CySA Chapter 2

¡Supera tus tareas y exámenes ahora con Quizwiz!

A. Susan's best option is to use an automated testing sandbox that analyzes the applications for malicious or questionable behavior.

Susan needs to test thousands of submitted binaries, She needs to ensure that the applications do not contain malicious code. What technique is best suited to this need? A. Sandboxing B. Implementing a honeypot C. Decompiling and analyzing the application code D. Fagan testing

B.

What purpose does a honeypot system serve when placed on a network as shown in the following diagram? A. Prevents attackers from targeting production servers B. Provides info about the techniques attackers are using C. Slows down attackers like sticky honey D. Provides real-time input to IDSs and IPSs

C. Trusted foundries are part of the DoD's program that ensures hardware components are trustworthy and have not been compromised.

What supplier should one seek out if one is required to ensure that the chips and other hardware level components do not include malware or other potential attack vectors, as part of a government acquisitions program for the US department of defense? A. A TPM B. An OEM provider C. A trusted foundry D. A gray-market provider

C. Tarpits are a form of active defense that decoy or bait attackers. Passive defenses include cryptography, security architecture, and similar options.

A tarpit, or a system that looks vulnerable but actually is intended to slow down attackers, is an example of what type of technique? A. A passive defense B. A sticky defense C. An active defense D. A reaction-based defense

C. Manesh knows that the file she downloaded and computed a checksum for does not match the MD5 checksum that was calculated by the providers of the software

Manesh downloads a new security tool and checks its MD5. What does she know about the software she downloaded if she receives the following message: root@demo:# md5sum -c demo.md5 demo.txt: FAILED md5sum: WARNING: 1 computed checksum did NOT match A. The file has been corrupted. B. Attackers have modified the file. C. The files do not match. D. The test failed and provided no answer.


Conjuntos de estudio relacionados

Criminal and delinquent behavior final

View Set

vocab level g unit 5 definitions

View Set

Mathematics 800 Fundamentals - Unit 5: More With Functions SOLVING EQUATIONS WITH DISTRIBUTIVE PROPERTY

View Set

Философия сессия 2

View Set

PrepU Passpoint Coordinated Care

View Set

8th Grade Forces, Motion, and Energy 4-2

View Set

Chapter 8: The Adrenal Glands (Penny)

View Set

Industrial test, absolutism test, French rev test

View Set

WGU C913 Ultimate Study Combined Sets

View Set

Microbiology, Ch 26, Nester's 9th

View Set

Managerial Accounting Exam 4 T/F (Ch8-9)

View Set

Chapter 7: On-the-Job Training Methods

View Set