290 Final Exam
clothing size system
Hackers want information about a target person, organization, and ___ to assist in compromising security.
B. It could be used to guess passwords if your passwords are linked to your interests or hobbies.
How could a hacker use information about you found through Internet searches? A. It could be used to guess passwords if your passwords are linked to personal information such as your birth date, address, or phone number. B. It could be used to guess passwords if your passwords are linked to your interests or hobbies. C. It could be used in social engineering to ascertain more information about you or your computer system. D. All of the above.
B. By looking for known spyware
How do most anti spyware packages work? A. By using heuristic methods B. By looking for known spyware C. The same way antivirus scanners work D. By seeking out TSR cookies.
A. He might find even more information about the target and use this information to conduct his crime.
How might an identity thief use the Internet to exploit his victim? A. He might find even more information about the target and use this information to conduct his crime. B. He could find out how much the target has in her savings account. C. The identity thief usually does not use the Internet to accomplish his task. D. He could use the Internet to intercept your email and thus get access to your personal life.
C. Patch whenever a new threat is announced
How might you ensure that system patches are kept up to date? A. Use an automated patching system. B. Patch anytime your receive a vendor notification of a new patch. C. Patch whenever a new threat is announced. D. Use periodic scheduled patching.
11,5
If you determine a virus has struck a system, the first step is to ___. A. Scan and clean infected systems B. Log the incident C. Unplug the machines from the network D. Notify appropriate organization leaders
11, 4
If you experience a denial-of-service attack, you can use firewall logs to determine the ____ from which the attack originated. A. Computer operating system B. Computer manufacture C. IP address D. None of the above.
A. Block all ports expect 80.
If your machine is not used as a server and is not on a local network, what packet-filtering strategy should you use? A. Block all ports expect 80. B. Do not block any ports. C. Block all ports. D. Do not block well-known ports.
Massachusetts
In 1996 a hacker allegedly associated with the white supremacist movement temporarily disabled a ___ ISP
Estonia
In May 2007, government offices of ___ were subjected to mass denial-of-service attack because some people opposed the government's removal of a Russian WWII memorial
C. Chain of custody
In a computer forensics investigation, what describes the route that evidence takes from the time you find it until the case is closed or goes to court? A. Rules of evidence B. Law of probability C. Chain of custody D. Policy of separation
Sex offender
Many states have online ___ registers
Cursory
Most companies perform the same ___ backgroung check of network administrators as they do of any other person.
C. Infobel
Of the websites listed in this chapter, which would be the most useful in obtaining the address and phone number of someone who does not live in the United States? A. The FBI website B. Yahoo! C. Infobel D. Google
A. Names
On a server, you should create your own accounts with ___ that do not reflect their level of permission. A. Names B. Numbers C. Password D. None of the above.
True
T/F A discard credit card receipt or utility bill could be the starting point from which a perpetrator finds enough information to assume a victim's identity
True
T/F Radio Free Europe was supported by western democracies during the Cold War
False
T/F The MyDoom virus was directed against the Pentagon.
True
T/F There are no restrictions on information you can post on Usnet
False
T/F Usenet and Yahoo! are examples of email services.
False
T/F www.yahoo.people.com is the website for Yahoo! People Search
False
T/F: A digital signature is used to guarantee who sent a message. This is repudiation to as non-repudiation
False
T/F: A good password should contain only letters and numbers.
11, 9
T/F: A good rule of thumb for a password history policy is a history depth of five.
False
T/F: A screening firewall works in the application layer of the OSI model
True
T/F: Binary numbers are made up of 0's and 1's.
11, 10
T/F: CNE, MCITP, CISSP, and CCNA are examples of industry certifications.
True
T/F: Experience is the most important factor when looking for a security professional
True
T/F: Heuristic scanning uses rules to determine whether a file or program behaves like a virus.
False
T/F: IPsec can only encrypt the packet data but not the header information.
True
T/F: Microsoft Baseline Security Analyzer (MBSA) checks one or more Windows machines to see if they have basic security in place.
