Chapter 3: Network Security (Test)
In symmetric key encryption, a key must be ________ bits long, or longer, to be considered strong. (Choose the choice closest to the correct answer.) A) 36 B) 56 C) 64 D) 128
128 (Objective: Explain in detail the protection of dialogues by cryptography, including symmetric key encryption for confidentiality and electronic signatures.)
In two-way dialogues using symmetric key encryption, how many keys are used for encryption and decryption? A) 1 B) 2 C) 4 D) none of the above
1 (Objective: Explain in detail the protection of dialogues by cryptography, including symmetric key encryption for confidentiality and electronic signatures.)
Attack programs that can be remotely controlled by an attacker are ________. A) bots B) DoS programs C) exploits D) sock puppets
bots (Describe the threat environment, including types of attacks and types of attackers.)
Which of the following can be upgraded after it is installed on a victim computer? (Choose the most specific answer.) A) Trojan horses B) bots C) viruses D) worms
bots (Objective: Describe the threat environment, including types of attacks and types of attackers.)
A password-cracking attack that tries all combinations of keyboard characters is called a ________. A) dictionary attack B) hybrid mode dictionary attack C) brute-force attack D) comprehensive keyboard attack
brute-force attack (Objective: Evaluate alternative authentication mechanisms, including passwords, smart cards, biometrics, digital certificate authentication, and two-factor authentication.)
The password "NeVEr" can be defeated by a ________. A) dictionary attack B) hybrid dictionary attack C) brute-force attack D) none of the above
brute-force attack (Objective: Evaluate alternative authentication mechanisms, including passwords, smart cards, biometrics, digital certificate authentication, and two-factor authentication.)
The password "R7%t&" can be defeated by a ________. A) dictionary attack B) hybrid mode dictionary attack C) brute-force attack D) All of the above could defeat the password equally quickly.
brute-force attack (Objective: Evaluate alternative authentication mechanisms, including passwords, smart cards, biometrics, digital certificate authentication, and two-factor authentication.)
The Target attackers sold their stolen card information to ________. A) crimeware shops B) card shops C) card counterfeiters D) Hallmark
card shops (Objective: Describe the threat environment, including types of attacks and types of attackers.)
Credit card number thieves are called ________. (Pick the most precise answer.) A) numbers racketeers B) fraudsters C) identity thieves D) carders
carders (Objective: Describe the threat environment, including types of attacks and types of attackers.)
What type of attacker are most of attackers today? A) disgruntled employees and ex-employees B) career criminals C) hackers motivated by a sense of power D) cyberterrorists
career criminals (Objective: Describe the threat environment, including types of attacks and types of attackers.)
In digital certificate authentication, the verifier gets the key it needs directly from the ________. A) supplicant B) verifier C) true party D) certificate authority
certificate authority (Objective: Evaluate alternative authentication mechanisms, including passwords, smart cards, biometrics, digital certificate authentication, and two-factor authentication.)
A specific encryption method is called a ________. A) code B) schema C) key method D) cipher
cipher (Objective: Explain in detail the protection of dialogues by cryptography, including symmetric key encryption for confidentiality and electronic signatures.)
Using encryption, you make it impossible for attackers to read your messages even if they intercept them. This is ________. A) authentication B) confidentiality C) both A and B D) neither A nor B
confidentiality (Objective: Explain in detail the protection of dialogues by cryptography, including symmetric key encryption for confidentiality and electronic signatures.)
ACLs are used for packets in the ________ state. A) connection-opening B) ongoing communication C) both A and B D) neither A nor B
connection-opening (Objective: Describe firewall protection, including stateful packet inspection, intrusion prevention systems, and next-generation firewalls.)
________ is the general name for proofs of identity in authentication. A) Credentials B) Authorizations C) Certificates D) Signatures
credentials (Objective: Evaluate alternative authentication mechanisms, including passwords, smart cards, biometrics, digital certificate authentication, and two-factor authentication.)
The general name for malware on a user's PC that collects sensitive information and sends this information to an attacker is ________. A) keystroke loggers B) anti-privacy software C) spyware D) data mining software
spyware (Objective: Describe the threat environment, including types of attacks and types of attackers.)
If a packet is highly suspicious but not a provable attack packet, a(n) ________ may drop it. A) SPI firewall B) IDS C) IPS D) all of the above
IPS (Objective: Describe firewall protection, including stateful packet inspection, intrusion prevention systems, and next-generation firewalls.)
