410 Appendix ■ Answers
4 9. C. Steganography is the art of using cryptographic techniques to embed secret messages
within other content. Steganographic algorithms work by making invisible alterations
to files, such as modifying the least significant bits of the many bits that make up image
files. VPNs may be used to obscure secret communications, but they provide protection in
transit and can’t be used to embed information in an image. Watermarking does embed
information in an image but with the intent of protecting intellectual property. A still
image would not be used for a covert timing channel because it is a fixed file.- A. JavaScript is an interpreted language so the code is not compiled prior to execution,
allowing Roger to inspect the contents of the code. C, C++, and Java are all compiled
languages—a compiler produces an executable file that is not human-readable. - D. When a system is configured to use shadowed passwords, the /etc/passwd file contains
only the character x in the place of a password. It would not contain any passwords, in
either plaintext, encrypted, or hashed form. - C. SYN floods rely on the TCP implementation on machines and network devices to cause
denial of service conditions. - D. The due care principle states that an individual should react in a situation using the
same level of care that would be expected from any reasonable person. It is a very broad
standard. The due diligence principle is a more specific component of due care that
states that an individual assigned a responsibility should exercise due care to complete it
accurately and in a timely manner. - B. ISDN, cable modems, DSL, and T1 and T3 lines are all examples of broadband
technology that can support multiple simultaneous signals. They are analog, not digital,
and are not broadcast technologies. - C. Social engineering is the best answer, as it can be useful to penetration testers who are
asked to assess whether staff members are applying security training and have absorbed
the awareness messages the organization uses. Port and vulnerability scanning find
technical issues that may be related to awareness or training issues but that are less likely
to be directly related. Discovery can involve port scanning or other data-gathering efforts
but is also less likely to be directly related to training and awareness. - B. RAID level 5 is also known as disk striping with parity. It uses three or more disks,
with one disk containing parity information used to restore data to another disk in the
event of failure. When used with three disks, RAID 5 is able to withstand the loss of a
single disk. - D. The Physical layer deals with the electrical impulses or optical pulses that are sent as
bits to convey data. - A. In an IaaS server environment, the customer retains responsibility for most server
security operations under the shared responsibility model. This includes managing OS
security settings, maintaining host firewalls, and configuring server access control.
The vendor would be responsible for all security mechanisms at the hypervisor layer
and below.