LATEST ISM3321 FINALEXAM QUESTIONS WITH VERIDIED ANSWERS ALREADY GRADED A++

LATEST ISM3321 FINALEXAM QUESTIONS WITH VERIDIED ANSWERS ALREADY GRADED A++ A ____ is usually the best approach to security project implementation. - ANSWER-phased implementation A ____ system is designed to work in areas where electrical equipment is used. Instead of containing water, the system contains pressurized air. - ANSWER-dry-pipe A __________ is a key-dependent, one-way hash function that allows only specific recipients (symmetric key holders) to access the message digest. - ANSWER-MAC A __________ is the information used in conjunction with an algorithm to create the ciphertext from the plaintext or derive the plaintext from the ciphertext. - ANSWER-key A __________ is the recorded condition of a particular revision of a software or hardware configuration item. - ANSWER-version A __________ vulnerability scanner listens in on the network and identifies vulnerable versions of both server and client software. - ANSWER-passive A device that assures the delivery of electric power without interruption is a(n) ____. - ANSWER-UPS A method of encryption that requires the same secret key to encipher and decipher the message is known as __________ encryption. - ANSWER-symmetric A primary mailing list for new vulnerabilities, called simply __________, provides time-sensitive coverage of emerging vulnerabilities, documenting how they are exploited and reporting on how to remediate them. Individuals can register for the flagship mailing list or any one of the entire family of its mailing lists. - ANSWER-Bugtraq A process called __________ examines the traffic that flows through a system and its associated devices to identify the most frequently used devices. - ANSWER-traffic analysis A step commonly used for Internet vulnerability assessment includes __________, which occurs when the penetration test engine is unleashed at the scheduled time using the planned target list and test selection. - ANSWER-Scanning A(n) __________ IDPS is focused on protecting network information assets. - ANSWER-network-based A(n) __________ is a software program or hardware appliance that can intercept, copy, and interpret network traffic. - ANSWER-packet sniffer A(n) __________ is an event that triggers an alarm when no actual attack is in progress. - ANSWER-false attack stimulus A(n) __________ item is a hardware or software item that is to be modified and revised throughout its life cycle. - ANSWER-configuration A(n) __________ port, also known as a monitoring port, is a specially configured connection on a network device that is capable of viewing all of the traffic that moves through the entire device. - ANSWER-SPAN A(n) __________ works like a burglar alarm in that it detects a violation (some system activities analogous to an opened or broken window) and activates an alarm. - ANSWER-IDPS A(n) ____, typically prepared in the analysis phase of the SecSDLC, must be reviewed and verified prior to the development of the project plan. - ANSWER-CBA According to Schwartz, Erwin, Weafer, and Briney, "__________" are the real techies who create and install security solutions. - ANSWER-Builders Activities that scan network locales for active systems and then identify the network services offered by the host systems are known as __________. - ANSWER-fingerprinting An X.509 v3 certificate binds a ___________, which uniquely identifies a certificate entity, to a user's public key. - ANSWER-distinguished name At the World Championships in Athletics in Helsinki in August 2005, a virus called Cabir infected dozens of __________, the first time this occurred in a public setting. - ANSWER-Bluetooth mobile phones Bit stream methods commonly use algorithm functions like the exclusive OR operation (__________). - ANSWER-XOR By managing the ____, the organization can reduce unintended consequences by having a process to resolve potential conflict and disruption that uncoordinated change can introduce. - ANSWER-process of change Class ____ fires are extinguished by agents that remove oxygen from the fire. - ANSWER-B Class ____ fires are extinguished with non-conducting agents only. - ANSWER-C Common vulnerability assessment processes include: - ANSWER-All of these Computing and other electrical equipment in areas where water can accumulate must be uniquely grounded, using ____ equipment. - ANSWER-GFC Control __________ baselines are established for network traffic and for firewall performance and IDPS performance. - ANSWER-performance DES uses a(n) ___________-bit block size. - ANSWER-64 Detailed __________ on the highest risk warnings can include identifying which vendor updates apply to which vulnerabilities as well as which types of defenses have been found to work against the specific vulnerabilities reported. - ANSWER-intelligence Digital signatures should be created using processes and products that are based on the __________. - ANSWER-DSS Each organization sets policy to choose one of two approaches when employing digital forensics. Select the statement that best identifies the options. - ANSWER-Both of these are approaches that might be chosen Electronic monitoring includes ____ systems. - ANSWER-closed-circuit television Fire ____ systems are devices installed and maintained to detect and respond to a fire, potential fire, or combustion danger situation. - ANSWER-suppression If the task is to write firewall specifications for the preparation of a(n) ____, the planner would note that the deliverable is a specification document suitable for distribution to vendors. - ANSWER-RFP In a ____ implementation, the entire security system is put in place in a single office, department, or division, and issues that arise are dealt with before expanding to the rest of the organization. - ANSWER-pilot In digital forensics, all investigations follow the same basic methodology once permission for search and seizure has been obtained. Which of the following is NOT one of the elements of that process? - ANSWER-Determine whether to "apprehend and prosecute." In PKI, the CA periodically distributes a(n) _________ to all users that identifies all revoked certificates. - ANSWER-CRL In TCP/IP networking, port __________ is not used. - ANSWER-0 In the ____ approach, the sensor detects an unusually rapid increase in the area temperature within a relatively short period of time. - ANSWER-rate-of-rise In the ____ process, measured results are compared to expected results. - ANSWER-negative feedback loop In the ____ UPS, the internal components of the standby models are replaced with a pair of inverters and converters. - ANSWER-line-interactive Interior walls reach only part way to the next floor, which leaves a space above the ceiling of the offices but below the top of the storey. This space is called a(n) ____. - ANSWER-plenum Intrusion __________ activities finalize the restoration of operations to a normal state and seek to identify