Who are the most dangerous types of employees? A) financial employees B) manufacturing employees C) IT security employees D) former employees
IT security employees (Objective: Describe the threat environment, including types of attacks and types of attackers.)
Which type of firewall filtering looks at application-layer content? A) static packet filtering B) stateful packet inspection C) NGFW D) all of the above
NGFW (Objective: Describe firewall protection, including stateful packet inspection, intrusion prevention systems, and next-generation firewalls.)
Which of the following probably suffered the most financial damage from the Target breach? A) Target B) banks C) consumers D) POS vendors
Target (Objective: Describe the threat environment, including types of attacks and types of attackers.)
Malware programs that masquerade as system files are called ________. A) viruses B) scripts C) payloads D) Trojan horses
Trojan horses (Objective: Describe the threat environment, including types of attacks and types of attackers.)
If you see a username and password on a Post-It note that anyone can see on a monitor, is it hacking if you use this information to log in? A) Yes B) No C) We cannot say from the information given.
Yes (Objective: Describe the threat environment, including types of attacks and types of attackers.)
Which type of firewall filtering collects streams of packets to analyze them as a group? A) static packet filtering B) stateful packet inspection C) next-generation D) none of the above
next-generation (Objective: Describe firewall protection, including stateful packet inspection, intrusion prevention systems, and next-generation firewalls.)
The digital certificate provides the ________. A) private key of the supplicant B) private key of the true party C) public key of the supplicant D) none of the above
none of the above (Objective: Evaluate alternative authentication mechanisms, including passwords, smart cards, biometrics, digital certificate authentication, and two-factor authentication.)
What type of attacker can do the most damage? A) criminal attackers B) hackers driven by curiosity C) employees and ex-employees D) national governments
national governments (Objective: Describe the threat environment, including types of attacks and types of attackers.)
Mobile code is another name for ________. A) virus B) worm C) both A and B D) neither A nor B
neither A nor B (Objective: Describe the threat environment, including types of attacks and types of attackers.)
Trojan horses can spread by ________. A) e-mailing themselves to victim computers B) directly propagating to victim computers C) both A and B D) neither A nor B
neither A nor B (Objective: Describe the threat environment, including types of attacks and types of attackers.)
You discover that you can get into other e-mail accounts after you have logged in under your account. You spend just a few minutes looking at another user's mail. Is that hacking? A) Yes B) No C) We cannot say from the information given.
Yes (Objective: Describe the threat environment, including types of attacks and types of attackers.)
In distributed DoS attacks, the attacker sends messages directly to ________. A) bots B) the intended victim of the DoS attack C) a command and control server D) DOS servers
a command and control server (Objective: Describe the threat environment, including types of attacks and types of attackers.)
A program that can capture passwords as you enter them is ________. A) a keystroke logger B) data mining software C) both A and B D) neither A nor B
a keystroke logger (Objective: Describe the threat environment, including types of attacks and types of attackers.)
________ look at ________, and ________ look at ________. A) Antivirus programs, packets, firewalls, packets B) Antivirus programs, files, firewalls, files C) Antivirus programs, packets, firewalls, files D) Antivirus programs, files, firewalls, packets
antivirus programs, files, firewalls, packets (Objective: Describe the role of antivirus protection.)
Authentication should generally be ________. A) as strong as possible B) appropriate for a specific resource C) the same for all resources, for consistency D) all of the above
appropriate for a specific resource (Objective: Evaluate alternative authentication mechanisms, including passwords, smart cards, biometrics, digital certificate authentication, and two-factor authentication.)
The messages of VPNs ________. A) share the same transmission lines B) are encrypted C) both A and B D) neither A nor B
are encrypted (Objective: Explain in detail the protection of dialogues by cryptography, including symmetric key encryption for confidentiality and electronic signatures.)
Passwords are widely used because they ________. A) are demanded by users B) offer strong authentication C) are the only authentication techniques known by most security professionals D) are inexpensive to use
are inexpensive to use (Objective: Evaluate alternative authentication mechanisms, including passwords, smart cards, biometrics, digital certificate authentication, and two-factor authentication.)
Requiring someone to use a resource to prove his or her identity is ________. A) confidentiality B) authentication C) authorization D) both B and C
authentication (Objective: Evaluate alternative authentication mechanisms, including passwords, smart cards, biometrics, digital certificate authentication, and two-factor authentication.)
Electronic signatures provide message-by-message ________. A) authentication B) confidentiality C) both A and B D) neither A nor B
authentication (Objective: Explain in detail the protection of dialogues by cryptography, including symmetric key encryption for confidentiality and electronic signatures.)
