Computer Network Security Midterm

¡Supera tus tareas y exámenes ahora con Quizwiz!

Discuss the two significant weaknesses of DAC.

1. poses risk becuase it relies on the end user to set the proper level of security 2. a subject's permissions will be inherited by any programs that the subject executes

What are botnets?

A botnet is a network of computers infected with malicious software and controlled as a group without the user's knowledge.

Describe a macro virus.

A macro virus is a computer virus written in the same macro language used for software programs. When a macro virus infects a software application, it causes a sequence of actions to begin automatically when the application is opened.

What are script kiddies?

A script kiddie is someone who wishes to be a hacker but lacks knowledge of network or computer systems.

Describe the security principle of simplicity.

A secure system should be simple from the inside but complex on the outside. Creating the information security structure in layers helps to achieve simplicity; this is useful in resisting a variety of attacks and provides comprehensive protection.

What is a worm?

A worm is a standalone malware computer program that replicates itself in order to spread to other computers. A worm often uses a computer network to spread itself, relying on security failures to access the targeted system.

What is dumpster diving?

Dumpster diving involves digging through trash receptacles to find information that can be useful in an attack.

List and describe three of the characteristics of information that must be protected by information security?

Information security is the confidentiality, integrity, and availability of information. Confidentiality ensures that data is not disclosed to unintended persons. Integrity ensures that the data is not modified. And availability ensures that data is available when needed.

Why is the speed of malicious attacks making the challenge of keeping computers secure more difficult?

Malicious attacks can affect millions of computers in a matter of seconds; fast attacks are harder to detect and harder to stop.

What is malware?

Malware is software that enters a computer system without the user's knowledge or consent and then performs an unwanted-and usually harmful-action. Malware is a general term that refers to a wide variety of damaging or annoying software programs.

List three major access control models.

Mandatory access control (MAC), discretionary access control (DAC), and role-based access control (RBAC)

Information security is achieved through a combination of what three entities? Provide at least one example of each entity.

Products like anti-virus software, people like the employees of a company, and procedures like having a plan in place in the event of an attack.

How does a rootkit work?

Rootkits work using modification. A rootkit locates and modifies the software so that it makes incorrect decisions. They have the ability to hide the existence of certain computer programs.

Describe how Kerberos works.

The user is provided a ticket by the Kerberos authentication server, the user presents the ticket to the network for service, the ticket is examined to verify the user's identity

What are some of the functions performed by viruses?

Viruses have the ability to copy themselves. They harm computers by deleting code, filling up space in hard drives, etc.

How can an attacker substitute a DNS address so that a computer is automatically redirected to another device? a. DNS poisoning b. phishing c. DNS marking d. DNS overloading

a. DNS poisoning

Although designed to support remote dial-in access to a corporate network, what service below is commonly used with 802.1x port security for both wired and wireless LANs? a. RADIUS b. ICMP c. FTP d. Telnet

a. RADIUS

What kind of software program delivers advertising content in a manner that is unexpected and unwanted by the user, and is typically included in malware? a. adware b. keylogger c. spam d. trojan

a. adware

Which of the folowwing ensures that data is accessible to authorized users? a. availability b. confidentiality c. integrity d. identity

a. availability

Which of the following are considered threat actors? (Choose all that apply.) a. brokers b. competitors c. administrators d. individuals

a. brokers and b. competitors

What technology expands the normal capabilities of a web browser for a specific webpage? a. extensions b. add-ons c. plug-ins d. java applets

a. extensions

Which of the following controls can be implemented so an organization can configure multiple computers by setting a single policy for enforcement? a. group-based access control b. computer-based access control c. role-based access control d. system access control

a. group-based access control

What term is used to describe a group that is strongly motivated by ideology, but is usually not considered to be well-defined and well-organized? a. hactivists b. hacker c. script kiddies d. cyberterrorist

a. hacktivist

Which of the following are considered to be the primary payload capabilities found in malware? (Choose all that apply.) a. launch attacks b. modify data c. delete data d. collect data

a. launch attacks, c. delete data, and d. collect data

What two locations can be a target for DNS poisoning? (Choose two that apply.) a. local host table b. external DNS server c. local database table d. directory server

a. local host table, b. external DNS server

What access control model below is considered to be the most restrictive access control model, and involves assigning access controls to users strictly according to the custodian? a. mandatory access control b. role based access control c. discretionary access control d. rule based access control

