salesman) arrested in 1992, under suspicion of leaking encryption codes to Western intelligence? • Iraq • Iran • Russia • Syria • North Korea • Libya • Canada • None of the above
  • 25. Which of the following is the correct definition for Symmetric Encryption? • A. A single shared key is used for both encryption and decryption. • B. A pair of related but different keys is used, one for Encryption and the other for Decryption. • C. Both A and B are correct definitions for Symmetric Encryption • D. None of the above are correct definitions for Symmetric Encryption
  • 26. Which of the following is the correct definition for Asymmetric Encryption? • A. A single shared key is used for both encryption and decryption. • B. A pair of related but different keys is used, one for Encryption and the other for Decryption. • C. Both A and B are correct definitions for Asymmetric Encryption • D. None of the above are correct definitions for Asymmetric Encryption
  • 27. Which of the following best describes Steganography? • A. The process of protecting sensitive information in non- production databases from inappropriate visibility. After sanitization, the database remains perfectly usable. The look- and-feel is preserved, but the information content is secure. • B. The study of the principles and techniques by which information is overtly converted into a version that is difficult (ideally, impossible) for any unauthorized person to convert to the original information, while still allowing the intended reader to do so. • C. The art and science of writing hidden messages in such a way that no one apart from the sender and intended recipient even realizes there is a covert (hidden) message • D. A and C • E. A and B • F. None of the above definitions describe Steganography • G. All of the above definitions describe Steganography
  • 28. The three primary uses for personal digital certificates are: • A. Authentication, Password Control, Shoulder Surfing • B. Digital Signing, Authentication, Data Retention • C. Encryption, Software Forensics, ISO Compliance • D. Encryption, Outsourcing, Digital Signing • E. Authentication, Digital Signing, Encryption • F. All of the above • G None of the above • H. A, B and C, except in cases in which the end user is a cow
  • 29. Using the alphabet letter shifting method, decrypt the message below, using the following formula, in which "e" represents the encrypted letter and "d" represents the decrypted letter. "d" = "e" + 3 Assume a 26 letter, circular alphabet in which the letter A=1, B=2, C=3, D=4, E=5, F=6, G=7, etc. • The secret message is: ZLTP XOB PILT • A. "COWS ARE COOL" • B. "COWS ARE FAST" • C. "COWS ARE SLOW" • D. "APES CAN WALK" • E. "COWS EAT APES" • F. None of the above
  • 30. A Public Key Infrastructure (PKI) can perform which of the following functions? • A. Revoke digital certificates • B. Issue digital certificates • C. Distribute digital certificates • D. Make copies of digital certificates issued by other organizations • E. A, B and C • F. B, C and D • G. All of the above • H. None of the above
  • 31. The relationship between Public Keys and Private Keys in a PKI is: • A. The Public Key is used to both encrypt and decrypt data and the Private Key is used for creating a digital signature only. • B. The Public Key is used for creating a digital signature only and the Private Key is used for both encrypting and decrypting data. • C. The Public Key is used for encrypting data and the Private Key is used for creating a digital signature and for decrypting data. • D. The Public Key is used for encrypting data and creating a digital signature and the Private Key is used for decrypting data and also for creating a digital signature • E. The Public Key is used for encrypting data, the Private Key is used for decrypting data, and an Intermediary Key is used for creating a digital signature. • F. A and E • G. All of the above are true.
  • 32. The relationship between Public Keys and Private Keys in a PKI is: • A. The Public Key is used to both encrypt and decrypt data and the Private Key is used for creating a digital signature only. • B. The Public Key is used for creating a digital signature only and the Private Key is used for both encrypting and decrypting data. • C. The Public Key is used for encrypting data and the Private Key is used for creating a digital signature and for decrypting data. • D. The Public Key is used for encrypting data and creating a digital signature and the Private Key is used for decrypting data and also for creating a digital signature • E. The Public Key is used for encrypting data, the Private Key is used for decrypting data, and an Intermediary Key is used for creating a digital signature. • F. A and E • G. All of the above are true.
