Access Control Fundamentals

Questions and Answers

What is the primary purpose of Access Control?

To collect legitimate account names on a system

To ensure resources are only granted to entitled users (correct)

To execute program code embedded in web pages

To monitor system activity for malicious behavior

What is an Access Control List (ACL)?

A security service that provides protection of system resources

A task in Access Management that involves monitoring access

A mechanism that implements access control for a system resource (correct)

A type of virus that infects a system

What is the main function of an Access Control Service?

To maintain access information

To collect legitimate account names on a system

To provide protection of system resources against unauthorized access (correct)

To execute program code embedded in web pages

What is the purpose of an Access Matrix?

To represent subjects and objects with privileges listed in each cell

What is ACK Piggybacking?

The practice of sending an ACK inside another packet going to the same destination

What is the primary function of Activity Monitors?

To monitor system activity for malicious behavior and block it

What is the primary characteristic of a circuit-switched network?

A single continuous physical circuit connects two endpoints

What is the main purpose of a cloud computing system?

To utilize remote servers for data storage and management

Which type of disaster recovery site is the most expensive option?

Hot site

What is the term for the unauthorized disclosure of information?

Confidentiality

What is the purpose of a Computer Emergency Response Team (CERT)?

To provide incident response services and publish security alerts

What is the term for the process of exchanging data between an HTTP server and a client?

Cookie exchange

What is the primary goal of a cost-benefit analysis in the context of security?

To compare the cost of implementing countermeasures with the value of the reduced risk

What is the term for the threat action that undesirably alters system operation?

Corruption

What is the purpose of a client in a network?

To request and use services provided by other systems

What is the term for the process of detecting and responding to security incidents?

Incident response

What is the primary purpose of a Distance Vector?

To determine the cost of routes to all known networks

What is Domain Hijacking?

A type of DNS attack that blocks access to a domain's DNS server

What is the purpose of a Domain Name System (DNS)?

To translate domain names into IP addresses

What is Due Care?

The minimal level of protection in place in accordance with industry best practices

What is the purpose of DumpSec?

To dump a variety of information about a system's users and permissions

What is the primary purpose of Dynamic Routing Protocols?

To allow network devices to learn routes

What is Eavesdropping?

Listening to a private conversation to gain unauthorized access

What is the purpose of an Echo Request?

To determine if a machine is online and how long traffic takes to get to it

What is the primary purpose of Egress Filtering?

To filter outbound traffic

What is a Domain in Windows NT and Windows 2000?

A set of network resources for a group of users

What is the primary purpose of a firewall?

To provide a physical or logical barrier to unauthorized access

What is the goal of flooding an attack?

To provide more input than the system can process properly

What is a forest in the context of Active Directory?

A set of domains that replicate their databases with each other

What is the purpose of a fork bomb?

To create a new process by using the fork() call and take up all available processes

What is the purpose of fingerprinting?

To send strange packets to a system to determine its operating system

Which protocol is used to exchange routing information for the Internet and is the protocol used between Internet service providers (ISP)?

Border Gateway Protocol (BGP)

What is the process of simultaneously sending the same message to multiple recipients?

Broadcast

What is a standard code of practice that provides guidance on how to secure an information system?

British Standard 7799

What is a unit of data transmitted over an ATM network?

Cell

What is a cryptographic algorithm for encryption and decryption?

Cipher

What is a client computer program that can retrieve and display information from servers on the World Wide Web?

Browser

What is the encrypted form of the message being sent?

Ciphertext

What is a business plan that outlines emergency response, backup operations, and post-disaster recovery steps?

Business Continuity Plan (BCP)

What is a technique used to trick a browser to run cached Java code from the local disk, instead of the internet zone, so it runs with less restrictive permissions?

Cache Cramming

What is a value that is computed by a function that is dependent on the contents of a data object and is stored or transmitted together with the object, for the purpose of detecting changes in the data?

Checksum

What is the primary function of the Address Resolution Protocol (ARP)?

To map an Internet Protocol address to a physical machine address

What is the main characteristic of Asymmetric Cryptography?

It employs a pair of keys, a public key and a private key

What is the purpose of Auditing in the context of information security?

To gather and analyze information to ensure policy compliance and security

What is the definition of Availability in the context of information security?

The need to ensure that the business purpose of the system can be met

What is the purpose of a Backdoor in the context of information security?

