Cybersecurity Baier CofC Fall 2021

अब Quizwiz के साथ अपने होमवर्क और परीक्षाओं को एस करें!

An old fashioned hub is also known as a what?

Router

True or False: Passive recon is gathering private information

False

True or False: Proxy chaining makes your IP address completely untraceable

False

True or False: The Public Cloud doesn't have a huge availability space

False

True or False: The level of security of an encryption algorithm is always the same as the key size.

False

True or False: Using Ciphertext to Encrypt data is limited to digital use.

False

True or False: All firewalls can identify the applications responsible for sending and receiving packets.

False

This self-replicates but doesn't need other applications to do this.

Worm

What are the different parts of cryptography?

- plaintext - information that can be directly read by humans or a machine, associated with many formats including music, movies and computer programs - ciphertext - the encrypted data - a cipher - the mathematics/algorithm responsible for turning plaintext into ciphertext and vice versa - encryption - the process of converting plaintext to ciphertext - decryption - the process of reverting ciphertext to plaintext

What is symmetric and asymmetric key encryption?

- symmetric key encryption- necessary for either the sender or the recipient to create a key and then send it to the other party. While the key in transit, could be stolen by a third party who would be able to decrypt any ciphertexts encrypted with that key - asymmetric key encryption- better known as public key cryptography, side-steps the key distribution problem as each user creates their own keys: - the private key which they keep safe and never distribute - the public key which can be sent to anyone with whom they want to exchange encrypted information with

Starting a TCP connection is known as what?

3-way handshake

Approximately how close does a hacker have to be to execute a hack over Bluetooth?

30 feet

Given that for a five-bit key there are 32 possible keys, how many are available for a six-bit key?

64 For each increase of 1 in the key length, the number of available keys doubles. Since there are 32 keys for a five-bit key, this means for a six-bit key there are: 32 x 2 = 64

Cell phones are the most vulnerable to breaches, covering ___ of all IoT hacks.

78%

How many different keys are available with a three-bit key?

8

What is a sandbox?

A sandbox is an isolated testing environment that enables users to run programs or open files without affecting the application, system or platform on which they run.

What does ARP stand for?

Address Resolution Protocol

Frequencies are / can be vulnerable to: Jamming Spoofing Tracking All of the above

All of the above

What software programs are used for syntactic attacks? Trojans Worms Viruses All of the above

All of the above

What is the most popular cloud provider?

Amazon Web Service

Consider this list of statements about firewalls and select all those that are correct: a. Firewalls block network communications by looking at the addressing and protocol information of a data packet. b. All firewalls can identify the applications responsible for sending and receiving packets. c. A firewall can be a specific device or form part of another device. d. Firewalls are only required on devices connected to a network. e. The rules used by a firewall can only be supplied by the firewall's manufacturer.

Answers: a. Firewalls block network communications by looking at the addressing and protocol information of a data packet c. A firewall can be a specific device or form part of another device.

Which best describes a Security Algorithm?

Any algorithmic process that aides our online security

Which of the following is not one of the 5 rules of evidence? Admissible Available Authentic Complete Confidential Reliable Believable Accurate Integral

Available Confidential Accurate Integral

With which cryptocurrency was blockchain introduced?

Bitcoin

What cryptography standard is being described here? This was developed in the early 1990s as a potential replacement for DES. It is a cipher supporting variable key lengths from 1 to 448 bits. Work out what letters are missing from the word below to reveal the answer, and enter the complete word as your answer. B _ _ _ f _ _ _

Blowfish standard

Trying every possible character combination in order to break into an account is known as what?

Brute-force attack

Which is not one of the five major types of cyber warfare?

Clandestine Cyber Virus

Unauthorized modification of computer material

Computer Misuse Act 1990

Which of these is not part of the three major HIPAA rules? Privacy Rules Security Rules Cybersecurity Rules Breach Notification Rules

Cybersecurity Rules

Altering a host file to point a URL to a malicious website is known as what?

DNS Poisoning

How should you handle potential spam emails?

Delete them without opening.