In antivirus filtering, the best ways to filter currently use ________. A) application awareness B) stateful inspection C) signature detection D) behavioral detection
behavioral detection (Objective: Describe the role of antivirus protection.)
NGFWs ________. A) can implement different rules for different applications B) can detect threats that span multiple packets C) both A and B D) neither A nor B
both A and B (can implement different rules for different applications, can detect threats that span multiple packets) (Objective: Describe firewall protection, including stateful packet inspection, intrusion prevention systems, and next-generation firewalls.)
When a firewall identifies an attack packet, it ________. A) discards the packet B) copies information about the packet into a log file C) both A and B D) neither A nor B
both A and B (discards the packet, copies information about the packet into a log file) (Objective: Describe firewall protection, including stateful packet inspection, intrusion prevention systems, and next-generation firewalls.)
To defeat brute-force attacks, a password must be ________. A) long B) complex C) both A and B D) neither A nor B
both A and B (long, complex) (Objective: Evaluate alternative authentication mechanisms, including passwords, smart cards, biometrics, digital certificate authentication, and two-factor authentication.)
A user picks the password "tiger." This is likely to be cracked quickly by a(n) ________. A) attack on an application running as root B) brute-force attack C) dictionary attack D) reverse engineering attack
dictionary attack (Objective: Evaluate alternative authentication mechanisms, including passwords, smart cards, biometrics, digital certificate authentication, and two-factor authentication.)
The password "velociraptor" can be defeated most quickly by a ________. A) dictionary attack B) reverse engineering attack C) brute-force attack D) None of the above because it is more than 8 characters long.
dictionary attack (Objective: Evaluate alternative authentication mechanisms, including passwords, smart cards, biometrics, digital certificate authentication, and two-factor authentication.)
Which of the following can spread more rapidly? A) directly-propagating viruses B) directly-propagating worms C) Both of the above can spread with approximately equal speed.
directly-propagating worms (Objective: Describe the threat environment, including types of attacks and types of attackers.)
Small malware programs that download larger malware programs are called ________. A) downloaders B) scouts C) foothold programs D) stage-one programs
downloaders (Objective: Describe the threat environment, including types of attacks and types of attackers.)
When a packet that is not part of an ongoing connection and that does not attempt to open a connection arrives at a stateful inspection firewall, the firewall ________. (Read this question carefully.) A) drops the packet B) passes the packet C) opens a new connection D) does not approve the connection
drops the packet (Objective: Describe firewall protection, including stateful packet inspection, intrusion prevention systems, and next-generation firewalls.)
The Target attackers probably first broke into Target using the credentials of a(n) ________. A) low-level Target employee B) Target IT employee C) Target security employee D) employee in a firm outside Target
employee in a firm outside Target (Objective: Describe the threat environment, including types of attacks and types of attackers.)
Firewall log files should be read ________. A) every month B) every day C) every week D) usually only when a serious attack is suspected
every day (Objective: Describe firewall protection, including stateful packet inspection, intrusion prevention systems, and next-generation firewalls.)
Methods that hackers use to break into computers are ________. A) cracks B) magics C) exploits D) compromises
exploits (Objective: Describe the threat environment, including types of attacks and types of attackers.)
Advanced persistent threats are ________. A) inexpensive for the attacker B) extremely dangerous for the victim C) both A and B D) neither A nor B
extremely dangerous for the victim (Objective: Describe the threat environment, including types of attacks and types of attackers.)
Which of the following can be done today without the target's knowledge? A) iris scanning B) face recognition C) both A and B D) neither A nor B
face recognition (Objective: Evaluate alternative authentication mechanisms, including passwords, smart cards, biometrics, digital certificate authentication, and two-factor authentication.)
Which of the following is a form of biometrics? A) reusable passwords B) digital certificate authentication C) facial recognition D) all of the above
facial recognition (Objective: Evaluate alternative authentication mechanisms, including passwords, smart cards, biometrics, digital certificate authentication, and two-factor authentication.)
Prepare2 can be cracked most quickly by a(n) ________. A) authentication attack B) brute-force attack C) dictionary attack D) hybrid dictionary attack
hybrid dictionary attack (Objective: Evaluate alternative authentication mechanisms, including passwords, smart cards, biometrics, digital certificate authentication, and two-factor authentication.)
Which of the following tends to be more damaging to the victim? A) credit card theft B) identity theft C) Both are about equally damaging to the victim. D) Neither is damaging to the victim.
identity theft (Objective: Describe the threat environment, including types of attacks and types of attackers.)
