Midterm
Which of the following is an operation used on binary numbers not found in normal math? A. AND B. PLUS C. MINUS D. None of the above
A. AND
When an attacker injects client-side scripts into web pages viewed by other users so that those users interact with it, it is an example of __________. A. Cross-site Scripting B. Phreaking C. Phishing D. None of the Above
A. Cross-site Scripting
Data stored in computer systems has a high value because there is a great deal of time and effort that goes into creating an analyzing it and __________. A. Data often has intrinsic value. B. Data is an asset that appreciates. C. Data lasts forever. D. None of the Above
A. Data often has intrinsic value.
Which of the following is one way to protect yourself against identity theft? A. Do not provide personal information to anyone if it is not absolutely necessary. B. Use Firefox as your web browser. C. Use Windows as your operating system. D. None of the above.
A. Do not provide personal information to anyone if it is not absolutely necessary.
__________ is the process to scramble a message or other information so that it cannot be easily read. A. Encryption B. Cryptography C. Keying D. Decryption
A. Encryption
Which TCP/IP protocol operates on ports 20 and 21 and is used for transferring files between computers? A. FTP B. SMTP C. HTTP D. DNS
A. FTP
Giving personnel access to only data that they absolutely need to perform their jobs is referred to as __________. A. Least privileges B. Job rotation C. Business continuation planning D. None of the Above
A. Least privileges
Micro blocks, SYN cookies, RST cookies, and stack tweaking are defenses against __________. A. TCP SYN Flood Attacks B. Phishing C. Viruses D. None of the Above
A. TCP SYN Flood Attacks
A SQL statement may begin with the word SELECT. A. True B. False
A. True
A firewall can be configured to disallow certain types of incoming traffic that may be attacking. A. True B. False
A. True
A host is a machine with data on it, to which you can connect. A. True B. False
A. True
A virtual private network is a way to use the internet to create a connection between a remote user and a central location. A. True B. False
A. True
Blocking ICMP packets may help prevent denial-of-service attacks. A. True B. False
A. True
Cipher text is encrypted text. A. True B. Flase
A. True
Cross-Site Scripting attacks target the user instead of the web application? A. True B. False
A. True
Employees with access to any sensitive information should be asked to sign nondisclosure agreements. A. True B. False
A. True
Malware that executes when a specific criteria is met is a logic bomb. A. True B. False
A. True
Malware that is portable to all operating systems or platforms is considered web-based code. A. True B. False
A. True
One good practice in a chat room is not to use your real name. A. True B. False
A. True
Ping scanning may be stopped by blocking ICMP packets. A. True B. False
A. True
Someone who breaks into a system legally to assess security deficiencies is a sneaker. A. True B. False
A. True
The most common method to deliver spyware to a target system is by using a Trojan horse. A. True B. False
A. True
One classic denial-of-service attack distributed by email was __________. A. myDoom B. Linux C. pingflood D. None of the Above
A. myDoom
The virus/worm that combined email attachments along with a fake virus warning was the __________ virus. A. Mimail B. Bagle C. Nonvirus D. None of the Above
B. Bagle
Someone who gains access to a system and causes harm is a __________? A. White hat hacker B. Black hat hacker C. Grey hat hacker D. Red hat hacker
B. Black hat hacker
Using the __________ cipher you choose some number by which to shift each letter of a text. A. DC4 B. Caesar C. Multi-alphabet substitution D. ASCII
B. Caesar
A black hat hacker is also called a __________. A. Thief B. Cracker C. Sneaker D. None of the above.
B. Cracker
For security reasons, when an employee leaves a company, you should conduct a(n) __________ interview. A. Security B. Exit C. Employment D. Scanning
B. Exit
Which of these is a repository for detailed information on virus outbreaks? A. Computer Emergency Response Team B. F-Secure C. SANS Institute D. Microsoft Security Advisor
B. F-Secure
A smurf attack is a type of malware attack. A. True B. False
B. False
A teardrop attack involves sending a forged packet to the victim. A. True B. False
B. False
An echo-chargen attack occurs when the attacker sends a forged packet with the same source IP address and destination IP address as the target's IP address. A. True B. False
B. False
Auditing is the process to determine if a user's credentials are authorized to access a network resource. A. True B. False
B. False
Black hat hackers are also known as script kiddies. A. True B. False
B. False
Firefox is an example of a phishing site. A. True B. False
B. False
Hiding messages in images is an example of stenography. A. True B. False
B. False
IPsec can only encrypt the packet data but not the header information. A. True B. False
B. False
NMAP is a popular hacking tool. A. True B. False
B. False
NetBIOS is an example of a port scanner. A. True B. False
B. False
Software that lays dormant until some specific condition is met is a Trojan horse A. True B. False
B. False
Someone who uses the Internet to harrass, threaten, or intimidate another person is guilty of identity theft. A. True B. False
B. False
The Health Insurance Portability and Accountability Act of 1996 requires government agencies to identify sensitive systems, conduct computer security training, and develop computer security plans. A. True B. False
B. False
The IP command-line command to determine your computer's IP address, subnet mask, and default gateway is ping. A. True B. False
B. False
The first four bytes of the MAC address identify the vendor. A. True B. False
B. False
The process to induce you to provide personal information through a website is called cyberstalking. A. True B. False
B. False
The Microsoft Office suite is a tempting target for viruses because __________. A. It is so ubiquitous. B. It is designed so that legitimate programmers can access its internal objects. C. It contains virus programming tools. D. None of the Above.
