Domain 5: Security Operations

Question 1

What is the most important aspect of security awareness/training?

Answer 1

Protecting health and human safety

Question 2

Which of the following can be used to map data flows through an organization and the relevant security controls used at each point along the way?

Answer 2

Data life cycle

Question 3

What is the life cycle of data handling?

Answer 3

Create, store, use, share, archive, destroy

Question 4

What do integrity services, provided by hash functions and digital signatures, allow a recipient to verify?

Answer 4

That a message has not been altered by malice or error

Question 5

What is the purpose of security awareness training?

Answer 5

To align information security goals with the organization’s mission and vision

Question 6

What is the primary purpose of storing passwords as hash values or digests?

Answer 6

To check if a password matches without revealing the password itself

Question 7

What is the role of security engineers in data security?

Answer 7

Security engineers figure out who is trying to log in and assess security codes

Question 8

How long does it take to crack a 10-number password using software with cryptographic calculation?

Answer 8

5 seconds

Question 9

What is something which every security policy should have?

Answer 9

Consequences for non-compliance

Question 10

What does the term “whaling attacks” refer to in the context of phishing?

Answer 10

Attacks against highly placed officials or individuals with sizable assets

Question 11

Which type of organization is likely to have a stricter acceptable use policy according to the passage?

Answer 11

Healthcare facility, research institution, or defense contractor

Question 12

What task is recommended for employees to practice what they’ve learned?

Answer 12

Sending simulated phishing emails

Question 13

What solution is recommended for users who struggle to remember multiple passwords for different systems?

Answer 13

Encourage the use of a recommended password management solution

Question 14

Why is asymmetric encryption considered more secure?

Answer 14

It involves a unique code for the sender and receiver

Question 15

What does Egress monitoring regulate?

Answer 15

Data leaving the organization’s IT environment

Question 16

How does hashing respond to minor changes in the input, such as misspellings or changes in letter case?

Answer 16

It generates a different hash digest for each input

Question 17

What is the purpose of training in an anti-phishing campaign?

Answer 17

To increase the proficiency of staff in identifying phishing emails

Question 18

Which organizational policy is most likely to indicate which types of smartphones can be used to connect to the internal IT environment?

Answer 18

The BYOD policy (bring your own device)

Question 19

What is meant by the term rollback?

Answer 19

Restoring the system to its previous state before a change

Question 20

Who is often tasked with coordinating the change management effort?

Answer 20

Information Security professionals

Question 21

What is the first step in the change management process?

Answer 21

Request for Change (RFC)

Question 22

What is a mode of encryption which ensures confidentiality efficiently, with a minimum amount of processing overhead?

Answer 22

Symmetric

Question 23

How should Logs be stored from the systems they’re logging

Answer 23

Separately

Question 23

Which key is kept secret in asymmetric encryption?

Answer 23

Private Key

Question 24

What is "tailgating" in the context of social engineering?

Answer 24

The practice of following an authorized user into a restricted area or system ## Footnote either by asking to hold the door or through more sophisticated methods.

Question 25

What are the five main properties that a cryptographic hash function must demonstrate to be useful and secure?

Answer 25

Useful, non-reversible, content integrity assurance, unique, deterministic

Question 26

Why is an asset inventory so important?

Answer 26

You can't protect what you don't know you have

Question 27

A set of security controls or system settings used to ensure uniformity of configuration throughout the IT environment. This is the definition of:

Answer 27

Baseline

Question 28

Who is responsible for publishing and signing the organization's policies?

Answer 28

Senior management

Question 29

What is a ready visual cue to let anyone in contact with the data know what the classification is?

Answer 29

Label

Question 30

Application Server

Answer 30

A computer responsible for hosting applications to user workstations.

Question 31

Asymmetric Encryption

Answer 31

An algorithm that uses one key to encrypt and a different key to decrypt the input plaintext.

Question 32

Checksum

Answer 32

A digit representing the sum of the correct digits in a piece of stored or transmitted digital data, against which later comparisons can be made to detect errors in the data.

Question 33

Ciphertext

Answer 33

The altered form of a plaintext message so it is unreadable for anyone except the intended recipients.

Question 34

Classification

Answer 34

Classification identifies the degree of harm to the organization, its stakeholders or others that might result if an information asset is divulged to an unauthorized person, process or organization.

