Steganalysis

Question: The attacker focuses on stopping the message transmission
The attacker is:

a. Active attacker
b. Proactive attacker
c. Passive attacker
d. Reactive attacker

Solution: Active attacker

Question: A proactive steps that can be taken to overcome active attacker are the following EXCEPT:

a. Use distortion steganography technique
b. Replicate the message on multiple location of the message
c. Encrypt the message
d. Use hash functions

Solution: Encrypt the message

Question: The attacker changes the format of every message that goes through his monitored channel
The attacker is:

a. Proactive attacker
b. Active attacker
c. Reactive attacker
d. Passive attacker

Solution: Active attacker

Question: The attacker focuses on message extraction instead of stopping the communication
The attacker is:

a. passive attacker
b. active attacker
c. reactive attacker
d. proactive attacker

Solution: passive attacker

Question: The following scenario can limit the type of media that can be used for steganography EXCEPT

a. Use external drive to sensitive information storage's machine
b. Configure ports connected to sensitive information storage to receive only mode
c. Restrict physical access and hardware to sensitive information's location
d. Configure the firewall to restrict specific filetypes from being transmitted

Solution: Use external drive to sensitive information storage's machine

Question: The attacker focuses on traffic analysis and user identification
The attacker is:

a. Passive attacker
b. Reactive attacker
c. Proactive attacker
d. Active attacker

Solution: Passive attacker

Question: A possible advantage scenario of steganography over cryptography is:

a. Message can be bigger than the carrier media
b. Message is hard to read because it is jumbled up
c. Messages are smaller than encrypted message
d. Message won't raise suspicion because everyone received it

Solution: Message won't raise suspicion because everyone received it

Question: Understanding the steganography triad is important when designing a stego-system because:

a. the strength of a stego-system could be known from the triad
b. the amount of payload could be known from the triad
c. the amount of robustness could be known from the triad
d. the amount of invisibility could be known from the triad

Solution:  the strength of a stego-system could be known from the triad

Question: Steganography is different from cryptography because

a. Steganography is hashed and unreadable
b. Steganography looks like another media or message
c. Steganography is not anonymous
d. Steganography is faster than encryption

Solution: Steganography looks like another media or message

Question: Which of the following shows a scenario for a secure stego-system:-

    1. Warden does not have the key to generate the stego-object.
    2. The cover object is also the stego-object.
    3. The stego-object is hard to differentiate than normal object.
    4. The attacker is the agent that generates the stego-object.

Select one:
a. 3 and 4
b. 1 and 3
c. all of the above
d. 1 and 2

Solution: 1 and 3

Risk Management

Question: Generally, most risk management activities will consist of the following activities EXCEPT:

a. Control Identification
b. Target group awareness
c. Risk assessment
d. Control Implementation

Solution: Target group awareness

Question: Security policy and procedures on e-mail safety practice is an example of

a. Acceptance risk control
b. Avoidance risk control
c. Transference risk control
d. Mitigation risk control

Solution: Avoidance risk control

Question: Placing security camera around building that has valuable asset is an example of

a. Transference risk control
b. Acceptance risk control
c. Avoidance risk control
d. Mitigation risk control

Solution: Avoidance risk control

Question: Insuring the office building with fire insurance is example of

a. Avoidance risk control
b. Acceptance risk control
c. Transference risk control
d. Mitigation risk control

Solution: Transference risk control

Question: Hiring vendors to set up firewall and Intrusion Detection System to protect the server is an example of

a. Mitigation risk control
b. Transference risk control
c. Avoidance risk control
d. Acceptance risk control

Solution: Avoidance risk control

Question: The core consideration in a cost benefit analysis is:

a. weighing the pros and cons of implementing a risk control choices
b. selecting which vendor is the best to provide backup, security and insurance
c. giving monetary value to each of the asset that needs to be protected
d. identifying the risk, threat and vulnerabilities of each asset that needs to be analyzed

Solution: weighing the pros and cons of implementing a risk control choices

Question: The following scenario could be considered as an asset valuation component, EXCEPT

a. The amount of discount our client gets from black Friday's sale
b. Poor Internet connection effect the order tracking that comes in from the customer
c. The secret recipe to that makes up for our famous fried chicken
d. Heavy rain causes difficulty in delivering item to the customer