  • 33. The term “Key Escrow” refers to: • The location where public and private keys are grown before they are distributed to users. • The ISO-9000 compliant method by which encryption, decryption and digital signing take place. • An arrangement in which the keys needed to decrypt encrypted data are copied and securely held in storage so that, under certain circumstances, an authorized third party may gain access to those keys. • A place where digital certificates go to retire when they get old. • C and D • A and B • All of the above • None of the above
  • 34. Digital certificates all have expiration dates. Select the statement which best describes the benefits and drawbacks of short and long certificate lifetimes. • Certificates with short lifetimes provide a greater assurance of validity, but create greater operational difficulties in terms of renewal due to their need to be renewed on a more frequent basis. Certificates with long lifetimes provide less assurance of validity, but from an operational standpoint are easier to manage because they require less frequent renewal. • Certificates with long lifetimes provide a greater assurance of validity, but create greater operational difficulties in terms of renewal due to their need to be renewed on a less frequent basis. Certificates with short lifetimes provide less assurance of validity, but from an operational standpoint are easier to manage because they require more frequent renewal. • The length of a certificate lifetime, whether it is short or long has no impact on the operational support required to manage a PKI, because digital certificates renew automatically by using a Certificate Revocation List (CRL). • Certificates with short lifetimes are easier to renew than certificates with long lifetimes because certificates with short lifetimes are fresher and not as entrenched in the end user’s computer. • None of the above is true. • All of the above are true.
  • 35. Which of the following is true in relation to Trusted Root Authorities? • A Trusted Root Authority is a digital certificate issuer recognized by all computers around the globe. • Root Certificates from Trusted Root Authorities are stored in each computer’s central certificate store. • To become a Trusted Root Authority in an Operating System or Internet Browser, your organization must undergo a stringent audit and pay a substantial sum of money, in most cases. • Users should remove Trusted Root Authorities from their computer at least once per year because Trusted Root Authorities digitally degrade over time and lose reliability after 14 months, in most cases. • Verisign is a well known Trusted Root Authority. • Your UW-Madison digital certificate is chained to a Root Authority which is not trusted outside of the University of Wisconsin System. • A, B, C, and D • A, B, C, and E • A, B, C, E and F • All of the above are true. • None of the above is true.
  • 36. A digital signature on an email provides proof of which of the following: • That the email did indeed come from the purported (claimed) author, invalidating plausible denial. • That the email was sent at the time and date indicated within the email. • That the contents of the email have not been altered from the original form. • A and B • B and C • A and C • All of the above • None of the above
  • 37. The following statements about Social Engineering is/are true: • Social Engineering involves the use of psychological tricks in order to get useful information about a system. • Social Engineering involves using psychological tricks to build inappropriate trust relationships with insiders • Kevin Mitnick is one of the world’s best known Social Engineers, and he has been quoted as saying “The weakest link in the security chain is the human element” • Social Engineering is successful because people are generally helpful, especially to those who are nice, knowledgeable and/or insistent. • The primary methods of Social Engineering are: flattery, authority Impersonation and threatening behavior. • A well known Social Engineering technique involves using financial bribery to get the information desired by the Social Engineer. • A, B and C • A, B, D and E • A, B, C, D and E • All of the above • Non of the above
  • 38. Which of the following defense techniques should Administrators use to keep Social Engineering from working? • Train employees to recognize situations in which they are being Socially Engineered. • Teach employees to use Pretexting as a counter measure against suspected Social Engineers. • Train employees to punch suspected Social Engineers in the face • Perform Social Engineering role playing drills with employees • Train employees on how to follow policies so that they will not become victims of Social Engineering. • A, D and E • A, B, D and E • All of the above • None of the above
  • 39. Which of the following is/are true statement(s) about Road Apples? • A Road Apple uses physical media and relies on the curiosity or greed of the victim. • Using a Road Apple to infiltrate a company’s systems is also known as “Baiting”. • An example of a Road Apple is a USB drive or CD found in the parking lot, labeled with information which makes the potential victim curious about what is contained on the media. • A Road Apple which does not function as intended, is commonly referred to as a “Rotten Road Apple” • One way to partially combat Road Apples is to disable the “Autorun on inserted media” function on all corporate computers, although this method may not be 100% effective. • “Apple Seeding” is a term commonly used for viruses that spread across organizational boundaries, caused by Road Apples. • A, B, and C • A, B, C, D and F • A, B, C, and E • All of the above • None of the above
  • 40. Which of the following statements are false, in relation to Digital Forensics? • A. Digital Forensics can pertain to legal evidence found in computers, digital storagedevices and media. • B. The goal of Digital Forensics is to explain the current state of a “digital artifact.” • C. In the realm of Digital Forensics, a digital artifact is a computer system, storage media (such as a hard disk or CD- ROM), an electronic document (e.g. an email message or JPEG image) or even a sequence of packets moving over a computer network. • D. Digital Forensics tools can be used to recover data in the event of a hardware or software failure. • E. Digital Forensics can be used to analyze a computer system after a break-in, for example, to determine how the attacker gained access and what the attacker did. • F. Digital Forensics can be used to gather evidence against an employee that an organization wishes to terminate. • G. Digital Forensics can be used to gain information about how computer systems work for the purpose of debugging, performance optimization, or reverse-engineering. • I. All of the above are false. • J. None of the above are false.
