Encryption

11/12/2016 techbus.safaribooksonline.com/print?
xmlid=9780789735737%2Fch07lev1sec13
Username:AdityaMishraBook:CISAExamPrep.Nopartofanychapterorbookmaybereproducedortransmittedinanyformbyanymeanswithouttheprior
writtenpermissionforreprintsandexcerptsfromthepublisherofthebookorchapter.RedistributionorotherusethatviolatesthefairuseprivilegeunderU.S.
copyrightlaws(see17USC107)orthatotherwiseviolatestheseTermsofServiceisstrictlyprohibited.ViolatorswillbeprosecutedtothefullextentofU.S.
FederalandMassachusettslaws.
ApplyYourKnowledge
Youhaveseeninthischapterthattheorganizationshouldhaveformalizedsecurityfunctionsdevelopedtoprotect
thecompanysinformationassets.Oneprovenmethodofprotectinginformationisencryption.Thisexercisehas
youdownloadandinstalladigitalcertificate.YouwillneedanInternetconnectionandMicrosoftOutlookto
completethisexercise.
Exercises
7.1.ObtainingDigitalCertificates
Thisexercisewillstepyouthroughtheprocessofobtainingafreedigitalcertificate.Thesecanbeusedwithemail,
signing,orothernoncommercialencryptionprocesses.
EstimatedTime:10Minutes
1.Thefirststepinthistaskistoobtainadigitalcertificate.Manydifferentvendorsprovidetheseinthis
exercise,youwillbedownloadingthecertificatefromComodo,whichprovidesfreecertificatesfor
noncommercialuse.
2.Gotohttp://www.comodogroup.com/products/certificate_services/index.htmltogetyourfreedigital
certificate.Youwillneedtofilloutashortform,andthendownloaddetailswillbeemailedtoyou.
3.OpenyouremailfromComodoandfollowthelinktothecertificatedownload.Thisinstallsthecertificatein
yourcomputer.
4.Tousethecertificate,openOutlookandSelectToolsfromthemenu.
5.SelectOptionsfromtheToolsmenu.
6.OntheOptionsmenu,choosetheSecuritytab.
7.EnteranameforyoursecuritysettingintotheSecuritySettingsNamebox.
8.CheckDefaultSecuritySettingforThisSecureMessageFormat.
9.SelectyourSecureEmailCertificatefromtheSelectCertificatedialogbox.
10.NowviewyourcertificatebyselectingtheViewCertificatebutton.TheCertificatemenudisplaysfourtabs
thatprovidemoredetailaboutyourcertificate.Clickoneachonetolearnmoreaboutthecertificate.After
examiningit,clicktheOKbuttontoreturntotheSelectCertificatemenuandclickOKagaintoselectthe
certificate.
11.WhileattheChangeSecuritySettingmenu,makesureSendTheseCertificateswithSignedMessagesis
selected.
12.ClickOKtoreturntotheOptionsdialogbox,andthenclickOKtoreturntoOutlook.Yourcertificateisnow
installed.
13.Tosendamessagewithyournewdigitalcertificate,createanewmessagetosendtoacoworkerorfriend.
http://techbus.safaribooksonline.com/print?xmlid=9780789735737%2Fch07lev1sec13 1/6
11/12/2016 techbus.safaribooksonline.com/print?xmlid=9780789735737%2Fch07lev1sec13
14.Aftercreatingthemessage,choosetheOptionsbutton.
15.FromtheOptionsmenu,selecttheSecuritySettingsbutton.Nowchoose
AddDigitalSignaturetoThisMessageandselectOK.
16.Youhaveaddedthestrengthofnonrepudiation.Youcannowsendyourfirstsignedemail.
ExamQuestions
1.Whichofthefollowingcryptosystemsprovidesthebestmethodtoverifyintegrity?
A. DES
B. AES
C. MD5
D. RSA
2.Whichofthefollowingisthemosteffectivecontrolforvirusesandworms?
A. Agoodbackuppolicy
B. Scanningincomingemailforvirusesandworms
C. Policiesthatprohibittheuseofmediabroughtfromhomeordownloadedfroma
nonworkcomputer
D. Antivirusthatisupdatednolessthanweekly,thatisonlineandactive
