MIS 4123 Chapter 11

A packet-level firewall examines the source and destination address of every network packet that passes though the firewall.

True

A software solution to correct a security hole is often referred to as a patch or update.

True

An asset can be compromised by more than one threat, so it is common to have more than one threat scenario for each asset.

True

Disk mirroring writes duplicate copies of all data on at least two different disks.

True

DoS attackers generally use fake source IP addresses, making it harder to identify the DoS messages.

True

Intrusion primarily refers to the loss of confidentiality of organizational data.

True

Macro viruses can spread when an infected file is opened.

True

The denial-of-service attack disrupts the network by flooding the network with messages so that regular messages cannot be processed.

True

The ideal solution for planning for disaster recovery is to have a fully redundant backup network placed in a different location that would not be threatened by the same natural or man-made disaster that would destroy the original network.

True

Physical security of an organization's IT resources is not an important element in preventing intrusion to an internal LAN.

False

Researchers estimate that only one or two new viruses are developed every week.

False

Social engineering refers to creating a team that solves virus problems.

False

Triple DES uses a total of 512 bits as the key.

False

The use of computer analysis techniques to gather evidence for criminal and/or civil trials is known as:

computer forensics

Which of the following type of media is least susceptible to eavesdropping?

fiber optics

A __________ is a router or special purpose computer that examines packets flowing into and out of a network and restricts access to the organization's network.

firewall

According to Symantec, more than 50% of all targeted companies had fewer than 2,500 employees because they

often have weaker security.

A ______________ is a browser add-in or app that stores website passwords.

password manager

Which of the following is not a method for deterring intrusion?

performing social engineering

A (n) ______ is a special type of virus that spreads itself without human intervention.

worm

Microsoft's Windows operating system meets the US government's A1 level security.

False

A(n) ____________ can use stateful inspection to monitor and record the status of each connection and can use this information in making decisions about what packets to discard as security threats.

Application level firewall

A __________ is a trusted organization that can vouch for the authenticity of the person or the organization using the authentication.

Certificate authority

A(n) _______ is a screened subnet devoted solely to public access servers such as Web servers and public DNS servers.

DMZ

__________ provide authentication which can legally prove who sent a message over a network.

Digital signatures

To snare intruders, many organizations now use _________ techniques.

Entrapment

An intruder uses TCP spoofing to send packets to a target computer requesting certain privileges be granted to some user.

False

An uninterruptible power supply utilizes a second redundant disk for every disk on the server.

False

Asymmetric encryption uses the same key to encrypt and decrypt a message.

False

Corrective controls reveal or discover unwanted events.

False

Crackers are casual hackers with a limited knowledge of computer security.

False

DES is a commonly used symmetric encryption algorithm, developed in the mid-1990s by the American government in conjunction with IBM, and is the recommended encryption algorithm for highly sensitive data.

False

Decryption is the process of converting plaintext into ciphertext.

False

Fault-intolerant servers contain many redundant components to prevent failure.

False

In transport mode, IPSec encrypts the entire IP packet.

False

Maintaining data integrity is not a primary goal of security.

False

With application level firewalls, any access that has not been explicitly denied is automatically permitted.

False

_______ is the most commonly used central authentication protocol.

Kerberos

A(n) ____________, is an information system that is critical to the survival of an organization.

Mission critical application

A ______ uses an address table to translate the private IP addresses used inside the organization into proxy IP addresses used on the Internet.

NAT proxy server

__________ refers to the process of translating between one set of private IP addresses inside a network and a set of public addresses outside the network.

Network Address Translation

A(n) ____________ examines the source and destination address of every network packet that passes through it.

Packet level firewall

The key principle in preventing disruption, destruction and disaster is ___________.

Redundancy

Which of the following is not considered one of the five most common business impacts?

Social

Which of the following is not true about one-time passwords?

They create a packet level firewall on the system.

_______________ describes how an asset can be compromised by one specific threat.

Threat scenarios

Spyware, adware and DDOS agents are three types of:

Trojans

A NAT firewall uses an address table to translate private IP addresses used inside the organization into proxy IP addresses used on the Internet.

True

A Trojan horse may allow an unauthorized user to access a computer from a remote location.

True

A brute-force attack is a method of trying to guess the correct password by trying every possible key.

True

A certificate authority is a trusted organization that can vouch for the authenticity of a person or organization.