  • 41. What does the term "Chain of Custody" mean? • A. The organizational management and reporting structure of an information systems organization • B. The statistical method used to determine who is to blame for a security breach in an organization • C. The ability to demonstrate who has had access to the digital information being used as evidence • D. The ISO-9000 endorsed method for tracking down how a virus was introduced into a secured network. • E. The method used to covertly install malicious software within a network, by using a Trojan or Worm. • F. The method used by Superhacker Kevin Mitnick, to hack mainframe computers in Malaysia. • G. C and D • H. None of the above
  • 42. What are the five generic steps used in the Digital Forensics process? • A. Preparation of the investigator, Staging of the crime scene, Examination, Analysis, Reporting • B. Preparation of the investigator, Collection of data, Examination, Fortification of data, Analysis • C. Preparation of the investigator, Creation of data, Manipulation of data, Examination, Reporting • D. Preparation of the investigator, Creation of data, Examination, Analysis, Reporting • E. Preparation of the investigator, Collection of data, Examination, Analysis, Reporting • F. Preparation of the investigator, Collection of data, Alteration of data, Analysis, Examination • G. Preparation of the investigator, Collection of data, Examination, Analysis, Reporting • H. None of the above
  • 43. Which of the following are important data handling processes? • A. Establish and maintain the chain of custody. • B. Handle the original evidence as little as possible to avoid changing the data. • C. If important data is missing, do your best to re-create it using an educated guess, based on everything you know about the situation and your experience in similar situations. • D. Document everything that has been done. • E. Only use tools and methods that have been tested and evaluated to validate their accuracy and reliability. • F. Wash your hands thoroughly before handling any internal hard disks. • G. Your first priority should be to immediately make two backup copies of the data, regardless of the situation. • H. Turn off the computer containing the important data as soon as you arrive on the scene, to avoid any potential further loss of data. • I. All of the above are important data handling processes. • J. None of the above are important data handling processes. • J. A, B, C, D, and E • K. A, B, D, and E • L. A, B, D, E, and H
  • 44. What makes Knoppix a good tool for use in Digital Forensics collection situations? • A. Knoppix can be loaded directly from a CD. • B. Knoppix can be loaded from a USB flash drive. • C. Knoppix already comes pre-loaded on most machines, and can be loaded directly from where it resides in the boot sector of the hard disk. • D. Knoppix will not alter data on the hard disk • E. A, B and D • F. All of the above are things which make Knoppix a good tool for use in Digital Forensics collection situations. • G. None of the above are things which make Knoppix a good tool for use in Digital Forensics collection situations because Knoppix is fake vaporware, which does not even exist!!!
