Embed Size (px)
DESCRIPTION
SAINT LEO COM540 MODULE 4 MID TERM EXAM (40 QUESTIONS)SAINT LEO COM540 MODULE 4 MID TERM EXAM (40 QUESTIONS)Question 1. Question :The ____ is the point in time by which systems and data must be recovered after an outage as determined by the business unit.training objectiverecovery time objectivedependency objectiverecovery point objectiveQuestion 2. Question :The ____ contains the rules and configuration guidelines governing the implementation and operation of IDSs within the organization.security policylog filehoneypotsite policyQuestion 3. Question :____ services are triggered by an event or request, such as a report of a compromised host, wide-spreading malicious code, software vulnerability, or something that was identified by an intrusion detection or logging system.ReactiveForensicSecurityProactiveQuestion 4. Question :A(n) ____ is a document containing contact information for the individuals that need to be notified in the event of an actual incident.root rosteralert rosterhierarchical rostersequential rosterQuestion 5. Question :____ is the control approach that attempts to shift the risk to other assets, other processes, or other organizations.AcceptanceTransferenceMitigationAvoidanceQuestion 6. Question :A ____ deals with the preparation for and recovery from a disaster, whether natural or man-made.risk assessmentmitigation planrisk managementdisaster recovery planQuestion 7. Question :Which of the following is a proactive service?Incident handlingRisk analysisAnnouncementsAlerts and warningsQuestion 8. Question :A favorite pastime of information security professionals is ____, which is realistic, head-to-head attack and defend information, security attacks, and incident response methods.parallel testingwar gamingsimulationstructured walk-throughQuestion 9. Question :In an organization, unexpected activities occur periodically; these are referred to as ____.warningsproblemsafter-actioneventsQuestion 10. Question :The ____ job functions focus more on costs of system creation and operation, ease of use for system users, and timeliness of system creation, as well as transaction response time.organizational management and professionalsinformation technology management and professionalshuman resource management and professionalinformation security management and professionalsQuestion 11. Question :____ is the control approach that attempts to reduce the impact caused by the exploitation of vulnerability through planning and preparation.AcceptanceAvoidanceTransferenceMitigationQuestion 12. Question :____ occurs when valid packets exploit poorly configured DNS servers to inject false information to corrupt the servers’ answers to routine DNS queries from other systems on that network.DNS cache poisoningClippingSignature matchingClusteringQuestion 13. Question :____ is a common approach used in the discipline of systems analysis and design.Database diagrammingNetwork diagrammingApplication diagrammingSystems diagrammingQuestion 14. Question :A ____ is a document that expresses how an organization ensures that critical business functions continue at an alternate location while the organization recovers its ability to function at the primary site if a catastrophic incident or disaster occurs.risk assessment planwormTrojan horsebusiness continuity planQuestion 15. Question :____ are important when team members are preparing advisories and procedures.Writing skillsForensic skillsMedical skillsMathematical skillsQuestion 16. Question :____ is an IDS’s ability to dynamically modify its site policies in reaction or response to environmental activity.Alarm CompactionTrue Attack StimulusConfidence ValueSite policy awarenessQuestion 17. Question :A(n) ____ is any clearly identified attack on the organization’s information assets that wo
Citation preview
10/12/2015 TheAceStudent: SAINT LEO COM540 MODULE 4 MID TERM EXAM (40 QUESTIONS)
data:text/html;charset=utf8,%3Ch3%20class%3D%22posttitle%20entrytitle%22%20itemprop%3D%22name%22%20style%3D%22margin%3A%200px%3B… 1/6
SAINT LEO COM540 MODULE 4 MID TERM EXAM (40 QUESTIONS)
Question 1. Question :The ____ is the point in time by which systems and data must be recovered after an outage asdetermined by the business unit.training objectiverecovery time objectivedependency objectiverecovery point objectiveQuestion 2. Question :The ____ contains the rules and configuration guidelines governing the implementation andoperation of IDSs within the organization.security policylog filehoneypotsite policyQuestion 3. Question :____ services are triggered by an event or request, such as a report of a compromised host, widespreading malicious code, software vulnerability, or something that was identified by an intrusiondetection or logging system.ReactiveForensicSecurityProactiveQuestion 4. Question :A(n) ____ is a document containing contact information for the individuals that need to be notified inthe event of an actual incident.root rosteralert rosterhierarchical rostersequential rosterQuestion 5. Question :____ is the control approach that attempts to shift the risk to other assets, other processes, or otherorganizations.AcceptanceTransferenceMitigationAvoidanceQuestion 6. Question :A ____ deals with the preparation for and recovery from a disaster, whether natural or manmade.risk assessmentmitigation planrisk managementdisaster recovery planQuestion 7. Question :
