ITN 262 Quizzes Chapter 1-7

Pataasin ang iyong marka sa homework at exams ngayon gamit ang Quizwiz!

Select the controls from the list below that can implement a tailored access policy. Control of system-based access rights Access control lists Control of world-based access rights Control of user group-based access rights

- Access control lists - Control of user group-based access rights

Alice is using a system that uses very simple file and directory access rights. The system doesn't have directory-specific access rights. Instead, it uses simple read and write permissions to restrict what users can do to a directory. Alice has read-only access to the "project" directory. Select which of the following operations Alice can perform on that directory. Create files to which she will have "write" access List files in the directory Seek files in that directory Read files in the directory for which she has "read" access Delete files for which she has "write" access

- List files in the directory - Seek files in that directory - Read files in the directory for which she has "read" access

Kevin is accused by his employer of unauthorized access to a company computer. The employer pursues this as a private action. Which of the following are true about this dispute? Select all that apply. May be resolved informally between the perpetrator and victim, or their legal representatives Requires evidence admissible in court The perpetrator is charged with breaking a law. May require a third party to resolve the issue, like a mediator, judge, and/or jury Based on a shared relationship, like employer and employee

- May be resolved informally between the perpetrator and victim, or their legal representatives - Based on a shared relationship, like employer and employee

We need to create a three-factor authentication system. The system already requires the user's fingerprint and memorized password. Which of the following can we add to implement three separate factors? Require the answer to a secret question Signature recognition A procedure that requires the user's cell phone A PIN entered via a built-in PIN pad

A procedure that requires the user's cell phone

Which of the following is a list of access rights for each file, where each entry identifies a specific user and contains a list of access rights granted to that user. All of these are correct. Group rights Access control list (ACL) Reader rights

Access control list (ACL)

What does authentication do? Associates an individual with an identity Grants access rights All of these are correct. Checks access rights

Associates an individual with an identity

We use a special error detection calculation to authenticate the data on a hard drive that as being used as evidence in court. Which type of error detection calculation is typically used? One-way hash Parity Checksum Cyclic redundancy check

One-way hash

Users with the right to read files in the folder have which of the following? Select all that apply. Read/write rights Owner rights Reader rights

Read/write rights Owner rights Reader rights (all of them)

Car ignition locks are an example of what type of decision? Hunter's dilemma Relativistic-based Rule-based Requirement-based

Rule-based

MATCH: The phrases below describe types of authentication factors. Match the type of authentication factor with its description. Something you know - Memorized information like a password Something you have - An object containing a base secret, like the magnetic stripe on a cash card Something you are - A biometric measurement

Something you know - Memorized information like a password Something you have - An object containing a base secret, like the magnetic stripe on a cash card Something you are - A biometric measurement

We are trying to protect a household computer. We have implemented password-based authentication to protect sensitive data. Which levels of attacker motivation can this authentication typically protect against in this situation? Select all that apply. Stealth motivation No motivation Medium motivation Scant motivation

Stealth motivation No motivation Scant motivation

The program counter points to locations in RAM. If we add one to the address in the program counter, what will it always point to? The next control section in RAM The next byte in RAM The next bit in RAM The next instruction in RAM

The next byte in RAM

After encrypting a plaintext file and saving its ciphertext in a new file, what should the file encryption program do next? Select the safest alternative. The program writes zeroes over every data block in the plaintext file. The program deletes the plaintext file. The program writes zeroes over the file's directory entry. The program writes zeroes over the data at the beginning of the plaintext file.

The program writes zeroes over every data block in the plaintext file.

True or False? A vulnerability is a security measure intended to protect an asset.

False

True or False? All attacks cause damage to a system.

False

True or False? Application programs are the only executable files on a typical operating system.

False

True or False? At a crime scene, the computer must be analyzed on the spot and documented after it is considered safe.

False

True or False? Biometrics have a fault tolerance of 0.

False

True or False? Information security architecture often relies on boundaries outside the computer to protect important information or programs from error-prone or malicious programs.

False

True or False? Offline attacks are easily detected.

False

True or False? Part of the reason why the Morris worm was successful was that the finger process had Least Privilege instead of Most Privilege.

False

True or False? Read-only memory (ROM) is another type of non-persistent storage.

False

True or False? The programmer who creates a program has two rights—read and execute—which yields "RX."

False

True or False? The two primary types of symmetric algorithms are public and cipher.

False

True or False? Your fingerprint is a "something you have" factor.

False

True or False? A computer's basic input/output system (BIOS) is a computer program stored in read-only memory (ROM).

True

True or False? A supervisory control and data acquisition (SCADA) device is a computer that controls motors, valves, and other devices in industrial applications.

True

True or False? After encrypting a plaintext file, it should actively erase the plaintext file's context and save the encryption.

True

True or False? Botnets can (often) perform distributed denial of service (DDoS) attacks in which thousands of individual computers send overwhelming amounts of traffic at a victim's computer.

True

True or False? Dictionary attacks differ from trial and error attacks because dictionary attacks focus on likely passwords.

True

True or False? Every executable file begins with a "file header" that describes the structure and format of the program.

True

True or False? Input/output (I/O) circuits provide the electronics to connect other components to the computer.

True

True or False? Keyloggers can be hardware or software based.

True

True or False? The Advanced Encryption Standard (AES) is stronger than the Data Encryption Standard (DES).

