MIS 4123 Chapter 11
A packet-level firewall examines the source and destination address of every network packet that passes though the firewall.
True
A software solution to correct a security hole is often referred to as a patch or update.
True
An asset can be compromised by more than one threat, so it is common to have more than one threat scenario for each asset.
True
Disk mirroring writes duplicate copies of all data on at least two different disks.
True
DoS attackers generally use fake source IP addresses, making it harder to identify the DoS messages.
True
Intrusion primarily refers to the loss of confidentiality of organizational data.
True
Macro viruses can spread when an infected file is opened.
True
The denial-of-service attack disrupts the network by flooding the network with messages so that regular messages cannot be processed.
True
The ideal solution for planning for disaster recovery is to have a fully redundant backup network placed in a different location that would not be threatened by the same natural or man-made disaster that would destroy the original network.
True
Physical security of an organization's IT resources is not an important element in preventing intrusion to an internal LAN.
False
Researchers estimate that only one or two new viruses are developed every week.
False
Social engineering refers to creating a team that solves virus problems.
False
Triple DES uses a total of 512 bits as the key.
False
The use of computer analysis techniques to gather evidence for criminal and/or civil trials is known as:
computer forensics
Which of the following type of media is least susceptible to eavesdropping?
fiber optics
A __________ is a router or special purpose computer that examines packets flowing into and out of a network and restricts access to the organization's network.
firewall
According to Symantec, more than 50% of all targeted companies had fewer than 2,500 employees because they
often have weaker security.
A ______________ is a browser add-in or app that stores website passwords.
password manager
Which of the following is not a method for deterring intrusion?
performing social engineering
A (n) ______ is a special type of virus that spreads itself without human intervention.
worm
Microsoft's Windows operating system meets the US government's A1 level security.
False
A(n) ____________ can use stateful inspection to monitor and record the status of each connection and can use this information in making decisions about what packets to discard as security threats.
Application level firewall
A __________ is a trusted organization that can vouch for the authenticity of the person or the organization using the authentication.
Certificate authority
A(n) _______ is a screened subnet devoted solely to public access servers such as Web servers and public DNS servers.
DMZ
__________ provide authentication which can legally prove who sent a message over a network.
Digital signatures
To snare intruders, many organizations now use _________ techniques.
Entrapment
An intruder uses TCP spoofing to send packets to a target computer requesting certain privileges be granted to some user.
False
An uninterruptible power supply utilizes a second redundant disk for every disk on the server.
False
Asymmetric encryption uses the same key to encrypt and decrypt a message.
False
Corrective controls reveal or discover unwanted events.
False
Crackers are casual hackers with a limited knowledge of computer security.
False
DES is a commonly used symmetric encryption algorithm, developed in the mid-1990s by the American government in conjunction with IBM, and is the recommended encryption algorithm for highly sensitive data.
False
Decryption is the process of converting plaintext into ciphertext.
False
Fault-intolerant servers contain many redundant components to prevent failure.
False
In transport mode, IPSec encrypts the entire IP packet.
False
Maintaining data integrity is not a primary goal of security.
False
With application level firewalls, any access that has not been explicitly denied is automatically permitted.
False
_______ is the most commonly used central authentication protocol.
Kerberos
A(n) ____________, is an information system that is critical to the survival of an organization.
Mission critical application
A ______ uses an address table to translate the private IP addresses used inside the organization into proxy IP addresses used on the Internet.
NAT proxy server
__________ refers to the process of translating between one set of private IP addresses inside a network and a set of public addresses outside the network.
Network Address Translation
A(n) ____________ examines the source and destination address of every network packet that passes through it.
Packet level firewall
The key principle in preventing disruption, destruction and disaster is ___________.
Redundancy
Which of the following is not considered one of the five most common business impacts?
Social
Which of the following is not true about one-time passwords?
They create a packet level firewall on the system.
_______________ describes how an asset can be compromised by one specific threat.
Threat scenarios
Spyware, adware and DDOS agents are three types of:
Trojans
A NAT firewall uses an address table to translate private IP addresses used inside the organization into proxy IP addresses used on the Internet.
True
A Trojan horse may allow an unauthorized user to access a computer from a remote location.
True
A brute-force attack is a method of trying to guess the correct password by trying every possible key.
True
A certificate authority is a trusted organization that can vouch for the authenticity of a person or organization.