True
T/F: The category of intrusion detection systems that looks for patterns that dont match those of normal use is called anomaly detection,
A. Once
Probing your network for security flaws should occur once a quarter, and a complete audit of your security should be completed ___ per year. A. Once B. Twice C. Three times D. None of the above
11, 2
Procedure for adding users, removing users, and dealing with security issues are examples of ___ policies A. User B. Computer C. System Administration D. Password
C. Disinformation
Sending a false message with weak encryption, intending it to be intercepted and deciphered, is an example of what? A. Poor communications B. Need for better encryption C. Disinformation D. Propaganda
11, 1
The Principal that users have access to only network resources when an administrator explicitly grants them is called ___. A. Implicit deny B. Least privilege C. Separation of duty D. Job rotation
C. Any system files that are opened
The command Openfiles shows what? A. Any files that are opened B. Any shared files that are opened C. Any system files that are opened D. Any files open with ADS
A. Patches
The first rule of computer security is to check ___. A. Patches B. Ports C. Policies D. None of the above.
B. Hardening
The process to make a system as secure as it can be without adding on specialized software or equipment is ___. A. Securitizing B. Hardening C. Routing D. None of the above
Stuxtnet
The virus that infected Iranian nuclear facilities was exploiting vulnerability in SCADA systems .
A. Sex offender
There have been cases of mistaken identity with ____ list A. Sex offender B. Voter registration C. Computer hardware D. None of the above
A. It is fast
What advantage does a symmetric key system using 64-bit blocks have? A. It is fast B. IT is unbreakable C. It uses asymmetric keys. D. It is complex
D. All of the above
Which of the following are important to the investigator regarding logging? A. The logging methods B. Log retention C. Location of stored logs D. All of the above
D. MyDoom virus
Which of the following might be an example of domestic cyber terrorism? A. Sasser virus B. Mimail virus C. Sobig virus D. MyDoom virus
C. Low-security logistical system
Which of the following military/government systems would most likely be the target of a successful computer hack? A. The most sensitive systems of the CIA B. Nuclear systems at NORAD C. Low-security logistical system D. Military satellite control systems
A. Changing a message so it can only be easily read by the intended recipient
Which of the following most accurately defines encryption? A. Changing a message so it can only be easily read by the intended recipient B. Using complex mathematics to conceal a message C. Changing a message using complex mathematics D. Applying Keys to a message to conceal it
A. Flash animations
Which of the following should not be recommended as acceptable email attachments? A. Flash animations B. Excel spreadsheets from a colleague C. Attachments you were expecting D. Plain text attachments from known sources
A. Radio Free Europe during the Cold War
Which of the following would most likely be considered an example of information warfare? A. Radio Free Europe during the Cold War B. Radio political talk show C. Normal news reports D. Military press releases
A. Data relevant to your investigation
"Interesting data" is what? A. Data relevant to your investigation B. Pornography C. Documents, spreadsheets, and databases D. Schematics or other economic-based information
C. Only download from well-known, reputable sites.
18. What is the rule on downloading from the Internet? A. Never download anything. B. Only download if the download is free of charge. C. Only download from well-known, reputable sites. D. Never download executables. Only download graphics.
C. Damage to facilities including computers
2. Which of the following is not an example of financial loss due to cyber terrorism? A. Lost data B. Transferring money from accounts C. Damage to facilities including computers D. Computer fraud
D. Ten years of experience as a hacker and cracker, MCSE/CIW and Security +, Ph.D. in computer science
20. Which of the following set of credentials would be best for a security consultant? A. Ten years of IT experience, one year in security, CIW Security analyst, MBA B. Eight years of IT experience, three years in security, CISSP, B.S. in computer science C. Eleven years of IT experience, three years in security, MCSE and CISSP, MS in information systems D. Ten years of experience as a hacker and cracker, MCSE/CIW and Security +, Ph.D. in computer science
D. All of the above.
5. If you are hiring a new employee, which of the following should you do? A. Verify degrees and certifications. B. Call references. C. Perform an Internet search to verify contact information and to check for a criminal record. D. All of the above.
B. A 15-year-old marijuana possession arrest
6. Which of the following would be least important to know about a potential business partner? A. Past bankruptcies B. A 15-year-old marijuana possession arrest C. A lawsuit from a former business partner D. A recent DUI
Identity
A discard credit card receipt or utility bill could be the starting point from which a perpetrator finds enough information to assume a victim's ___
11, 3
A document that defines how an organization deals with some aspect of security is a(n) ___. A. Security policy B. Business plan C. Security update D. None of the above.