B. It is designed so that legitimate programmers can access its internal objects.
With asymmetric cryptography a different __________ is used to encrypt the message and to decrypt the message. A. Code B. Key C. Lock D. Script
B. Key
The recommended Internet Explorer privacy setting is __________. A. Medium B. Medium High C. Very High D. None of the Above
B. Medium High
Scanning bulletin boards, making phony phone calls, and visiting websites by a hacker are examples of __________. A. Active scanning B. Passive scanning C. Phreaking D. Souring
B. Passive scanning
A(n) __________ hides the internal network's IP address and presents a single IP address to the outside world A. Firewall B. Proxy server C. Intrusion detection system D. Network Monitor
B. Proxy server
A(n) __________ hides the internal network's IP address and presents a single IP address to the outside world. A. Firewall B. Proxy server C. Intrusion detection system D. Network monitor
B. Proxy server
With __________ encryption, one key is used to encrypt a message, and another is used to decrypt the message. A. Private key B. Public key C. Cipher D. None of the above
B. Public key
Which device is used to boost a signal? A. Hub B. Repeater C. Switch D. Router
B. Repeater
One tool used for a denial-of-service attack is __________. A. Linux B. Tribal Flood Network C. UDP D. None of the Above
B. Tribal Flood Network
The virus/worm transmitted in a zip file attached to an email with an enticing message is __________. A. W32/Netsky-P B. Troj/Invo-Zip C. MacDefender D. None of the Above
B. Troj/Invo-Zip
Firefox and Internet Explorer are examples of __________. A. Cookies B. Web Browsers C. Websites D. Proxy Servers
B. Web Browsers
A program that can propagate without human interference is a __________. A. Virus B. Worm C. Trojan Horse D. None of the Above
B. Worm
__________ is a block cipher that uses a variable-length key ranging from 32 to 448 bits. A. 3DES B. AES C. Blowfish D. RC4
C. Blowfish
__________ attacks are becoming less common in modern operating systems. A. Denial of Service B. SYN Flood C. Buffer Overflow D. None of the Above
C. Buffer Overflow
If an IP address has the number 192 in the first octet, it is a class __________ address. A. A B. B C. C D. D
C. C
The virus/worm that specifically targets Macintosh computers is __________. A. W32/Netsky-P B. Troj/Invo-Zip C. MacDefender D. None of the Above
C. MacDefender
The virus/worm that sends emails to victims telling them to delete a needed system file is the __________ virus. A. Mimail B. Bagle C. Nonvirus D. None of the Above
C. Nonvirus
Which of the following is the process to try to induce someone to provide you with personal information? A. Cyberstalking B. Looping C. Phishing D. Licensing
C. Phishing
Someone who performs a cyberattack without actually understanding it is a __________. A. Grey hat hacker B. White hat hacker C. Script kiddie D. None of the Above
C. Script kiddie
Which type of hacking occurs when the attacker monitors an authenticated session between the client and the server and takes over that session? A. Denial of Service B. Web Attack C. Session Hijacking D. None of the above
C. Session Hijacking
Cookies and key loggers are examples of __________. A. Viruses B. Worms C. Spyware D. None of the Above
C. Spyware
Which device can connect many computers and sends data only out of one port? A. Hub B. Repeater C. Switch D. Router
C. Switch
Which of these is NOT a type of symmetric algorithm? A. Stream B. Block C. Transcription D. None of the above
C. Transcription
The IP utility used to test connectivity with a remote host is __________. A. CIDR B. tracert C. ping D. None of the above
C. ping
Which TCP/IP protocol operates on port 53 and translates URLs into Web addresses? A. FTP B. SMTP C. HTTP D. DNS
D. DNS
