KWANGOL
KWANGOL
KWANGOL
A biometric handprint scanner is used as part of a system for granting access to a facility.
Once an identity is verified, the system checks and confirms that the user is allowed to leave
the lobby and enter the facility, and the electronic door lock is released. Which security
controls are being used in this situation? (Select all that apply.)
Authentication, Authorization, Authorization
At the end of the day, security personnel can view electronic log files that record the
identities of everyone who entered and exited the building along with the time of day.
Which type of security control is this?
Auditing
An administrator of a large multinational company has the ability to assign object access
rights and track users' resource access from a central administrative console. Users
throughout the organization can gain access to any system after providing a single user
name and password. Which type of security control is this?
Privilege management
Brian works in your IT department. To access his laptop, he inserts his employee ID card into
a special card reader. This is an example of:
Token-based authentication.
To access the server room, Brian places his index finger on a fingerprint reader. This is an
example of:
Biometric authentication.
To withdraw money from an automatic teller machine, Nancy inserts a card and types a
four-digit PIN. This incorporates what types of authentication? (Select all that apply.)
Token-based, Password, Multi-factor
True of False? Multi-factor authentication enhance security because the attacker must
obtain at least two authentication factors, not just one, in order to breach the system. This
can be particularly difficult with biometrics, or "who you are" authentication, where at least
one of the factors is a unique physical characteristic of an individual.
True
Considering that hashing is one-way and the hash is never reversed, what makes hashing a
useful security technique?
Because two parties can hash the same data and compare hashes to see if they match
True of False? The distinctions between an encryption algorithm and a key is the encryption
algorithm is the general rule or instruction set applied to the data to transform it to
ciphertext. The key is the actual value used by the algorithm. A different key value results in
different ciphertext, although the basic encryption process is the same.
True
True or False? Session keys are static, meaning they are used over a long period of time.
False
True of False? The potential drawbacks for of symmetric encryption is that it needs to share
the key between the two parties creates the potential for key
True
True or False? In this scenario, the obvious vulnerabilities surrounding Develetech's sever
room is the room's close proximity to the main lobby. Other vulnerabilities you might notice
are the type of walls installed around the room. You can verify that they extend from floor
to ceiling and that they do not contain large vents that could be used as access points. You
might check to see if there are other doors to the room and if they are secured.
True
Based on the known vulnerabilities for the computer room, what potential threats exist?
Visitors coming and going could easily view the type of physical access control used to get
into the computer room, Visitors could be in a position to see the access code being
entered and could use it to gain access themselves
What factors will affect the likelihood of these threats succeeding?
True of False? In this case if an unauthorized access attempt was successful, the potential
impact would be large due to what is stored inside the server room. Unauthorized users
could gain access to the sensitive data stored in the servers and use this against the
organization and therefore damage the organization's credibility. In a monetary sense, the
company could lose revenue if customer data is analyzed by a competitor to glean certain
trade secrets.
True
What risk mitigation strategies would you use in this situation to reduce the risks
surrounding the physical access of the server room?
Implementing better security controls such as including a server room security guard
Relocate the servers to more secure and remote area of the building
True or False? Develetech did not meet its RPO. The last backup was 12 hours before the
event, but the company's RPO is only 6 hours. This means there are 6 hours worth of
unrecoverable data that the organization could not tolerate losing. Develetech should
increase the frequency of its backups in order to meet the
True
What is the mean time to repair (MTTR) each affected server?
8 hours
2 days
Assume that there are 100 servers, and the administrators can only recover 20 at a time
before moving on to the next 20. Does this cause a conflict with the organization's RTO?
Why or why not?
This does not necessarily cause a conflict with the organization's RTO. If the MTTR is 8
hours, then it will take 40 hours to recover 5 sets of 20 servers. Since 40 hours is less than
the RTO of 2 days (48 hours), the organization can still hit its objective
True of False? Assume that Develetech does not reach its RTO, and actually exceeds its MTD
before the storefront is fully operational again. In this case the most prominent impact will
be the hit the organization takes to its finances. Because the storefront is Develetech's
revenue leader, the lack of transactions for more than 3 days will impact its ability to sustain
its own operational costs, as well as cause its market value to plummet. While less
quantifiable, Develetech's reputation will likely take an impact as well. A customer backlash
to the outage may tarnish the company's brand irrevocably.