To give an attacker easier access to a compromised system

What is the definition of Bandwidth in the context of information security?

The capacity of a communication channel to pass data through the channel in a given amount of time

What is the purpose of a Banner in the context of information security?

To display system information to a remote user

What is the definition of Biometrics in the context of information security?

The use of physical characteristics to determine access

What is the purpose of a Boot Record Infector?

To insert malicious code into the boot sector of a disk

What is the definition of Basic Authentication in the context of information security?

The simplest web-based authentication scheme that works by sending the username and password with each request

What is the primary purpose of an Intrusion Prevention System (IPS)?

To prevent intruders from gaining further access to a computer network

What is the purpose of a covert channel?

To communicate information in a covert fashion using normal system operations

What is crimineware?

A type of malware used by cyber criminals to make money off an infected system

What is the purpose of a cron job?

To run jobs for users and administrators at scheduled times of the day

What is the purpose of a crossover cable?

To connect devices directly together

What is cryptanalysis?

The mathematical science of analyzing a cryptographic system to gain knowledge needed to break or circumvent the protection

What is the purpose of a cyclic redundancy check (CRC)?

To implement data integrity service where accidental changes to data are expected

What is a daemon?

A program that runs continuously without intervention from any of the users on the system

What is data aggregation?

The ability to get a more complete picture of the information by analyzing several different types of records at once

What is the purpose of a data custodian?

To take responsibility for the data and ensure its security

What is the primary characteristic of a connectionless protocol?

Each datagram or packet is self-contained without reliance on earlier exchanges

What is the 'Day Zero' in the context of computer security?

The day a new vulnerability is made known

What is the process of stripping off one layer's headers and passing the rest of the packet up to the next higher layer on the protocol stack?

Decapsulation

What is the process of transforming an encrypted message into its original plaintext?

Decryption

What is the method of modifying the content of a website in such a way that it becomes 'vandalized' or embarrassing to the website owner?

Defacement

What is the approach of using multiple layers of security to guard against failure of a single security component?

Defense In-Depth

What is a network area that sits between an organization's internal network and an external network, usually the Internet?

Demilitarized Zone (DMZ)

What is an attack that tries all of the phrases or words in a dictionary, trying to crack a password or key?

Dictionary Attack

What is a key agreement algorithm published in 1976 by Whitfield Diffie and Martin Hellman?

Diffie-Hellman

What is an electronic 'credit card' that establishes your credentials when doing business or other transactions on the Web?

Digital Certificate

What is the purpose of Emanations Analysis?

To monitor and resolve signals that contain data

What is the main characteristic of an Ephemeral Port?

It is a randomly chosen port number greater than 1023

What is the purpose of Escrow Passwords?

To grant access to emergency personnel when privileged personnel are unavailable

What is the primary function of Ethernet?

To connect devices to a LAN using coaxial cable or twisted pair wires

What is the purpose of an Exponential Backoff Algorithm?

To adjust TCP timeout values on the fly

What is the main characteristic of an Extended ACL?

It can filter based on IP addresses, ports, and protocols

What is the primary function of the File Transfer Protocol (FTP)?

To specify a protocol for transferring files

What is the main purpose of a Filter in a network?

To specify which packets will or will not be used

What is the primary function of a Finger protocol?

To lookup user information on a given host

What is an Event in a system or network?

An observable occurrence

What is the primary goal of flooding an attack?

To cause a failure in a computer system by providing more input than it can process

What is the purpose of a forward lookup?

To find an IP address using a domain name

What is the result of a fork bomb attack?

The system crashes due to a lack of available processes

What is the purpose of form-based authentication?

To authenticate users using a username and password

What is the fragment offset field used for?

To determine where a fragment falls in relation to other fragments

What is the purpose of a forward proxy?

To act as a server through which all requests are made

What is the process of storing a data file in several chunks or fragments rather than in a single contiguous sequence of bits?

Fragmentation

What is a network point that acts as an entrance to another network?

Gateway

What is a type of duplex communications channel that carries data in both directions at once?

Full Duplex

What is a Unix-like operating system that comes with source code that can be copied, modified, and redistributed?

GNU

What is an algorithm that computes a value based on a data object, thereby mapping the data object to a smaller data object?

Hash Function

What is a type of attack that seizes control of a previously established communication association?