True

True or False? The term "security theater" refers to security measures intended to make potential victims feel safe and secure without regard to their effectiveness.

True

CIA properties do not include: integrity. availability. confidentiality. authentication.

authentication

A typical hard drive has an arm, a read/write head, and: All of these are correct. tape reels. platters. a CPU.

platters

An algorithm is a type of: security principle. procedure. unreadable data. readable data.

procedure

To switch between two processes, the operating system maintains a collection of data called the: process state. multi-threading. multi-tasking. hyper-threading.

process state

The term for recovering from computer-related attacks, incidents, and compromises is: remediation. investigation. premeditation. digital forensics.

remediation

A security decision, such as locking your vehicle when not in use, is an example of: rule-based security. integrity. None of these is correct. the hunter's dilemma.

rule-based security.

The directory access right that allows a user to search for a name in a file's path, but not examine the directory as a whole, is called: delete. create. seek. read.

seek

The following are fundamental strategies for authenticating people on computer systems, except: something you have. something you are. something you make. something you know.

something you make

The primary element on a computer motherboard that runs programs and makes the computer work is: an input/output (I/O) circuit. the central processing unit (CPU). random access memory (RAM). firmware.

the central processing unit (CPU).

The type of cipher that rearranges the text of a message is called: substitution. transposition. asymmetric. AES.

transposition

Supervisory control and data acquisition (SCADA) devices are most often associated with: business offices. universities. utilities. retail stores.

utilities

Encryption protects information by presenting which of the following? Key Bug Puzzle Riddle

Puzzle

We have accidentally deleted an important file from the FAT file system. We wish to undelete it. Which of the following statements about the undelete process are true? Select all that apply. We can always undelete a file from the FAT file system. The deleted file's directory entry must still contain enough information for us to identify the file. We use the FAT to follow the deleted file's cluster chain. The deleted file's directory entry must still contain the cluster number of the file's first block. All clusters in the deleted file must be stored sequentially.

- The deleted file's directory entry must still contain enough information for us to identify the file. - The deleted file's directory entry must still contain the cluster number of the file's first block. - All clusters in the deleted file must be stored sequentially.

Bob is trying to hide some secret information by using an undersized file system to set aside space for his secrets. Which of the following are true? Select all that apply. The hidden storage uses extra space on the drive that is made available by special low-level formatting. The hidden storage uses space taken from the regular file system: The regular system is told to only use part of the available space in the partition, and the remaining space is used by the hidden data. The hidden section uses storage that the operating system ignores, except when Bob uses special software. The hidden section may be wiped out accidentally if the normal operating system tries to use too much space on the drive.

- The hidden storage uses space taken from the regular file system: The regular system is told to only use part of the available space in the partition, and the remaining space is used by the hidden data. - The hidden section uses storage that the operating system ignores, except when Bob uses special software.

Below is a list of different access right settings. We want to implement shared update of certain files between Bob and Alice, but with no one else. Which of the following settings achieve this? Select all that apply. Assign Bob ownership to Alice's files, and Alice ownership to Bob's files. Use Windows basic file sharing and make Bob and Alice co-owners of the files. Put Bob and Alice is a user group, and give the group RWX access to the shared files. Set world access of the shared files to RWX.

- Use Windows basic file sharing and make Bob and Alice co-owners of the files. - Put Bob and Alice is a user group, and give the group RWX access to the shared files.

Modern storage systems, including hard drives and USB drives, suffer from several types of fragmentation. Which of the following describe typical kinds of fragmentation? Select all that apply. Wasted clusters left in gaps between files on the drive Wasted space between the end of a file and the end of a cluster Delays caused by having a file stored in clusters spread across the drive Wasted space because a volume partition is too small for a particular collection of files

- Wasted space between the end of a file and the end of a cluster - Delays caused by having a file stored in clusters spread across the drive - Wasted space because a volume partition is too small for a particular collection of files

If we combine "10101" with "01011" using Exclusive Or, which result do we get? 100000 100001 11110 00001

11110

The fundamental job of every operating system is to run programs, and this relies on: random access memory (RAM) management. All of these are correct. process management. input/output (I/O) management.

All of these are correct.

What are the risks of logging into a system routing as "root" or some other administrative identity? Exposing the system to a virus or malicious website Files could be altered. All of these are correct. Files could be erased.

All of these are correct.

Which cipher replaces A with D and B with E? Caesar Vigenère Potter Confederate

Caesar

Which basic principle is most closely associated with the troubles that a buffer overflow can cause? Defense in depth Continuous improvement Chain of control Open design

Chain of Control

Which decryption procedure requires two inputs? Select all that apply. Ciphertext A key Plaintext An algorithm

Ciphertext A key

Which of the following is a person who has learned specific attacks on computer systems and can use those specific attacks? Hacker Script kiddy Cracker Phone phreak

Cracker

The part of a FAT volume that stores files and subdirectories is the: boot blocks. FAT. root. clusters.

clusters


Kaugnay na mga set ng pag-aaral

PSY 103 - Developmental Psychology

View Set

Management & Marketing Class - Final Exam

View Set

AHDI CMT Prep Challenge Quiz/Exam guide

View Set

Business Law Chapter 8: Intellectual Property

View Set

NURS 142 Exam 2 Modules 7&10 NCLEX

View Set