CSCI 290 Final

Réussis tes devoirs et examens dès maintenant avec Quizwiz!

What information would provide the most accurate results for locating a person?

First name, last name, and state

Which of the following should not be recommended as acceptable email attachments?

Flash animations

In Windows the log that contains events collected from remote computers is the ____________ log.

Forwardedevents

What is in the Index.dat file?

General Internet history, file browsing history, and so on for a Windows machine

Which of the following is most likely to be true of an encryption method that is advertised as unbreakable?

It is likely to be exaggerated

What differentiates cyber terrorism from other computer crimes?

It is politically or ideologically motivated

What is the main problem with simple substitution?

It maintains letter and word frequency

Why do you not want too much personal data about you on the Internet?

It might be used by an identity thief to impersonate you

Which of the following is a likely reason that an organization might be reluctant to admit it has been a victim of corporate espionage?

It might cause stock value to decline

Which of the following is a disadvantage to using an application gateway firewall?

It uses a great deal of resources

What is a major weakness with a network host-based firewall?

Its security is depended on the underlying operating system

What is the most basic rule of computer security?

Keep systems patched

What is one way of checking emails for virus infections?

Look for subject lines that are from known virus attacks

Which of the following military/government systems would most likely be the target of a successful computer hack?

Low-security logistical system

In 1996 a hacker allegedly associated with the white supremacist movement temporarily disabled a ___________ ISP.

Massachusetts

Microsoft Windows includes BitLocker in some editions, so entire hard drives can be encrypted.

True

One technique of disinformation is to pad a message with noise that the enemy will perceive as valuable information.

True

Radio Free Europe was supported by Western democracies during the Cold War.

True

The U.S. Patriot Act specifically deals with cyberterrorism.

True

The most widely used symmetric key algorithm is Advanced Encryption Standard.

True

There are no restrictions on information you can post on Usenet.

True

There should be a firewall between your network and the outside world.

True

When an administrator proactively seeks out intelligence on potential threats or groups, this is called infiltration.

True

Windows stores web browsing information in a file called index.dat.

True

Using Linux to wipe the target drive, the command-line command would be ___ .

dd

What is the name of the Standard Linux command that is also available as a Windows application that can be used to create bitstream images and make a forensic copy?

dd

The Linux log file that can reveal attempts to compromise the system or the presence of a virus or spyware is

/var/log/apport.log

Where does Linux store email server logs?

/var/log/mail.*

If your machine is not used as a server and is not on a local network, what packet-filtering strategy should you use?

Block all ports except 80

What is the rule about ports?

Block all unused ports

Which of the following is a cyber attack that would likely cause imminent loss of life?

Disruption of chemical plant control systems

A(n) ________attack on data can include stealing or destroying data.

Economic

What is the most likely damage from an act of cyber terrorism?

Economic loss

Which of the following is not a significant security risk posed by instant messaging?

Employees may send harassing messages

Which of the following does not demonstrate the need for policies?

End users are generally not particularly bright and must be told everything

A digital signature is used to guarantee who sent a message. This is referred to as non-repudiation.

False

A good password should contain only letters and numbers.

False

For individual computers not running firewall software, you should directly close ports.

False

Most Windows logs are turned on automatically.

False

Snort is an open-source firewall.

False

The Patriot Act was the first U.S. law to criminalize theft of commercial trade secrets.

False

The method to attract an intruder to a subsystem setup for the purpose of observing him is called intrusion deterrence.

False

www.yahoo.people.com is the website for Yahoo! People Search.

False

The Windows command fc lists all active sessions to the computer.

False Ñ The command net sessions lists any active sessions connected to the computer you run it on

Using Linux to backup your hard drive, if you want to create a hash, you would use the command-line command

md5sum

A password policy for a 90- or 180-day replacement schedule is called password

Age

Which of the following methods uses a variable-length symmetric key?

Blowfish

A propaganda agent can manage multiple online personalities, posting to many different

Bulletin boards and discussion groups

Which of the following is not one of the basic types of firewalls?

Heuristic firewall

What is the rule in access control?

The least access job requirements allow

What is most important to learn about a person listed in a sex offender registry?

The nature of her specific crime

Frequently the first responder to a computer crime is

The network administrator

Which of the following conflicts had a cyber warfare component?

1990 Kosovo crisis

What size key does a DES system use?

56 Bit

A good password has at least ______ characters.

8

Which of the following would be least important to know about a potential business partner?

A 15-year-old marijuana possession arrest

Which of the following is the most accurate description of Usenet?

A global collection of bulletin boards

What is the highest level of security you can expect to obtain?