Blockchain is a _____ ledger technology

Distributed

Which type of chaining uses each proxy in order in a given list of proxies, ignoring any that are offline?

Dynamic

______ is a two-way function while _____ is a one-way function

Encrypting, Hashing

What is the first step in biometric security signup?

Enrollment

Firewalls: True or False can only be passive

False

Firewalls: True or False can only monitor data to and from a computer

False

True or False: Biometric Security is cheap to implement

False

True or False: Cybersecurity in healthcare is only concerned with patient safety

False

Cloning mobile phones so that calls made on one handset are billed to another

Fraud Act 2006

A _____ scan completes the three way handshake while a _____ scan stops after the server sends a _____ packet.

Full-open, SYN, syn-ack

To prevent data from being exchanged without good reason

General Data Protection Regulation

What are two unencrypted network protocols?

HTTP and Telnet

What is a man-in-the-middle attack?

Happens in symmetric encryption; while the key is in transit, it could be stolen or copied by a third party who would then be able to decrypt any ciphertexts encrypted with that key.

Select the 3 processes in computer forensics? Identifying Preserving Analyzing Instructing Uncovering

Identifying Preserving Analyzing

Information security risk management considers the process in terms of two factors. One of these is imperatives, name the other.

Incentives

Along with home devices and pin machines, what else has IoT been utilized for in business?

Industrial automation

In network security, what does IDS stand for?

Intrusion Detection System

Governs the use of surveillance technologies by public bodies

Investigatory Powers Act 2016

In AES-256, 256 refers to what?

Key length

A _____ is a record kept on proxy servers that keeps track of connections and transactions

Log

What is malware?

Malware (malicious software) is the collective name for software that has been designed to disrupt or damage data, software or hardware.

What are some of the things that are included in Lookout Basic?

Mobile security & antivirus, virus scanner, system advisor and signal flare

What kind of biometric is a fingerprint?

Morphological

There are two basic types of firewall; one of these is a network firewall. Name the other type of firewall below.

PERSONAL firewall

What is phishing?

Phishing refers to the process of deceiving recipients into sharing sensitive information with an unknown third party (cyber criminal).

Select which of these are not self-replicating malware. Phishing Spoofing Worms Trojans Viruses

Phishing, Spoofing, and Trojans

What are the different types of malware?

Ransomware, Spyware, Botnets, Viruses, Worms, Trojan Horses

_____ steganography and _____ forensics are 2 techniques that forensic investigators use

Reverse, Stochastic

Which of the following is a common hash function?

SHA-256

Select two types of hashing algorithms: ILM-128 SHA-512 MD5 ABC-123 WP-2000

SHA-512, MD5

What type of cloud computing is most commonly used?

SaaS (Software as a Service)

What is the pseudonym of the creator/creators of blockchain technology?

Satoshi Nakamoto

From the list below, select the top three options considered best practices in healthcare security Automation testing Information Security Cyber Investment Security controls Security training Cyber Liability Insurance

Security controls Security training Cyber Liability Insurance

What term refers to the name of a particular wireless local area network (LAN)?

Service set identifier (SSID)

The distinctive pattern of data either in memory or in a file.

Signatures

What are signatures and heuristics in terms of antivirus software?

Signatures - database of known viruses (a certain piece of code that is running, signature of the code can be left like a stamp on the program) Heuristics - behavior patterns (good to use with known and unknown viruses)

What is the name of a phishing attack through text messages?

Smishing

This attempts to specifically access personal information.

Spyware

There is a well known problem when the same key is used by both the sender and receiver of data, known as the key distribution problem. This problem only affects which type of encryption?

Symmetric

What is TLS?

TLS/SSL uses a combination of asymmetric and symmetric encryption to exchange data

Who helps contribute to cyber peace?

The CyberPeace Institute

What is the Internet Protocol?

The Internet Protocol (known as IP) does the hard work of actually moving data across the internet. IP is only concerned with moving data, it doesn't actually check that data actually arrives (that's handled by TCP).

What is the Transmission Control Protocol?

The TCP is responsible for ensuring data can be sent reliably over the internet

What is Spoofing?

