the hardest game ever made
TRANSCRIPT
-
7/30/2019 The Hardest Game Ever Made
1/46
-
7/30/2019 The Hardest Game Ever Made
2/46
MECHANICS
The game follows the rules of a normal quPoints per Round
Round 1 1 point per question
Round 2 2 points per question
Round 3 3 points per question
-
7/30/2019 The Hardest Game Ever Made
3/46
THE PUNISHER: Incorrect answers will tantamoa deduction equivalent to the corresponding pof the question.
THE SHIELD: Groups can choose not to answerquestion. Deductions or additions will not be mtheir score.
DOUBLE UP: Double the point(s) added if the gthe only one who gets the correct answer.
DOUBLE DOWN: Double the point(s) subtractegroup is the only one who gives an incorrect an
-
7/30/2019 The Hardest Game Ever Made
4/46
-
7/30/2019 The Hardest Game Ever Made
5/46
Enumerate the types of controls can be used to mitigate the risk
systems intrusions.
-
7/30/2019 The Hardest Game Ever Made
6/46
Enumerate the types of controls that caused to mitigate the risk of systemsintrusions.
Preventive Controls Detective Controls
Corrective Controls
-
7/30/2019 The Hardest Game Ever Made
7/46
Modified True or False.The idea of defense-in-depth is
employ a layer of controls in orde
avoid having multiple points of fa
-
7/30/2019 The Hardest Game Ever Made
8/46
Modified True or False. The idea of defensedepth is to employ a layer of controls in ordeavoid having multiple points of failure.
False. The idea of defense-in-depth is to emmultiple layers of controls in order to avoid ha
single point of failure.
-
7/30/2019 The Hardest Game Ever Made
9/46
_____ is a separate network that percontrolled access from the Internet
selected resources, such as the
organizations e-commerce Web ser
a. Data Management Zone
b. Data Manipulation Zone
c. Data Manoeuvring Zone
d. Data Militarized Zone
e. None of the above
-
7/30/2019 The Hardest Game Ever Made
10/46
_____ is a separate network that percontrolled access from the Internet
selected resources, such as the
organizations e-commerce Web ser
a. Data Management Zone
b. Data Manipulation Zone
c. Data Manoeuvring Zone
d. Data Militarized Zone
e. None of the above (Demilitarized zone)
-
7/30/2019 The Hardest Game Ever Made
11/46
What are the types of credentialscan be used to verify a person
identity?
-
7/30/2019 The Hardest Game Ever Made
12/46
What are the types of credentials thbe used to verify a persons ident
Something they know Something they have
Some physical characteristic
-
7/30/2019 The Hardest Game Ever Made
13/46
Which of the following is a detectcontrol?
a. Endpoint hardening
b. Physical access controls
c. Penetration testing
d. Patch management
-
7/30/2019 The Hardest Game Ever Made
14/46
Which of the following is a detectcontrol?
a. Endpoint hardening
b. Physical access controls
c. Penetration testing
d. Patch management
-
7/30/2019 The Hardest Game Ever Made
15/46
What is the most commonly usauthentication method?
-
7/30/2019 The Hardest Game Ever Made
16/46
What is the most commonly usauthentication method?
Password
-
7/30/2019 The Hardest Game Ever Made
17/46
It is a set of rules that determines packets are allowed entry and w
are dropped.
-
7/30/2019 The Hardest Game Ever Made
18/46
It is a set of rules that determines packets are allowed entry and w
are dropped.
Access Control List (ACL)
-
7/30/2019 The Hardest Game Ever Made
19/46
Which of the following is a COBIT ITresource?
a. Datab. Office Supplies
c. Customer
d. Software
-
7/30/2019 The Hardest Game Ever Made
20/46
Which of the following is a COBIT ITresource?
a. Datab. Office Supplies
c. Customer
d. Software
-
7/30/2019 The Hardest Game Ever Made
21/46
_______ is a fundamental control procedprotecting confidentiality of sensitivinformation when they are stored an
transmitted to trusted parties.
-
7/30/2019 The Hardest Game Ever Made
22/46
Encryption is a fundamental control procfor protecting confidentiality of sensit
information when they are stored antransmitted to trusted parties.
-
7/30/2019 The Hardest Game Ever Made
23/46
-
7/30/2019 The Hardest Game Ever Made
24/46
What are the dimensions of the CFramework?
-
7/30/2019 The Hardest Game Ever Made
25/46
What are the dimensions of the COFramework?