SAINT LEO COM540 MODULE 4 MID TERM EXAM (40QUESTIONS)
10/12/2015 TheAceStudent: SAINT LEO COM540 MODULE 4 MID TERM EXAM (40 QUESTIONS)
data:text/html;charset=utf8,%3Ch3%20class%3D%22posttitle%20entrytitle%22%20itemprop%3D%22name%22%20style%3D%22margin%3A%200px%3B… 2/6
Which of the following is a proactive service?Incident handlingRisk analysisAnnouncementsAlerts and warningsQuestion 8. Question :A favorite pastime of information security professionals is ____, which is realistic, headtoheadattack and defend information, security attacks, and incident response methods.parallel testingwar gamingsimulationstructured walkthroughQuestion 9. Question :In an organization, unexpected activities occur periodically; these are referred to as ____.warningsproblemsafteractioneventsQuestion 10. Question :The ____ job functions focus more on costs of system creation and operation, ease of use forsystem users, and timeliness of system creation, as well as transaction response time.organizational management and professionalsinformation technology management and professionalshuman resource management and professionalinformation security management and professionalsQuestion 11. Question :____ is the control approach that attempts to reduce the impact caused by the exploitation ofvulnerability through planning and preparation.AcceptanceAvoidanceTransferenceMitigationQuestion 12. Question :____ occurs when valid packets exploit poorly configured DNS servers to inject false information tocorrupt the servers’ answers to routine DNS queries from other systems on that network.DNS cache poisoningClippingSignature matchingClusteringQuestion 13. Question :____ is a common approach used in the discipline of systems analysis and design.Database diagrammingNetwork diagrammingApplication diagrammingSystems diagrammingQuestion 14. Question :A ____ is a document that expresses how an organization ensures that critical business functionscontinue at an alternate location while the organization recovers its ability to function at the primarysite if a catastrophic incident or disaster occurs.risk assessment plan
10/12/2015 TheAceStudent: SAINT LEO COM540 MODULE 4 MID TERM EXAM (40 QUESTIONS)
data:text/html;charset=utf8,%3Ch3%20class%3D%22posttitle%20entrytitle%22%20itemprop%3D%22name%22%20style%3D%22margin%3A%200px%3B… 3/6
wormTrojan horsebusiness continuity planQuestion 15. Question :____ are important when team members are preparing advisories and procedures.Writing skillsForensic skillsMedical skillsMathematical skillsQuestion 16. Question :____ is an IDS’s ability to dynamically modify its site policies in reaction or response toenvironmental activity.Alarm CompactionTrue Attack StimulusConfidence ValueSite policy awarenessQuestion 17. Question :A(n) ____ is any clearly identified attack on the organization’s information assets that wouldthreaten the assets’ confidentiality, integrity, or availability.incidentthreatTrojan horsewormQuestion 18. Question :A ____ is a type of IDS that is similar to the NIDS, reviews the log files generated by servers,network devices, and even other IDSs.log file monitorDNS cachehoneypotalarm clusterQuestion 19. Question :The ____ can be used to collect information directly from the end users and business managers.forensic analysissystem log sessionfacilitated data gathering sessiondata management sessionQuestion 20. Question :____ are tools used to identify which computers are active on a network, as well as which ports andservices are active on the computers, what function or role the machines may be fulfilling, and soon.FiltersScanning utilitiesClustersTriggersQuestion 21. Question :A ____ is a computer server configured to resemble a production system, containing richinformation just begging to be hacked.network clusterhoneypotsmart IDS
10/12/2015 TheAceStudent: SAINT LEO COM540 MODULE 4 MID TERM EXAM (40 QUESTIONS)
data:text/html;charset=utf8,%3Ch3%20class%3D%22posttitle%20entrytitle%22%20itemprop%3D%22name%22%20style%3D%22margin%3A%200px%3B… 4/6
