CSCI 290 8-14 Final
The Linux log file that contains activity related to the web server is
/var/log/apache2/
a good password has a least _ characters
8
the plan to return a business to full normal operations is
DRP disaster recovery plan
the _ war was the first modern war in which there was a strong and widespread domestic opposition
Vietnam
the conflict between the users goal for unfettered access to data and the security administrators goal to protect that data is an issue of
access control
a password policy for a 90- or 180-day replacement schedule is called password
age
which of the following uses a variable length symmetric key
blowfish
a propaganda agent can manage multiple online personalities, posting to many different_
bulletin boards and discussion groups
how do most anti spyware packages work
by looking for known spyware
documentation of every person who had access to evidence, how they interacted with it, and where it was stored is called the
chain of custody
_ is the premeditated, politically motivated attack against information computer systems, computer programs, and data that results in violence against noncombatant targets by subnational groups of clandestine agents
cyberterrorism
using linux to wipe the target drive, the command-line command would be
dd
an _ attack on data can include stealing or destroying data
economic
The MyDoom virus was directed against the pentagon
false
a digital signature is used to guarantee who sent a message. this is referred to as non-repudiation
false
a good password should only contain letters and numbers
false
for individual computers not running firewall software, you should directly close ports
false
for individual computers not running firewall software, you should directly close those ports
false
the beijing eagle union consists of chinese hackers
false
the stuxnet virus was directed against iraqi nuclear facilities
false
the windows command fc lists all active sessions to the computer
false
you may use linux to make a _ of the hard drive
forensically valid copy
the process to make a system as secure as it can be without adding on specialized software or equipment is
hardening
what is the term for a fake system designed to lure intruders
honey pot
what should you be most careful of when looking for an encryption method to use
how long the algorithm has been around
a discarded credit card receipt or utility bill could be the starting point from which a perpetrator finds enough information to assumes a victims
identity
use for business communications only and the disallowing of the transmission of confidential business information are recommended guidelines for
instant messaging
if you experience a denial of service attack, you can use firewall logs to determine the _ from which the attack originated
ip address
why is binary mathematical encryption not secure
it does not change letter or word frequency
if you fail to handle evidence properly
it may be unusable in court
which of the following is a disadvantage to using an application gateway firewall
it uses a great deal of resources
what is a major weakness with a network host firewall
its security is depended on the underlying operation system
when an employee leaves, all _ should be terminated
logins
which of the following is an encryption method using two or more different shifts
multi-alphabet encryption
on a server, you should create you own accounts with _ that do not reflect their level of permission
names
for an individual machine that is not running firewall software, you do not directly close ports. you shut down the _ using that port
none of the above
probing your network for security flaws should occur once a quarter, and a complete audit of your security should be completed _ per yer
once
you can use the service Yahoo!People Search by going to _
people.yahoo.com
what is the term for blocking an ip address that has been the source of suspicious activity
preemptive blocking
what is PGP
pretty good privacy, a public key encryption method
what type of encryption uses different keys to encrypt and decrypt the message
public key
the rule that packets not originating form inside you LAN should not be forwarded relates to
routers
what is the term for a firewall that is simply software installed on an existing server
screened host
many states have online _ registries
sex offender
there have been cases of mistaken identity with _ lists
sex offender
a virus that infected iranian nuclear facilities was exploiting vulnerability in SCADA systems
stuxnet
hackers want information about a target person, organization, and _ to assist in comprising security
system
procedure for adding users, removing users, and dealing with security issues are examples of _ policies
system administration
usually, the first thing you do to a computer to prevent further tampering is to
take it offline
what are TSR programs
terminate an stay resident programs that actually stay in memory after you shut them down
which of the following is the most true regarding binary operations and encryption
they can form a part of viable encryption methods
CNE, MCITP, CISSP, and CCNA are examples of industry certifications
true
Kerberos is an authentication protocol that uses a ticket granting system that sends an encrypted ticket to the users machine
true
L2TP uses IPsec for its encryptions
true
a server with fake data used to attract an attacker is a honeypot
true
a stateful packet inspection firewall examines each packet, and denies or permits access based not only on the current packet, but also on the data derived from previous packets in the conversation
true
frequently the first responder to a computer crime network is the network administrator
true
many states have court records online
true
the category of intrusion detection systems that looks for patterns that don't match those to normal use is called anomaly detection
true
the chain of custody accounts for the handling of evidence and documents that handling
true
the fbi maintains a list of individual state sex registries at www.fbi.gov/scam-safety/registry
true
the us patriot act specifically deals with cyberterrorism
true
there should be a firewall between your network and the outside world
true
windows stores web browsing information in a file called index.dat
true
www.yellowpages.com, www.whowhere.com, and www.linkdin.com are good websites to locate a person's home address or telephone number
true
the joint task force representing components of all four US armed services is the
us cyber command
_ is a global group of bulletin boards that exist on any subject you can imagine
usenet
passwords, internet use, email attachments, software installation, instant messaging, and desktop configuration are areas of
user policies
a website that may help locate federal prison records is _
www.bop.gov/