Business Networks Chapter 3
15) Methods that hackers use to break into computers are ________. A) cracks B) magics C) exploits D) compromises
C
18) In distributed DoS attacks, the attacker sends messages directly to ________. A) bots B) the intended victim of the DoS attack C) a command and control server D) DOS servers
C
29) A user picks the password "tiger." This is likely to be cracked quickly by a(n) ________. A) attack on an application running as root B) brute-force attack C) dictionary attack D) reverse engineering attack
C
40) When a packet that is part of an ongoing connection arrives at a stateful inspection firewall, the firewall usually ________. A) drops the packet B) drops the packet and notifies an administrator C) passes the packet D) passes the packet, but notifies an administrator
C
43) ________ is the dominant firewall filtering method used on main border firewalls today. A) ACL filtering B) Application content filtering C) Stateful packet inspection D) none of the above
C
47) Which type of firewall filtering collects streams of packets to analyze them as a group? A) static packet filtering B) stateful packet inspection C) next-generation D) none of the above
C
48) Which type of firewall filtering looks at application-layer content? A) static packet filtering B) stateful packet inspection C) NGFW D) all of the above
C
49) NGFWs ________. A) can implement different rules for different applications B) can detect threats that span multiple packets C) both A and B D) neither A nor B
C
1) The general name for evil software is ________. A) virus B) worm C) exploit D) malware
D
12) Pieces of code that are executed after the virus or worm has spread are called ________. A) vulnerabilities B) exploits C) compromises D) payloads
D
2) The general name for a security flaw in a program is a ________. A) virus B) malware C) security fault D) vulnerability
D
21) A specific encryption method is called a ________. A) code B) schema C) key method D) cipher
D
24) In symmetric key encryption, a key must be ________ bits long, or longer, to be considered strong. (Choose the choice closest to the correct answer.) A) 36 B) 56 C) 64 D) 128
D
28) Passwords are widely used because they ________. A) are demanded by users B) offer strong authentication C) are the only authentication techniques known by most security professionals D) are inexpensive to use
D
30) Prepare2 can be cracked most quickly by a(n) ________. A) authentication attack B) brute-force attack C) dictionary attack D) hybrid dictionary attack
D
4) Vulnerability-based attacks that occur before a patch is available are called ________ attacks. A) preinstallation B) stealth C) malware D) zero-day
D
16) DoS attacks attempt to ________. A) hack a computer B) reduce the availability of a computer C) steal information from a computer D) delete files on a computer
B
19) Which of the following can be upgraded after it is installed on a victim computer? (Choose the most specific answer.) A) Trojan horses B) bots C) viruses D) worms
B
22) Using encryption, you make it impossible for attackers to read your messages even if they intercept them. This is ________. A) authentication B) confidentiality C) both A and B D) neither A nor B
B
25) The messages of VPNs ________. A) share the same transmission lines B) are encrypted C) both A and B D) neither A nor B
B
29) Advanced persistent threats are ________. A) inexpensive for the attacker B) extremely dangerous for the victim C) both A and B D) neither A nor B
B
34) Iris scanning is attractive because of its ________. A) low cost B) precision C) both A and B D) neither A nor B
B
37) Firewall log files should be read ________. A) every month B) every day C) every week D) usually only when a serious attack is suspected
B
38) Egress filtering examines packets ________. A) arriving from the outside B) leaving to the outside C) both A and B D) neither A nor B
B
44) How will a stateful packet inspection (SPI) firewall handle a packet containing a TCP segment which is an acknowledgement? A) process it through the Access Control List (ACL) B) pass it if it is part of an approved connection C) both A and B D) neither A nor B
B
46) How will a stateful packet inspection (SPI) firewall handle a packet containing a TCP FIN segment? A) process it through the Access Control List (ACL) B) pass it if it is part of an approved connection C) both A and B D) neither A nor B
B
5) ________ are full programs. A) Viruses B) Worms C) both A and B D) neither A nor B
B
6) Which of the following sometimes uses direct propagation between computers? A) viruses B) worms C) Trojan horses D) downloaders
B
7) Mobile code is another name for ________. A) virus B) worm C) both A and B D) neither A nor B
D
8) Malware programs that masquerade as system files are called ________. A) viruses B) scripts C) payloads D) Trojan horses
D
9) Trojan horses can spread by ________. A) e-mailing themselves to victim computers B) directly propagating to victim computers C) both A and B D) neither A nor B
D
33) Which of the following is a form of biometrics? A) reusable passwords B) digital certificate authentication C) facial recognition D) all of the above
C
50) If a packet is highly suspicious but not a provable attack packet, a(n) ________ may drop it. A) SPI firewall B) IDS C) IPS D) all of the above
C
51) In a firewall, VPN traversal ________. A) increases the effectiveness of firewall filtering B) reduces firewall filtering effectiveness C) both A and B D) neither A nor B
B
35) The digital certificate provides the ________. A) private key of the supplicant B) private key of the true party C) public key of the supplicant D) none of the above
D
42) Stateful firewalls are attractive because of their ________. A) high filtering sophistication B) ability to filter complex application content C) QoS guarantees D) low cost
D
10) Small malware programs that download larger malware programs are called ________. A) downloaders B) scouts C) foothold programs D) stage-one programs
A
11) Unsolicited commercial e-mail is better known as ________. A) spam B) adware C) social engineering D) identity theft
A
13) Tricking users into doing something against their security interests is ________. A) social engineering B) hacking C) both A and B D) neither A nor B
A
14) An attack in which an authentic-looking e-mail or website entices a user to enter his or her username, password, or other sensitive information is called ________. (Select the most specific answer.) A) phishing B) identity theft C) social engineering D) a spyware attack
A
17) Attack programs that can be remotely controlled by an attacker are ________. A) bots B) DoS programs C) exploits D) sock puppets
A
23) In two-way dialogues using symmetric key encryption, how many keys are used for encryption and decryption? A) 1 B) 2 C) 4 D) none of the above
A
26) SSL/TLS is used for ________. A) Web applications B) any application C) both A and B D) neither A nor B
A
27) Using SSL/TLS for Web applications is attractive because SSL/TLS ________. A) is essentially free to use B) offers the strongest possible cryptographic protections C) both A and B D) neither A nor B
A
36) A firewall will drop a packet if it ________. A) is a definite attack packet B) is a probable attack packet C) both A and B D) neither A nor B
A
39) ACLs are used for packets in the ________ state. A) connection-opening B) ongoing communication C) both A and B D) neither A nor B
A
41) When a packet that is not part of an ongoing connection and that does not attempt to open a connection arrives at a stateful inspection firewall, the firewall ________. (Read this question carefully.) A) drops the packet B) passes the packet C) opens a new connection D) does not approve the connection
A
45) How will a stateful packet inspection (SPI) firewall handle a packet containing a TCP SYN segment? A) process it through the Access Control List (ACL) B) pass it if it is part of an approved connection C) both A and B D) neither A nor B
A
3) A ________ is a flaw in a program that permits a specific attack or set of attacks against this problem. A) malware B) security error C) vulnerability D) security fault
C
31) The password "NeVEr" can be defeated by a ________. A) dictionary attack B) hybrid dictionary attack C) brute-force attack D) none of the above
C
32) The password "R7%t&" can be defeated by a ________. A) dictionary attack B) hybrid mode dictionary attack C) brute-force attack D) All of the above could defeat the password equally quickly.
C