B. 8
A good password has at least ___ characters. A. 6 B. 8 C. 10 D. 15
Bulletin boards and discussion groups
A propaganda agent can manage multiple online personalities, posting to many different ___.
C. Satellites
According to the October 2002 InfoWorld magazine article, which of the following systems may be vulnerable to attack? A. NORAD nuclear weapons control B. Low-level logistical systems C. Satellites D. CIA computers
C. Notify management.
After dealing, on a technical level, with any security breach, what is the last thing to be done for a security breach? A. Quarantine infected machines. B. Study the breach to learn how to prevent a recurrence. C. Notify management. D. Log the incident.
C. Perform system patches, probe for flaws, check logs, and review policies.
An audit should check what areas? A. Perform system patching, review policies, check personnel records of all managers, and probe for flaws. B. Only probe for flaws C. Perform system patches, probe for flaws, check logs, and review policies. D. check all machines for illicit software, perform complete system virus scan, and review firewall policies
A. Ports
Any ___ you do not explicitly need should be shut down. A. Ports B. Patches C. Policies D. Probes
China Eagle Union
Chinese hackers whose stated goal is to infiltrate western computer systems are called the ___
Cold
During the ___ war, western democracies invested time and money for radio broadcast into communist nations.
B. They can get the information faster than you can.
What advantages are there to commercial web search services? A. They can get information you cannot. B. They can get the information faster than you can. C. They can do a more thorough job than you can. D. They are legally entitled to do searches; you are not.
D. Terminate and Stay Resident programs that actually stay in memory after you shut them down.
What are TSR programs? A. Terminal Signal Registry programs that alter the system Registry B. Terminate and System Remove programs that erase themselves when complete C. Terminate and Scan Remote programs that scan remote systems prior to terminating D. Terminate and Stay Resident programs that actually stay in memory after you shut them down.
C. Physical, privacy, patch, ports, probe, protect
What are the six P's of security? A. Patch, ports, personnel, privacy, protect, policies B. Ports, patch, protect, probe, policies, physical C. Physical, privacy, patch, ports, probe, protect D. Ports, patch, probe, physical, privacy, policies.
B. It is politically or ideologically motivated.
What differentiates cyber terrorism from other computer crimes? A. It is organized. B. It is politically or ideologically motivated. C. It is conducted by experts. D. It is often more successful.
B. First name, last name, and state
What information would provide the most accurate results for locating a person? A. First name and state B. First name, last name, and state C. Last name and state D. First name and last name
A. Stateful packet inspection
What is SPI? A. Stateful packet inspection B. System packet inspection C. Stateful packet interception D. System packet interception
A. Pretty Good Privacy, a public key encryption method.
What is a PGP? A. Pretty Good Privacy, a public key encryption method. B. Pretty Good Protection, a public key encryption method. C. Pretty Good Privacy, a symmetric key encryption method. D. Pretty Good Protection, a symmetric key encryption method.
A. Its security is dependent on the underlying operating system.
What is a major weakness with a network host-based firewall? A. Its security is dependent on the underlying operating system. B. It is difficult to configure. C. It can be easily hacked. D. It is very expensive.
B. General Internet history, file browsing history, and so on for a Windows machine
What is in the Index.dat file? A. Internet Explorer information B. General Internet history, file browsing history, and so on for a Windows machine C. All web history for Firefox D. General Internet history, file browsing history, and so on for a Linux machine
B. Spreading disinformation or gathering information
What is information warfare? A. Only spreading disinformation B. Spreading disinformation or gathering information C. Only gathering information D. Spreading disinformation or secure communications
D. The nature of her specific crime
What is most important to learn about a person listed in a sex offender registry? A. The extent of his punishment B. How old she was when she committed her crime C. How long he has been out of prison D. The nature of her specific crime
C. Look for subject lines that are from known virus attacks
What is one way of checking emails for virus infections? A. Block all emails with attachments B. Block all active attachments (for example, ActiveX, scripting) C. Look for subject lines that are from known virus attacks D. Look for emails from known virus sources
A. How long a use has had a password.
What is password age? A. How long a use has had a password. B. The length of the password history. C. A reference to the sophistication (maturity) of the password. D. A reference to a password's length.