the source and method of the intrusion in order to ensure that the same type of attack cannot occur again. - ANSWER-correction Like the CISSP, the SSCP certification is more applicable to the security__________ than to the security __________. - ANSWER-manager, technician Many organizations use a(n) __________ interview to remind the employee of contractual obligations, such as nondisclosure agreements, and to obtain feedback on the employee's tenure in the organization. - ANSWER-exit Many who enter the field of information security are technical professionals such as __________ who find themselves working on information security applications and processes more often than traditional IT assignments. - ANSWER-All of the above Many who move to business-oriented information security were formerly__________ who were often involved in national security or cybersecurity . - ANSWER-military personnel More advanced substitution ciphers use two or more alphabets, and are referred to as __________ substitutions. - ANSWER-polyalphabetic Most guards have clear ____ that help them to act decisively in unfamiliar situations. - ANSWER-SOPs Most network behavior analysis system sensors can be deployed in __________ mode only, using the same connection methods as network-based IDPSs. - ANSWER-passive Network behavior analysis system __________ sensors are typically intended for network perimeter use, so they are deployed in close proximity to the perimeter firewalls, often between the firewall and the Internet border router to limit incoming attacks that could overwhelm the firewall. - ANSWER-inline One approach that can improve the situational awareness of the information security function is to use a process known as __________ to quickly identify changes to the internal environment. - ANSWER-difference analysis One of the leading causes of damage to sensitive circuitry is ____. - ANSWER-ESD Project managers can reduce resistance to change by involving employees in the project plan. In systems development, this is referred to as ____. - ANSWER-JAD Public organizations often have "____" to spend all their remaining funds before the end of the fiscal year. - ANSWER-end-of-fiscal-year spend-a-thons SHA-1 produces a(n) ___________-bit message digest, which can then be used as an input to a digital signature algorithm. - ANSWER-160 Some cases of ____ are simple, such as requiring employees to use a new password beginning on an announced date. - ANSWER-direct changeover Some vulnerability scanners feature a class of attacks called _________, that are so dangerous they should only be used in a lab environment. - ANSWER-destructive Tasks or action steps that come after the task at hand are called ____. - ANSWER-successors Technology ____ guides how frequently technical systems are updated, and how technical updates are approved and funded. - ANSWER-governance The ____ involves collecting information about an organization's objectives, its technical architecture, and its information security environment. - ANSWER-SecSDLC The ____ layer of the bull's-eye model includes computers used as servers, desktop computers, and systems used for process control and manufacturing systems. - ANSWER-Systems The ____ layer of the bull's-eye model receives attention last. - ANSWER-Applications The ____ level of the bull's-eye model establishes the ground rules for the use of all systems and describes what is appropriate and what is inappropriate, it enables all other information security components to function correctly. - ANSWER-Policies The ____ methodology has been used by many organizations, requires that issues be addressed from the general to the specific, and that the focus be on systematic solutions instead of individual problems. - ANSWER-bull's-eye The __________ algorithm, developed in 1977, was the first public-key encryption algorithm published for commercial use. - ANSWER-RSA The __________ certification program has added a number of concentrations that can demonstrate advanced knowledge beyond the basic certification's CBK. - ANSWER-CISSP The __________ commercial site focuses on current security tool resources. - ANSWER-Packet Storm The __________ is a center of Internet security expertise and is located at the Software Engineering Institute, a federally funded research and development center operated by Carnegie Mellon University. - ANSWER-CERT/CC The __________ is a statement of the boundaries of the RA. - ANSWER-scope The __________ is responsible for the fragmentation, compression, encryption, and attachment of an SSL header to the cleartext prior to transmission. - ANSWER-SSL Record Protocol The __________ is typically considered the top information security officer in the organization. - ANSWER-CISO The __________ mailing list includes announcements and discussion of a leading open-source IDPS. - ANSWER-Snort The __________ process is designed to find and document vulnerabilities that may be present because there are misconfigured systems in use within the organization. - ANSWER-PSV The __________ protocol provides system-to-system authentication and data integrity verification, but does not provide secrecy for the content of a network communication. - ANSWER-AH The __________ vulnerability assessment is a process designed to find and document selected vulnerabilities that are likely to be present on the organization's internal network. - ANSWER-intranet The __________ vulnerability assessment is designed to find and document vulnerabilities that may be present in the organization's wireless local area networks. - ANSWER-wireless The __________ Web site and list site is home to the leading free network exploration tool, Nmap. - ANSWER- The ability to detect a target computer's __________ is very valuable to an attacker. - ANSWER-operating system The breadth and depth covered in each of the domains makes the __________ one of the most difficult-to-attain certifications on the market. - ANSWER-CISSP The CISA credential is touted by ISACA as the certification that is appropriate for all but which type of professionals? - ANSWER-accounting The date for sending the final RFP to vendors is considered a(n) ____, because it signals that all RFP preparation work is complete. - ANSWER-milestone The International Society of Forensic Computer Examiners (ISFCE) offers which certifications? - ANSWER-both a & b The ISSEP allows CISSP certificate holders to demonstrate expert knowledge of all of the following except __________. - ANSWER-international laws The Lewin change model consists of ____. - ANSWER-All of the above To determine whether an attack has occurred or is underway, NIDPSs compare measured activity to known __________ in their knowledge base. - ANSWER-signatures To use a packet sniffer legally, the administrator must __________. - ANSWER-All of the above Using __________, the system reviews the log files generated by servers, network devices, and even other IDPSs. - ANSWER-LFM