Solution: The amount of discount our client gets from black Friday's sale

Question: The correct order in a risk assessment activity is:

a. Asset - Vulnerability - Threat
b. Asset - Threat - Vulnerability
c. Threat - Vulnerability - Asset
d. Vulnerability - Asset - Threat

Solution: Asset - Threat - Vulnerability

Question: Providing cold site and hot site for important business transaction is an example of

a. Mitigation risk control
b. Transference risk control
c. Acceptance risk control
d. Avoidance risk control

Solution: Mitigation risk control

Question: If the cost from a risk occurrence could be absorbed by the organization, it is an example of

a. Avoidance risk control
b. Transference risk control
c. Mitigation risk control
d. Acceptance risk control

Solution: Acceptance risk control

Security Planning

Question: A malware released into the system causing machines in financial department to be locked.

This event should be covered in:

a. Damage Assessment
b. Business Continuity Planning
c. Incident Response Planning
d. Disaster Response Planning

Solution: Disaster Response Planning

Question:  Register the guest at the reception counter
Escort the guest to their designated meeting area
Leave the guest only if they are received by another employee at the meeting area.

This is an example of:

a. Standard
b. Guideline
c. Policy
d. Procedure 

Solution: Procedure

Question: Only registered guest will be allowed access into the premise

This is an example of:
Select one:
a. Guideline
b. Standard
c. Procedure
d. Policy

Solution: Policy

Question: All critical department computers should always be backed up regularly to another site.

This event should be included in the:
Select one:
a. Disaster Recovery Planning
b. Incident Response Planning
c. Business Continuity Planning
d. Damage Assessment

Solution: Business Continuity Planning

Question: An employee accidentally clicked on a phishing link causing his machine to be locked by ransomware.

This event should be covered in:
Select one:
a. Disaster Response Planning
b. Damage Assessment
c. Business Continuity Planning
d. Incident Response Planning

Solution: Incident Response Planning

Question: Guest(s) will be given keycard to enter only the location that they have registered to.
Guest(s) entering the premise must always be escorted by an employee.

This is an example of:
Select one:
a. Standard
b. Procedure
c. Guideline
d. Policy

Solution: Standard

Question: Employer will be able to indicate employee's awareness and behavior of a certain security policy by the following method EXCEPT
Select one:
a. Putting up posters and leaflet around the workplace
b. Reviewing comments and feedback from the clients
c. Observation based on weekly walkabouts around the workplace
d. Employee engagement

Solution: Putting up posters and leaflet around the workplace

Question: Employee log files should be saved, stored and documented.

The event is related to:
Select one:
a. Business Continuity Planning
b. Damage Assessment
c. Disaster Recovery Planning
d. Incident Response Planning

Solution: Damage Assessment

Question: Policy should be easy to understand and contain less technical jargon because:
Select one:
a. People are basically ignorant and selfish
b. People comes from all walks of life and background
c. Employees and clients are not paid to follow technical policy
d. The employer needs to train them harder if it is too technical

Solution: People comes from all walks of life and background

Question: The following could be a successful awareness program approach EXCEPT:
Select one:
a. Highlight the achievement and success related to compliance
b. Produce and distribute easy to understand content over a planned timeline
c. Have a specific target group and a more customize the content
d. Focuses on spanned groups that could understand technical details

Solution: Focuses on spanned groups that could understand technical details

Laws & Ethics

Question: The main dilemma when handling a computer related cases is that sometimes it involved trans-national individuals and criminals. This dilemma is directly related to which part organizational concerns when enforcing or investing cases?

a. Jurisdiction
b. Due Diligence
c. Liability
d. Due Care 

Solution: Jurisdiction 

Question: If an incident occurs and causes lost to a client and even an organization's employee, the organization is responsible to provide compensation to the affected party. This is an example of:

a. Due care
b. Liability
c. Jurisdiction
d. Due diligence 

Solution: Liability

Question: An attacker performs DDoS attack towards an important server for McDonald's causing it to shutdown. This is:

a. Computer is incidental
b. Computer assisted crime
c. Computer is not related to this crime
d. Computer specific crime 