The act of disguising a communication from an unknown source as being from a known, trusted source.

What is the internet?

The internet is a network of networks

What is hashing?

The mathematical process of converting data of any size into data of fixed length, the "hash", operates in one direction only, making it impossible to deduce the original data

To stay safe online when browsing, there are a couple of actions that you can take. Name the type of cookie that you should set your browser to block.

Third party cookies

Software that is disguised as a legitimate application.

Trojan

Firewalls: True or False may miss attacks that proceed very slowly

True

Firewalls: True or False use one of two techniques - anomaly or misuse detection

True

True or False: Active recon is illegal without explicit permission from the company

True

True or False: In a man-in-the-middle attack, the attacker gets between the victim and their desired network destination in order to monitor all of the traffic between the victim and their destination

True

True or False: The IoT is the single most hacked sector in all of cybersecurity.

True

True or False: Most Cloud services are synchronised to the source device.

True

Describe the asymmetric encryption process.

Unlike symmetric encryption, the two keys behave differently; the public key is the only key that can decrypt ciphertext encrypted using the corresponding private key and the private key is the only key capable of decrypting files encrypted with the corresponding public key. Crucially, the value of one key cannot easily be determined from the other, so even if the public key falls into hostile hands, the value of the private key cannot be determined.

There are three elements that relate to the way that VPNs operate. Work out what letters are missing from this word to reveal one of the elements. VPN _ _r_ _r

VPN server The VPN server is placed at the perimeter of the organization's network to authenticate users and to route traffic.

What makes a password secure?

Varied letters and numbers, mixed capital and lowercase letters, long

What does the acronym VPN stand for?

Virtual private networks

This self-replicates but does need other applications to do this.

Virus

Look at this list of statements about asymmetric encryption involving messages between Alice and Bob, and select all those that are correct.

When Alice receives a message from Bob she will decrypt it using her private key. Alice and Bob need to start by exchanging their public keys. To send a message to Alice, Bob will encrypt his message using Alice's public key.

Order the following symmetric and asymmetric cryptography algorithms and key sizes by level of security with 1 being the most secure and 3 being least secure

__3__Elliptic Curve - 256 bit key __1__AES - 256 bit key __2__Diffie Hellman/RSA - 2048 bit key

What is a dictionary attack?

a computer will attempt to log into an account by working its way through one or more dictionaries - each entry in the dictionary is one possible password and if it doesn't work, the computer moves on to the next.

What is a brute force attack?

a computer will methodically work through all possible passwords (so beginning with 'A', then 'AA', 'AB' and so on ...) trying each in turn until it stumbles upon an actual password.

What are assets?

an asset is any data, device, or other component of the environment that supports information-related activities

What is salting?

before hashing an additional value is inserted into the plaintext password

What is C.I.A?

confidentiality, integrity, and availability

What are some of the processes used during RSA key generation? a. Phi Function(Φ) b. Prime Factorization c. modular arithmetic d. all of the above

d. all of the above

In a database, a password is not stored as plaintext but rather as a what?

hash

What form of malware records the activities of users as they type into their computer?

keylogger

A _______ server is a middleman/go-between that can be used to hide your IP address from the target server

proxy

Targeting a specific person in a phishing attack is known as what?

spear phishing

What is two-factor authentication?

two-factor authentication requires the user to enter two pieces of information - their password and a changing value which is either sent by the website to their mobile phone, or generated by a companion application on the user's own computer.

What is a digital signature?

used by the receiver of information to authenticate the sender.


संबंधित स्टडी सेट्स

Chapter 6 Performance Management

View Set

Chapter 8: Structuring Organizations for todays challenges

View Set

Chapter 58: Assessment and Management of Patients with Breast Disorders

View Set

Nursing Assistant Care:Chapter 2

View Set

Nursing Management: Patients With Sexually Transmitted Infections

View Set

Anatomy & Physiology Chapter 8 Homework

View Set

Mastering Micro: Innate Immunity

View Set

46. Společnost s ručením omezeným (základní charakteristika, založení a vznik, organizační struktura)

View Set