Hijack Attack

What is a server name with a hostname followed by the full domain name?

Fully-Qualified Domain Name

What is a type of file sharing utility that acts as a server and client simultaneously?

Gnutella

What is the process of identifying and fixing vulnerabilities on a system?

Hardening

What is a type of intrusion detection system that uses information from the operating system audit records to watch all operations occurring on the host?

Host-Based ID

What is the primary function of an HTTP Proxy?

To act as a middleman in the communication between HTTP clients and servers

What is the purpose of a Hybrid Attack?

To build on the dictionary attack method by adding numerals and symbols to dictionary words

What is the primary function of Incident Handling?

To respond to security-related events such as intrusions, cyber-theft, and denial of service

What is the purpose of Ingress Filtering?

To filter inbound traffic to a network

What is the primary function of the Internet Control Message Protocol (ICMP)?

To report error conditions during IP datagram processing

What is the primary function of the Internet Message Access Protocol (IMAP)?

To access and manage email messages on a mail server

What is the purpose of Integrity in the context of information security?

To ensure that information has not been changed accidentally or deliberately

What is the primary function of a Hub?

To repeat data received on one port to all other ports

What is the purpose of a Hybrid Encryption?

To combine two or more encryption algorithms, particularly a combination of symmetric and asymmetric encryption

What is the purpose of Information Warfare?

To compete between offensive and defensive players over information resources

What is the purpose of L2TP?

To enable virtual private networks over the Internet

What is the principle of allowing users the least amount of permissions necessary to perform their intended function?

Least Privilege

What is a type of attack in which one system entity illegitimately poses as another entity?

Masquerade Attack

What is the process of selectively removing log entries from a system log to hide a compromise?

Log Clipping

What is a software protocol for enabling anyone to locate organizations and individuals in a network?

LDAP

What is a type of cyber attack in which the attacker intercepts and relays messages between two parties?

Man-in-the-Middle Attack

What is a one-way cryptographic hash function?

md5

What is the term for the ability to attack or defend within an Internet environment?

Measures of Effectiveness

What is the purpose of NAT?

To share one or a small number of publicly routable IP addresses

What is a type of program that executes when a certain predefined event occurs?

Logic Bomb

What is the primary function of IP Forwarding?

To allow a host to act as a router

What is the purpose of an Intranet?

To create a private network for an organization

What is Intrusion Detection?

A security management system for computers and networks

What is an IP Address?

A computer's inter-network address

What is IP Spoofing?

Supplying a false IP address

What is the main purpose of NAT in a home or small business network?

To share a single DSL or Cable modem IP address

What is ISO?

International Organization for Standardization

What is a Netmask?

A 32-bit number indicating the range of IP addresses on a single network

What is an Issue-Specific Policy?

An organizational policy that addresses specific needs

What is Network-Based IDS?

A system that monitors network traffic for indications of attacks

What is Jitter?

Modification of fields in a database

What is the purpose of Non-Repudiation?

To prove that a specific user sent a message and that it hasn't been modified

What is a Jump Bag?

A container with items necessary to respond to an incident

What is an Octet?

A sequence of 8 bits

What is the primary function of the Kernel?

To provide basic services for all other parts of the operating system

What is One-Way Encryption?

An irreversible transformation of plaintext to cipher text

What is the purpose of a Null Session?

To allow an anonymous user to retrieve information over the network

What is Network Mapping?

To compile an electronic inventory of the systems and the services on a network

What is Network Taps?

A device that hooks directly onto the network cable and sends a copy of the traffic to other devices

What is Non-Printable Character?

A character that doesn't have a corresponding character letter to its ASCII code

What is the primary function of the network layer in the OSI model?

To handle the routing of the data and forwarding

What is the purpose of the OSI model?

To provide a standard for how messages should be transmitted between devices

What is the main idea behind the OSI model?

To divide the communication process into layers

What is the application layer responsible for in the OSI model?

Identifying communication partners, quality of service, and user authentication

What is the presentation layer responsible for in the OSI model?

Converting incoming and outgoing data from one presentation format to another

What is the transport layer responsible for in the OSI model?

Managing the end-to-end control and error-checking

What is the session layer responsible for in the OSI model?

Setting up, coordinating, and terminating conversations between applications

What is the primary function of OSPF?