3.ABtoCecommercewebsiteisworriedaboutsecurityandhashadtalksaboutencryption.Specifically,
theywouldliketosetupasystemthatcanmonitor,detect,andalertonhackingactivity.Whichofthe
followingwouldbestmeettherequiredneeds?
A. Packetfiltering
B. Intrusiondetection
C. Statefulinspection
D. Asymmetriccryptography
4.Yourcompanyisconsideringapenetrationtesttoreviewexternalsecurity.Theywouldlikeyou,the
companysleadISauditor,todirecttheproject.Whichofthefollowingwouldbeconsideredthefirstand
mostimportantforyoutoaccomplishbeforeyoubegin?
A. Establishatimeframeforthetest
B. Determinetheteammembers
C. GetthesupportoftheITsecuritygroup
D. Obtainwrittenauthorization
5.WhichofthefollowingbestdescribesthetypeofIDSthatworksbylearningusersactivitiessothatit
understandsnormalpatternsofbehaviors?
A. Statistical
B. Signature
C. Neural
D. Protocol
6.WhichofthefollowingisthehighestpriorityforanISauditor?
A. Designingandimplementingsecuritycontrols
B. Reviewingnewpoliciesandprocedures
C. Controllingandmonitoringdatasecurityandpolicies
D. ControllingandmonitoringIDSandfirewallactivity
7.Ateamofauditorshasjustcompletedanauditoftheorganization.Whichofthefollowingfindingsshould
beconsideredthemostcritical?
A. Serversarenotbackeduponaregularbasis.
B. Workstationsarenotbackeduponaregularbasis.
C. Thebusinesscontinuityplaniscurrentbutincludescriticalandnoncriticalitems.
D. Thepasswordchangepolicyisnotbeingactivelyenforced
8.Youhavebeenaskedtoreviewyourorganizationscomputerforensicspolicy.Whichofthefollowing
elementsshouldbeofthemostconcerntoyouwhilereviewingthedocumentation?
A. Incidentresponse
B. Chainofcustody
C. Inhouseforensicinvestigators
D. Commercialforensicsoftware
9.Whendiscussingdataownership,whichofthefollowingindividualshastheresponsibilityofdaytoday
managementoftheasset?
A. Securityadvisorygroup
B. Processowner
C. Chiefprivacyofficer
D. Chiefsecurityofficer
10.SeveralcoworkersareinstallinganIDS,andyouhavebeenaskedtomakeaninitialreview.Oneofthe
installershasaskedwhichofthefollowingistheworstconditionforanIDS.Whichiscorrect?
A. Positive
B. Negative
C. Falsepositive
D. Falsenegative
AnswerstoExamQuestions
1.C.MD5isahashingalgorithm.Hashingalgorithmsareusedtoverifyintegrity.AnswerAisincorrect
becauseDESisasymmetricalgorithmandoffersconfidentiality,answerBisincorrectbecauseAESisalso
asymmetricalgorithmthatoffersconfidentiality,andanswerDisincorrectbecauseRSAisanasymmetric
algorithmthatgenerallyoffersconfidentiality,authentication,andnonrepudiation.
2.D.Anuptodateantivirussystemisthemosteffectivemeansofpreventingandcontrollingmalicious
software.Regularupdatesarerequiredtoensurethattheantivirussoftwarehasthecapabilitytoscanfor
themostcurrentmaliciouscode.AnswerAisincorrectbecausebackupswillnotpreventavirusinfection
andoffernocontrolofmaliciouscode.AnswerBisincorrectbecausescanningemailwillpreventsome
maliciouscode,butthereareothermodesofentry.AnswerCisincorrectbecausealthoughpoliciesarea
goodbaseliningcontrol,theydonotpreventemployeesfromcarryingoutspecificactions.
3.B.Intrusiondetectionisthebestmethodofmonitoringanddetectingbreakinsorattemptstoattackvia
theInternet.AnswerAisincorrectbecausepacketfilteringisatypeofstatelessinspectionandcanmakea
decisionononlyasetofstaticrules.AnswerCisincorrectbecausestatefulinspectionisnotspecifically