True
You've checked several affected computers in the domain and can verify that they are all
sending DNS requests to your primary DNS server. You also verify that none of the hosts
files on these computers has been tampered with. What kind of DNS attack do you believe
you're faced with?
b. DNS Poisoning
Port scanning can help an attacker to reveal services running on the various network ports,
which then he may use as entry points into a system. Attackers can also exploit open ports
in other types of attacks, like denial of service.
True
John is given a laptop for official use and is on a business trip. When he arrives at his hotel,
he turns on his laptop and finds a wireless access point with the name of the hotel, which he
connects to for sending official communications. He may become a victim of which wireless
threat?
Evil twins
a mobile device who is passing the building takes advantage of the open network and gains
access. Your company may have experienced which type of wireless threat?
War driving
Every time Margaret decided to work at home, she would get frustrated with the poor
wireless connection. But when she gets to her office, the wireless connection seems normal.
What might have been one of the factors affecting Margaret's wireless connection when she
worked at home?
Jamming
Chuck, a sales executive, is attending meetings at a professional conference that is also
being attended by representatives of other companies in his field. At the conference, he
uses his smartphone with a Bluetooth headset to stay in touch with clients. A few days after
the conference, he finds that competitors' sales representatives are getting in touch with his
key contacts and influencing them by revealing what he thought was private information
from his email and calendar. Chuck is a victim of which wireless threat?
Bluesnarfing
You've asked Joel, one of your network specialists, to configure new wireless routers in the
building in order to extend the range of your network. He wants to configure the routers to
support WPS authentication of new devices. Why should you caution against this?
WPS only checks part of the 8-digit enrollment PIN at one time, making it trivial to brute
force
A new administrator in your company is in the process of installing a new wireless device.
He is called away to attend an urgent meeting before he can secure the wireless network,
and without realizing it, he forgot to switch the device off. A person with a mobile device
who is passing the building takes advantage of the open network and gains access. Your
company may have experienced which type of wireless threat?
War driving
While entering the building through the rear security door, an employee realizes he has left
his car keys in his car door lock. He has already swiped his badge to open the door, so he
props it open with his briefcase while he returns to his car to retrieve his keys. He has the
door in view at all times and no one else enters while the door is propped open. He locks
the door behind him once he is in the building. This a(n): (Select all that apply.)
Man-made threat
A disgruntled employee removes the UPS on a critical server system and then cuts power to
the system, causing costly downtime. This is a(n): (Select all that apply.)
Man-made threat
b. Internal threat
A power failure has occurred due to a tree branch falling on a power line outside your
facility, and there is no UPS or generator. This is a(n): (Select all that apply.)
--Natural threat
--External threat
A backhoe operator on a nearby construction site has accidentally dug up fiber optic cables,
thus disabling remote network access. This is a(n): (Select all that apply.)
--External threat
--Man-made threat
While entering the building through the rear security door, an employee realizes he has left
his car keys in his car door lock. He has already swiped his badge to open the door, so he
props it open with his briefcase while he returns to his car to retrieve his keys. He has the
door in view at all times and no one else enters while the door is propped open. He locks
the door behind him once he is in the building. This a(n):
--Man-made threat
True or False ? Develetech will eventually expand its networking infrastructure as its
business grows. This expansion could introduce new vulnerabilities in the design of the
network and the attackers might to exploit these vulnerabilities.
True
True or False? It is sufficient to leave most systems with the default operating system
configurations.
--False
Recently, attackers were able to compromise the account of a user whose employment had
been terminated a week earlier. They used this account to
access a network share and delete important files. What account vulnerability enabled this
attack?
--The terminated employee's account wasn't disabled
How can a vulnerability scan like this help ensure the security of your systems? (Select all
that apply)
---You can more easily identify where weaknesses in your systems exist
What vulnerabilities did MBSA detect in its scan?
---Incomplete Windows update installation
How else could an attacker compromise the remote server?
---hey can copy sensitive data to another location
---They could poison the DNS cache
What are some of the security concerns you have about the common mobile devices you
use or support?
---he use of personal mobile devices when accessing and sending company email, servers,
or services
---Mobile devices that are lost or stolen
You begin noticing that, more and more often, employees at Develetech are using their own
personal devices to get work done in the office. To address this new challenge to security,
you decide to draft an acceptable use policy that employees must agree to. What sort of
protocols and controls should you include in this policy