Chapter 4: Network Security
Requiring someone prove his or her identity is ________. A) security B) authentication C) both A and B D) None of the above.
B) authentication
Using bodily measurements for authentication is ________. A) all are correct B) biometrics C) illegal D) mandatory for good security
B) biometrics
Cyberwar attacks are made by ________. A) hackers B) national governments C) both A and B D) None of the above
B) national governments
In most encryption, keys must be at least ________ long to be considered safe. A) 128 bits B) 100 bits C) 34 bits D) 200 bits
A) 128 bits
Which type of firewall is more expensive per packet handled? A) NGFW B) SPI C) they are the same cost D) none of the above
A) NGFW
In digital certificate authentication, the supplicant encrypts the challenge message with ________. A) the verifier's private key B) none is correct C) the supplicant's private D) key the true party's private key
C) the supplicant's private
________ attacks typically extend over a period of months. A) DDos B) botnets C) cyberwar D) APT
D) APT
Who are the most dangerous types of employees? A) new hires B) administrators C) CEOs D) IT security employees
D) IT security employees
Which type of firewall filtering collects streams of packets to analyze them as a group? A) none is correct B) SPI and NGFW C) SPI D) NGFW
D) NGFW
Secured packets typically receive ________. A) confidentiality B) authentication C) message integrity D) all of the above
D) all of the above
Using SSL/TLS for Web applications is attractive because SSL/TLS ________. A) is easy to install B) is hard to find C) is extremely secure D) is essentially free to use
D) is essentially free to use
________ is a program that can capture passwords as you enter them. A) none is correct B) data mining software and keystroke logger C) data mining software D) keystroke logger
D) keystroke logger
Fingerprint recognition is generally acceptable for ________. A) all uses B) credit cards C) doors D) laptops
D) laptops
Which of the following meets the definition of hacking? A) to intentionally use a computer resource without authorization B) to intentionally use a computer on which you have an account but use it for unauthorized purposes C) both A and B D) neither A nor B
B) to intentionally use a computer on which you have an account but use it for unauthorized purposes
SSL/TLS is used for ________. A) Web applications B) any application C) both A and B D) neither A nor B
A) Web applications
The Target attackers sold stolen card information to ________. A) cardshops B) governments C) black markets D) none of the above
A) cardshops
In digital certificate authentication, the verifier gets the key it needs directly from the ________. A) certificate authority B) true party C) both are correct D) none are correct
A) certificate authority
NIST guidelines for reusable passwords permit ________. A) entirely lower-case passwords B) the use of the same password at different sites C) both entirely lower-case passwords and the use of the same password at different sites D) neither entirely lower-case passwords nor the use of the same password at different sites
A) entirely lower-case passwords
A firewall will drop a packet if it ________. A) is a definite attack packet B) is a highly probable attack packet C) Both A and B D) Neither A nor B
A) is a definite attack packet
Compared to NGFWs, IDSs ________. A) look for different threats B) look for the same threats C) look for the same threats but do so differently D) none of the above
A) look for different threats
A debit card is secure because it requires two credentials for authentication-the card itself and a PIN. This is called ________. A) two-factor authentication B) segmentation C) redundancy D) none is correct
A) two-factor authentication
________ look at ________, while ________ mostly look at ________. A) Firewalls; packets; antivirus programs; files B) Antivirus programs; files; firewalls; packets C) Firewalls; frames; Antivirus; behavior D) Antivirus; frames; Firewalls; behavior
B) Antivirus programs; files; firewalls; packets
________ is the general name for a security flaw in a program. A) A virus B) A patch C) A vulnerability D) An error
C) A vulnerability
Employees often attack ________. A) for revenge B) for money C) both A and B D) neither A nor B
C) both A and B
For reusable passwords, NIST now recommends ________. A) that passwords be easy to remember B) that passwords be long phrases instead of being about 8-12 characters long C) both A and B D) neither A nor B
C) both A and B
The messages of VPNs ________. A) share the same transmission lines used by other VPNs B) are encrypted C) both A and B D) neither A nor B
C) both A and B
Viruses and worms propagate through ________. A) social engineering B) exploiting vulnerabilities C) both A and B D) neither A nor B
C) both A and B
The Target attackers probably first broke into Target using the credentials of a(n) ________. A) Target IT employee B) Cashier C) employee in a firm outside Target D) customer
C) employee in a firm outside Target
The general term for evil software is ________. A) virus B) all of them C) malware D) worm
C) malware
Pieces of code that are executed after the virus or worm has spread are called ________. A) exploits B) vulnerabilities C) payloads D) compromises
C) payloads
Vulnerability-based attacks that occur before a patch is available are called ________ attacks. A) DDos B) APT C) zero-day D) none are correct
C) zero-day
In antivirus filtering, the best ways to filter currently use ________. A) signature detection B) stateful inspection C) application awareness D) behavioral detection
D) behavioral detection
Using encryption, you make it impossible for attackers to read your messages even if they intercept them. This is ________. A) encoding B) security C) authentication D) confidentiality
D) confidentiality
T/F: Biometrics, and other new authentication methods, are being created with the goal of getting rid of reusable passwords.
True
The supplicant claims to be ________. A) the true party B) a requester C) an imposter D) none is correct
A) the true party
For consumers who suffered credit card fraud because of the Target breach and acted quickly, which of the following is true? A) The United States Treasury compensated them from an insurance fund. B) The credit card companies did not charge them for fraudulent purchasers. C) They received no compensation. D) They received compensation from Target.
B) The credit card companies did not charge them for fraudulent purchasers.
________ are full programs. A) Viruses B) Worms C) both A and B D) neither A nor B
B) Worms
When a packet that is part of an ongoing connection arrives at a stateful inspection firewall, the firewall usually ________. A) passes the packet but notifies the administrator B) passes the packet C) drops the packet D) drops the packet and notifies the administrator
B) passes the packet