Computer Security Fundamentals, Ch1-9

10. When a hacking technique uses persuasion and deception to get a person to provide information to help compromise security, this is referred to as what?

A. Social engineering

8. What is malware?

A. Software that has some malicious purpose

12. What type of defense depends on changing the server so that unfinished handshaking times out sooner?

A. Stack tweaking

8. What is SPI?

A. Stateful packet inspection

11. What protocol is used for remotely logging on to a computer?

A. Telnet

21. Tim Berners-Lee invented what?

A. The World Wide Web

8. Which of the following reasons most likely made the Bagle virus spread so rapidly?

A. The email containing it claimed to be from the system administrator.

1. Which of the following is the most common way for a virus scanner to recognize a virus?

A. To compare a file to known virus attributes

23. The TCP protocol operates at what layer of the OSI model?

A. Transport

3. The cable used in networks is also referred to as what?

A. Unshielded twisted-pair

11. Which of the following is the safest way to send and receive attachments?

A. Use a code word indicating the attachment is legitimate.

3. Which of the following is not one of the three major classes of threats?

B. Online auction fraud

8. Blocking incoming ICMP packets will prevent what type of scan?

B. Ping

13. What type of encryption uses different keys to encrypt and decrypt the message?

B. Public key

11. What type of defense depends on sending the client an incorrect SYNACK?

B. RST cookies

6. A device used to connect two or more networks is a what?

B. Router

16. What can you do with a firewall to help protect against virus attacks?

B. Shut down all unneeded ports.

8. How big is a TCP packet header?

B. The size is always 20 bytes.

7. Which of the following is most true regarding binary operations and encryption?

B. They can form a part of viable encryption methods.

17. Internet addresses of the form www.chuckeasttom.com are called what?

B. Uniform resource locators

12. What size key does a DES system use?

C. 56 bit

6. What is a penetration tester?

C. A person who hacks a system to test its vulnerabilities

10. A person who hacks into phone systems is referred to as what?

C. A phreaker

19. Which of the following is the best definition of the term sensitive information?

C. Any information that if accessed by unauthorized personnel could damage your organization in any way

17. Which of the following types of privacy law affects computer security?

C. Any privacy law

19. What can you do with your firewall to defend against DoS attacks?

C. Block all incoming traffic on port 80

19. What is the primary way a virus scanner works?

C. By blocking all unknown files

15. What class would the IP address of 193.44.34.12 be?

C. C

2. Which of the following is the oldest encryption method discussed in this text?

C. Caesar cipher

11. What is the most common threat on the Internet?

C. Computer viruses

4. Which of the following is an encryption method using two or more different shifts?

C. DES

9. What is war-driving?

C. Driving looking for wireless networks to hack

5. Which of the following is not one of the basic types of firewalls?

C. Heuristic firewall

4. The simplest device for connecting computers is called what?

C. Hub

7. What was most interesting to security experts about the Mimail virus?

C. It grabbed email addresses from documents on the hard drive.

4. Which of the following is the primary reason that Microsoft Outlook is so often a target for virus attacks?

C. It is easy to write programs that access Outlook's inner mechanisms.

16. Which of the following is most likely to be true of an encryption method that is advertised as unbreakable?

C. It is likely to be exaggerated.

2. What is one way of checking emails for virus infections?

C. Look for subject lines that are from known virus attacks.

2. Which of the following is not a valid way to define a computer's workload?

C. Maximum voltage

13. The point where the backbones of the Internet connect is called what?

C. Network access points

10. What protocol is used to send email, and on what port does it work?

C. SMTP, port 25

10. A defense that depends on a hash encryption being sent back to the requesting client is called what?

C. SYN cookies

4. Leaving a connection half open is referred to as what?

C. SYN flood attack

15. What virus exploited buffer overflows?

C. Sasser virus

16. The IP address of 127.0.0.1 always refers to your what?

C. Self

9. Which attack mentioned in this chapter causes a network to perform a DoS on one of its own servers?

C. Smurf attack

5. Which of the following virus attacks used a multimodal approach?

C. Sobig virus

20. Vince Cerf invented what?

C. TCP

20. Which of the following is a major resource for detailed information on a computer virus?

C. The F-Secure Virus Library

1. One extreme viewpoint about computer security is what?

C. There are no imminent dangers to your system.

15. What is the most stealthy way to find out what type of server a website is running?

C. Use www.netcraft.com.

5. Which binary mathematical operation can be used for a simple encryption method?

C. XOR

18. Which of the following was rated by many experts to be the fastest growing virus on the Internet?

D. Smurf virus

17. A key logger is what type of malware?

D. Spyware

3. What are TSR programs?

D. Terminate and Stay Resident programs that actually stay in memory after you shut them down

6. What is the most significant weakness in a DoS attack from the attacker's viewpoint?

D. The attack must be sustained.

17. Which of the following is most true regarding certified encryption methods?

D. There is no such thing as certified encryption.

6. If you wish to view items that have been removed from a website, what is the best way to do that?

D. Use www.archive.org.

One extreme viewpoint about computer security is what?