Users typically can eliminate a vulnerability in one of their programs by ________. A) installing a patch B) doing a zero-day installation C) using an antivirus program D) all of the above
installing a patch (Objective: Describe the threat environment, including types of attacks and types of attackers.)
A firewall will drop a packet if it ________. A) is a definite attack packet B) is a probable attack packet C) both A and B D) neither A nor B
is a definite attack packet (Objective: Describe firewall protection, including stateful packet inspection, intrusion prevention systems, and next-generation firewalls.)
Using SSL/TLS for Web applications is attractive because SSL/TLS ________. A) is essentially free to use B) offers the strongest possible cryptographic protections C) both A and B D) neither A nor B
is essentially free to use (Objective: Explain in detail the protection of dialogues by cryptography, including symmetric key encryption for confidentiality and electronic signatures.)
If a firewall does not have the processing power to filter all of the packets that arrive, ________. A) it will pass some packets without filtering them B) it will drop packets it cannot process C) both A and B D) neither A nor B
it will drop packets it cannot process (Objective: Describe firewall protection, including stateful packet inspection, intrusion prevention systems, and next-generation firewalls.)
Egress filtering examines packets ________. A) arriving from the outside B) leaving to the outside C) both A and B D) neither A nor B
leaving to the outside (Objective: Describe firewall protection, including stateful packet inspection, intrusion prevention systems, and next-generation firewalls.)
Stateful firewalls are attractive because of their ________. A) high filtering sophistication B) ability to filter complex application content C) QoS guarantees D) low cost
low cost (Objective: Describe firewall protection, including stateful packet inspection, intrusion prevention systems, and next-generation firewalls.)
The general name for evil software is ________. A) virus B) worm C) exploit D) malware
malware (Objective: Describe the threat environment, including types of attacks and types of attackers.)
Electronic signatures also provide ________ in addition to authentication. A) message integrity B) message encryption C) both A and B D) neither A nor B
message integrity (Objective: Explain in detail the protection of dialogues by cryptography, including symmetric key encryption for confidentiality and electronic signatures.)
How will a stateful packet inspection (SPI) firewall handle a packet containing a TCP FIN segment? A) process it through the Access Control List (ACL) B) pass it if it is part of an approved connection C) both A and B D) neither A nor B
pass it if it is part of an approved connection (Objective: Describe firewall protection, including stateful packet inspection, intrusion prevention systems, and next-generation firewalls.)
How will a stateful packet inspection (SPI) firewall handle a packet containing a TCP segment which is an acknowledgement? A) process it through the Access Control List (ACL) B) pass it if it is part of an approved connection C) both A and B D) neither A nor B
pass it if it is part of an approved connection (Objective: Describe firewall protection, including stateful packet inspection, intrusion prevention systems, and next-generation firewalls.)
When a packet that is part of an ongoing connection arrives at a stateful inspection firewall, the firewall usually ________. A) drops the packet B) drops the packet and notifies an administrator C) passes the packet D) passes the packet, but notifies an administrator
passes the packet (Objective: Describe firewall protection, including stateful packet inspection, intrusion prevention systems, and next-generation firewalls.)
Pieces of code that are executed after the virus or worm has spread are called ________. A) vulnerabilities B) exploits C) compromises D) payloads
payloads (Objective: Describe the threat environment, including types of attacks and types of attackers.)
An attack in which an authentic-looking e-mail or website entices a user to enter his or her username, password, or other sensitive information is called ________. (Select the most specific answer.) A) phishing B) identity theft C) social engineering D) a spyware attack
phishing (Objective: Describe the threat environment, including types of attacks and types of attackers.)
Iris scanning is attractive because of its ________. A) low cost B) precision C) both A and B D) neither A nor B
precision (Objective: Evaluate alternative authentication mechanisms, including passwords, smart cards, biometrics, digital certificate authentication, and two-factor authentication.)
How will a stateful packet inspection (SPI) firewall handle a packet containing a TCP SYN segment? A) process it through the Access Control List (ACL) B) pass it if it is part of an approved connection C) both A and B D) neither A nor B
process it through the Access Control List (ACL) (Objective: Describe firewall protection, including stateful packet inspection, intrusion prevention systems, and next-generation firewalls.)
DoS attacks attempt to ________. A) hack a computer B) reduce the availability of a computer C) steal information from a computer D) delete files on a computer
reduce the availability of a computer (Objective: Describe the threat environment, including types of attacks and types of attackers.)
