Security Plus Chapter 7-12 Practice Final

Réussis tes devoirs et examens dès maintenant avec Quizwiz!

Which of the following is NOT an asymmetric encryption algorithm?

3DS

Computer room humidity should ideally be kept at what percent?

50%

Which of the following statements is true?

A virus requires a user action to propagate & infect other host systems.

A programmer that fails to check the length of input before processing leaves the code vulnerable to what form of common attack?

Buffer overflow

Which of the following is NOT a goal of information security?

Archival

Which of the following is a solution that addresses physical security?

Escort visitors at all times

Which of the following security device uses some biological characteristic of human beings to uniquely identify a person for authentication?

Biometric

Which method of attack against a password happens when an attacker tries many different combinations of alphanumeric characters until successful?

Brute Force

Which method of code breaking tries every possible combination of characters in an attempt to "guess" the password or key?

Brute Force

Which of the following dictates that educational institutions may not release information to unauthorized parties without the express permission of the student?

FERPA

Which U.S. government agency is responsible for creating and breaking codes?

NSA

Individuals who specialize in the making of codes are known as which of the following?

Crpytographers

Which of the following is primarily subject to an SQL injection attack?

Database Servers

Which of the following can be used to stop piggybacking that has been occurring at a front entrance where employees should swipe their smart cards to gain entry?

Deploy a mantrap

You are the administrator of a website. You are working when you suddenly notice web server and network utilization spike to 100% and it stays there for several minutes. Network users start reporting "Server not available" errors. You may have been the victim of what kind of attack?

DoS

Your company is getting rid of old 1GB USB flash drives that contain sensitive data. What is the proper method of disposing of this type of storage media?

Drilling a hole into the flash memory component of the USB drives and then discarding them

Which of the following statements about electrostatic discharge (ESD) is not correct?

ESD is much more likely to occur when the relative humidity is above 50%

Which of the following is used to provide EMI & RFI shielding for an entire room of computer or electronic equipment (also used to prevent eavesdropping)?

Faraday cage

Which of the following prohibits banks from releasing information to nonaffiliated third parties without permission?

Gramm-Leach-Bliley Act

Which U.S. regulation dictates the standards for storage, use, and transmission of personal medical information?

HIPPA

Which type of policy determines if information is secret, top-secret, or public?

Information classifications policies

An End User License Agreement (EULA) for software would typically be considered what classification of information?

Limited Distribution

Which U.S. government agency publishes lists of known vulnerabilities in operating systems?

NIST

Which PKCS standard is the standard for password-based cryptography?

PKCS#5

On the outer edge of physical security is the first barrier to entry. This barrier is known as which of the following?

Perimeter

Locking the door(s) to the server room involves what kind of security?

Physical

A digital file containg a comany's proprietary processes and strategic information would be classified as which of the following?

Restricted

Which type of virus attacks or bypasses the antivirus software installed on a computer?

Retrovirus

Which of the following is a hashing algorithm?

SHA

Which of the following is a slang term for unwanted commercial e-mail?

SPAM

Which kind of security attack is a result of the trusting nature of human beings?

Social Engineering

Which of the following is an internal threat?

System Failure

Which fire extinguisher type is the best to be used on computer equipment in the case of a computer fire?

Type C

Which "X." standard defines certificate formats and fields for public keys?

X.509

Which of the following is not a component of Public Key Infrastructure (PKI)?

XA

Which of the following is an attack that inject malicious scripts into Web pages to redirect users to fake websites or gather personal information?

XSS

Which of the following is the term for an area in a building where access is individually monitored and controlled?

man trap

Which of the following is a type of attack that occurs when an attacker pretends to be a legitimate client, using information it has gained from a legitimate client (like it's IP address).

Spoofing

What kind of cryptographic method replaces one character with another from a "match-up list" to produce the ciphertext?

Substitution cipher

As you browse the Internet, you notice that when you go to some sites, multiple additional windows are opened automatically. Many of these windows contain advertisements for products that are inappropriate for your family to view.Which tool can you implement to prevent these windows from showing?

pop-up blocker


Ensembles d'études connexes

Practice Questions: Electromagnetism, Transformers, & Generators

View Set