True

A host based intrusion prevention system (IPS) monitors activity on the server and reports intrusions to the IPS management console.

True

Biometric systems scan the user to ensure that the user is the sole individual authorized to access the network account.

True

Business continuity planning refers primarily to ensuring availability, with some aspects of data integrity.

True

Companies have learned that threats from hacking from its own employees occur about as often as by outsiders.

True

Confidentiality refers to the protection of the organizational data from unauthorized disclosure of customer and proprietary data.

True

Controls are mechanisms that reduce or eliminate threats to network security.

True

Preventive controls mitigate or stop a person from acting or an event from occurring.

True

Secure Sockets Layer is an encryption standard designed for use on the Web.

True

Security on a network not only means being able to prevent a hacker from breaking into your computer but also includes being able to recover from temporary service problems or from natural disasters.

True

The CERT was established at Carnegie Mellon University.

True

The most common access point used by attackers to gain access to an organization's network is the Internet connection.

True

The most commonly used central authentication protocol used today is Kerberos.

True

When someone external to your organization blocks access to your network and/or its resources, this is known as a denial-of-service attack.

True

When using a digital signature for the process of authentication, the sender encrypts the message with their private key and the recipient decrypts the message with the sender's public key.

True

The three basic network access points into most organizational networks are from the Internet, from LANs inside of the organization and ________________.

WLANs

A sniffer program is a:

a program that records all LAN messages received for later analysis

Symmetric encryption systems have two parts: the key and the ____________.

algorithm

A fundamental technique to determine if an intrusion is in progress in a stable network is:

anomaly detection

A(n) _________ is something of value and can be either hardware or software.

asset

Which of the following is not one of the major categories (or sub-categories) into which network security threats can be placed?

controlled chaos

________ controls fix a trespass into the network.

corrective

Which of the following is not a type of intruder who attempts to gain intrusion to computer networks?

delphi team member

A ____________ is a situation in which a hacker attempts to disrupt the network by sending messages to the network that prevent normal users' messages from being processed.

denial-of-service attack

An example of _____ of data would be if a computer virus eliminated files on that computer.

destruction

________ controls discover unwanted events.

detective

A tornado that eliminates a network control center would be an example of a natural __________

disaster

Encryption is the process of:

disguising information by the use of mathematical rules, known as algorithms

RAID1 writes duplicate copies of all data on at least two different disks; this means that if one disk in the RAID array fails, there is no data loss because there is a second copy of the data stored on a different disk. This is referred to as _____

disk mirroring

A network switch failure is an example of a(n) ________ threat.

disruptive

A way to prevent intrusion by disguising information through algorithms is:

encryption

IP spoofing means to:

fool the target computer and any intervening firewall into believing that messages from the intruder's computer are actually coming from an authorized user inside the organization's network

The use of hacking techniques to bring attention to a larger political or social goal is referred to as

hacktivism

Which of the following is a type of intrusion prevention system?

host-based

In recent years, management's concern about the adequacy of current control and security mechanisms used in a data communications environment has:

increased because this commitment to data communications has changed the potential vulnerability of the organization's assets

A hacker gaining access to organizational data files and resources is an example of a(n) ____________ threat.

intrusion

Often, incidents of unauthorized access known as___________, involve employees of the organization, surprisingly enough.

intrusion

DES:

is a commonly used symmetric encryption algorithm that was developed in the mid-1970s

A security hole is a(n):

malfunction or bug in an application program that allows data to be seen or accessed by unauthorized users

_________ controls stop a person from acting.

preventive

A ___________ assigns levels of risk to various threats to network security by comparing the nature of the threats to the controls designed to reduce them.

risk assessment

We can calculate the relative ___________, by multiplying the impact score by the likelihood.

risk score

For Ethernet networks, a _______ switch can make eavesdropping more difficult.

secure

IP Security Protocol:

sits between IP at the network layer and TCP/UDP at the transport layer

A(n) __________ is any potential adverse occurrence that can do harm, interrupt the system using the network to cause monetary loss to the organization.

threat

Which of the following is a mode that is used by IPSec?

tunnel

A(n) ___________ is one of the most common examples of redundancy built into a network to help reduce the impact of disruption.

uninterruptible power supply

Which of the following is not a method for deterring outside intruders from gaining access to the organization's office or network equipment facilities?

unlocked wiring closet for network devices

Which of the following are usually the first choice for eavesdropping?

wireless LANs