Chapter 11 homework

¡Supera tus tareas y exámenes ahora con Quizwiz!

A(n) ____________, is an information system that is critical to the survival of an organization. - network plan - accounting system - IDS - mission critical application - firewall

mission critical application

The key principle in preventing disruption, destruction and disaster is ___________. = - redundancy - control spreadsheet - IDS - anti-virus software - prevention controls

redundancy

A ___________ assigns levels of risk to various threats to network security by comparing the nature of the threats to the controls designed to reduce them. - risk assessment - backplane - mitigating control factor analysis - control verification worksheet - control test plan

risk assessment

A brute force attack against an encryption system: - is called RC4 - tries to gain access by trying every possible key - is also known as 3DES - always uses the Rijndael algorithm - is part of the Advanced Encyrption Standard

tries to gain access by trying every possible key

Which of the following is a mode that is used by IPSec? - exchange - sniffer - tunnel - creeper - firefighter

tunnel

A (n) ______ is a special type of virus that spreads itself without human intervention. - snake - worm - Trojan horse - boot sector virus - stealth virus

worm

Asymmetric encryption uses the same key to encrypt and decrypt a message. True False

False

Corrective controls reveal or discover unwanted events. True False

False

Decryption is the process of converting plaintext into ciphertext. True False

False

In transport mode, IPSec encrypts the entire IP packet. True False

False

Social engineering refers to creating a team that solves virus problems True False

False

What are the 3 primary goals of security?

Confidentiality Integrity Availability

A(n) _______ is a screened subnet devoted solely to public access servers such as Web servers and public DNS servers. - intranet - DMZ - zone of authority - VLAN - smart hub

DMZ

Which of the following is not considered one of the five most common business impacts? - Financial - Productivity - Reputation - Social - Safety

Social

Which of the following is not true about one-time passwords? - Users' pagers or smart phones (via text messaging) can receive them. - They can be used in conjunction with a token system. - The user must enter the one-time password to gain access or the connection is terminated. - This is a good security solution for users who travel frequently and who must have secure dial-in access. -They create a packet level firewall on the system.

They create a packet level firewall on the system.

A host based intrusion prevention system (IPS) monitors activity on the server and reports intrusions to the IPS management console. True False

True

A packet-level firewall examines the source and destination address of every network packet that passes though the firewall. True False

True

An asset can be compromised by more than one threat, so it is common to have more than one threat scenario for each asset. True False

True

Confidentiality refers to the protection of the organizational data from unauthorized disclosure of customer and proprietary date True False

True

Maintaining data integrity is one of the primary goals of security. True False

True

Secure Sockets Layer is an encryption standard designed for use on the Web. True False

True

Security on a network not only means being able to prevent a hacker from breaking into your computer but also includes being able to recover from temporary service problems or from natural disasters. True False

True

When using a digital signature for the process of authentication, the sender encrypts the message with their private key and the recipient decrypts the message with the sender's public key. True False

True

A sniffer program is a: - type of macro-virus - small peep-hole in a door or wall to allow a security guard to sniff the area with his or her nose before entering a secure area or location - used in a call-back modem - a program that records all LAN messages received for later analysis - secure hub program

a program that records all LAN messages received for later analysis

Symmetric encryption systems have two parts: the key and the ____________. - algorithm - spamming method - IP spoofer - clearance code - smart card bits

algorithm

A __________ is a trusted organization that can vouch for the authenticity of the person or the organization using the authentication. - disaster recovery firm - DES company - directory company - certificate authority fingerprint advisory board

certificate authority

The use of computer analysis techniques to gather evidence for criminal and/or civil trials is known as: - Trojan horse - sniffing - tunneling - computer forensics - misuse detection

computer forensics

IP spoofing means to: - fool the target computer and any intervening firewall into believing that messages from the intruder's computer are actually coming from an authorized user inside the organization's network - clad or cover the internal processing (IP) lines with insulating material to shield the IP lines from excess heat or radiation - illegally tape or listen in on telephone conversations - detect and prevent denial-of-service attacks - act as an intermediate host computer between the Internet and the rest of the organization's networks

fool the target computer and any intervening firewall into believing that messages from the intruder's computer are actually coming from an authorized user inside the organization's network

The use of hacking techniques to bring attention to a larger political or social goal is referred to as - cracking - ethical politics - hacktivism - social engineering - brute force attacks

hacktivism

Which of the following is a type of intrusion prevention system? - zoned-based - data link-based - host-based - transport-based -none of the above is an appropriate answer

host-based

A(n) __________ is any potential adverse occurrence that can do harm, interrupt the system using the network to cause monetary loss to the organization. - asset - service level agreement - threat - security plan - network design

threat


Conjuntos de estudio relacionados

Nerve impluses + All or none principle

View Set

Chapter 5: Consciousness --> Expanding the Boundaries of Psychological inquiry

View Set

Cognitive Psychology Chapters 1-2

View Set

Exam FX Oregon Life/Health insurance

View Set

Care of Patients with Musculoskeletal Problems

View Set

Missed - Exam Questions FL Life and Health

View Set

Student Created Midterm Study Guide (in class)

View Set