CIS 377 - Final
______________________ involves public-key cryptography standards, trust models, and key management.
Public key infrastructure
A list of virus definitions is generally in a file with a ________ extension. a. .dat b. .txt c. .vir d. def
a. .dat
Java and ActiveX codes should be scanned before they are _________. Downloaded to your computer Known about Infected None of the above
a. Downloaded to your computer
Which of the following can be used to break encryption algorithms? a. frequency analysis b. XOR c. hashing d. vigenere
a. Frequency analysis
An SQL injections occurs because of ____________ a. Improper input validation b. A lack of proper encryption c. An integer error d. A buffer overflow
a. Improper input validation
In which firewall configuration is the software installed on an existing machine with an exiting operating system? Network host-based Dual-homed host Router-based Screened host
a. Network host-based
A(n) ___ is a mathematical process for doing something. a. algorithm b. cipher c.formula
a. algorithm
The _____ control strategy that attempts to eliminate or reduce any remaining uncontrolled risk through application of additional controls and safeguards. a. defense b. mitigate c. termination d. transfer
a. defense
What can't static analysis detect? a. Design flaws b. Syntax problems c. Missing variables d. Uncalled functions
a. design flaws
____ is the process to scramble a message or other information so that it cannot be easily read. a. encryption b. cryptoanalysis c. keying
a. encryption
windows stores passwords using a method called ____ a. hashing b. authenication c. kerberos
a. hashing
A(n) ___ refers to the bits that are combined with the plain text to encrypt it. a. key b. plain c. cipher text
a. key
A firewall ______ is a tool that can provide information after an incident has occurred. a. Log b. Scan c. Port d. None of the above
a. log
A packet-filtering firewall is a(n) ____________ firewall. Packet Filtering Application gateway Circuit-level gateway Domain gateway
a. packet filtering
in Cryptography, original message, before being transformed, is called. a. plaintext b. simple text c. empty text d. casear text
a. plaintext
A(n)___________ firewall examines the entire conversation between client and server, not just individual packets. Stateful Packet Inspection Packet filtering Circuit-level gateway Domain gateway
a. stateful packet inspection
In _____________________ testing, the tester has access to the source code. a. White Box b. Black Box c. Grey Box d. Penetration
a. white box
_______ include information and the system that use, store, and transmit information.
information assets
"Long arm __________" refers to the long arm of the law reaching across the country or around the world to draw an accused individual into its court systems whenever it can establish jurisdiction.
jurisdiction
With asymmetric cryptography a different ____ is used to encrypt the message and decrypt the message. a. key b. code c. lock
key
__________ is the legal obligation of an entity that extends beyond criminal or contract law.
liability
The _____ control strategy attempts to reduce the impact caused by the exploitation of vulnerability through planning and preparation.
mitigation
Using the ___ cipher you select multiple numbers by which to shift letter. a. DC4 b. Caesar c. mulit-alphabet substitution
mulit-alphabet substitution
___ refers to unencrypted text
plaintext
List 3 common software vulnerabilities.
- buffer overflows - SQL injections - incorrect input validation
Lists the steps of the software development lifecycle.
1. Define the problem (Analysis) 2. Design the solutions (Algorithm) 3. Code solution (Program) 4. Test and Debug 5. Maintain and document
______ components account for the management of information in all its states: transmission, processing, and storage.
Data
A _________ is a barrier between your network and the outside world. a. Firewall b. Web server c. File server d. None of the above
a
A document that defines how an organization deals with some aspect of security is a(n) ______. a. security policy b. business plan c. Security update d. none
a
A file that stays in memory after it executes is a(n) _____________. a. Terminate and Stay Resident program b. Executable c. Text file d. Bug
a
The principal that users have access to only network resources when an administrator explicitly grants them is called ______. a. implicit deny b. least privilege c. separation of duty d. job rotation
a
The National Information Infrastructure Protection Act of 1996 modified which Act? a. Computer Security Act b. Computer Fraud and Abuse Act c. USA PATRIOT Act d. USA PATRIOT Improvement and Reauthorization Act
b
What is the subject of the Computer Security Act? a. Telecommunications Common Carriers b. Federal Agency Information Security c. Cryptography Software Vendors d. Banking Industry
b
What is the subject of the Sarbanes-Oxley Act? a. Privacy b. Financial Reporting c. Banking d. Trade secrets
b
When an employee leaves, all _____ should be terminated. a. web histories b. logins c. desktops d. passwords
b
In which firewall configuration is the firewall running on a server with at least two network interfaces? Network host-based Dual-homed host Router-based Screened host
b . Dual-homed host
The________ plan specifies the actions an organization can and should take while an adverse event (that could result in loss of an information asset or assets, but does not currently threaten the viability of the entire organization) is in progress. a. BR b. IR c. DR d. BC
b. IR
Typically, when you update virus definitions _____________. a. The virus program scans your computer. b. Your computer restarts. c. You are updating the virus definition file on your computer d. None of the above
b. Your computer restarts.