There are no imminent dangers to your system

11. What advantage does a symmetric key system using 64-bit blocks have?

A. It is fast.

6. What factor about the Sobig virus made it most intriguing to security experts?

A. It spread in multiple ways.

10. What is a major weakness with a network host-based firewall?

A. Its security is dependent on the underlying operating system.

18. The first computer incident-response team is affiliated with what university?

A. Massachusetts Institute of Technology

15. Which of the following is an example of a DDoS attack?

A. MyDoom virus

9. What is the term for a firewall that is simply software installed on an existing server?

A. Network host based

5. What is a NIC?

A. Network interface card

18. Which of the following is most true regarding new encryption methods?

A. Never use them until they have been proven.

13. Which of the following is something a Trojan horse might do?

A. Open a backdoor for malicious software.

12. What are the three approaches to security?

A. Perimeter, layered, hybrid

13. What type of attack is dependent on sending packets too large for the server to handle?

A. Ping of death

11. What is the term for blocking an IP address that has been the source of suspicious activity?

A. Preemptive blocking

8. What is PGP?

A. Pretty Good Privacy, a public key encryption method

13. An intrusion detection system is an example of which of the following?

A. Proactive security

14. Which of the following is considered the most stealthy port scan?

A. SYN

8. What are three methods for protecting against SYN flood attacks?

A. SYN cookies, RST cookies, and stack tweaking

6. Which of the following is the most basic type of firewall?

A. Screening firewall

2. What is the most common damage caused by virus attacks?

A. Slowing down networks by the virus traffic

Before you can formulate a defense for a network you need what?

A clear picture of the dangers to be defended against

11. A person who uses tools to hack without understanding the underlying technology is called what?

A. A script kiddy

18. Which U.S. government agency created the distributed network that formed the basis for the Internet?

A. Advanced Research Projects Agency

14. What method do most IDS software implementations use?

A. Anomaly detection

5. What is spyware?

A. Any software that monitors your system

14. Which of the following is the most basic security activity?

A. Authentication

19. Which of the following was one of the three universities involved in the original distributed network setup by a government agency?

A. Berkeley

14. Which of the following methods uses a variable-length symmetric key?

A. Blowfish

1. Which of the following most accurately defines encryption?

A. Changing a message so it can only be easily read by the intended recipient

9. A protocol that translates web addresses into IP addresses is called what?

A. DNS

24. Which layer of the OSI model is divided into two sublayers?

A. Data link

1. What is one of the most common and simplest attacks on a system?

A. Denial of service

7. What is the most common class of DoS attacks?

A. Distributed denial of service

3. How can you prevent cross-site scripting?

A. Filter user input.

5. OphCrack depends on the attacker doing what?

A. Getting physical access to the machine

12. What is the term for a fake system designed to lure intruders?

A. Honey pot

13. Which of the following is the correct term for simply making your system less attractive to intruders?

A. Intrusion deterrence

6. Why is binary mathematical encryption not secure?

A. It does not change letter or word frequency.

7. A T1 line sends data at what speed?

B. 1.54Mbps

14. Which of the following is not a valid IP address?

B. 295.253.254.01

25. A unique hexadecimal number that identifies your network card is called what?

B. A MAC address

2. Before you can formulate a defense for a network you need what?

B. A clear picture of the dangers to be defended against

4. What is a computer virus?

B. Any program that self-replicates

3. What is the most common way for a virus to spread?

B. By email attachment

15. How do most antispyware packages work?

B. By looking for known spyware

5. What is the basic mechanism behind a DoS attack?

B. Computers can only handle a finite load.

1. SQL injection is based on what?

B. Creating an SQL statement that is always true

10. Which of the following is a symmetric key system using 64-bit blocks?

B. DES

16. According to a recent survey of 223 computer professionals prepared by the ComputerSecurity Institute, which of the following was cited as an issue by more of the respondents?

B. Employee abuse

12. Trying to list all the servers on a network is referred to as what?

B. Enumeration

12. What protocol is used for web pages, and what port does it work on?

B. HTTP, port 80

4. What is the name for scanning that depends on complex rules to define what is and is not a virus?

B. Heuristic scanning

22. Which utility gives you information about your machine's network configuration?

B. IPConfig

9. What made the Bagle virus so dangerous?

B. It disabled antivirus software.

4. What is an advantage of using Nessus? Use your favorite search engine to research Nessus to answer this question.

B. It has a wide range of vulnerabilities it can check for.

7. Which of the following is a disadvantage to using an application gateway firewall?

B. It uses a great deal of resources.

15. The most desirable approach to security is one that is which of the following?

B. Layered and dynamic

2. The connector used with network cables is called what?

D. RJ-45

9. A person who uses hacking techniques for illegal activities is referred to as what?

D. A cracker

20. Why will protecting against Trojan horse attacks reduce DoS attacks?

D. Because a Trojan horse attacks in much the same way as a DoS attack

20. What other way can a virus scanner work?

D. By looking at files for virus-like behavior

1. What type of cable do most networks use?

D. Category 5 cable

13. Which of the following is a popular enumeration tool?

D. Cheops

14. What type of attack uses Internet routers to perform a DoS on the target?

D. DDoS

3. What do you call a DoS launched from several machines simultaneously?

D. DDoS attack

17. What can you do to your internal network routers to help defend against DoS attacks?

D. Disallow all traffic that comes from untrusted sources

15. What should you be most careful of when looking for an encryption method to use?

D. How long the algorithm has been around

18. Which of the following is a step that all computer users should take to protect against virus attacks?

D. Install and use antivirus software.

3. What is the main problem with simple substitution?

D. It maintains letter and word frequency.

16. How can securing internal routers help protect against DoS attacks?

D. It will prevent an attack from propagating across network segments.

2. Which of the following is a vulnerability scanner specifically for Windows systems?

D. MBSA

12. Which of the following is true regarding emailed security alerts?

D. Most companies send alerts via email.

10. Which of the following is a way that any person can use to protect against virus attacks?

D. Never open unknown email attachments.

7. Which of the following is a popular port scanner?

D. Nmap

9. Which of the following methods is available as an add-in for most email clients?

D. PGP

7. What is the term for hacking a phone system?

D. Phreaking

1. Which of the following is the best definition of virus?

D. Program that self-replicates

14. What is a buffer-overflow attack?

D. Putting more data in a buffer than it can hold