To maintain a database of all routers in the autonomous system

What is the characteristic of a one-way function?

Easy to compute the output based on a given input, but impossible to figure out the input value from the output value

What is the advantage of the OSI model?

It provides a standard description for how messages should be transmitted between devices

What is the primary function of the data-link layer?

To synchronize the physical level and perform bit-stuffing

What is the main purpose of a packet in a packet-switched network?

To contain the destination address and data

What is the goal of password sniffing?

To gain knowledge of passwords on a local area network

What is pharming?

A technique used to redirect a user's session to a masquerading website

What is the primary function of a personal firewall?

To install and run on individual PCs

What is the purpose of a patch?

To fix bugs in existing programs

What is the term for the actual application data a packet contains?

Payload

What is the purpose of penetration testing?

To test the external perimeter security of a network or facility

What is phishing?

The use of e-mails to trick a user into entering valid credentials

What is the purpose of a ping scan?

To look for machines that are responding to ICMP Echo Requests

What is the main purpose of Point-to-Point Tunneling Protocol (PPTP)?

To extend a corporate network through private 'tunnels' over the public Internet

What is the effect of poison reverse in routing updates?

It sets the metrics of unreachable routes to infinity

What is polyinstantiation?

The ability of a database to maintain multiple records with the same key

What is the purpose of a port scan?

To learn which computer network services are available on a system

What is possession in the context of information security?

The ability to use and control information

What is polymorphism in the context of malicious software?

The ability to change its underlying code to avoid detection

What is the primary function of a Post Office Protocol, Version 3 (POP3)?

To dynamically access a mailbox on a server host to retrieve mail messages

What is the purpose of a preamble in network communications?

To define a specific series of transmission pulses to synchronize transmission timing

What is the term for the address ranges set aside for use by private or non-Internet connected networks?

Private Address Space

What type of malware attaches itself to existing program files?

Program Infector

What is the purpose of a Promiscuous Mode?

To read all packets off the network, regardless of who they are addressed to

What is the definition of a Protocol?

A formal specification for communicating

What is the primary purpose of Public-Key Forward Secrecy?

To ensure a session key will not be compromised even if a private key is compromised

What is the primary purpose of a Ransomware?

To encrypt a victim's hard drive and deny access to key files

What is the purpose of a Public Key Infrastructure (PKI)?

To enable users of a basically unsecured public network to securely and privately exchange data and money

What is the primary function of a Proxy Server?

To act as an intermediary between a workstation user and the Internet

What is the primary purpose of a Reconnaissance?

To gather information about a target system or network

What is the primary purpose of Reflexive ACLs?

To filter traffic based on established connections

What is the term for a program that executes when a certain predefined event occurs?

Daemon

What is the purpose of a Private Addressing?

To assign IP addresses to private or non-Internet connected networks

What is the primary purpose of Radiation Monitoring?

To receive images, data, or audio from an unprotected source

What is the primary purpose of a Response?

To send information in response to a stimulus

What is the primary purpose of Reverse Engineering?

To disassemble and analyze the design of a system component

What is the primary purpose of Risk Assessment?

To identify and prioritize risks

What is the primary purpose of RARP?

To request an IP address from a gateway server

What is the primary purpose of RSA?

To encrypt and decrypt data using asymmetric cryptography

What is the purpose of Role-Based Access Control?

To assign users to roles based on their organizational functions

What is a Router used for?

To forward information to other networks based on IP addresses

What is a security mechanism that uses a cryptographic hash function?

S/Key

What is the purpose of Secure Electronic Transactions (SET)?

To provide end-to-end security for credit card transactions online

What is the purpose of a Server?

To provide a service in response to requests from other system entities called clients

What is a Segment?

Another name for TCP packets

What is Sensitive Information?

Unclassified information that, if compromised, could adversely affect the national interest

What is a Session?

A virtual connection between two hosts by which network traffic is passed

What is a Session Key?

A key that is temporary or is used for a relatively short period of time

What is a Share?

A resource made public on a machine, such as a directory or printer

What is the primary function of the Transmission Control Protocol (TCP)?

To ensure delivery of data in the correct order

What is the purpose of Trunking in computer networks?

To connect switched together to share VLAN information

What is the primary function of the User Datagram Protocol (UDP)?

To run on top of IP networks and provide a connectionless protocol

What is the purpose of a Tunnel in computer networks?