Using the ____ cipher you choose some number by which to shift each letter of a text. a. DC4 b. Casear c. ASCII
b. caesar
The ___is the difference between an organization's observed and desired performance. a. risk assessment b. performance gap c. issue delta d. objective
b. performance gap
If you determine a virus has struck a system, the first step is to _____. a. scan and clean infected systems b. log the incident c. unplug the machines from the network d. notify appropriate organization leaders
c
New employees should receive a copy of the company's _______ policies. a. business continuation b. disaster recovery c. security/acceptable use d. none
c
The Health Insurance Portability and Accountability Act Of 1996, also known as the __________ Act, protects the confidentiality and security of health care data by establishing and enforcing standards and by standardizing electronic data interchange. a. Privacy b. Gramm-Leach-Bliley c. Kennedy-Kessebaum d. HITECH
c
a(n) ____ serves as the trusted third-party agency that is responsible for issuing the digital certificates. a. DA b. RA c. CA d. PA
c. CA
The virus scanning technique that uses rules to determine if a program behaves like a virus is _________ scanning. Download File Heuristic Sandbox
c. Heuristic
Most attacks occur because a hacker takes advantage of: a. the compiler b. complexity c. a vulnerability in the software d. the binary code
c. a vulnerability in the software
The ______ strategy is the choice to do nothing to protect a vulnerability and to accept the outcome of its exploitation. a. transfer b. mitigation c. acceptance d. defense
c. acceptance
_____ is a block cipher that uses a variable-length key ranging from 32 to 488 bits. a. 3DES b. AES c. blowfish
c. blowfish
Mistaking a legitimate program for a virus is a ____________. Heuristic error False negative False positive None of the above
c. false positive
______ is an asset valuation approach that uses categorical or non-numeric values rather than absolute numerical measures. a. value-specific constant b. metric-centric model c. qualitative assessment d. quantitative assessment
c. qualitative assessment
____ equals the probability of a successful attack times the expected loss from a successful attack plus an element of uncertainty. a. loss magnitude b. loss c. risk d. loss frequency
c. risk
The _____ control strategy attempts to shift risk to other assets, other processes, or other organizations. a. mitigate b. defend c. transfer d. accept
c. transfer
__ refers to encrypted text
cipher text
A(n) _________ policy requires that employees secure all information in appropriate storage containers at the end of each day.
clean desk
__________ are the fixed moral attitudes or customs of a particular group.
cultural mores
Which of the following acts is also widely known as the Gramm-Leach-Bliley Act? a. Health Insurance Portability and Accountability Act b. Communications Act c. Computer Security Act d. Financial Services Modernization Act
d
Which of the following is an activity that falls into a gray area and might be acceptable internet use in some organization but not others? a. email b. online training c. web meetings d. online shopping during break time
d
The result of encrypting text is .. a. Hieroglyphics b. caesar's text c. plaintext d. cipher text
d. cipher text
The virus scanning technique that means you have a separate area isolated from the operating system in which a file is run, so it won't infect the system is ________. Download File Heuristic Sandbox
d. sandbox
In a(n) _____, assets or threats can be prioritized by identifying criteria with differing levels of importance, assigning a score for each of the criteria and then summing and ranking those scores. a. threat assessment b. risk management program c. data classification d. weighted factor analysis
d. weighted factor analysis
At which step of SDLC should security be considered?