Solution: Computer specific crime

Question: Alex accidentally deletes the copy of his client's record from the database. This is a :

a. Computer is incidental crime
b. Computer assisted crime
c. Computer specific crime
d. Computer is not related to the crime 

Solution: Computer is incidental crime

Question: An organization is doing everything within its capacity to ensure the client's data is protected through authentication, backup and even recovery process. This is an example of:

a. Liability
b. Due diligence
c. Jurisdiction
d. Due care 

Solution: Due diligence

Question: As the manager, Suria pass judgment and decision based on the facts that is presented to him. This is an example of:

a. Self evaluation
b. Responsible behavior
c. Ethical dilemma
d. Professionally aligned behavior, action and decision

Solution: Professionally aligned behavior, action and decision

Question: A robber uses the information from a hacked CCTV to study his victim while plotting the action. This is a:

a. computer assisted crime
b. computer is incidental
c. computer is not involved
d. computer specific crime 

Solution:  computer assisted crime 

Question: Doing the ethically correct thing requires us to always reevaluate our moral values before certain action. This is an example of:

a. Responsible behaviour
b. Professionally aligned behavior, action and decision
c. Ethical dilemmas
d. Self evaluation 

Solution: Self evaluation

Question: Zachary is unsure whether to report a wrongdoing involving his fellow friend at work. This is an example of:

a. Responsible behavior
b. Self evaluation
c. Ethical dilemmas
d. Professionally aligned behavior, action and decision 

Solution: Ethical dilemmas

Question: Explaining a policy and making sure it is understood by every employee falls under the category of:

a. Due Diligence
b. Liability
c. Due care
d. Jurisdiction

Solution: Due care

Security Maintenance

Question: Acceptable action and practice can be obtained from:

a. Baseline study
b. Policy
c. Audit
d. Monitoring

Solution: Policy

Question: The one that should have the most on-the-field skills in a security team is the:

a. Chief Executive Officer
b. Chief Information Security Officer
c. Security manager
d. Security technician

Solution: Security technician

Question: The following can be used for background checks for prospective employee EXCEPT:

a. Social media presence
b. Lecturer's recommendation letter
c. Parent's phone call verification
d. Medical information history 

Solution: Parent's phone call verification

Question: Which of the following could BEST describe the importance of job or task rotation from security perspective

a. Sharing responsibility of doing the job among employees
b. Ease the burden of the employee from being responsible for one task in a long time
c. Prevent corruption of having too much control over a task
d. Jobs or tasks can be done much faster and more efficient

Solution: Prevent corruption of having too much control over a task

Question: The following are related to EXTERNAL Environment EXCEPT

a. Public network
b. Vendors
c. Virus and malware
d. Employee 

Solution: Employee

Question: If you want to check for malware and virus activity in a network, which log will you look at?

a. Event log
b. Entry log
c. Access log
d. Manager's log 

Solution: Event log

Question: The following are related to INTERNAL monitoring EXCEPT:

a. Organization's network
b. Cross site scripting threat
c. Office's software patches !
d. Security awareness

Solution: Cross site scripting threat

Question: Change management is important when implementing new security control because

a. It was described in the security model and must be followed
b. It involves changes affecting people and technicalities of doing things
c. It involves risk assessment to identify asset, threat and risk for an information asset
d. It addresses the cost benefit analysis to be presented to the management

Solution: It involves changes affecting people and technicalities of doing things

Question: Which of the following could best describe the reason why organization must omit job description that
describe access privileges?

a. The information is not important for the job being offered
b. It might leak possible guesses of interview questions based on the information
c. It reveals access level and possible control related to those privileges
d. Prospective employee could demand more pay when looking at the information

Solution:  It reveals access level and possible control related to those privileges

Question: Which of the following is related to CHANGE MANAGEMENT

a. External Monitoring
b. Cost Benefit Analysis
c. Risk Assessment
d. IT Governance

Solution: IT Governance