A level of security that makes the effort required to get information more than the value of the information

Which of the following is a list of items that should be implemented in all secure code?

All code checked for backdoors or Trojans, all buffers have error handling to prevent buffer overruns, all communication adheres to organizational guidelines, all communication activity thoroughly documented

How could a hacker use information about you found through Internet searches?

All of the above

If you are hiring a new employee, which of the following should you do?

All of the above

Which of the following are important to the investigator regarding logging?

All of the above

Which of the following is true of the room in which the server is located?

All of the above

In the context of preventing industrial espionage, why might you wish to limit the number of company CD burner and control access to them in your organization?

An employee could use such media to take sensitive data out

What method do most IDS software implementations use?

Anomaly detection

The command Openfiles shows what?

Any shared files that are opened

Which of the following is the appropriate sequence for a change request?

Business unit manager requests change > IT unit verifies request > security unit verifies request > request is scheduled with rollback plan > request is implemented

How do most antispyware packages work?

By looking for known spyware

Which of the following agencies has allegedly had one of its cyber spies actually caught?

CIA

Which of the following certifications is the most prestigious?

CISSP

Which of the following is the oldest encryption method discussed in this text?

Caesar cipher

In a computer forensics investigation, what describes the route that evidence takes from the time you find it until the case is closed or goes to court?

Chain of custody

What should an employee do if she believes her password has been revealed to another party?

Change your own password immediately

Which of the following most accurately defines encryption?

Changing a message so it can only be easily read by the intended recipient

Which web search approach is best when checking criminal backgrounds?

Check the current and previous state of residence

Chinese hackers whose stated goal is to infiltrate Western computer systems are called the

China Eagle Union

________ can include logs, portable storage, emails, tablets, and cell phones.

Computer evidence

Most companies perform the same _________ background check of network administrators as they do of any other person.

Cursory

Which of the following is a symmetric key system using 64-bit blocks?

DES

Which of the following is not an example of financial loss due to cyber terrorism?

Damage to facilities including computers

"Interesting data" is what?

Data relevant to your investigation

What is the greatest security risk to any company?

Disgruntled employees

Sending a false message with weak encryption, intending it to be intercepted and deciphered, is an example of what?

Disinformation

The process to make a system as secure as it can be without adding on specialized software or equipment is

Hardening

How might an identity thief use the Internet to exploit his victim?

He might find even more information about the target and use this information to conduct his crime

What is the name for scanning that depends on complex rules to define what is and is not a virus?

Heuristic scanning

What is the term for a fake system designed to lure intruders?

Honey pot

What is password age?

How long a user has had a password

What should you be most careful of when looking for an encryption method to use?

How long the algorithm has been around

Which of the following is the appropriate sequence of events for a departing employee?

IT is notified of the departure > all logon accounts are shut down > all access (physical and electronic) is disabled > the employee's workstation is searched/scanned

Which of the following is the appropriate sequence of events for a new employee?

IT is notified of the new employee and the requested resources > employee is granted access to those resources > employee is briefed on security/acceptable use > employee signs acknowledging receipt of a copy of security rules

A discarded credit card receipt or utility bill could be the starting point from which a perpetrator finds enough information to assume a victim's

Identity

Which of the following is not an area that user policies need to cover?

If and when to share passwords

Why should you note all cable connections for a computer you want to seize as evidence?

In case other devices were connected

Of the websites listed in this chapter, which would be the most useful in obtaining the address and phone number of someone who does not live in the United States?

Infobel

What would be most important to block end users from doing on their own machine?

Installing software or changing system settings

Which of the following is a political group that has already used the Internet for political intimidation?

Internet Black Tigers

Which of the following is the correct term for simply making your system less attractive to intruders?

Intrusion deterrence

Why is binary mathematical encryption not secure?

It does not change letter or word frequency

What advantage does a symmetric key system using 64-bit blocks have?

It is fast

Which of the following is an encryption method using two or more different shifts?

Multi-alphabet encryption

Which of the following might be an example of domestic cyber terrorism?

MyDoom virus

On a server, you should create your own accounts with ________ that do not reflect their level of permission.

Names

What is the difference between corporate and industrial espionage?

None: they are interchangeable terms

After dealing, on a technical level, with any security breach, what is the last thing to be done for a security breach?

Notify management

What is the preferred method for storing backups?

Offsite in a secure location

Probing your network for security flaws should occur once a quarter, and a complete audit of your security should be completed ________ per year.

Once

What is the minimum frequency for system probing and audits?

Once per year

What is the rule on downloading from the Internet?

Only download from well-known, reputable sites

What is the rule of thumb on data access?