every step
A screening firewall works in the application layer of the OSI model. true/false
false
A(n) intranet is a segment of the DMZ where additional authentication and authorization controls are put into place to provide services that are not available to the general public. true/ false
false
Cultural differences can make it difficulty to determine what is ethical and is not ethical between cultures, except when it comes to the use of computers, where ethics are considered universal. true/false
false
Employees are not deterred by the potential loss of certification or professional accreditation resulting from a breach of a code of conduct as this loss has no effect on employees' marketability and earning power. true/false
false
Encryption done using small keys is inherently more secure. true/false
false
Ethics are the moral attitudes or customs of a particular group. true/false
false
Identifying human resources, documentation, and data information assets of an organization is less difficult than identifying hardware and software issues. true/false
false
Know yourself means identifying, examining, and understanding the treats facing the organization. true/false
false
Linux and Windows typically are not shipped with firewalls. true/false
false
Loss event frequency is the combination of an asset's value and the percentage of it that might be lost in an attack. true/false
false
PGP involves only private key encryption. true/false
false
Principal of least privilege means that no one person can perform critical tasks. true/false
false
Risk control is the enumeration and documentation of risks to an organization's information assets. true/false
false
Risk mitigation is the process of assigning a risk rating or score to each information asset. true/false
false
Snort is an open-source firewall. true/false
false
The Federal Privacy Act of 1974 regulates government agencies and holds them accountable if they release information about national security without permission. true/false
false
The United States has implemented a version of the DMCA law called the Database Right, in order to comply with Directive 95/46/EC. true/false
false
The difference between a policy and a law is that ignorance of a law is an acceptable defense. true/false
false
The key difference between laws and ethics is that ethics carry the authority of a governing body and laws do not. true/false
false
The method to attract an intruder to a subsystem setup for the purpose of observing him is called intrusion deterrence. true/false
false
Unethical and illegal behavior is generally caused by ignorance (of policy and/or the law), by accident, and by inadequate protection mechanisms true/false
false
You cannot disable some USB devices from end-user computers and allow others. true/false
false
A(n) ____________________ is a combination of hardware and software that filters or prevents specific information from moving between the outside world and the inside world.
firewall
With ___ encryption, one key is used to encrypt message, and another is used to decrypt the message a. private key b. public key c. cipher
public key
_______ involves three major undertakings: risk identification, risk assessment, and risk control.
risk management
A digital signature is used to guarantee who sent a message. This is referred to as non-repudiation. true/false
true
A security policy is a document that defines how an organization deals with some aspect of security. true/false
true
A server with fake data used to attract an attacker is a honeypot. true/false
true
A stateful packet inspection firewall examines each packet, and denies or permits access based not only on the current packet, but also on data derived from previous packets in the conversation. true/false
true
Due care and due diligence require that an organization make a valid effort to protect others and continually maintain this level of effort, ensuring these actions are effective. true/ false
true
Heuristic scanning uses rules to determine whether a file or program behaves like a virus. true/false
true
Information sent across the internet is not encrypted by default. true/false
true
Laws, policies and their associated penalties only provide deterrence if offenders fear the penalty, expect to be caught, and expect the penalty to be applied if they are caught. true/false
true
Likelihood is the probability that a specific vulnerability within an organization will be the target of an attack. true/false
true
Privacy is the right of individuals or groups to protect themselves and their information from unauthorized access, providing confidentiality. true/false
true
Public key encryption is fast becoming the most widely used type of encryption because there are no issues to deal with concerning distribution of keys true/false
true
Security policies toward programmers and web developers are developmental policies. true/false
true
The Economic Espionage Act of 1996 protects American ingenuity, intellectual property, and competitive advantage. true/ false
true
The category of intrusion detection systems that looks for patterns that don't match those of normal use is called anomaly detection. true/false
true
The most widely used symmetric key algorithm is Advanced Encryption Standard (AES) true/false
true
The threats-vulnerabilities-assets (TVA) worksheet is a document that shows a comparative ranking of prioritized assets against prioritized threats, with an indication of any vulnerabilities in the asset/threat pairings. true/false
true
VPN, used properly, allows a user to use the Internet as if it were a private network. true/false
true
When an administrator proactively seeks out intelligence on potential threats or groups, this is called infiltration. true/false
true
binary numbers are made up of 1s and 0s true/false
true
List at least three security design principles that should be used in secure software design.
• Least privilege • Economy of mechanism • Complete mediation • Open design • Separation of privilege • Least common mechanism • Psychological acceptability • Fail-safe defaults