Which of the following is a component of a risk assessment?
A. Administrative safeguards B. Physical security C. DMZ D. Logical interface
Correct Answer: A
Explanation:
Risk assessment include:
The total process of identifying, measuring, and minimizing uncertain events affecting AIS resources. It includes risk analysis, cost benefit analysis, safeguard selection, security test and evaluation, safeguard implementation, and systems review.
The total process of identifying, controlling, and eliminating or minimizing uncertain events that may affect system resources. lt includes risk analysis, cost benefit analysis, selection, implementation and test, security evaluation of safeguards, and overall security review.
References: https://en.wikipedia.org/wiki/IT_risk_management#Risk_assessment
It is a regulation that has a set of guidelines, which should be adhered to by anyone who handles any electronic medical data. These guidelines stipulate that all medical practices must ensure that all necessary measures are in place while saving, accessing, and sharing any electronic medical data to keep patient data secure.
Which of the following regulations best matches the description?
A. HIPAA B. ISO/IEC 27002 C. COBIT D. FISMA
Correct Answer: A
Explanation:
The HIPAA Privacy Rule regulates the use and disclosure of Protected Health Information (PHI) held by “covered entities” (generally, health care clearinghouses, employer sponsored health plans, health insurers, and medical service providers that engage in certain transactions.)[15] By regulation, the Department of Health and Human Services extended the HIPAA privacy rule to independent contractors of covered entities who fit within the definition of “business associates”.
Under the "Post-attack Phase and Activities", it is the responsibility of the tester to restore the systems to a pre-test state.
Which of the following activities should not be included in this phase? (see exhibit)
Exhibit:
A. III B. IV C. III and IV D. All should be included.
Correct Answer: A
Explanation:
The post-attack phase revolves around returning any modified system(s) to the pretest state. Examples of such activities:
Removal of any files, tools, exploits, or other test-created objects uploaded to the system during testing
Removal or reversal of any changes to the registry made during system testing
References: Computer and Information Security Handbook, John R. Vacca (2012), page 531
You have successfully compromised a machine on the network and found a server that is alive on the same network. You tried to ping it but you didn't get any response back.
What is happening?
A. ICMP could be disabled on the target server. B. The ARP is disabled on the target server. C. TCP/IP doesn't support ICMP. D. You need to run the ping command with root privileges.
Correct Answer: A
Explanation:
The ping utility is implemented using the ICMP “Echo request” and “Echo reply” messages.
Note: The Internet Control Message Protocol (ICMP) is one of the main protocols of the internet protocol suite. It is used by network devices, like routers, to send error messages indicating, for example, that a requested service is not available or that a host or router could not be reached.
What is the benefit of performing an unannounced Penetration Testing?
A. The tester will have an actual security posture visibility of the target network. B. Network security would be in a "best state" posture. C. It is best to catch critical infrastructure unpatched. D. The tester could not provide an honest analysis.
Correct Answer: A
Explanation:
Real life attacks will always come without expectation and they will often arrive in ways that are highly creative and very hard to plan for at all. This is, after all, exactly how hackers continue to succeed against network security systems, despite the billions invested in the data protection industry.
A possible solution to this danger is to conduct intermittent unannounced penentration tests whose scheduling and occurrence is only known to the hired attackers and upper management staff instead of every security employee, as would be the case with announced penetration tests that everyone has planned for in advance. The former may be better at detecting realistic weaknesses.
You just set up a security system in your network. In what kind of system would you find the following string of characters used as a rule within its configuration?
alert tcp any any -> 192.168.100.0/24 21 (msg: "FTP on the network!";)
A. An Intrusion Detection System B. A firewall IPTable C. A Router IPTable D. FTP Server rule
Correct Answer: A
Explanation:
Snort is an open source network intrusion detection system (NIDS) for networks .
Snort rule example:
This example is a rule with a generator id of 1000001.
alert tcp any any -> any 80 (content:”BOB”; gid:1000001; sid:1; rev:1;)
You have successfully gained access to a linux server and would like to ensure that the succeeding outgoing traffic from this server will not be caught by a Network Based Intrusion Detection Systems (NIDS).
What is the best way to evade the NIDS?
A. Encryption B. Protocol Isolation C. Alternate Data Streams D. Out of band signalling
Correct Answer: A
Explanation:
When the NIDS encounters encrypted traffic, the only analysis it can perform is packet level analysis, since the application layer contents are inaccessible. Given that exploits against today’s networks are primarily targeted against network services (application layer entities), packet level analysis ends up doing very little to protect our core business assets.
Which of the following is the BEST way to defend against network sniffing?
A. Using encryption protocols to secure network communications B. Register all machines MAC Address in a Centralized Database C. Restrict Physical Access to Server Rooms hosting Critical Servers D. Use Static IP Address
Correct Answer: A
Explanation:
A way to protect your network traffic from being sniffed is to use encryption such as Secure Sockets Layer (SSL) or Transport Layer Security (TLS). Encryption doesn’t prevent packet sniffers from seeing source and destination information, but it does encrypt the data packet’s payload so that all the sniffer sees is encrypted gibberish.
A. It is an attack used to gain unauthorized access to a database. B. It is an attack used to modify code in an application. C. It is a Man-in-the-Middle attack between your SQL Server and Web App Server. D. It is a Denial of Service Attack.
Correct Answer: A
Explanation:
SQL injection is a code injection technique, used to attack data-driven applications, in which malicious SQL statements are inserted into an entry field for execution (e.g. to dump the database contents to the attacker).
References: https://en.wikipedia.org/wiki/SQL_injection
We use cookies on our website to give you the most relevant experience by remembering your preferences and repeat visits. By clicking “Accept All”, you consent to the use of ALL the cookies. However, you may visit "Cookie Settings" to provide a controlled consent.
This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
Cookie
Duration
Description
cookielawinfo-checkbox-analytics
11 months
This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional
11 months
The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary
11 months
This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others
11 months
This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance
11 months
This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy
11 months
The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.