True
A host based intrusion prevention system (IPS) monitors activity on the server and reports intrusions to the IPS management console.
True
Biometric systems scan the user to ensure that the user is the sole individual authorized to access the network account.
True
Business continuity planning refers primarily to ensuring availability, with some aspects of data integrity.
True
Companies have learned that threats from hacking from its own employees occur about as often as by outsiders.
True
Confidentiality refers to the protection of the organizational data from unauthorized disclosure of customer and proprietary data.
True
Controls are mechanisms that reduce or eliminate threats to network security.
True
Preventive controls mitigate or stop a person from acting or an event from occurring.
True
Secure Sockets Layer is an encryption standard designed for use on the Web.
True
Security on a network not only means being able to prevent a hacker from breaking into your computer but also includes being able to recover from temporary service problems or from natural disasters.
True
The CERT was established at Carnegie Mellon University.
True
The most common access point used by attackers to gain access to an organization's network is the Internet connection.
True
The most commonly used central authentication protocol used today is Kerberos.
True
When someone external to your organization blocks access to your network and/or its resources, this is known as a denial-of-service attack.
True
When using a digital signature for the process of authentication, the sender encrypts the message with their private key and the recipient decrypts the message with the sender's public key.
True
The three basic network access points into most organizational networks are from the Internet, from LANs inside of the organization and ________________.
WLANs
A sniffer program is a:
a program that records all LAN messages received for later analysis
Symmetric encryption systems have two parts: the key and the ____________.
algorithm
A fundamental technique to determine if an intrusion is in progress in a stable network is:
anomaly detection
A(n) _________ is something of value and can be either hardware or software.
asset
Which of the following is not one of the major categories (or sub-categories) into which network security threats can be placed?
controlled chaos
________ controls fix a trespass into the network.
corrective
Which of the following is not a type of intruder who attempts to gain intrusion to computer networks?
delphi team member
A ____________ is a situation in which a hacker attempts to disrupt the network by sending messages to the network that prevent normal users' messages from being processed.
denial-of-service attack
An example of _____ of data would be if a computer virus eliminated files on that computer.
destruction
________ controls discover unwanted events.
detective
A tornado that eliminates a network control center would be an example of a natural __________
disaster
Encryption is the process of:
disguising information by the use of mathematical rules, known as algorithms
RAID1 writes duplicate copies of all data on at least two different disks; this means that if one disk in the RAID array fails, there is no data loss because there is a second copy of the data stored on a different disk. This is referred to as _____
disk mirroring
A network switch failure is an example of a(n) ________ threat.
disruptive
A way to prevent intrusion by disguising information through algorithms is:
encryption
IP spoofing means to:
fool the target computer and any intervening firewall into believing that messages from the intruder's computer are actually coming from an authorized user inside the organization's network
The use of hacking techniques to bring attention to a larger political or social goal is referred to as
hacktivism
Which of the following is a type of intrusion prevention system?
host-based
In recent years, management's concern about the adequacy of current control and security mechanisms used in a data communications environment has:
increased because this commitment to data communications has changed the potential vulnerability of the organization's assets
A hacker gaining access to organizational data files and resources is an example of a(n) ____________ threat.
intrusion
Often, incidents of unauthorized access known as___________, involve employees of the organization, surprisingly enough.
intrusion
DES:
is a commonly used symmetric encryption algorithm that was developed in the mid-1970s
A security hole is a(n):
malfunction or bug in an application program that allows data to be seen or accessed by unauthorized users
_________ controls stop a person from acting.
preventive
A ___________ assigns levels of risk to various threats to network security by comparing the nature of the threats to the controls designed to reduce them.
risk assessment
We can calculate the relative ___________, by multiplying the impact score by the likelihood.
risk score
For Ethernet networks, a _______ switch can make eavesdropping more difficult.
secure
IP Security Protocol:
sits between IP at the network layer and TCP/UDP at the transport layer
A(n) __________ is any potential adverse occurrence that can do harm, interrupt the system using the network to cause monetary loss to the organization.
threat
Which of the following is a mode that is used by IPSec?
tunnel
A(n) ___________ is one of the most common examples of redundancy built into a network to help reduce the impact of disruption.
uninterruptible power supply
Which of the following is not a method for deterring outside intruders from gaining access to the organization's office or network equipment facilities?
unlocked wiring closet for network devices
Which of the following are usually the first choice for eavesdropping?
wireless LANs