DNS cacheQuestion 22. Question :____ enables authorized users – persons or computer systems – to access information withoutinterference or obstruction, and to receive it in the required format.Risk assessmentIntegrityAvailabilityConfidentialityQuestion 23. Question :____ ensures that only those with the rights and privileges to access information are able to do so.ConfidentialityRisk assessmentIntegrityAvailabilityQuestion 24. Question :____ is the process of moving the organization toward its vision.TransferenceAvoidanceMitigationStrategic planningQuestion 25. Question :Using a process known as ____, Network IDSs must look for attack patterns by comparingmeasured activity to known signatures in their knowledge base to determine whether or not anattack has occurred or may be underway.cache poisoningsignature matchingclippingscanningQuestion 26. Question :A(n) ____ is a SIRT team member, other than the team leader, who is currently performing theresponsibilities of the team leader in scanning the organization’s information infrastructure for signsof an incident.IR duty officersoftware engineerforensic expertproject managerQuestion 27. Question :____ is the coherent application of methodical investigatory techniques to solve crime cases.Alarm CompactionScanningForensicsSignature matchingQuestion 28. Question :____ is the process of systematically examining information assets for evidentiary material that canprovide insight into how the incident transpired.Incident responseForensics analysisWar gamingDisaster recoveryQuestion 29. Question :
10/12/2015 TheAceStudent: SAINT LEO COM540 MODULE 4 MID TERM EXAM (40 QUESTIONS)
data:text/html;charset=utf8,%3Ch3%20class%3D%22posttitle%20entrytitle%22%20itemprop%3D%22name%22%20style%3D%22margin%3A%200px%3B… 5/6
A(n) ____ is generally thought of as a group of individuals united by shared interests or valueswithin an organization and who share a common goal of making the organization function to meet itsobjectives.network communitycommunity of interestdatabase communityincident response communityQuestion 30. Question :The violation of fair use of copyrighted material is an example of a(n) ____.compromise to intellectual propertyact of human errordeliberate act of information distortiondeliberate act of trespassQuestion 31. Question :A(n) ____ is an event that triggers alarms and causes a false positive when no actual attacks are inprogress.True Attack Stimulusalertfalse negativefalse attack stimulusQuestion 32. Question :A(n) ____ is a detailed examination of the events that occurred from first detection to final recovery.reactive reviewproactive reviewaudit reviewafteraction reviewQuestion 33. Question :A(n) ____ is a type of attack on information assets in which the instigator attempts to gainunauthorized entry into a system or network or disrupt the normal operations of a system ornetwork.eventintrusionalerthoneypotQuestion 34. Question :A(n) ____ requires that a contact person call each and every person on the roster.root rosteralert rostersequential rosterhierarchical rosterQuestion 35. Question :The ____ is the period of time within which systems, applications, or functions must be recoveredafter an outage.training objectiverecovery time objectiverecovery point objectivedependency objectiveQuestion 36. Question :A(n) ____ must lead the project and make sure a sound project planning process is used, acomplete and useful project plan is developed, and project resources are prudently managed to
10/12/2015 TheAceStudent: SAINT LEO COM540 MODULE 4 MID TERM EXAM (40 QUESTIONS)
data:text/html;charset=utf8,%3Ch3%20class%3D%22posttitle%20entrytitle%22%20itemprop%3D%22name%22%20style%3D%22margin%3A%200px%3B… 6/6
reach the goals of the project.championcrisis managerproject managerincident managerQuestion 37. Question :____ services augment existing and wellestablished services that are independent of incidenthandling and traditionally performed by other areas of an organization such as the IT, Audit, orTraining departments.ReactiveForensicProactiveSecurity quality managementQuestion 38. Question :A(n) ____ is prepared by the organization to anticipate, react to, and recover from events thatthreaten the security of information and information assets in the organization, and, subsequently,to restore the organization to normal modes of business operations.assetthreatsocial plancontingency planQuestion 39. Question :A ____ is an alarm or alert that indicates that an attack is in progress or that an attack hassuccessfully occurred when in fact there was no such attack.site policyfalse positivefalse negativeConfidence ValueQuestion 40. Question :A(n) ____ is an investigation and assessment of the impact that various attacks can have on theorganization.threatBIAincidentintellectual property
SAINT LEO COM540 MODULE 4 MID TERM EXAM (40 QUESTIONS)