D. Quarantine infected machine(s).
What is the first step when discovering a machine(s) has been infected with a virus? A. Log the incident. B. Scan and clean infected machine(s). C. Notify appropriate management. D. Quarantine infected machine(s).
B. Once per year
What is the minimum frequency for system probing and audits? A. Once permonth B. Once per year C. Every other year D. Every other month
C. Install a firewall
What is the most basic rule of computer security? A. Keep systems patched. B. Always use an IDS C. Install a firewall D. Always use anti-spyware
C. Economic loss
What is the most likely damage from an act of cyber terrorism? A. Loss of life B. Military strategy compromised C. Economic loss D. Disrupted communications
B. Heuristic scanning
What is the name for scanning that depends on complex rules to define what is and what is not a virus? A. Rules-based scanning (RBS) B. Heuristic scanning C. TSR scanning D. Logic-based scanning (LBS)
D. dd
What is the name of the Standard Linux command that is also available as a Windows application that can be used to create bitstream images and make a forensic copy? A. mcopy B. image C. MD5 D. dd
B. Offsite in a secure location
What is the preferred method for storing backups? A. Near the server for quick restore if needed B. Offsite in a secure location C. In the IT manager's office for security D. At the home of one of the IT staff
C. Block all unused ports.
What is the rule about ports? A. Block all incoming ports B. Block ICMP packets. C. Block all unused ports. D. Block all nonstandard ports.
B. The least access job requirements allow
What is the rule in access control? A. The most access you can securely give B. The least access job requirements allow C. Standard access for all users D. Strictly limited access for most users
C. Only those with a need for the specific data should have access.
What is the rule of thumb on data access? A. Data must be available to the widest range of people possible. B. Only administrators and supervisors should access sensitive data. C. Only those with a need for the specific data should have access. D. All employees should have access to any data used in their department .
A. Honey pot
What is the term for a fake system designed to lure intruders? A. Honey pot B. Faux system C. Deflection system D. Entrapment
D. Screened host
What is the term for a firewall that is simply software installed on an existing server? A. Network host based B. Dual-homed C. Router based D. Screened host
A. Preemptive blocking
What is the term for blocking an IP address that has been the source of suspicious activity? A. Preemptive blocking B. Intrusion deflection C. Proactive deflecting D. Intrusion blocking
A. Anomaly detection
What method do most IDS software implement use? A. Anomaly detection B. Preemptive blocking C. Intrusion deterrence D. Infiltration
B. They must be consequences.
What must user policies have in order to be effective? A. They must be reviewed by an attorney. B. They must be consequences. C. They must be notarized. D. They must be properly filled and maintained.
B. To determine whether shutting down this service will affect other services.
What of the following is a good reason to check dependencies before shutting down a service? A. To determine whether you will need to shut down other services as well. B. To determine whether shutting down this service will affect other services. C. To find out what this service does. D. To find out whether this service is critical to system operations.
B. Change your own password immediately.
What should an employee do if she believes her password has been revealed to another party? A. If it is a trusted employee or friend, just ignore it. B. Change your own password immediately. C. Notify their department. D. Ignore it.
D. How long the algorithm has been around
What should you be most careful of when looking for an encryption methods to use? A. Complexity of the algorithm B. Veracity of the vendor's claims C. Speed of the algorithm D. How long the algorithm has been around
C. 56 bit
What size key does a DES system use? A. 64bit B. 128 bit C. 56 bit D. 256 bit
B. Public key
What type of encryption uses different keys to encrypt and decrypt the message? A. Private key B. Public key C. Symmetric D. Secure
D. Installing software or changing system settings.
What would be most important to block end users from doing on their own machine? A. Running programs other than those installed by the IT staff. B. Surfing the Web and using chat rooms C. Changing their screensaver and using chat rooms. D. Installing software or changing system settings.