  • 45. Which piece of Digital Forensics evidence was critical in the capture of the BTK Killer? • A. Fingerprints left on a floppy disk, which was sent to the police by the suspect. • B. A digital photograph taken with a hidden camera setup in the suspect's home. • C. Data gathered from the suspect's MySpace webpage. • D. Emails from the suspect which were collected by AT&T's NARUS device, based on keyword filtering, which were then turned over to the FBI for analysis. • E. Metadata which was unknowingly included in a Microsoft Word document, which was sent on a floppy disk to the police, by the suspect. • F. A, and E • G. All of the above • H. None of the above
  • 46. Which of the following could an Intrusion Detection System (IDS) detect? • A. Employees photocopying information at Kinko's, against company policy. • B. Which files have been backed up onsite and which files have been backed up offsite. • C. When sensitive information leaves the building on CD- ROM or USB drive. • D. Host Based Attacks (privilege escalation) • E. Malware, Viruses, Trojan Horses and Worm related activities on the network • F. Attacks against a specific service, such as File Transfer Protocol (FTP) • G. Data driven attacks at the application layer. For example, an SQL injection error is a data driven attack. • H. A, B, and C • I. D, E, F, and G • J. All of the above can be detected by an Intrusion Detection system. • K. None of the above can be detected by an in Intrusion Detection system.
  • 47. Which of the following correctly defines each of the three components of an Intrusion Detection System (Sensors, Console and Engine)? • A. Sensors = Monitors events, alerts and controls sensors • Console = Generate security events such as log files • Engine = Analyzes the data using artificial I ntelligence to generate alerts from the events received • B. Sensors = Analyzes the data using artificial intelligence to generate alerts from the events received • Console = Monitors events, alerts and controls sensors • Engine = Generate security events such as log files • C. Sensors = Generate security events such as log files • Console = Monitors events, alerts and controls sensors • Engine = Analyzes the data using artificial intelligence to generate alerts from the events received • None
  • 48. Which of the following is/are type(s) of Intrusion Detection Systems described in the lecture slides on Intrusion Detection Systems? • A. Network Based Intrusion Detection System (NDS) • B. Protocol Based Intrusion Detection System (PIDS) • C. Language Based Intrusion Detection System (LIDS) • D. Stationary Based Intrusion Detection System (SIDS) • E. Platform Based Intrusion Detection System (PIDS) • F. Laptop Based Intrusion Detection System (LIDS) • G. Centralized Output Workflow System (COWS) • H. Stand Alone Storage Intrusion Detection System (SASIDS) • I. Application Protocol Based Intrusion Detection System (APIDS) • J. Host Based Intrusion Detection System (HIDS) • K. Hybrid System • L. A, B, I, J, K • M. A, B, C, D, E, F, I, J • N. A, B, D, F, G, H • O. A, B, D, E, F, G, I, J, • P. All of the above is/are type(s) of Intrusion Detection Systems described in the lecture slides on Intrusion Detection Systems? • Q. None of the above is/are type(s) of Intrusion Detection Systems described in the lecture slides on Intrusion Detection Systems?
  • 49. How is a Firewall different from an Intrusion Detection System (IDS)? • A. Firewalls look outwardly and protect from external attacks • B. An IDS evaluates a suspected intrusion after it has taken place and signals an alarm. • C. An IDS also watches for attacks that originate from within a system. • D. A Firewall is hot to the touch (that is why it is called a Firewall), and IDS systems are always cold to the touch. • E. A and B • F. A, B, and C • G. All of the above • H. None of the above
  • 50. A Unified Threat Management (UTM) appliance can perform which of the following functions? • A. Firewall • B. Spell checking • C. Provide emergency power to servers, from its internal backup batteries • D. Detect software logic bugs • E. Virus Scanning • F. Content Filtering • G. VPN • H. Anti-Spam • I. Intrusion Detection and Prevention • J. A, C, E, F, G, H and I • K. A, D, E, F, G, H and I • L. A, E, F, G, H, and I. • M. All of the above • N. None of the above
  • 51. HIPAA, SOX and GLB all require similar mechanisms for protection of data. These data protection mechanisms are: • A. Authentication of sender and receiver of data • B. Recreation of missing data • C. Auditing of data • D. Protection of data, usually involving the use of encryption • E. Deletion of any data which contains personal information about customers. • F. Data Integrity Proof, usually involving use of digital signatures • G. A, C, D • H. A, C, D and F • I. A, C, D, E and F • J. A, C, D and E • K. All of the above • L. None of the above
