Registered Information Security Specialist Quiz

Why is symmetric-key encryption (e.g., AES) well suited to encrypting large volumes of data?

Answer:

Symmetric encryption is faster than public-key encryption, suiting bulk data; key distribution must be solved separately.

Which approach delivers a symmetric key via public-key encryption and encrypts the body quickly with that symmetric key?

Answer:

Hybrid cryptography distributes the key with public-key crypto and encrypts the body with symmetric crypto, balancing security and speed; TLS uses this.

Which technique is used to verify that a file has not been tampered with?

Answer:

A hash changes drastically with any input change, so comparing hashes before and after distribution detects tampering.

Which technique uses a shared key to confirm both message integrity and sender authenticity?

Answer:

HMAC combines a shared key with a hash function to provide both tamper detection and sender authentication.

Which security property does a digital signature provide?

Answer:

A digital signature, created with the signer private key and verified with the public key, provides integrity, authentication, and non-repudiation.

Which electronic data has a trusted third party vouch for the binding between a public key and its owner?

Answer:

A digital certificate, issued by a CA, attests that a public key truly belongs to the stated owner.

Which mechanism checks online whether a digital certificate has been revoked?

Answer:

OCSP queries certificate revocation status online; a CRL distributes revocations as a list.

Which authentication combines a password with something like an IC card or biometrics?

Answer:

Multi-factor authentication combines different factor types so one leaked factor is not enough to break in.

Which framework securely delegates access to a user's resources on one service to another service?

Answer:

OAuth 2.0 delegates authorization without sharing passwords, using access tokens.

Which mechanism lets users access multiple services after a single authentication?

Answer:

SSO lets one authentication grant access to multiple services; SAML and OpenID Connect are common implementations.

Which phishing-resistant method authenticates with public-key cryptography instead of passwords?

Answer:

FIDO2 authenticates with a device-held private key and public-key crypto, sending no password, making it phishing-resistant.

Which attack injects malicious scripts into a web page so they run in visitors' browsers?

Answer:

XSS injects malicious scripts where input is not properly escaped; output escaping is the basic defense.

Which attack forces a logged-in user's browser to perform unintended actions on a site?

Answer:

CSRF tricks a logged-in user into sending forged requests; CSRF tokens and similar checks defend against it.

Which is the most fundamental defense against SQL injection?

Answer:

Placeholders treat input as data so it cannot alter the SQL structure, providing a fundamental defense.

Which attack uses sequences like ../ to access files outside the intended directory?

Answer:

Directory traversal exploits weak path validation to read unintended files; validating and normalizing input prevents it.

Which attack intercepts a connection and impersonates both parties to eavesdrop or alter traffic?

Answer:

MITM intercepts a connection to eavesdrop or tamper; TLS encryption and certificate validation mitigate it.

Which attack feeds false resolution data into a DNS server to redirect users to fake sites?

Answer:

DNS cache poisoning caches forged responses to redirect users to malicious sites; DNSSEC is one countermeasure.

Which attack reuses ID/password pairs leaked from another service to attempt logins?

Answer:

Credential stuffing reuses leaked credentials on other sites; avoiding password reuse and using MFA mitigate it.

Which setting helps prevent theft of cookies holding a session ID?

Answer:

Secure restricts the cookie to HTTPS and HttpOnly blocks script access, reducing session-theft risk.

Which protocol encrypts HTTP traffic between browser and server to prevent spoofing and eavesdropping?

Answer:

TLS provides encryption, server authentication, and integrity, underpinning HTTPS; FTP and Telnet are plaintext.

Which technology builds an encrypted, virtual private link between sites over the internet?

Answer:

IPsec VPN provides encryption and authentication at the IP layer to connect sites securely.

Which mechanism inspects traffic to detect and block web-app attacks such as SQL injection and XSS?

Answer:

A WAF inspects web-application-layer traffic to detect and block common attack patterns.

Which system aggregates and correlates logs from many devices to detect security anomalies?

Answer:

SIEM centrally collects and correlates logs to detect signs of attacks or anomalies and support incident response.

Which is a fundamental practice emphasized in secure coding?

Answer:

Input validation is fundamental against many vulnerabilities; avoid leaking info in errors and excessive privileges.

Which term means building security in from the planning and design phases?

Answer:

Security by design incorporates security from the earliest design stages rather than bolting it on later.

Which activity analyzes logs and media after an incident to find the cause and preserve evidence?

Answer:

Digital forensics analyzes logs and media while preserving evidence integrity, aiding root-cause and legal response.

In incident response, which is an appropriate first action?

Answer:

Early response identifies scope and contains the incident; avoid deleting logs so evidence is preserved.

Which law prohibits using others' credentials without permission and intruding by exploiting vulnerabilities?

Answer:

The unauthorized access law prohibits using others' credentials without permission and intruding via security holes.