In a firewall, VPN traversal ________. A) increases the effectiveness of firewall filtering B) reduces firewall filtering effectiveness C) both A and B D) neither A nor B
reduces firewall filtering effectiveness (Objective: Describe firewall protection, including stateful packet inspection, intrusion prevention systems, and next-generation firewalls.)
Which of the following probably suffered the most financial damage from the Target breach? A) retailers other than Target B) banks C) consumers D) POS terminal vendors
retailers other than Target (Objective: Describe the threat environment, including types of attacks and types of attackers.)
Tricking users into doing something against their security interests is ________. A) social engineering B) hacking C) both A and B D) neither A nor B
social engineering (Objective: Describe the threat environment, including types of attacks and types of attackers.)
Unsolicited commercial e-mail is better known as ________. A) spam B) adware C) social engineering D) identity theft
spam (Objective: Describe the threat environment, including types of attacks and types of attackers.)
An attack aimed at a single person or a small group of individuals is a(n) ________ attack. (Choose the most specific answer.) A) phishing B) spear phishing C) highly targeted D) customized
spear phishing (Objective: Describe the threat environment, including types of attacks and types of attackers.)
________ is the dominant firewall filtering method used on main border firewalls today. A) ACL filtering B) Application content filtering C) Stateful packet inspection D) none of the above
stateful packet inspection (Objective: Describe firewall protection, including stateful packet inspection, intrusion prevention systems, and next-generation firewalls.)
In authentication, the ________ is the party trying to prove his or her identity. A) supplicant B) verifier C) true party D) all of the above
supplicant (Objective: Evaluate alternative authentication mechanisms, including passwords, smart cards, biometrics, digital certificate authentication, and two-factor authentication.)
In digital certificate authentication, the supplicant encrypts the challenge message with ________. A) the supplicant's private key B) the verifier's private key C) the true party's private key D) none of the above
the supplicant's private key (Objective: Evaluate alternative authentication mechanisms, including passwords, smart cards, biometrics, digital certificate authentication, and two-factor authentication.)
In digital certificate authentication, the verifier uses ________. A) the supplicant's public key B) the true party's public key C) both A and B D) neither A nor B
the true party's public key (Objective: Evaluate alternative authentication mechanisms, including passwords, smart cards, biometrics, digital certificate authentication, and two-factor authentication.)
Which of the following meets the definition of hacking ________. A) to intentionally use a computer resource without authorization B) to use a computer on which you have an account for unauthorized purposes C) both A and B D) neither A nor B
to intentionally use a computer resource without authorization (Objective: Describe the threat environment, including types of attacks and types of attackers.)
Debit card is secure because it requires two credentials for authentication. This is also called ________. A) the supplicant's authentication B) the verifier's authentication C) two-factor authentication D) none of the above
two-factor authentication (Objective: Evaluate alternative authentication mechanisms, including passwords, smart cards, biometrics, digital certificate authentication, and two-factor authentication.)
Viruses most commonly spread from one computer to another ________. A) via e-mail B) by propagating directly by themselves C) through obfuscation D) all of the above
via e-mail (Objective: Describe the threat environment, including types of attacks and types of attackers.)
Which of the following attach themselves to other programs? A) Viruses B) Worms C) both A and B D) neither A nor B
viruses (Objective: Describe the threat environment, including types of attacks and types of attackers.)
A ________ is a flaw in a program that permits a specific attack or set of attacks against this problem. A) malware B) security error C) vulnerability D) security fault
vulnerability (Objective: Describe the threat environment, including types of attacks and types of attackers.)
The general name for a security flaw in a program is a ________. A) virus B) malware C) security fault D) vulnerability
vulnerability (Objective: Describe the threat environment, including types of attacks and types of attackers.)
SSL/TLS is used for ________. A) Web applications B) any application C) both A and B D) neither A nor B
web applications (Objective: Explain in detail the protection of dialogues by cryptography, including symmetric key encryption for confidentiality and electronic signatures.)
Which of the following sometimes uses direct propagation between computers? A) viruses B) worms C) Trojan horses D) downloaders
worms (Objective: Describe the threat environment, including types of attacks and types of attackers.)
________ are full programs. A) Viruses B) Worms C) both A and B D) neither A nor B
worms (Objective: Describe the threat environment, including types of attacks and types of attackers.)
Vulnerability-based attacks that occur before a patch is available are called ________ attacks. A) preinstallation B) stealth C) malware D) zero-day
zero-day (Objective: Describe the threat environment, including types of attacks and types of attackers.)