CYBR 2600 - Sec Chapter 17
True
Hoax emails can impact bandwidth. True/False
True
Hoaxes are similar to chain letters, but instead of promising a reward, the story in the e-mail is typically what produces the action. True/False
False
Sender Policy Framework (SPF) validates the receiving address of the email. True/False
True (Secure Multipurpose Internet Mail Extensions)
S/MIME is a secure implementation of the MIME protocol specification. True/False
True
S/MIME uses the X.509 format for certificates. True/False
False (It's the other way around. Virus - must be triggered by victim's interaction with infected file.) (Worm - standalone malicious programs, can self-replicate & propagate independently as soon as they've breached the system)
Viruses can exist independent of a file, whereas worms require a file to infect. True/False
TCPs send an unauthenticated, error-free stream of information between two computers.
What is the goal of TCP? - TCPs send an unauthenticated, error-free stream of information between two computers. - TCPs provide integrity and authentication functionality through the use of cryptographic methods. - TCPs link documents to other documents by URLs. - TCPs provide a common addressing scheme.
spam
What term is used for unsolicited commercial e-mail? - hoax e-mail - worms - spam - sporks
Secure Shell (SSH)
When Secure FTP (SFTP) is used for confidential data transfer, what protocol is combined with FTP to accomplish this task? - Secure Sockets Layer (SSL) - Secure Shell (SSH) - Transport Layer Security (TLS) - Hypertext Transfer Protocol Secure (HTTPs)
mail relaying
One of the steps that the majority of system administrators running Internet e-mail servers have taken to reduce spam is to shut down __________. - spam filters - mail relaying - e-mail attachments - Outlook Express
False
All mail servers support spam URI Real-time Block Lists (SURBLs) technology. True/False
True
All versions of SSL have been shown to be vulnerable to breach. True/False
True
Because FTP servers can present a security risk, they are typically not permitted on workstations and are disabled on servers without need for this functionality. True/False
users themselves (because they are the ones who will actually be sending and receiving the messages)
E-mail security is ultimately the responsibility of _________. - networking administrators - security administrators - a mail application - users themselves
mail user agent (MUA)
In technical terms, the application on the e-mail sender's machine is referred to as a __________. - mail user agent (MUA) - mail transfer agent (MTA) - mail delivery agent (MDA) - mail storage agent (MSA)
anonymous
In the case of an FTP server, which account allows unlimited public access to the files and is commonly used when you want to have unlimited distribution? - root - anonymous - administrator - public
True
Most e-mail is sent in plaintext, providing no privacy in its default form. True/False
TCP port 80
Which port does HTTP traffic travel over by default? - TCP port 8080 - TCP port 80 - UDP port 8080 - UDP port 80
The primary purpose of JavaScript is to enable features such as validation of forms before they are submitted to the server.
Which statement describes the primary purpose of JavaScript? - The primary purpose of JavaScript is to enable features such as validation of forms before they are submitted to the server. - The primary purpose of JavaScript is to create applications that run in a virtual machine or browser. - The primary purpose of JavaScript is to create complex application logic that is then embedded into other container objects such as a Web browser. - The primary purpose of JavaScript is to embrace the full functionality of a server, allowing access to databases, UNIX commands, and other programs.
blacklisting
______ is essentially noting which domains and source addresses have a reputation for sending spam, and rejecting messages coming from those domains and source addresses. - Whitelisting - Blacklisting - Egress filtering - Relaying