11, 7
When an employee leaves, all ___ should be terminated. A. Web histories B. Logins C. Desktops D. Passwords
B. Preserve evidence integrity.
When cataloging digital evidence, the primary goal is to do what? A. Make bitstream images of all hard drives. B. Preserve evidence integrity. C. Avoid removing the evidence from the scene. D. Prohibit the computer from being turned off.
A. /var/log/mail.*
Where does Linux store email server logs? A. /var/log/mail.* B. /etc/log/mail.* C. /mail/log/mail.* D. /server/log/mail.*
A. The FBI website
Where would you go to find various state sex offender registries? A. The FBI website B. The national sex offender online database C. The interstate online sex offender database D. The special victims unit website
C. XOR
Which binary mathematical operation can be used for a simple encryption method? A. Bit shift B. OR C. XOR D. Bit swap
D. CIA
Which of the following agencies has allegedly had one of its cyber spies actually caught? A. NSA B. KGB C. FBI D. CIA
B. To send clear communications to allies and noise only to the enemy
Which of the following best describes the communication goal of any intelligence agency? A. To send clear communications to allies and noise to all other parties B. To send clear communications to allies and noise only to the enemy C. To send disinformation to the enemy D. To send clear communications to allied forces
A. CISSP
Which of the following certifications is the most prestigious? A. CISSP B. PE C. MCSA D. Security+
B. 1990 Kosovo crisis
Which of the following conflicts had a cyber warfare component? A. 1989 invasion of Panama B. 1990 Kosovo crisis C. 1990 Somalia crisis D. Vietnam War
C. End users are generally not particularly bright and must be told everything.
Which of the following does not demonstrate the need for policies? A.Antivirus software cannot prevent a user from downloading infected files. B. The most secure password is not all secure if its posted on a note by the computer C. End users are generally not particularly bright and must be told everything. D. Technological security measures are dependent upon the employees' implementation.
C. Put a firewall between the web server and the network.
Which of the following is a common way to establish security between a web server and a network? A. Block all traffic between the web server and the network. B. Place virus scanning between the network and the web server. C. Put a firewall between the web server and the network. D. Do not connect your network to the web server.
D. Disruption of chemical plant control systems
Which of the following is a cyber attack that would likely cause imminent loss of life? A. Disruption of banking system B. Disruption of water C. Disruption of security systems D. Disruption of chemical plant control systems
B. It uses a great deal of resources.
Which of the following is a disadvantage to using an application gateway firewall? A. It is not very secure. B. It uses a great deal of resources. C. It can be difficult to configure. D. It can only work on router-based firewalls.
B. To determine whether shutting down this service will affect other services
Which of the following is a good reason to check dependencies before shutting down a service? A. To determine whether you will need to shut down other services as well B. To determine whether shutting down this service will affect other services C. To find out what this service does D. To find out whether this service is critical to system operations
A. To spread propaganda
Which of the following is a likely use of Internet newsgroups in information warfare? A. To spread propaganda B. To monitor dissident groups C. To send encoded messages D. To recruit supporters
B. All code checked for backdoors or Trojans, all buffers have error handling to prevent buffer overruns, all communication adheres to organizational guidelines, all communication activity thoroughly documented
Which of the following is a list of items that should be implemented in all secure code? A. All code checked for backdoors or Trojans, all buffers have error handling to prevent buffer overruns, all communication activity thoroughly documented B. All code checked for backdoors or Trojans, all buffers have error handling to prevent buffer overruns, all communication adheres to organizational guidelines, all communication activity thoroughly documented C. All code checked for backdoors or Trojans, all buffers have error handling to prevent buffer overruns, all communication adheres to organizational guidelines D. All code checked for backdoors or Trojans, all communication adheres to organizational guidelines, all communication activity thoroughly documented
A. Internet Black Tigers
Which of the following is a political group that has already used the Internet for political intimidation? A. Internet Black Tigers B. Al Qaeda C. Mafia D. IRA
B. Segment the network with firewalls between the segments.
Which of the following is a step you might take for large networks but not for smaller networks? A. Use an IDS. B. Segment the network with firewalls between the segments. C. Use antivirus software on all machines on the network. D. Do criminal background checks for network administrators.
A. Uninstall all unneeded programs/software.
Which of the following is a step you would definitely take with any server but might not be required for a workstation? A. Uninstall all unneeded programs/software. B. Shut down unneeded services. C. Turn off the screensaver. D. Block all Internet access.