Plan and Organize Acquire and Implement
Deliver and Support
Monitor and Evaluate
Whi h f th f ll i t t t i
-
7/30/2019 The Hardest Game Ever Made
26/46
Which of the following statements itrue?
a. The time-based model of security can be exp
in the following formula: P < D + C.b. Information security is primarily an IT issue, n
managerial concern.
c. Conciseness is one of the strengths of COBIT.
d. Information security is necessary for protecticonfidentiality, privacy, integrity of processinavailability of information resources.
e. All of the above
f. None of the above
Whi h f th f ll i t t t i
-
7/30/2019 The Hardest Game Ever Made
27/46
Which of the following statements itrue?
a. The time-based model of security can be exp
in the following formula: P < D + C.b. Information security is primarily an IT issue, n
managerial concern.
c. Conciseness is one of the strengths of COBIT.
d. Information security is necessary for protectconfidentiality, privacy, integrity of processiavailability of information resources.
e. All of the above
f. None of the above
-
7/30/2019 The Hardest Game Ever Made
28/46
What are fundamental informatsecurity concepts?
-
7/30/2019 The Hardest Game Ever Made
29/46
What are the fundamental informasecurity concepts?
Security is a management issue, not a technoloissue
Time-based model of security
Defense-in-depth
Which of the following statements i
-
7/30/2019 The Hardest Game Ever Made
30/46
Which of the following statements ifalse?
a. Authorization is the process of verifying the id
the person or device attempting to access the b. A man-trap is a type of physical access control
c. Deep packet inspection is the heart of a new tsecurity technology called intrusion prevention
systems.d. Firewalls block all traffic.
e. All of the above
f. None of the above
Which of the following statements i
-
7/30/2019 The Hardest Game Ever Made
31/46
Which of the following statements ifalse?
a. Authorization is the process of verifying the id
the person or device attempting to access the b. A man-trap is a type of physical access control
c. Deep packet inspection is the heart of a new tsecurity technology called intrusion prevention
systems.d. Firewalls block all traffic.
e. All of the above
f. None of the above
-
7/30/2019 The Hardest Game Ever Made
32/46
_____ is used to identify rogmodems (or by hackers to iden
targets).
-
7/30/2019 The Hardest Game Ever Made
33/46
War dialing is used to identify rmodems (or by hackers to iden
targets).
Whi h f th f ll i i th
-
7/30/2019 The Hardest Game Ever Made
34/46
Which of the following is the moeffective way to protect the perime
a. deep packet inspectionb. static packet filtering
c. stateful packet filtering
d. All are equally effective
Whi h f th f ll i i th
-
7/30/2019 The Hardest Game Ever Made
35/46
Which of the following is the moeffective way to protect the perime
a. deep packet inspectionb. static packet filtering
c. stateful packet filtering
d. All are equally effective
-
7/30/2019 The Hardest Game Ever Made
36/46
It consists of a set of sensors and a centmonitoring unit that create logs of networkthat was permitted to pass the firewall an
analyze those logs for signs of attempte
successful intrusions.
-
7/30/2019 The Hardest Game Ever Made
37/46
It consists of a set of sensors and a centmonitoring unit that create logs of networkthat was permitted to pass the firewall an
analyze those logs for signs of attempte
successful intrusions.Intrusion Detection Systems (IDS)
Statement 1: IPS is not prone to fals
-
7/30/2019 The Hardest Game Ever Made
38/46
palarms.Statement 2: The use of a VPN soft
makes it much easier to add or remsites from the network.
a. Only statement 1 is true
b. Only statement 2 is truec. Both are true
d. Both are false
Statement 1: IPS is not prone to fals
-
7/30/2019 The Hardest Game Ever Made
39/46
palarms.Statement 2: The use of a VPN soft
makes it much easier to add or remsites from the network.
a. Only statement 1 is true
b. Only statement 2 is truec. Both are true
d. Both are false
-
7/30/2019 The Hardest Game Ever Made
40/46
A compatibility test matches the users authencredentials against the ____________ to detewhether the employee should be allowed to
certain information resources and performrequested action
-
7/30/2019 The Hardest Game Ever Made
41/46
A compatibility test matches the users authencredentials against the access control matr
determine whether the employee should be ato access certain information resources and p
the requested action
-
7/30/2019 The Hardest Game Ever Made
42/46
-
7/30/2019 The Hardest Game Ever Made
43/46
All or Nothing.Enumerate the key criteria tha
information provided to managem
should satisfy.
Enumerate the key criteria tha
-
7/30/2019 The Hardest Game Ever Made
44/46
yinformation provided to managem
should satisfy. Integrity
Confidentiality
Efficiency
Reliability
Availability Compliance
Effectiveness
-
7/30/2019 The Hardest Game Ever Made
45/46
What are the three techniques usintrusion prevention systems to idundesirable traffic patterns?
What are the three techniques used
-
7/30/2019 The Hardest Game Ever Made
46/46
intrusion prevention systems to idenundesirable traffic patterns?
Compare traffic patterns to a database of sigof known attacks
Develop a profile ofnormal traffic and use stanalysis to identify packets that do not fit that
Use rule bases that specify acceptable standspecific types of traffic and that drop all packdo not conform to those standards