chapter 11

Réussis tes devoirs et examens dès maintenant avec Quizwiz!

A packet-level firewall examines the source and destination address of every network packet that passes though the firewall. True False

True

An asset can be compromised by more than one threat, so it is common to have more than one threat scenario for each asset. True False

True

Social engineering refers to creating a team that solves virus problems. True False

False

A host based intrusion prevention system (IPS) monitors activity on the server and reports intrusions to the IPS management console. True False

True

Asymmetric encryption uses the same key to encrypt and decrypt a message. True False

False

Corrective controls reveal or discover unwanted events. True False

False

Decryption is the process of converting plaintext into ciphertext. True False

False

In transport mode, IPSec encrypts the entire IP packet. True False

False

Maintaining data integrity is not a primary goal of security. True False

False

Confidentiality refers to the protection of the organizational data from unauthorized disclosure of customer and proprietary data. True False

True

Secure Sockets Layer is an encryption standard designed for use on the Web. True False

True

Security on a network not only means being able to prevent a hacker from breaking into your computer but also includes being able to recover from temporary service problems or from natural disasters. True False

True

When using a digital signature for the process of authentication, the sender encrypts the message with their private key and the recipient decrypts the message with the sender's public key. True False

True

Symmetric encryption systems have two parts: the key and the ____________. a) algorithm b) spamming method c) IP spoofer d) clearance code e) smart card bits

a) algorithm

IP spoofing means to: a) fool the target computer and any intervening firewall into believing that messages from the intruder's computer are actually coming from an authorized user inside the organization's network b) clad or cover the internal processing (IP) lines with insulating material to shield the IP lines from excess heat or radiation c) illegally tape or listen in on telephone conversations d) detect and prevent denial-of-service attacks e) act as an intermediate host computer between the Internet and the rest of the organization's networks

a) fool the target computer and any intervening firewall into believing that messages from the intruder's computer are actually coming from an authorized user inside the organization's network

The key principle in preventing disruption, destruction and disaster is ___________. a) redundancy b) control spreadsheet c) IDS d) anti-virus software e) prevention controls

a) redundancy

A ___________ assigns levels of risk to various threats to network security by comparing the nature of the threats to the controls designed to reduce them. a) risk assessment b) backplane c) mitigating control factor analysis d) control verification worksheet e) control test plan

a) risk assessment

A(n) _______ is a screened subnet devoted solely to public access servers such as Web servers and public DNS servers. a) intranet b) DMZ c) zone of authority d) VLAN e) smart hub

b) DMZ

A brute force attack against an encryption system: a) is called RC4 b) tries to gain access by trying every possible key c) is also known as 3DES d) always uses the Rijndael algorithm e) is part of the Advanced Encyrption Standard

b) tries to gain access by trying every possible key

A (n) ______ is a special type of virus that spreads itself without human intervention. a) snake b) worm c) Trojan horse d) boot sector virus e) stealth virus

b) worm

The use of hacking techniques to bring attention to a larger political or social goal is referred to as a) cracking b) ethical politics c) hacktivism d) social engineering e) brute force attacks

c) hacktivism

Which of the following is a type of intrusion prevention system? a) zoned-based b) data link-based c) host-based d) transport-based e) none of the above is an appropriate answer

c) host-based

A(n) __________ is any potential adverse occurrence that can do harm, interrupt the system using the network to cause monetary loss to the organization. a) asset b) service level agreement c) threat d) security plan e) network design

c) threat

Which of the following is a mode that is used by IPSec? a) exchange b) sniffer c) tunnel d) creeper e) firefighter

c) tunnel

A sniffer program is a: a) type of macro-virus b) small peep-hole in a door or wall to allow a security guard to sniff the area with his or her nose before entering a secure area or location c) used in a call-back modem d) a program that records all LAN messages received for later analysis e) secure hub program

d) a program that records all LAN

A __________ is a trusted organization that can vouch for the authenticity of the person or the organization using the authentication. a) disaster recovery firm b) DES company c) directory company d) certificate authority e) fingerprint advisory board

d) certificate authority

The use of computer analysis techniques to gather evidence for criminal and/or civil trials is known as: a) Trojan horse b) sniffing c) tunneling d) computer forensics e) misuse detection

d) computer forensics

A(n) ____________, is an information system that is critical to the survival of an organization. a) network plan b) accounting system c) IDS d) mission critical application e) firewall

d) mission critical application

Which of the following is not considered one of the five most common business impacts? a) Financial b) Productivity c) Reputation d) Social e) Safety

d) social

Which of the following is not true about one-time passwords? a) Users' pagers or smart phones (via text messaging) can receive them. b) They can be used in conjunction with a token system. c) The user must enter the one-time password to gain access or the connection is terminated. d) This is a good security solution for users who travel frequently and who must have secure dial-in access. e) They create a packet level firewall on the system.

e) they create a packet level firewall on the system


Ensembles d'études connexes

US History II-Issues Quiz Review

View Set

Week 8 Day 1: Selective Attention and Aging.

View Set

spinal cord and spinal nerves, Chapter 12 Spinal cord and spinal nerves

View Set

Psychosomatic Diseases and Stress-Related Physical Ailments

View Set