To create a logical point-to-point link using encapsulation

What is the primary function of the Uniform Resource Locator (URL)?

To provide a global address of documents and other resources on the World Wide Web

What is the purpose of Trust in computer networks?

To determine which permissions and what actions other systems or users can perform on remote machines

What is the primary function of the Transport Layer Security (TLS) protocol?

To ensure privacy between communicating applications and their users

What is the purpose of a Trojan Horse in computer networks?

To appear to have a useful function, but also has a hidden and potentially malicious function

What is the primary function of the Traceroute tool?

To map the route a packet takes from the local machine to a remote destination

What is the purpose of Unicast in computer networks?

To broadcast from a host to a single host

What is the primary function of a shell in a Unix system?

To understand and execute user commands

What is the term for gaining indirect knowledge of communicated data by monitoring signals?

Signal Analysis

What is the purpose of a smartcard?

To record and replay a set key

What is the term for a fraudulent message sent over SMS, similar to phishing?

Smishing

What is the purpose of a sniffer?

To monitor network traffic

What is the primary function of a socket?

To tell a host's IP stack where to plug in a data stream

What is the term for a protocol that a proxy server can use to accept requests from client users?

SOCKS

What is the purpose of a source port?

To connect to a server

What is the term for a cryptographic key that is divided into two or more separate data items?

Split Key

What is the purpose of a standard ACL on a Cisco router?

To make packet filtering decisions based on source IP address

What is the primary function of a switch in a network?

To keep track of MAC addresses attached to each of its ports

What is the purpose of a subnet mask?

To determine the number of bits used for the subnet and host portions of the address

What is the term for methods of hiding the existence of a message or other data?

Steganography

What is the primary function of a stateful inspection firewall?

To examine the contents of a packet up to the application layer

What is the purpose of a static host table?

To map hostname to IP address

What is the term for a network that provides switched communications service?

Switched Network

What is the primary function of syslog in Unix systems?

To keep track of system logs

What is the term for a type of cipher that works by encrypting a message a single bit, byte, or computer word at a time?

Stream Cipher

What is the primary function of a subnet in a network?

To divide a larger network into smaller parts

What is the term for a type of attack that sends a host more TCP SYN packets than the protocol implementation can handle?

SYN Flood

What is a person responsible for enforcement or administration of the security policy that applies to a system?

System Security Officer (SSO)

What type of policy is written for a specific system or device?

System-Specific Policy

What is the purpose of TCP Wrapper?

To monitor and control incoming network traffic

What is the term for a potential for violation of security?

Threat

What is a TCP-based, application-layer, Internet Standard protocol for remote login from one host to another?

TELNET

What is the geometric arrangement of a computer system?

Topology

What is a token-based device that requires a user to have a token with them when they log in?

Token-Based Device

What is the purpose of a threat assessment?

To identify types of threats that an organization might be exposed to

What is the name of the protocol analyzer for Unix that can monitor network traffic on a wire?

TCPDump

What is the term for a potential to cause harm to a system?

Threat

What is a Virtual Private Network (VPN)?

A logical, restricted-use network constructed from a physical network

What is a characteristic of a virus in computer software?

It requires a host program to be run to become active

What is vishing?

A phishing attack that involves voice calls or VoIP systems

What is a benefit of using a VPN?

It is generally less expensive to build and operate than a real network

What is the purpose of encryption in a VPN?

To improve the security of data transmission

What is a common use case for a VPN?

Connecting multiple sites of an organization over the Internet

What is the primary function of a Voice Firewall?

To monitor and control inbound and outbound voice network activity

What is the purpose of a War Dialer?

To identify modems in a telephone exchange that may be susceptible to compromise

What is the primary function of a Windowing System?

To manage windows and other graphical user interface entities

What is the purpose of WHOIS?

To find information about resources on networks

What is the main function of a Web Server?

To respond to HTTP requests for documents from client web browsers

What is the primary function of War Chalking?

To mark areas that receive wireless signals

What is the purpose of Windump?

To monitor network traffic on a wire

What is the primary function of a Worm?

To run independently and propagate a complete working version of itself

What is the primary function of a Zero-Day Attack?

To exploit computer application vulnerabilities that are unknown to others

What is the primary function of WEP?

To provide a security protocol for wireless local area networks