B. DES
Which of the following is a symmetric key systems using 64-bit blocks? A. RSA B. DES C. PGP D. Blowfish
C. Multi-alphabet encryption
Which of the following is an encryption method using two or more different shifts? A. Caesar cipher B. Multi-alphabet encryption C. DES D. PGP
C. It is likely to be exaggerated.
Which of the following is most likely to be true of an encryption method that is advertised as unbreakable? A. It is probably suitably for military use. B. It may be too expensive for your organization. C. It is likely to be exaggerated. D. It is probably one you want to use
B. They can form a part of viable encryption methods.
Which of the following is most true regarding binary operations and encryption? A. They are completely useless. B. They can form a part of viable encryption methods. C. They are only useful as a teaching method. D. They can provide secure encryption.
D. There is no such thing as certified encryption.
Which of the following is most true regarding certified encryption methods? A. These are the only methods you should use. B. It depends on the level of certification. C. It depends on the source of the certification. D. There is no such thing as certified encryption.
A. Never use them until they have been proven.
Which of the following is most true regarding new encryption methods? A. Never use them until they have been proven. B. You can use them but you must be cautious. C. Only use them if they are certified. D. Only use them if they are rated unbreakable.
A. Blowfish
Which of the following methods uses a variable-length symmetric key? A. Blowfish B. Caesar C. DES D. RSA
A. Employees may send harassing messages.
Which of the following is not a significant security risk posed by instant messaging? A. Employees may send harassing messages. B. Employees might send out confidential information. C. A virus or worm might infect the workstation via instant messaging. D. An instant messaging program could actually be a Trojan horse.
C. If and when to share passwords
Which of the following is not an area that users policies need to cover? A. Minimum length of passwords B. What websites one can or cannot visit. C. If and when to share passwords D. What to do if you believe your password has been compromised.
C.Users may only share passwords with their assistant.
Which of the following is not an example of a user password policy? A. Users may not keep copies of passwords in their office. B. Passwords must be eight characters long. C.Users may only share passwords with their assistant. D. Passwords may not be shared with any employee.
B. People Search
Which of the following is not an ideal place to seek out phone numbers and addresses? A. Yahoo! People Find B. People Search C. The international phone registry D. Infobel
C. Heuristic firewall
Which of the following is not one of the basic types of firewalls? A. Screening firewall B. Application gateway C. Heuristic firewall D. Circuit-level gateway
B. Business unit manager requests change > IT unit verifies request > security unit verifies request > request is scheduled with rollback plan > request is implemented.
Which of the following is the appropriate sequence for a change request? A. Business unit manager requests change > IT unit verifies request > request is implemented. B. Business unit manager requests change > IT unit verifies request > security unit verifies request > request is scheduled with rollback plan > request is implemented. C. Business unit manager requests change > IT unit verifies request > request is scheduled with rollback plan > request is implemented. D. Business unit manager requests change > IT unit verifies request > security unit verifies request > request is implemented.
B. IT is notified of the departure > all logon accounts are shut down > all access (physical and electronic) is disabled > the employee's workstation is searched/scanned.
Which of the following is the appropriate sequence of events for a departing employee? A. IT is notified of the departure > all logon accounts are shut down > all access (physical and electronic) is disabled. B. IT is notified of the departure > all logon accounts are shut down > all access (physical and electronic) is disabled > the employee's workstation is searched/scanned. C. IT is notified of the departure > all physical access is shut down > all electronic access is shut down. D. IT is notified of the departure > all electronic access is shut down > all physical access is shut down.
A. IT is notified of the new employee and the requested resources > employee is granted access to those resources > employee is briefed on security/acceptable use > employee signs acknowledging receipt of a copy of security rules.
Which of the following is the appropriate sequence of events for a new employee? A. IT is notified of the new employee and the requested resources > employee is granted access to those resources > employee is briefed on security/acceptable use > employee signs acknowledging receipt of a copy of security rules. B. IT is notified of the new employee and the requested rights > employee is given access to those resources > employee signs acknowledging a receipt of a copy of security rules. C. IT is notified of the new employee and assigns default rights > employee is briefed on security/acceptable use > employee signs acknowledging receipt of a copy of security rules. D. IT is notified of the new employee and assigns default rights > employee signs acknowledging receipt of company security rules.