a. mandatory access control

On a compromised computer, you have found that a user without administrative privileges was able to perform a task limited to only administrative accounts. What type of exploit has occurred? a. privilege escalation b. DNS cable poisoning c. ARP poisoning d. man in the middle

a. privilege escalation

What process periodically validates a user's account, access control, and membership role or inclusion in a specific group? a. recertification b. revalidation c. control audit d. group auditing

a. recertification

Which type of attack below is similar to a passive man-in-the-middle attack? a. replay b. hijacking c. denial d. buffer overflow

a. replay

Which access control model that uses access based on a user's job function within an organization? a. role based access control b. rule based access control c. discretionary access control d. mandatory access control

a. role based access control

When using Role Based Access Control (RBAC), permissions are assigned to which of the following? a. roles b. groups c. labels d. users

a. roles

What type of malware consists of a set of software tools used by an attacker to hide the actions or presence of other types of malicious software, such as a virus? a. rootkit b. backdoor c. wrapper d. shield

a. rootkit

A vulnerable process that is divided between two or more individuals to prevent fraudulent application of the process is known as which of the following? a. separation of duties b. process sharing c. mandatory splitting d. role reversal

a. separation of duties

A user or a process functioning on behalf of the user that attempts to access an object is known as the: a. subject b. reference monitor c. entity d. label

a. subject

Which major types of access involving system resources are controlled by ACLs? (Choose all that apply.) a. system access b. remote access c. user access d. application access

a. system access, c. user access, and d. application access

Which of the following is malicious computer code that reproduces itself on the same computer? a. virus b. worm c. adware d. spyware

a. virus

What are the two types of cross-site attacks? (Choose two that apply.) a. cross-site input attacks b. cross-site scripting attacks c. cross-site request forgery attacks d. cross-site flood attacks

b and c

What is an entry in an ACL known as? a. DACL b. ACE c. SQL d. flag

b. ACE

What protocol can be used by a host on a network to find the MAC address of another device based on an IP address? a. DNS b. ARP c. TCP d. UDP

b. ARP

If an attacker purchases and uses a URL that is similar in spelling and looks like a well-known web site in order for the attacker to gain Web traffic to generate income, what type of attack are they using? a. spoofing b. URL hijacking c. web squatting d. typo hijacking

b. URL hijacking

To assist with controlling orphaned and dormant accounts, what can be used to indicate when an account is no longer active? a. password expiration b. account expiration c. last login d. account last used

b. account expiration

What type of software can be installed in an individual's web browser to prevent ads from displaying? a. antivirus b. ad blocking c. cookie scanning d. ad sensing

b. ad blocking

Which of the following is a valid fundamental security principle? (Choose all that apply.) a. signature b. diversity c. simplicity d. layering

b. diversity, c. simplicity, and d. layering

What type of theft involves stealing another person's personal information and then using the information to impersonate the victim, generally for financial gain? a. cyberterrorism b. identity theft c. phishing d. social scam

b. identity theft

Which term below is frequently used to describe the tasks of securing information that is in a digital format? a. network security b. information security c. physical security d. logical security

b. information security

What type of computer code is typically added to a legitimate program but lies dormant until a specific logical event triggers it? a. script b. logic bomb c. macro virus d. metamorphic virus

b. logic bomb

A series of instructions that can be grouped together as a single command and are often used to automate a complex set of tasks or a repeated series of tasks are known as: a. rootkit b. macro c. program d. process

b. macro

A virus that infects an executable program file is known as? a. macro virus b. program virus c. companion virus d. boot sector virus

b. program virus

Malware that locks or prevents a device from functioning properly until a fee has been paid is known as: a. lock-ware b. ransomware c. stealware d. hostageware

b. ransomware

What framework is used for transporting authentication protocols instead of the authentication protocol itself? a. CHAP b. SAML c. EAP d. MS-CHAP

c. EAP

What type of computer can forward RADIUS messages between RADIUS clients and RADIUS servers? a. intermediate proxy b. remote proxy c. RADIUS proxy d. translation proxy

c. RADIUS proxy

What is the name for a predefined framework (Model) that can be used for controlling access, and is embedded into software and hardware? a. accounting and access model b. user control model c. access control model d. authorization control model

c. access control model

What type of privileges to access hardware and software resources are granted to users or devices? a. access privileges b. user rights c. access rights d. permissions

c. access rights

What type of system security malware allows for access to a computer, program, or service without authorization? a. botnet b. zombie c. backdoor d. command and control

c. backdoor

What policy is designed to ensure that all confidential or sensitive materials, either in paper form or electronic, are removed from a user's workspace and secured when the items not in use or when employees leave their workspace? a. clean workspace b. secure workspace c. clean desk d. secure desk

