Chapter 4: Network Security

Requiring someone prove his or her identity is ________. A) security B) authentication C) both A and B D) None of the above.

B) authentication

Using bodily measurements for authentication is ________. A) all are correct B) biometrics C) illegal D) mandatory for good security

B) biometrics

Cyberwar attacks are made by ________. A) hackers B) national governments C) both A and B D) None of the above

B) national governments

In most encryption, keys must be at least ________ long to be considered safe. A) 128 bits B) 100 bits C) 34 bits D) 200 bits

A) 128 bits

Which type of firewall is more expensive per packet handled? A) NGFW B) SPI C) they are the same cost D) none of the above

A) NGFW

In digital certificate authentication, the supplicant encrypts the challenge message with ________. A) the verifier's private key B) none is correct C) the supplicant's private D) key the true party's private key

C) the supplicant's private

________ attacks typically extend over a period of months. A) DDos B) botnets C) cyberwar D) APT

D) APT

Who are the most dangerous types of employees? A) new hires B) administrators C) CEOs D) IT security employees

D) IT security employees

Which type of firewall filtering collects streams of packets to analyze them as a group? A) none is correct B) SPI and NGFW C) SPI D) NGFW

D) NGFW

Secured packets typically receive ________. A) confidentiality B) authentication C) message integrity D) all of the above

D) all of the above

Using SSL/TLS for Web applications is attractive because SSL/TLS ________. A) is easy to install B) is hard to find C) is extremely secure D) is essentially free to use

D) is essentially free to use

________ is a program that can capture passwords as you enter them. A) none is correct B) data mining software and keystroke logger C) data mining software D) keystroke logger

D) keystroke logger

Fingerprint recognition is generally acceptable for ________. A) all uses B) credit cards C) doors D) laptops

D) laptops

Which of the following meets the definition of hacking? A) to intentionally use a computer resource without authorization B) to intentionally use a computer on which you have an account but use it for unauthorized purposes C) both A and B D) neither A nor B

B) to intentionally use a computer on which you have an account but use it for unauthorized purposes

SSL/TLS is used for ________. A) Web applications B) any application C) both A and B D) neither A nor B

A) Web applications

The Target attackers sold stolen card information to ________. A) cardshops B) governments C) black markets D) none of the above

A) cardshops

In digital certificate authentication, the verifier gets the key it needs directly from the ________. A) certificate authority B) true party C) both are correct D) none are correct

A) certificate authority

NIST guidelines for reusable passwords permit ________. A) entirely lower-case passwords B) the use of the same password at different sites C) both entirely lower-case passwords and the use of the same password at different sites D) neither entirely lower-case passwords nor the use of the same password at different sites

A) entirely lower-case passwords

A firewall will drop a packet if it ________. A) is a definite attack packet B) is a highly probable attack packet C) Both A and B D) Neither A nor B

A) is a definite attack packet

Compared to NGFWs, IDSs ________. A) look for different threats B) look for the same threats C) look for the same threats but do so differently D) none of the above

A) look for different threats

A debit card is secure because it requires two credentials for authentication-the card itself and a PIN. This is called ________. A) two-factor authentication B) segmentation C) redundancy D) none is correct

A) two-factor authentication

________ look at ________, while ________ mostly look at ________. A) Firewalls; packets; antivirus programs; files B) Antivirus programs; files; firewalls; packets C) Firewalls; frames; Antivirus; behavior D) Antivirus; frames; Firewalls; behavior

B) Antivirus programs; files; firewalls; packets

________ is the general name for a security flaw in a program. A) A virus B) A patch C) A vulnerability D) An error

C) A vulnerability

Employees often attack ________. A) for revenge B) for money C) both A and B D) neither A nor B

C) both A and B

For reusable passwords, NIST now recommends ________. A) that passwords be easy to remember B) that passwords be long phrases instead of being about 8-12 characters long C) both A and B D) neither A nor B

C) both A and B

The messages of VPNs ________. A) share the same transmission lines used by other VPNs B) are encrypted C) both A and B D) neither A nor B

C) both A and B

Viruses and worms propagate through ________. A) social engineering B) exploiting vulnerabilities C) both A and B D) neither A nor B

C) both A and B

The Target attackers probably first broke into Target using the credentials of a(n) ________. A) Target IT employee B) Cashier C) employee in a firm outside Target D) customer

C) employee in a firm outside Target

The general term for evil software is ________. A) virus B) all of them C) malware D) worm

C) malware

Pieces of code that are executed after the virus or worm has spread are called ________. A) exploits B) vulnerabilities C) payloads D) compromises

C) payloads

Vulnerability-based attacks that occur before a patch is available are called ________ attacks. A) DDos B) APT C) zero-day D) none are correct

C) zero-day

In antivirus filtering, the best ways to filter currently use ________. A) signature detection B) stateful inspection C) application awareness D) behavioral detection

D) behavioral detection

Using encryption, you make it impossible for attackers to read your messages even if they intercept them. This is ________. A) encoding B) security C) authentication D) confidentiality

D) confidentiality

T/F: Biometrics, and other new authentication methods, are being created with the goal of getting rid of reusable passwords.

True

The supplicant claims to be ________. A) the true party B) a requester C) an imposter D) none is correct

A) the true party

For consumers who suffered credit card fraud because of the Target breach and acted quickly, which of the following is true? A) The United States Treasury compensated them from an insurance fund. B) The credit card companies did not charge them for fraudulent purchasers. C) They received no compensation. D) They received compensation from Target.

B) The credit card companies did not charge them for fraudulent purchasers.

________ are full programs. A) Viruses B) Worms C) both A and B D) neither A nor B

B) Worms

When a packet that is part of an ongoing connection arrives at a stateful inspection firewall, the firewall usually ________. A) passes the packet but notifies the administrator B) passes the packet C) drops the packet D) drops the packet and notifies the administrator

B) passes the packet