Cyber Security Final Exam

Pataasin ang iyong marka sa homework at exams ngayon gamit ang Quizwiz!

Which of the following is true about XOR operation?

(1 XOR 1 = 0),(1 XOR 0 = 1), (0 XOR 1 = 1), and(0 XOR 0 = 0)

A good password has at least ______ characters.

8

Which of the following types of information would be a likely target for industrial espionage?

All of these.

The process to list assets that you believe support your organization is called ________.

Asset identification

The process to make a system as secure as it can be without adding on specialized software or equipment is _______________.

Hardening

Windows stores passwords using a method called __________.

Hashing

The virus scanning technique that uses rules to determine if a program behaves like a virus is _________ scanning.

Heuristic

A password policy for a 90- or 180-day replacement schedule is called password ________.

History

Passing structured query language commands to a web application and getting the website to execute it is called SQL script _________.

Injection

The rootkit malware is tough to detect because

It blends seamlessly into the operating system

What does keystroke monitoring malware do?

It collects the keystrokes you type into your keyboard.

What made the Bagle virus so dangerous?

It disabled antivirus software

The net command can be included in a ________ that will create a domain admin account.

Script

A server with fake data used to attract an attacker is a honeypot.

True

A stateful packet inspection firewall examines each packet, and denies or permits access based not only on the current packet but also on data derived from previous packets in the conversation.

True

A virus is any file that can self-replicate.

True

Every open port on a router is a possible avenue of entry for a malware or intruder.

True

Scans can be performed for benign discovery and understanding of a given system.

True

The category of intrusion detection systems that looks for patterns that don't match those of normal use is called anomaly detection.

True

Windows passwords are stored in a hash file in one of the system directories.

True

VI (value of information) = C (cost to produce) + ___________.

VG (value gained)

We call the malware a zero-day exploit, because

defenders have 'zero days' to have developed a solution

Java and ActiveX codes should be scanned before they are _________.

downloaded to your computer

Mistaking a legitimate program for a virus is a ____________.

false positive

Defense in depth is a powerful means for organizing security protections into architectures. The theory is based on

if one layer fails, then hopefully another will pick up the slack.

A(n) ________ refers to the bits that are combined with the plain text to encrypt it.

key

With asymmetric cryptography a different ______ is used to encrypt the message and to decrypt the message.

key

A signature malware is a(n)_______________ of how malware software such as viruses or worms would look on a computer.

patterned description

The rule that packets not originating from inside your LAN should not be forwarded relates to ___________.

routers

Two factor authentication _____________ increases the trust one can place in the identity validation process.

significantly

Public key cryptography removes the need for centralized key distribution centers. It supports secrecy and authentication properties by:

using public and private key encryption and decryption.

Crafting email and websites to specifically target certain victims is called dive bombing.

False

For individual computers not running firewall software, you should directly close ports.

False

IPsec can only encrypt the packet data but not the header information.

False

In a virus attack, the victim machine is the source.

False

Linux and Windows typically are not shipped with firewalls.

False

NMAP is a popular hacking tool.

False

NetBIOS is an example of a port scanner.

False

PGP involves only private key encryption.

False

Sending a forged email asking for sensitive data is an example of steganography.

False

Snort is an open-source firewall.

False

Windows has a built in firewall, but Linux does not.

False

Nmap enables you to set ________ such as -sP, -sS, and -oA.

Flags

Which of these is NOT one of the two basic types of cryptography?

Forward

Scans can be done for applications, systems, or entire networks. They can be performed in a ______________ scan mode.

Half, full and deep

The first rule of computer security is to check ___________.

Patches

Hacking into phone systems is called ___________.

Phreaking

Any _________ you do not explicitly need should be shut down.

Ports

There are 1,024 well-known ________ that are usually associated with specific services.

Ports

The virus/worm that combined email attachments along with a fake virus warning was the __________ virus.

Bagel

._________ is a block cipher that uses a variable-length key ranging from 32 to 448 bits.

Blowfish

What is the most common way for a virus to spread?

By email attachment

When an attacker injects client-side scripts into web pages viewed by other users so that those users interact with it, it is an example of _________.

Cross-site scripting

__________ is the art to write in or decipher secret code.

Cryptography

A _________ involves setting up two firewalls: an outer and an inner firewall.

DMZ (demilitarized zone)

Which of the following is NOT an example of industrial espionage?

Denial-of-service attack

______________ is the process to scramble a message or other information so that it cannot be easily read.

Encryption

___________ is the process to find out what is on a target system.

Enumeration

The management and handling of cryptographic keys is typically supported by:

Key Distribution Center or KDC.

A firewall ______ is a tool that can provide information after an incident has occurred.

Log

The virus/worm that specifically targets Macintosh computers is ________.

MacDefender

The virus/worm that collected email addresses from your address book and from other documents on your machine was the ________ virus.

Mimail

You would set a ___________ to prevent users from immediately changing their password several times in one day to return to the current password. This is particularly important if your password policy has a history depth of five.

Minimum password age

On a server, you should create your own accounts with ________ that do not reflect their level of permission.

Names

In which firewall configuration is the software installed on an existing machine with an existing operating system?

Network host-based

For an individual machine that is not running firewall software, you do not directly close ports. You shut down the _________ using that port.

None of these

The virus/worm that specifically targets Linux computers is ________.

None of these

The virus/worm that sends emails to victims telling them to delete a needed system file is the __________ virus.

Nonvirus

Probing your network for security flaws should occur once a quarter, and a complete audit of your security should be completed ________ per year

Once

If Alice encrypts her message using Bob's public key then:

Only Bob can decrypts Alice's message.

Intrusion detection systems complement firewalls and scanning by searching for attack indicators based on _____________________.

Signatures

Which of the following virus is used a multimodal approach?

Sobig virus

The most popular IPS function involves something called a _________________ address shun.

Source IP

Cookies and key loggers are examples of ____________.

Spyware

A(n)___________ firewall examines the entire conversation between client and server, not just individual packets.

Stateful Packet Inspection

A file that stays in memory after it executes is a(n) _____________.

Terminate and Stay Resident program


Kaugnay na mga set ng pag-aaral

fin exam 2-hw and practice exams

View Set

MGMT 417 Campolongo Test 2 Chapter 5

View Set

Chapter 11 | Properties of the Hair and Scalp

View Set

Chapter 18: Business Organizations and Employment Law

View Set

Abeka 7th Grade Vocabulary Spelling Quiz List #9

View Set

SOCI 101 inquisitive questions midterm 1

View Set