Exam 2- Global Security
. The virus/worm that attempts to copy itself to C:\WINDOWS\FVProtect.exe is _______. a. W32/Netsky-P b. Troj/Invo-Zip c. MacDefender d. Sobig
A
What is the highest level of security you can expect to obtain? A. A level of security that makes the effort required to get information more than the value of the information B. A level of security comparable with government security agencies, such as the Central Intelligence Agency C. A level of security that has a 92.5% success rate in stopping intrusion D. A level of security that has a 98.5% success rate in stopping intrusion
A
What should you be most careful of when looking for an encryption method to use? A. Complexity of the algorithm B. Veracity of the vendor's claims C. Speed of the algorithm D. How long the algorithm has been around
A
Which of the following is considered the most stealthy port scan? A. SYN B. Connect C. Ping D. Nmap
A
Which of the following methods uses a variable-length symmetric key? A. Blowfish B. Caesar C. DES D. RSA
A
Which of the following most accurately defines encryption? A. Changing a message so it can only be easily read by the intended recipient B. Using complex mathematics to conceal a message C. Changing a message using complex mathematics D. Applying keys to a message to conceal it
A
Why is binary mathematical encryption not secure? A. It does not change letter or word frequency. B. It leaves the message intact. C. It is too simple. D. The mathematics of it is flawed.
A
Blocking incoming ICMP packets will prevent what type of scan? A. SYN B. Ping C. FIN D. Stealth
B
Trying to list all the servers on a network is referred to as what? A. Port scanning B. Enumeration C. Vulnerability scanning D. Scouting
B
Which of the following is a symmetric key system using 64-bit blocks? A. RSA B. DES C. PGP D. Blowfish
B
Which of the following is most true regarding binary operations and encryption? A. They are completely useless. B. They can form a part of viable encryption methods. C. They are only useful as a teaching method. D. They can provide secure encryption.
B
A person who hacks into phone systems is referred to as what? A. A hacker B. A gray hat hacker C. A phreaker D. A cracker
C
Information is an asset to your company if it A. Cost any sum of money to produce B. Cost a significant sum of money to produce C. Might have economic value
C
What is the usual motivating factor for corporate/industrial espionage? A. Ideological B. Political C. Economic D. Revenge
C
What is the most stealthy way to find out what type of server a website is running? A. Use Nmap. B. Use Cain and Abel. C. Use www.netcraft.com. D. Use www.archive.org.
D
In a virus attack, the victim machine is the source.
F
The Sasser virus/buffer overflow attack spreads by copying itself to shared drives and emailing itself out to everyone in your address book.
F
A rootkit provides the hacker root or privileged access.
T
A virus is any file that can self-replicate.
T
After a virus is on your system, it can do anything a legitimate program can do.
T
Malware that is portable to all operating systems or platforms is considered web-based code.
T
The Bagle virus contained email attachments and a fake virus warning
T
McAfee and Norton are examples of ________. a. Viruses b. Worms c. Trojan horses d. Virus scanners
d
A person who uses tools to hack without understanding the underlying technology is called what? A. A script kiddy B. A gray hat hacker C. A novice D. A white hat hacker
A
How can you prevent cross-site scripting? A. Filter user input. B. Use an IDS. C. Use a firewall. D. It cannot be prevented
A
In the context of preventing industrial espionage, why might you wish to limit the number of company CD burners and control access to them in your organization? A. An employee could use such media to take sensitive data out. B. An employee could use such media to copy software from the company. C. CDs could be a vehicle for spyware to get on your system. D. CDs could be a vehicle for a virus to get on your system.
A
OphCrack depends on the attacker doing what? A. Getting physical access to the machine B. Getting domain admin privileges C. Using social engineering D. Using a scanning tool
A
What advantage does a symmetric key system using 64-bit blocks have? A. It is fast. B. It is unbreakable. C. It uses asymmetric keys. D. It is complex.
A
What is PGP? A. Pretty Good Privacy, a public key encryption method B. Pretty Good Protection, a public key encryption method C. Pretty Good Privacy, a symmetric key encryption method D. Pretty Good Protection, a symmetric key encryption method
A
What is the best outcome for a spy attempting an espionage activity? A. To obtain information without the target even realizing he did so B. To obtain information with or without the target realizing he did so C. To obtain information and discredit the target D. To obtain information and cause harm to the target
A
What is the difference between corporate and industrial espionage? A. None; they are interchangeable terms. B. Industrial espionage only refers to heavy industry, such as factories. C. Corporate espionage only refers to executive activities. D. Corporate espionage only refers to publicly traded companies.
A
What is the greatest security risk to any company? A. Disgruntled employees B. Hackers C. Industrial spies D. Faulty network security
A
You can calculate the value of information by what formula? A. Resources needed to produce the information, plus resources gained from the information B. Resources needed to produce the information, multiplied by resources gained from the information C. Time taken to derive the information, plus money needed to derive the information D. Time taken to derive the information, multiplied by money needed to derive the information
A
If a company purchases a high-end UNIX server to use for its research and development department, what is probably the most valuable part of the system? A. The high-end UNIX server B. The information on the server C. The devices used to protect the server D. The room to store the server
B
The Microsoft Office suite is a tempting target for viruses because ___________. a. It is so ubiquitous. b. It is designed so that legitimate programmers can access its internal objects. c. It contains virus programming tools. d. None of the above.
B
What is an advantage of using Nessus? Use your favorite search engine to research Nessus to answer this question. A. It is free for businesses. B. It has a wide range of vulnerabilities it can check for. C. It is designed for Windows systems. D. It includes an IDS.
