Exam 8: Controls for Information Security

Residents in Berryhill received an e-mail stating that there is an armed robber on the loose.The e-mail claimed to be from the Berryhill police department,but it wasn't.Computer forensic experts later determined that the e-mail was sent from a computer lab in the Berryhill's public library.The police were then able to uniquely identify the computer that was used by means of its network interface card's ________ address.Security cameras later help the police to reveal the identity of the individual responsible for the hoax.

Many corrective controls rely on human judgment.

The process of turning off unnecessary features in the system is known as

It was 8:03 A.M.when Jiao Jan,the Network Administrator for South Asian Technologies,was informed that the intrusion detection system had identified an ongoing attempt to breach network security.By the time that Jiao had identified and blocked the attack,the hacker had accessed and downloaded several files from the company's server.Using the notation for the time-based model of security,in this case

The Trust Services Framework reliability principle that states access to the system and its data should be accessible to meet operational and contractual obligations to legitimate users is known as

The Trust Services Framework reliability principle that states personal information should be protected from unauthorized disclosure is known as

The Trust Services Framework reliability principle that states access to the system and its data should be controlled and restricted to legitimate users is known as

Describe the function of a computer incident response team (CIRT)and the steps that a CIRT should perform following a security incident.

A border router

In the time-based model of information security,D represents

The steps that criminals take to trick an unsuspecting employee into granting them access is called

Information technology managers are often in a bind when a new exploit is discovered in the wild.They can respond by updating the affected software or hardware with new code provided by the manufacturer,which runs the risk that a flaw in the update will break the system.Or they can wait until the new code has been extensively tested,but that runs the risk that they will be compromised by the exploit during the testing period.Dealing with these issues is referred to as

This protocol specifies the structure of packets sent over the internet and the route to get them to the proper destination.

The process of maintaining a table listing all established connections between the organization's computers and the internet to determine whether an incoming packet is part of an ongoing communication initiated by an internal computer is known as

Describe the basic steps criminal use to attack an organization's information system.Select one of the steps and find a news story that relates to the step that you have chosen.

Logs need to be analyzed regularly to detect problems in a timely manner.

Tools called ________ can be used to identify unused and,therefore,unnecessary programs that represent potential security threats.

Identify six physical access controls.

If the time an attacker takes to break through the organization's preventive controls is greater than the sum of the time required to detect the attack and the time required to respond to the attack,then security is

________ is an authorized attempt by an internal audit team or an external security consultant to attempt to break into the organization's information system.