  • 52. Which of the following accurately define the terms vulnerability and exploit? • A. A security risk with one or more known instances of working and fully-implemented attacks is classified as an exploit. • B. A security risk is classified as a vulnerability if it is recognized as a possible means of attack. • C. A security risk with one or more known instances of working and fully-implemented attacks is classified as a vulnerability. • D. A security risk is classified as an exploit if it is recognized as a possible means of attack. • E. A and B accurately define and describe vulnerabilities and exploits • F. C and D accurately define and describe vulnerabilities and exploits • E. All of the above accurately define and describe vulnerabilities and exploits • F. None of the above accurately define and describe vulnerabilities and exploits
  • 53. The difference between Limited Disclosure and Responsible Disclosure is: • A. Limited Disclosure means that full details of a vulnerability and/or exploit should go to a restricted community of developers and vendors, and only information about the general existence of the problem is released to the public, while Responsible Disclosure advocates that full and public disclosure should be preceded by disclosure of the vulnerability to the vendors or authors of the system. This private advance disclosure allows the vendor time to produce a fix or workaround. • B. Responsible Disclosure means that full details of a vulnerability and/or exploit should go to a restricted community of developers and vendors, and only information about the general existence of the problem is released to the public, while Limited Disclosure advocates that full and public disclosure should be preceded by disclosure of the vulnerability to the vendors or authors of the system. This private advance disclosure allows the vendor time to produce a fix or workaround. • C. Neither of the above statements correctly describe the difference between Limited Disclosure and Responsible Disclosure.
  • 54. What happens in a Buffer Overflow exploit? • A. A process attempts to store data beyond the boundaries of a fixed-length storage area in memory. • B. User input is either incorrectly filtered for string literal escape characters embedded in SQL statements or user input is not strongly typed and thereby unexpectedly executed. • C. An application is ordered to access a computer file in hard disk storage that is not intended to be accessible. • D. Web applications unintentionally allow code injection by malicious web users into the web pages viewed by other users • E. A and B • F. C and sometimes D • G. All of the above • H. None of the above
  • 55. Which of the following are not classified as elements of Physical Security? • A. Material obstacles such as walls and fences are put in place, to frustrate trivial attackers and delay serious ones. • B. Alarms, security lighting, and security guard patrols are used and closed-circuit television cameras are viewed by guards, to make it likely that attacks will be noticed. • C. Network traffic is monitored by an automated Intrusion Detection System, for potential Denial of Service attacks. • D. Security forces (guards) respond to alarms, to repel, catch or frustrate attackers when an attack is detected. • E. A and B are not elements of Physical Security. • F. All of the above are not elements of Physical Security.
  • 56. How are "Honeypots" used as part of a network security strategy? • A. "Honeypots" are essentially decoy network- accessible resources, purposely designed and deployed with known vulnerabilities, to attract attackers. A Honeypot computer could be deployed in a network as surveillance and/or early-warning tool to warn that someone is snooping or probing the network for vulnerabilities. B. "Honeypot" is a 100% imaginary made-up term that means nothing at all. We never studied "Honeypots" in class. • C. “Honeypots” are essentially computers which are designed to trap hackers in a data hive and disable the attacking machine through intrusion quarantine so that the hacker can’t attack other machines on the network. • D. A and C • E. None of the above
  • 57. The generic Change Control process we studied in class consists of how many discrete steps? • A. 4 • B. 7 • C. 3 • D. 5 • E. 8 • F. 6 • G. None of the above
  • 58. Class Project • Pick a public traded company or organization with international as well as domestic operations • Fill out Security Audit Template (by hand is fine, but please print carefully, so I can read it.) • Write a five page Executive Summary • Prepare a 20-25 Powerpoint presentation and prepare for 5 minutes of questions
  • 59. Rest of Today and Thursday • Meet with your team member today. • Pick company or organization and send to Nick via email • Read through template today, together • Thursday, we will cover entire template in class • Next Tuesday, Nick will give a presentation of Coca-Cola as an example, along with an Executive Summary. • Thursday the 13th of November will be a group work day…I’ll be in class to answer questions • Tuesday the 18th will be current events in IT Security, class day • Thursday the 20th of November will be a group work day…I’ll be in class to answer questions • First presentations will be the 25th of November