B. They may install software that circumvents security.
Which of the following is the best reason users should be prohibited from installing software? A. They may not install it correctly, which could cause security problems for the workstation. B. They may install software that circumvents security. C. Software installation is often complex and should be done by professionals. D. If a user's account does not have privileges to install, then it is likely that a Trojan horse will not be inadvertently installed under their account.
A. Intrusion deterrence
Which of the following is the correct term for simple making your system less attractive to intruders? A. Intrusion deterrence B. Intrusion deflection C. Intrusion camouflage D. Intrusion avoidance
D. Proxy server
Which of the following is the least essential device for protecting your network? A. Firewall B. Virus scanners on all machines C. IDS system D. Proxy server
D. A global collection of bulletin boards
Which of the following is the most accurate description of Usenet? A. A nationwide bulletin board B. A repository of computer security information C. A large-scale chat room D. A global collection of bulletin boards
A. Screening firewall
Which of the following is the most basic type of firewall? A. Screening firewall B. Application gateway C. Heuristic firewall D. Circuit-level gateway
A. To compare a file to known virus attributes
Which of the following is the most common way for a virus scanner to recognize a virus? A. To compare a file to known virus attributes B. To use complex rules to look for a virus-like behavior C. TO only look for TSR programs D. To look for TSR programs or programs that alter the Registry
A. Postings by the individual you are investigating
Which of the following is the most helpful data you might get from Usenet on a person you are investigating? A. Postings by the individual you are investigating B. Security tips to help you investigate C. Criminal records posted D. Negative comments made by others about your target
C. Caesar cipher
Which of the following is the oldest encryption method discussed in this text? A. PGP B. Multi-alphabet encryption C. Caesar cipher D. Cryptic cipher
D. All of the above.
Which of the following is true of the room in which the server is located? A. It should be in the most fire-resistant room in the building. B. It should have a strong lock with a strong door. C. It should be accessible only to those who have a need for access. D. All of the above.
D. PGP
Which of the following methods is available as an add-in most email clients? A. DES B. RSA C. Caesar cipher D. PGP
D. Check as many places as might have information.
Which web search approach is best when checking criminal backgrounds? A. Check primarily the person's state of residence. B. Check primarily federal records. C. Check the current and previous state of residence. D. Check as many places as might have information.
A. The National Center for State Courts
Which would you use to begin a search for information on a United States court case? A. The National Center for State Courts Website B. Infobel C. Yahoo! People Search D. Google Groups
B. It might be used by an identity thief to impersonate you.
Why do you not want too much personal data about you on the Internet? A. It might reveal embarrassing facts about you. B. It might be used by an identity thief to impersonate you. C. It might be used by a potential employer to find out more about you. D. There is no reason to worry about personal information on the Internet
A. It does not change letter or word frequency.
Why is binary mathematical encryption not secure? A. It does not change letter or word frequency. B. It leaves the message intact C. It is too simple. D. The mathematics of it is flawed
B. In case other devices were connected
Why should you note all cable connections for a computer you want to seize as evidence? A. To know what outside connections existed B. In case other devices were connected C. To know what peripheral devices exist D. To know what hardware existed
people.yahoo.com
You can use the service Yahoo!People Search by going to ____.
A. Minimum password age
You would set a ___ to prevent users from immediately changing their password several time in one day to return to the current password. This is particularly important if your password policy has a history of depth of five. A. Minimum password age B. Maximum password age C. Minimum password length D. Maximum password length.
11,6
___ is the most obvious reason for organizations to provide their users with internet access. A. Email B. Job searching C. Emergency communications D. None of the above
Cyberterrorism
___ is the premeditated, politically motivated attack against information computer systems, computer programs, and data that results in violence against noncombatant targets by sub national groups or clandestine agents
Usenet
_____ is a global group of bulletin boards that exist on any subject you can imagine.
D. It maintains letter and word frequency.
what is the main problem with simple substitution? A. It does not use complex mathematics. B. It is easily broken with modern computers. C. It is too simple D. It maintains letter and word frequency.
