Cyber Security Final Exam
Which of the following is true about XOR operation?
(1 XOR 1 = 0),(1 XOR 0 = 1), (0 XOR 1 = 1), and(0 XOR 0 = 0)
A good password has at least ______ characters.
8
Which of the following types of information would be a likely target for industrial espionage?
All of these.
The process to list assets that you believe support your organization is called ________.
Asset identification
The process to make a system as secure as it can be without adding on specialized software or equipment is _______________.
Hardening
Windows stores passwords using a method called __________.
Hashing
The virus scanning technique that uses rules to determine if a program behaves like a virus is _________ scanning.
Heuristic
A password policy for a 90- or 180-day replacement schedule is called password ________.
History
Passing structured query language commands to a web application and getting the website to execute it is called SQL script _________.
Injection
The rootkit malware is tough to detect because
It blends seamlessly into the operating system
What does keystroke monitoring malware do?
It collects the keystrokes you type into your keyboard.
What made the Bagle virus so dangerous?
It disabled antivirus software
The net command can be included in a ________ that will create a domain admin account.
Script
A server with fake data used to attract an attacker is a honeypot.
True
A stateful packet inspection firewall examines each packet, and denies or permits access based not only on the current packet but also on data derived from previous packets in the conversation.
True
A virus is any file that can self-replicate.
True
Every open port on a router is a possible avenue of entry for a malware or intruder.
True
Scans can be performed for benign discovery and understanding of a given system.
True
The category of intrusion detection systems that looks for patterns that don't match those of normal use is called anomaly detection.
True
Windows passwords are stored in a hash file in one of the system directories.
True
VI (value of information) = C (cost to produce) + ___________.
VG (value gained)
We call the malware a zero-day exploit, because
defenders have 'zero days' to have developed a solution
Java and ActiveX codes should be scanned before they are _________.
downloaded to your computer
Mistaking a legitimate program for a virus is a ____________.
false positive
Defense in depth is a powerful means for organizing security protections into architectures. The theory is based on
if one layer fails, then hopefully another will pick up the slack.
A(n) ________ refers to the bits that are combined with the plain text to encrypt it.
key
With asymmetric cryptography a different ______ is used to encrypt the message and to decrypt the message.
key
A signature malware is a(n)_______________ of how malware software such as viruses or worms would look on a computer.
patterned description
The rule that packets not originating from inside your LAN should not be forwarded relates to ___________.
routers
Two factor authentication _____________ increases the trust one can place in the identity validation process.
significantly
Public key cryptography removes the need for centralized key distribution centers. It supports secrecy and authentication properties by:
using public and private key encryption and decryption.
Crafting email and websites to specifically target certain victims is called dive bombing.
False
For individual computers not running firewall software, you should directly close ports.
False
IPsec can only encrypt the packet data but not the header information.
False
In a virus attack, the victim machine is the source.
False
Linux and Windows typically are not shipped with firewalls.
False
NMAP is a popular hacking tool.
False
NetBIOS is an example of a port scanner.
False
PGP involves only private key encryption.
False
Sending a forged email asking for sensitive data is an example of steganography.
False
Snort is an open-source firewall.
False
Windows has a built in firewall, but Linux does not.
False
Nmap enables you to set ________ such as -sP, -sS, and -oA.
Flags
Which of these is NOT one of the two basic types of cryptography?
Forward
Scans can be done for applications, systems, or entire networks. They can be performed in a ______________ scan mode.
Half, full and deep
The first rule of computer security is to check ___________.
Patches
Hacking into phone systems is called ___________.
Phreaking
Any _________ you do not explicitly need should be shut down.
Ports
There are 1,024 well-known ________ that are usually associated with specific services.
Ports
The virus/worm that combined email attachments along with a fake virus warning was the __________ virus.
Bagel
._________ is a block cipher that uses a variable-length key ranging from 32 to 448 bits.
Blowfish
What is the most common way for a virus to spread?
By email attachment
When an attacker injects client-side scripts into web pages viewed by other users so that those users interact with it, it is an example of _________.
Cross-site scripting
__________ is the art to write in or decipher secret code.
Cryptography
A _________ involves setting up two firewalls: an outer and an inner firewall.
DMZ (demilitarized zone)
Which of the following is NOT an example of industrial espionage?
Denial-of-service attack
______________ is the process to scramble a message or other information so that it cannot be easily read.
Encryption
___________ is the process to find out what is on a target system.
Enumeration
The management and handling of cryptographic keys is typically supported by:
Key Distribution Center or KDC.
A firewall ______ is a tool that can provide information after an incident has occurred.
Log
The virus/worm that specifically targets Macintosh computers is ________.
MacDefender
The virus/worm that collected email addresses from your address book and from other documents on your machine was the ________ virus.
Mimail
You would set a ___________ to prevent users from immediately changing their password several times in one day to return to the current password. This is particularly important if your password policy has a history depth of five.
Minimum password age
On a server, you should create your own accounts with ________ that do not reflect their level of permission.
Names
In which firewall configuration is the software installed on an existing machine with an existing operating system?
Network host-based
For an individual machine that is not running firewall software, you do not directly close ports. You shut down the _________ using that port.
None of these
The virus/worm that specifically targets Linux computers is ________.
None of these
The virus/worm that sends emails to victims telling them to delete a needed system file is the __________ virus.
Nonvirus
Probing your network for security flaws should occur once a quarter, and a complete audit of your security should be completed ________ per year
Once
If Alice encrypts her message using Bob's public key then:
Only Bob can decrypts Alice's message.
Intrusion detection systems complement firewalls and scanning by searching for attack indicators based on _____________________.
Signatures
Which of the following virus is used a multimodal approach?
Sobig virus
The most popular IPS function involves something called a _________________ address shun.
Source IP
Cookies and key loggers are examples of ____________.
Spyware
A(n)___________ firewall examines the entire conversation between client and server, not just individual packets.
Stateful Packet Inspection
A file that stays in memory after it executes is a(n) _____________.
Terminate and Stay Resident program