Docsity
Docsity

Prepare for your exams
Prepare for your exams

Study with the several resources on Docsity


Earn points to download
Earn points to download

Earn points by helping other students or get them with a premium plan


Guidelines and tips
Guidelines and tips

CIST 1601 Final Exam Prep Questions with 100% Solved Answers., Exams of Information Security and Markup Languages

CIST 1601 Final Exam Prep Questions with 100% Solved Answers.

Typology: Exams

2024/2025

Available from 12/07/2024

Martin-Ray-1
Martin-Ray-1 🇺🇸

5

(8)

6.1K documents

1 / 15

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
CIST 1601 Final Exam Prep Questions
with 100% Solved Answers.
1. In project planning, the tasks or action steps that come before the
specific task at hand are commonly referred to as prerequisites. -
Answer:::✔✔False
2. A(n) __________ is a simple project management planning tool. -
Answer:::✔✔WBS
3. The CISSP-ISSEP concentration focuses on the knowledge areas
that are part of enterprise security management. -
Answer:::✔✔False
4. The process of integrating information security perspectives into
the hiring process begins with reviewing and updating all job
descriptions. - Answer:::✔✔True
5. ________ are the technically qualified individuals tasked to
configure firewalls, deploy IDSs, implement security software,
diagnose and troubleshoot problems, and coordinate with
systems and network administrators to ensure that an
organization's security technology is properly implemented. -
Answer:::✔✔Security Technicians
pf3
pf4
pf5
pf8
pf9
pfa
pfd
pfe
pff

Partial preview of the text

Download CIST 1601 Final Exam Prep Questions with 100% Solved Answers. and more Exams Information Security and Markup Languages in PDF only on Docsity!

CIST 1601 Final Exam Prep Questions

with 100% Solved Answers.