Question 35

Cryptanalyst

Answer 35

One who performs cryptanalysis which is the study of mathematical techniques for attempting to defeat cryptographic techniques and/or information systems security.

Question 35

Configuration management

Answer 35

A process and discipline used to ensure that the only changes made to a system are those that have been authorized and validated.

Question 36

Cryptography

Answer 36

The study or applications of methods to secure or protect the meaning and content of messages, files, or other information, usually by disguise, obscuration, or other transformations of that content and meaning.

Question 37

Data Loss Prevention (DLP)

Answer 37

System capabilities designed to detect and prevent the unauthorized use and transmission of information.

Question 38

Decryption

Answer 38

The reverse process from encryption. It is the process of converting a ciphertext message back into plaintext through the use of the cryptographic algorithm and the appropriate key for decryption.

Question 39

Digital Signature

Answer 39

The result of a cryptographic transformation of data which, when properly implemented, provides the services of origin authentication, data integrity, and signer non-repudiation.

Question 40

Degaussing

Answer 40

A technique of erasing data on disk or tape (including video tapes) that, when performed properly, ensures that there is insufficient magnetic remanence to reconstruct data.

Question 41

Egress Monitoring

Answer 41

Monitoring of outgoing network traffic.

Question 42

Encryption

Answer 42

The process and act of converting the message from its plaintext to ciphertext.

Question 43

Encryption System

Answer 43

The total set of algorithms, processes, hardware, software, and procedures that taken together provide an encryption and decryption capability.

Question 44

Hardening

Answer 44

A reference to the process of applying secure configurations (to reduce the attack surface) and locking down various hardware, communications systems, and software, including operating system, web server, application server, application, etc.

Question 45

Hash Function

Answer 45

An algorithm that computes a numerical value (called the hash value) on a data file or electronic message that is used to represent that file or message and depends on the entire contents of the file or message.

Question 46

Hashing

Answer 46

The process of using a mathematical algorithm against data to produce a numeric value that is representative of that data.

Question 47

Ingress Monitoring

Answer 47

Monitoring of incoming network traffic.

Question 48

Information Sharing

Answer 48

The requirements for information sharing by an IT system with one or more other IT systems or applications, for information sharing to support multiple internal or external organizations, missions, or public programs.

Question 49

Message Digest

Answer 49

A digital signature that uniquely identifies data and has the property such that changing a single bit in the data will cause a completely different message digest to be generated.

Question 50

Operating System

Answer 50

The software "master control application" that runs the computer. It is the first program loaded when the computer is turned on, and its main component, the kernel, resides in memory at all times.

Question 51

Patch

Answer 51

A software component that, when installed, directly modifies files or device settings related to a different software component without changing the version number or release details for the related software component.

Question 52

Patch Management

Answer 52

The systematic notification, identification, deployment, installation and verification of operating system and application software code revisions.

Question 53

Plaintext

Answer 53

A message or data in its natural format and in readable form;

Question 54

Records

Answer 54

The recordings (automated and/or manual) of evidence of activities performed or results achieved (e.g., forms, reports, test results), which serve as a basis for verifying that the organization and the information system are performing as intended.

Question 55

Records Retention

Answer 55

A practice based on the records life cycle, according to which records are retained as long as necessary, and then are destroyed after the appropriate time interval has elapsed.

Question 56

Remanence

Answer 56

Residual information remaining on storage media after clearing.

Question 57

Request for change (RFC)

Answer 57

The first stage of change management, wherein a change in procedure or product is sought by a stakeholder.

Question 58

Security Governance

Answer 58

The entirety of the policies, roles, and processes the organization uses to make security decisions in an organization.

Question 59

Symmetric encryption

Answer 59

An algorithm that uses the same key in both the encryption and the decryption processes.

Question 60

Social engineering

Answer 60

Tactics to infiltrate systems via email, phone, text, or social media, often impersonating a person or agency in authority or offering a gift.

Question 61

Web Server

Answer 61

A computer that provides World Wide Web (WWW) services on the Internet. It includes the hardware, operating system, Web server software, and Web site content (Web pages)

Question 62

Intranet Server

Answer 62

A Web server that is used internally and not by the public.

Question 63

Whaling Attack

Answer 63

Phishing attacks that attempt to trick highly placed officials or private individuals with sizable assets into authorizing large fund wire transfers to previously unknown entities.