designedtodetectandreporthackingactivities.AnswerDisincorrectbecauseencryptiondoesnotmeet
anyofthecompanysstatedgoals.
4.D.Themostimportantstepofthepentestprocessistoobtainwrittenauthorizationandapproval.No
testingshouldoccuruntilthisstepiscompleted.AnswerAisincorrectbecausetimingisnotthemost
importantitemapprovalis.AnswerBisincorrectbecausechoosingteammembersisnotthemost
importantitemapprovalis.AnswerCisincorrectbecauseinternalsecuritymightormightnotbe
informed.Manytimestheyarebeingtestedtoseeiftheydetectanyunusualactivityornoticethatpen
testingisactuallyoccurring.
5.C.AneuralIDSworksbyfirstbeingplacedinalearningmodesothatitunderstandsnormalpatternsof
activity.AnswerAisincorrectbecausethisIDSdetectionmethodrequirestheadministratortouseprofiles
ofauthorizedactivitiesorplacethemintotheIDSsothatitunderstandsnormalactivity.AnswerBis
incorrectbecausesignatureIDSdetectionrequirestheadministratortoloadadatabaseofknownattacks.
AnswerDisincorrectbecauseaprotocoldecodingIDSissimilartoastatisticalIDS,yetitcankeeptrackof
thestateofasessionsothatitcanreassemblepacketsandlookathigherlayeractivity.
6.C.Datasecurityisoneoftheprimarydutiesofanauditor.Thistaskisachievedbycontrollingand
monitoringdatasecuritypolicies.AnswerAisincorrectbecauseauditorsareusuallynottheindividuals
responsibleforimplementingsecuritycontrols.AnswerBisincorrectbecauseanauditorisconcernednot
justwithnewpolicies,butalsowillallpolicies.AnswerDisincorrectbecausetheITsecuritygroupusually
handlesdaytodayactivitiesoftheIDSandthefirewall.
7.A.Notbackinguptheserversonaregularbasisisthemostseriousthreattotheintegrityandavailability
ofinformationalassets.AnswerBisincorrectbecausegoodcontrolpoliciesshoulddictatethatuserssave
criticalinformationonnetworksharedrives.AnswerCisincorrectbecausehavingabusinesscontinuity
planthatgoesintotoomuchdetailisnotaproblem.AnswerDisincorrectbecausealthoughpoor
passwordenforcementisafinding,itisnotthemostcriticalfinding.
8.B.Chainofcustodyisthecriticalitemthatmustbemaintainedduringanyforensicactivity.Chainof
custodyconcernswhocollectedtheinformationandhowitwasdocumented,processed,stored,and
handled.AnswersA,C,andDareincorrectbecauseincidentresponseshouldbeaddressedinaseparate
setofpolicies.Theorganizationmightnotuseinhouseinvestigators.Consultantsmightperformforensic
activities.ForensicinvestigationsmightuseLinuxorotheropensourcetools,buttheydonothavetobe
commercial.
9.B.Theprocessownerhastheresponsibilityofthedaytodaymanagementoftheasset.AnswersA,C,and
Dareincorrectbecausethesecurityadvisorygroupisresponsibleforreviewingsecurityissues,security
plans,andprocedures.Thechiefprivacyofficerisresponsibleformaintainingcompliancewithlocal,state,
andfederalprivacylaws.Thechiefsecurityofficerisresponsibleforthedaytodaysecurityofthe
organization.
10.D.TheworststateforanIDSisafalsenegative,whichmeansaneventoccurredyetnoalarmwas
triggered.Therefore,answersA,B,andCareincorrect.

Encryption

Încărcat de

Informații document

Drepturi de autor

Formate disponibile

Partajați acest document

Partajați sau inserați document

Opțiuni de partajare

Vi se pare util acest document?

Este necorespunzător acest conținut?

Drepturi de autor:

Formate disponibile

Encryption

Încărcat de

Drepturi de autor:

Formate disponibile

11/12/2016 techbus.safaribooksonline.com/print?

S-ar putea să vă placă și