Only those with a need for the specific data should have access

Which of the following methods is available as an add-in for most email clients?

PGP

Although the Cyberterrorism Preparedness Act of 2002 was not passed, many of its goals were addressed by the

Patriot Act

Which of the following is not an ideal place to seek out phone numbers and addresses?

People Search

An audit should check what areas?

Perform system patches, probe for flaws, check logs, and review policies

Any _________ you do not explicitly need should be shut down.

Ports

What are the six Ps of security?

Ports, patch, protect, probe, policies, physical

Which of the following is the most helpful data you might get from Usenet on a person you are investigating?

Postings by the individual you are investigating

What is the term for blocking an IP address that has been the source of suspicious activity?

Preemptive blocking

When cataloging digital evidence, the primary goal is to do what?

Preserve evidence integrity

What is PGP?

Pretty Good Privacy, a public key encryption method

Which of the following is the least essential device for protecting your network?

Proxy server

What type of encryption uses different keys to encrypt and decrypt the message?

Public key

Which would you use to begin a search for information on a United States court case?

The National Center for State Courts Website

Which of the following is a common way to establish security between a web server and a network?

Put a firewall between the web server and the network

What is the first step when discovering a machine(s) has been infected with a virus?

Quarantine infected machine(s)

Which of the following would most likely be considered an example of information warfare?

Radio Free Europe during the Cold War

The rule that packets not originating from inside your LAN should not be forwarded relates to

Routers

According to the October 2002 InfoWorld magazine article, which of the following systems may be vulnerable to attack?

Satellites

What is the term for a firewall that is simply software installed on an existing server?

Screened host

Which of the following is the most basic type of firewall?

Screening firewall

Which of the following is a step you might take for large networks but not for smaller networks?

Segment the network with firewalls between the segments

Many states have online __________ registries.

Sex offender

There have been cases of mistaken identity with _________lists

Sex offender

What is information warfare?

Spreading disinformation or gathering information

What is SPI?

Stateful packet inspection

Hackers want information about a target person, organization, and _______ to assist in compromising security.

System c. Clothing size System

Which of the following set of credentials would be best for a security consultant?

Ten years of experience as a hacker and cracker, MCSE/CIW and Security +, Ph.D. in computer science

What are TSR programs?

Terminate and Stay Resident programs that actually stay in memory after you shut them down

Where would you go to find various state sex offender registries?

The FBI website

Which of the following is most true regarding certified encryption methods?

There is no such thing as certified encryption

Which of the following is most true regarding binary operations and encryption?

They can form a part of viable encryption methods

What advantages are there to commercial web search services?

They can get the information faster than you can

Which of the following is the best reason users should be prohibited from installing software?

They may install software that circumvents security

What must all user policies have in order to be effective?

They must have consequences

Which of the following is the most common way for a virus scanner to recognize a virus?

To compare a file to known virus attributes

Which of the following is a good reason to check dependencies before shutting down a service?

To determine whether shutting down this service will affect other services

What is the best outcome for a spy attempting an espionage activity?

To obtain information without the target even realizing he did so

What is the reason for encrypting hard drives on laptop computers?

To prevent a thief from getting data off a stolen laptop

Which of the following best describes the communication goal of any intelligence agency?

To send clear communications to allies and noise only to the enemy

Which of the following is a likely use of Internet newsgroups in information warfare?

To spread propaganda

A discarded credit card receipt may become the starting point from which an identity fraud perpetrator finds enough information to assume the victim's identity.

True

Frequently the first responder to a computer crime is the network administrator.

True

Hiding a message in images is an example of stenography.

True

Information warfare is any attempt to manipulate information in pursuit of a military or political goal.

True

Kerberos is an authentication protocol that uses a ticket granting system that sends an encrypted ticket to the user's machine.

True

Which of the following is a step you would definitely take with any server but might not be required for a workstation?

Uninstall all unneeded programs/software

How might you ensure that system patches are kept up to date?

Use an automated patching system

Which of the following is not an example of a user password policy?

Users may only share passwords with their assistant

The ________ War was the first modern war in which there was strong and widespread domestic opposition.

Vietnam

It would be advisable to obtain __________ before running a background check on any person.

Written permission

Which binary mathematical operation can be used for a simple encryption method?

XOR

Which of the following is most true regarding new encryption methods?

You can use them, but you must be cautious

A website that may help locate federal prison records is

www.bop.gov/


Ensembles d'études connexes

APUSH Chapter 11-13 w/Amira's Edits

View Set

Copyright for Educators: Legal and Ethical Use

View Set

Ch 38: Mental Health Assessment of Older Adults

View Set

Chapter 9: Business Intelligence Systems

View Set