c. clean desk

What term best describes any premeditated, politically motivated attack against information, computer systems, computer programs, and data which results in violence against noncombatant targets by subnational groups or clandestine agents? a. cybercriminal b. cracking c. cyberterrorism d. hacking

c. cyberterrorism

When an attack is designed to prevent authorized users from accessing a system, it is called what kind of attack? a. MITM b. spoofing c. denial of service d. blocking

c. denial of service

Select the information protection item that ensures that information is correct and that no unaothorized person or malicious software has altered the data. a. availability b. confidentiality c. integrity d. identity

c. integrity

When an attacker promotes themselves as reputable third-party advertisers to distribute their malware through the Web ads, what type attack is being performed? a. ad squatting b. clickjacking c. malvertising d. ad spoofing

c. malvertising

Which of the following are considered to be interception attacks? (Choose two that apply.) a. denial of service b. amplification attack c. man in the middle d. replay attacks

c. man in the middle, d. replay attacks

What type of attack intercepts communication between parties to steal or manipulate the data? a. replay b. MAC spoofing c. man-in-the-browser d. ARP poisoning

c. man-in-the-browser

What term is used to describe state-sponsored attackers that are used for launching computer attacks against their foes? a. nation state threats b. cyber military c. nation state actors d. state hackers

c. nation state actors

User accounts that remain active after an employee has left an organization are referred to as being what type of accounts? a. abandoned b. stale c. orphaned d. inactive

c. orphaned

What specific science discipline do most social engineering attacks rely on when they are being used? a. psychiatry b. criminology c. psychology d. engineering

c. psychology

Which access control model can dynamically assign roles to subjects based on a set of defined rules? a. role based access control b. mandatory access control c. rule based access control d. discretionary access control

c. rule based access control

Which term is used to describe individuals who want to attack computers yet lack the knowledge of computers and networks needed to do so? a. cybercriminal b. hacker c. script kiddies d. cyberterrorist

c. script kiddies

An attack in which the attacker attempts to impersonate the user by using his or her session token is known as: a. session replay b. session spoofing c. session hijacking d. session blocking

c. session hijacking

What term below is used to describe the process of gathering information for an attack by relying on the weaknesses of individuals? a. phreaking b. hacking c. social engineering d. reverse engineering

c. social engineering

One of the armored virus infection techniques utilizes encryption to make virus code more difficult to detect, in addition to separating virus code into different pieces and inject these pieces throughout the infected program code. What is the name for this technique? a. stealth b. appendor c. swiss cheese d. split

c. swiss cheese

Select below the type of malware that appears to have a legitimate use, but contains something malicious: a. script b. virus c. trojan d. worm

c. trojan

What specific type of phishing attack uses the telephone to target a victim? a. target phishing b. whaling c. vishing d. spear phishing

c. vishing

What type of attack is targeted against a smaller group of specific individuals, such as the major executives working for a manufacturing company? a. spam b. adware c. watering hole d. typo squatting

c. watering hole

A list that specifies which subjects are allowed to access an object and what operations they can perform on it is referred to as a(n): a. ACE b. DAC c. entity d. ACL

d. ACL

What type of additional attack does ARP spoofing rely on? a. DNS poisoning b. replay c. MITB d. MAC spoofing

d. MAC spoofing

An attack that takes advantage of the procedures for initiating a session is known as what type of attack? a. DNS amplification attack b. IP spoofing c. smurf attack d. SYN flood attack

d. SYN flood attack

In information security, what can constitute a loss? a. theft of information b. a delay in transmitting information that results in a financial penalty c. the loss of good will or reputation d. all of the above

d. all of the above

In information security, which of the following is an example of a threat actor? a. a force of nature such as a tornado that could destroy computer equipment b. a virus that attaks a computer network c. a person attempting to break into a secure computer network d. all of the above

d. all of the above

During RADIUS authentication, what type of packet includes information such as identification of a specific AP that is sending the packet and the username and password? a. accounting request b. access request c. verification request d. authentication request

d. authentication request

What type of structure is used to provide instructions to infected bot computers? a. client-server b. hive c. bot herder d. command and control

d. command and control

Which of the three protections ensures that only authorized parties can view information? a. security b. availability c. integrity d. confidentiality

d. confidentiality

What term describes a layered security approach that provides the comprehensive protection? a. comprehensive-security b. diverse-defense c. limiting-defense d. defense-in-depth

