Chapters 1-2
Which confidentiality model is defined by controlling read and write access based on conflict of interest rules?
Brewer-Nash security model
In April 2009, Homeland Security Secretary Janet Napolitano told reporters
China and Russia made attempts to break into the US electric power grid
Which security principle refers to the concept that each and every request should be verified?
Complete mediation
Which Internet worm created infected systems that were part of what is known as a bot network (or botnet) and could be used to cause a DoS attack on a target or to forward spam e-mail to millions of users?
Conficker
Which term refers to the design and operation of elements to ensure the proper functional environment of a system?
Configuration Management
In the Clark-Wilson security model, what are the two levels of integrity?
Constrained data items (CDIs) and unconstrained data items (UDIs)
In most security circles, security through obscurity is considered a good approach, especially if it is the only approach to security.
False
What name was given to the advanced persistent threat (APT) style spy network responsible for bugging the Dalai Lama's office?
GhostNet
What target did the teenage hacker who went by the name "Jester" attack in March 1997?
He cut off telephone services to the FAA control tower as well as the emergency services at the Worcester Airport and the community of Rutland, Massachusetts.
Into which threat category does information warfare fall?
Highly Structured
Which security principle states that if you have not specifically been allowed access, then it should be denied?
Implicit deny
What was the primary lesson learned from the Slammer worm?
It drove home the point that the Internet could be adversely impacted in a matter of minutes.
How did the Code Red worm spread?
It made use of a buffer-overflow condition in Microsoft's IIS web servers that had been known for a month.
Which Internet criminal is famous for conducting his attacks using a number of different "tools" and techniques, including social engineering, sniffers, and cloned cellular telephones? B. Kevin Mitnick
Kevin Mitnick
What is one of the most fundamental principles in security?
Least Privilege
What name was given to an intellectual property attack executed against oil, gas, and petrochemical companies in the United States?
Operation Night Dragon
Which equation describes the operational model of security?
Protection = Prevention + (Detection + Response)
Which term describes the process where individuals analyze the binaries for programs to discover embedded passwords or cryptographic keys?
Reverse-engineering
What are the policies of the Biba model?
Ring (no read down) and Low-Water-Mark (no write up)
Which term describes a means of separating the operation of an application from the rest of the operating system?
Sandboxing
The entity that implements a chosen security policy and enforces those characteristics deemed most important by the system designers is known as the __________.
Security Model
What are the three operational tenets found in secure deployments?
Session management, exception management, and configuration management
Which term refers to an attack conducted against a site with software that is vulnerable to a specific exploit?
Target of opportunity
Which Internet worm, released in 1988, is considered to be one of the first real Internet crime cases?
The Morris Worm
Which statement applies to viruses?
They typically are highly visible once released.
Encapsulation is the concept of separating items so that they cannot interfere with each other.
True
Exception handling is an important consideration during software development.
True
In the Biba security model, instead of security classifications, integrity levels are used.
True
In the early days of computers, security was considered to be a binary condition in which your system was either secure or not secure
True
Melissa is the best known of the early macro-type viruses that attach themselves to documents for programs that have limited macro programming capability.
True
Most current ransomware attacks use a hybrid encrypting scheme, locking the files on a victim's computer until a ransom is paid.
True
Today, the data stored and processed by computers is almost always more valuable than the hardware.
True
In 2014, on how many different threat actors, including criminals, hactivists, state-sponsored groups, and nation states, did CrowdStrike report?
39
The term "script kiddies" refers to
A hacker of low-end technical ability.
Where do changes in trust occur?
At the trust boundary.
Criminal activity on the Internet, at its most basic, is quite different from criminal activity in the physical world.
False
In many early cases of computer crime, the perpetrator of the crime intended to cause damage to the computer.
False
Which term refers to making different layers of security dissimilar so that even if attackers know how to get through a system that comprises one layer, they may not know how to get through a different type of layer that employs a different system for security?
Diversity of defense
Who is considered to be the ultimate insider, with his name being synonymous with the insider threat issue?
Edward Snowden
Because of malware's nefarious purpose, there is no criminal distinction between the writers of malware and those who release malware.
False
Because of the nature of trust and its high-risk opportunity, the sage advice is to develop and maintain a culture embracing trust.
False