B
What type of encryption uses different keys to encrypt and decrypt the message? A. Private key B. Public key C. Symmetric D. Secure
B
Which of the following is most true regarding new encryption methods? A. Never use them until they have been proven. B. You can use them, but you must be cautious. C. Only use them if they are certified. D. Only use them if they are rated unbreakable.
B
Which of the following is the best definition for spyware? A. Software that assists in corporate espionage B. Software that monitors activity on a computer C. Software that logs computer keystrokes D. Software that steals data
B
Why would you want to scan an employee's computer when he leaves the organization? A. To check the work flow prior to leaving B. To check for signs of corporate espionage C. To check for illegal software D. To check for pornography
B
What size key does a DES system use? A. 64 bit B. 128 bit C. 56 bit D. 256 bit
C
Which binary mathematical operation can be used for a simple encryption method? A. Bit shift B. OR C. XOR D. Bit Swap
C
Which of the following is a likely reason that an organization might be reluctant to admit it has been a victim of corporate espionage? A. It would embarrass the IT department. B. It would embarrass the CEO. C. It might cause stock value to decline. D. It might lead to involvement in a criminal prosecution.
C
Which of the following is most likely to be true of an encryption method that is advertised as unbreakable? A. It is probably suitable for military use. B. It may be too expensive for your organization. C. It is likely to be exaggerated. D. It is probably one you want to use.
C
Which of the following is the oldest encryption method discussed in this text? A. PGP B. Multi-alphabet encryption C. Caesar cipher D. Cryptic cipher
C
A person who uses hacking techniques for illegal activities is referred to as what? A. A hacker B. A gray hat hacker C. A phreaker D. A cracker
D
If you wish to view items that have been removed from a website, what is the best way to do that? A. Use Nessus. B. Use Nmap. C. Use www.netcraft.com. D. Use www.archive.org.
D
What is the main problem with simple substitution? A. It does not use complex mathematics. B. It is easily broken with modern computers. C. It is too simple. D. It maintains letter and word frequency.
D
What is the reason for encrypting hard drives on laptop computers? A. To prevent a hacker from reading that data while you are online B. To ensure that data transmissions are secure C. To ensure that another user on that machine will not see sensitive data D. To prevent a thief from getting data off of a stolen laptop
D
What is the ultimate goal of espionage? A. To subvert a rival government B. To obtain information that has value C. To subvert a rival business D. To obtain information not otherwise available
D
Which of the following is a popular enumeration tool? A. Nessus B. Nmap C. MBSA D. Cheops
D
Which of the following is a popular port scanner? A. Nessus B. OphCrack C. MBSA D. Nmap
D
Which of the following is an encryption method using two or more different shifts? A. Caesar cipher B. Multi-alphabet encryption C. DES D. PGP
D
Which of the following is most true regarding certified encryption methods? A. These are the only methods you should use. B. It depends on the level of certification. C. It depends on the source of the certification. D. There is no such thing as certified encryption.
D
Which of the following methods is available as an add-in for most email clients? A. DES B. RSA C. Caesar cipher D. PGP
D
Which of the following types of information would be a likely target for industrial espionage? A. A new algorithm that the company's IT department has generated B. A new marketing plan that the company has formulated C. A list of all the company's customers D. All of the above
D
Malware that executes when a specific criteria is met is a logic bomb.
T
The most common method to deliver spyware to a target system is by using a Trojan horse.
T
The most common way for a virus to spread is by reading your email address book and emailing itself to your contacts.
T
. Any file that can self-replicate is a ________. a. Virus b. Worm c. Trojan horse d. none of the above
a
A program that looks benign but actually has a malicious purpose is a _______. a. Trojan horse b. Virus c. Worm d. Cookie
a
If a program writes more information into the computer's memory than the memory was designed to hold, it is a(n) ___________ attack. a. Buffer-overflow b. RAM c. Spyware d. Adware
a
The virus/worm that collected email addresses from your address book and from other documents on your machine was the ________ virus. a. Mimail b. Bagle c. Nonvirus d. None of the above
a
A program that can propagate without human interference is a _______. a. Virus b. Worm c. Trojan horse d. None of the above
b
SQL injection is based on what? A. Having database admin privileges B. Creating an SQL statement that is always true C. Creating an SQL statement that will force access D. Understanding web programming
b
The virus/worm that combined email attachments along with a fake virus warning was the __________ virus. a. Mimail b. Bagle c. Nonvirus d. None of the above
b
The virus/worm transmitted in a zip file attached to an email with an enticing message is __________. a. W32/Netsky-P b. Troj/Invo-Zip c. MacDefender d. None of the above
b
. The I Love You virus caused harm because ________. a. It had a negative payload. b. It erased data on computers. c. It generated large numbers of emails that bogged down many networks. d. None of the above
c
The virus/worm that sends emails to victims telling them to delete a needed system file is the __________ virus. a. Mimail b. Bagle c. Nonvirus d. None of the above
c
The virus/worm that specifically targets Macintosh computers is ________. a. W32/Netsky-P b. Troj/Invo-Zip c. MacDefender d. None of the above
c
The virus/worm that specifically targets Linux computers is ________. a. W32/Netsky-P b. Troj/Invo-Zip c. MacDefender d. None of the above
d
Which of the following is a vulnerability scanner specifically for Windows systems? A. Nmap B. OphCrack C. Nessus D. MBSA
d