  1. In project planning, the tasks or action steps that come before the specific task at hand are commonly referred to as prerequisites. - Answer:::✔✔False
  2. A(n) __________ is a simple project management planning tool. - Answer:::✔✔WBS
  3. The CISSP-ISSEP concentration focuses on the knowledge areas that are part of enterprise security management. - Answer:::✔✔False
  4. The process of integrating information security perspectives into the hiring process begins with reviewing and updating all job descriptions. - Answer:::✔✔True
  5. ________ are the technically qualified individuals tasked to configure firewalls, deploy IDSs, implement security software, diagnose and troubleshoot problems, and coordinate with systems and network administrators to ensure that an organization's security technology is properly implemented. - Answer:::✔✔Security Technicians
  1. The model commonly used by large organizations places the information security department within the __________ department. - Answer:::✔✔Information technology
  2. The International Society of Forensic Computer Examiners (ISFCE) offers two levels of certification: the Certified Computer Examiner (CCE) and the Master Certified Computer Examiner (MCCE). - Answer:::✔✔True
  3. Like the CISSP, the SSCP certification is more applicable to the security__________ than to the security __________. - Answer:::✔✔Manager, technician
  4. The former System Administration, Networking, and Security Organization is now better known as __________. - Answer:::✔✔SANS
  5. The breadth and depth covered in each of the domains makes the __________ one of the most difficult-to-attain certifications on the market. - Answer:::✔✔CISSP
  6. "Builders" in the field of information security provide day-to- day systems monitoring and use to support an organization's goals and objectives. - Answer:::✔✔False
  1. The ______ commercial site focuses on current security tool resources. - Answer:::✔✔Packet Storm
  2. Threats cannot be removed without requiring a repair of the vulnerability. - Answer:::✔✔False
  3. The optimum approach for escalation is based on a thorough integration of the monitoring process into the ______. - Answer:::✔✔IRP
  4. A primary mailing list for new vulnerabilities, called simply __________, provides time-sensitive coverage of emerging vulnerabilities, documenting how they are exploited and reporting on how to remediate them. Individuals can register for the flagship mailing list or any one of the entire family of its mailing lists. - Answer:::✔✔Bugtraq
  5. One approach that can improve the situational awareness of the information security function is to use a process known as __________ to quickly identify changes to the internal environment. - Answer:::✔✔Difference analysis
  6. For configuration management (CM) and control, it is important to document the proposed or actual changes in the system security plan. - Answer:::✔✔True
  1. Rehearsal adds value by exercising the procedures, identifying shortcomings, and providing security personnel the opportunity to improve the security plan before it is needed. - Answer:::✔✔True
  2. _______ is used to respond to network change requests and network architectural design proposals. - Answer:::✔✔Network connectivity RA
  3. A process called __________ examines the traffic that flows through a system and its associated devices to identify the most frequently used devices. - Answer:::✔✔Traffic analysis
  4. The __________ is a statement of the boundaries of the RA.
    • Answer:::✔✔Scope
  5. Inventory characteristics for hardware and software assets that record the manufacturer and versions are related to technical functionality, and should be highly accurate and updated each time there is a change. - Answer:::✔✔True
  6. A(n) __________ item is a hardware or software item that is to be modified and revised throughout its life cycle. - Answer:::✔✔configuration
  1. The integrity value, which is based upon fuzzy logic, helps an administrator determine how likely it is that an IDPS alert or alarm indicates an actual attack in progress. - Answer:::✔✔False
  2. ______ are usually passive devices and can be deployed into existing networks with little or no disruption to normal network operations. - Answer:::✔✔NIDPs
  3. Using ______, the system reviews the log files generated by servers, network devices, and even other IDPSs. - Answer:::✔✔LFM
  4. A(n) NIDPS functions on the host system, when encrypted traffic will have been decrypted and is available for processing. - Answer:::✔✔False
  5. To determine whether an attack has occurred or is underway, NIDPSs compare measured activity to known ______ in their knowledge base. - Answer:::✔✔signatures
  6. Which of the following is NOT a described IDPS control strategy? - Answer:::✔✔decentralized
  7. A(n) partially distributed IDPS control strategy combines the best of other IDPS strategies. - Answer:::✔✔True
  1. A padded cell is a hardened honeypot. - Answer:::✔✔False
  2. ______ applications use a combination of techniques to detect an intrusion and then trace it back to its source. - Answer:::✔✔Trap-and-trace
  3. Which of the following ports is commonly used for the HTTP protocol? - Answer:::✔✔ 80
  4. The ability to detect a target computer's ______ is very valuable to an attacker. - Answer:::✔✔operating system
  5. _______ is the process of classifying IDPS alerts so that they can be more effectively managed. - Answer:::✔✔Alarm filtering
  6. As DES became known as being too weak for highly classified communications, Double DES was created to provide a level of security far beyond that of DES. - Answer:::✔✔False
  7. ________ functions are mathematical algorithms that generate a message summary or digest to confirm the identity of a specific message and to confirm that there have not been any changes to the content. - Answer:::✔✔Hash
  1. The __________ is responsible for the fragmentation, compression, encryption, and attachment of an SSL header to the cleartext prior to transmission - Answer:::✔✔SSL Record Protocol
  2. The S-HTTP security solution provides six services: authentication by digital signatures, message encryption, compression, e-mail compatibility, segmentation, and key management. - Answer:::✔✔False
  3. A method of encryption that requires the same secret key to encipher and decipher the message is known as __________ encryption. - Answer:::✔✔Symmetric
  4. Pretty Good Privacy (PGP) uses the freeware ZIP algorithm to compress the message after it has been digitally signed but before it is encrypted. - Answer:::✔✔True
  5. The __________ algorithm, developed in 1977, was the first public-key encryption algorithm published for commercial use. - Answer:::✔✔RSA
  6. Digital signatures should be created using processes and products that are based on the __________. - Answer:::✔✔DSS
  1. SHA-1 produces a(n) ___________-bit message digest, which can then be used as an input to a digital signature algorithm. - Answer:::✔✔ 160
  2. UPS devices typically have capacities that may run up to __________ VA. - Answer:::✔✔ 1000
  3. Fire __________ systems are devices installed and maintained to detect and respond to a fire, potential fire, or combustion danger. - Answer:::✔✔suppression
  4. In the __________ UPS, the internal components of the standby models are replaced with a pair of inverters and converters. - Answer:::✔✔line-interactive
  5. Electronic monitoring includes __________ systems. - Answer:::✔✔closed circuit television
  6. In general, ESD damage to chips produces two types of failures: immediate and latent. - Answer:::✔✔True
  7. One of the leading causes of damage to sensitive circuitry is __________ - Answer:::✔✔ESD
  1. Vibration sensors fall into the motion sensor category. - Answer:::✔✔False
  2. Computing and other electrical equipment used in areas where water can accumulate must be uniquely grounded using __________ equipment. - Answer:::✔✔GFCI
  3. The first step in the work breakdown structure (WBS) approach encompasses activities, but not deliverables. - Answer:::✔✔False
  4. The primary drawback to the direct changeover approach is that if the new system fails or needs modification, users may be without services while the system's bugs are worked out. - Answer:::✔✔True
  5. By managing the __________, the organization can reduce unintended consequences by having a process to resolve the potential conflict and disruption that uncoordinated change can introduce. - Answer:::✔✔Process of change
  6. Some cases of __________ are simple, such as requiring employees to begin using a new password on an announced date.
    • Answer:::✔✔direct changeover
  1. In the __________ process, measured results are compared against expected results. - Answer:::✔✔negative feedback loop
  2. The Lewin change model includes __________. - Answer:::✔✔All of the above
  3. The __________ methodology has been used by many organizations and requires that issues be addressed from the general to the specific, and that the focus be on systematic solutions instead of individual problems. - Answer:::✔✔Bull's eye
  4. Technology __________ guides how frequently technical systems are updated, and how technical updates are approved and funded. - Answer:::✔✔Governance
  5. In a __________ implementation, the entire security system is put in place in a single office, department, or division before expanding to the rest of the organization. - Answer:::✔✔Pilot
  6. The budgets of public organizations are usually the product of legislation or public meetings. - Answer:::✔✔True
  7. "Unfreezing" in the Lewin change model involves thawing hard-and-fast habits and established procedures. - Answer:::✔✔True