d. defense-in-depth

Which of the following is a database stored on the network itself that contains information about users and network devices? a. user permissions b. network service c. system registry d. directory service

d. directory service

Which access control model is considered to be the least restrictive? a. role based access control b. mandatory access control c. rule based access control d. discretionary access control

d. discretionary access control

What attack occurs when a domain pointer that links a domain name to a specific web server is changed by a threat actor? a. pointer hack b. DNS spoofing c. clickjacking d. domain hijacking

d. domain hijacking

What type of undocumented yet benign hidden feature launches after a special set of commands, key combinations, or mouse clicks? a. trojan horse b. virus c. bug d. easter egg

d. easter egg

What type of spyware silently captures and stores each keystroke that a user types on the computer's keyboard? a. key indexing b. ransomware c. passive tracking d. keylogger

d. keylogger

The action that is taken by a subject over an object is called a(n): a. authorization b. access c. control d. operation

d. operation

Which type of attack broadcasts a network request to multiple computers but changes the address from which the request came to the victim's computer? a. IP spoofing b. denial of service c. DNS poisoning d. smurf attack

d. smurf attack

Which of the following is not one of the four methods for classifying the various instances of malware by using the primary trait that the malware possesses? a. circulation b. infection c. concealment d. source

d. source

Which type of phishing attack targets specific users? a. target phishing b. whaling c. vishing d. spear phishing

d. spear phishing

What type of malware is heavily dependent on a user in order to spread? a. trojan b. worm c. rootkit d. virus

d. virus

True or false? A Local Group Policy (LGP) has more options than a Group Policy.

false

True or false? A polymorphic virus changes its internal code to one of a set number of predefined mutations whenever it is executed.

false

True or false? A rootkit can hide its presence, but not the presence of other malware.

false

True or false? A virus self-replicates on the host computer and spreads to other computers by itself.

false

True or false? ACLs provide file system security for protecting files managed by the user.

false

True or false? As security is increased, convenience is often increased.

false

True or false? Malware is software that enters a computer system with the user's knowledge or consent and then performs an unwanted and harmful action.

false

True or false? Securing web applications is easier than protecting other systems.

false

True or false? The malicious content of an XSS URL is confined to material posted on a website

false

True or false? Vishing is a false warning, often contained in an email message claiming to come from the IT department.

false

True or false? With the Discretionary Access Control (DAC) model, no object has an owner; the system has total control over that object.

false

True or false? A buffer overflow attack occurs when a process attempts to store data in RAM beyond the boundaries of a fixed-length storage buffer.

true

True or false? A remote access Trojan has the basic functionality of a Trojan but also gives the threat actor unauthorized remote access to the victim's computer by using specially configured communication protocols.

true

True or false? A vulnerability is a flaw or weakness that allows a threat to bypass security.

true

True or false? Authentication, authorization, and accounting are sometimes called AAA.

true

True or false? Authorization is granting permission for admittance.

true

True or false? Employee onboarding refers to the tasks associated with hiring a new employee.

true

True or false? In an integer overflow attack, an attacker changes the value of a variable to something outside the range that the programmer had intended by using an integer overflow.

true

True or false? Least privilege in access control means that only the minimum amount of privileges necessary to perform a job or function should be allocated.

true

True or false? Once the malware reaches a system through circulation, then it must embed itself into that system.

true

True or false? Permission auditing and review is intended to examine the permissions that a user has been given to determine if each is still necessary.

true

True or false? Phishing is sending an email or displaying a web announcement that falsely claims to be from a legitimate enterprise in an attempt to trick the user into surrendering private information.

true

True or false? Rule-Based Access Control can be changed by users.

true

True or false? Social engineering impersonation means to masquerade as a real or fictitious character and then play out the role of that person on a victim.

true

True or false? To mitigate risks is the attempt to address risk by making the risk less serious.

true

True or false? Traditional network security devices can block traditional network attacks, but they cannot always block web application attacks.

true

True or false? Two types of malware have the primary trait of circulation. These are viruses and worms.

true

True or false? XSS is like a phishing attack but without needing to trick the user into visiting a malicious website.

true


Conjuntos de estudio relacionados

Life - Policy Provisions, Options and Riders Test

View Set

Economics: TOF perfect competition

View Set

The Nature of Law Chapter 01 Bus Law

View Set

Live Virtual Machine Lab 4.2: Module 04 Remote Access and Management

View Set

Performing Calculations (Excel 2016)

View Set

Immediate vs. Deferred Annuities

View Set