Chapter 11 homework
A(n) ____________, is an information system that is critical to the survival of an organization. - network plan - accounting system - IDS - mission critical application - firewall
mission critical application
The key principle in preventing disruption, destruction and disaster is ___________. = - redundancy - control spreadsheet - IDS - anti-virus software - prevention controls
redundancy
A ___________ assigns levels of risk to various threats to network security by comparing the nature of the threats to the controls designed to reduce them. - risk assessment - backplane - mitigating control factor analysis - control verification worksheet - control test plan
risk assessment
A brute force attack against an encryption system: - is called RC4 - tries to gain access by trying every possible key - is also known as 3DES - always uses the Rijndael algorithm - is part of the Advanced Encyrption Standard
tries to gain access by trying every possible key
Which of the following is a mode that is used by IPSec? - exchange - sniffer - tunnel - creeper - firefighter
tunnel
A (n) ______ is a special type of virus that spreads itself without human intervention. - snake - worm - Trojan horse - boot sector virus - stealth virus
worm
Asymmetric encryption uses the same key to encrypt and decrypt a message. True False
False
Corrective controls reveal or discover unwanted events. True False
False
Decryption is the process of converting plaintext into ciphertext. True False
False
In transport mode, IPSec encrypts the entire IP packet. True False
False
Social engineering refers to creating a team that solves virus problems True False
False
What are the 3 primary goals of security?
Confidentiality Integrity Availability
A(n) _______ is a screened subnet devoted solely to public access servers such as Web servers and public DNS servers. - intranet - DMZ - zone of authority - VLAN - smart hub
DMZ
Which of the following is not considered one of the five most common business impacts? - Financial - Productivity - Reputation - Social - Safety
Social
Which of the following is not true about one-time passwords? - Users' pagers or smart phones (via text messaging) can receive them. - They can be used in conjunction with a token system. - The user must enter the one-time password to gain access or the connection is terminated. - This is a good security solution for users who travel frequently and who must have secure dial-in access. -They create a packet level firewall on the system.
They create a packet level firewall on the system.
A host based intrusion prevention system (IPS) monitors activity on the server and reports intrusions to the IPS management console. True False
True
A packet-level firewall examines the source and destination address of every network packet that passes though the firewall. True False
True
An asset can be compromised by more than one threat, so it is common to have more than one threat scenario for each asset. True False
True
Confidentiality refers to the protection of the organizational data from unauthorized disclosure of customer and proprietary date True False
True
Maintaining data integrity is one of the primary goals of security. True False
True
Secure Sockets Layer is an encryption standard designed for use on the Web. True False
True
Security on a network not only means being able to prevent a hacker from breaking into your computer but also includes being able to recover from temporary service problems or from natural disasters. True False
True
When using a digital signature for the process of authentication, the sender encrypts the message with their private key and the recipient decrypts the message with the sender's public key. True False
True
A sniffer program is a: - type of macro-virus - small peep-hole in a door or wall to allow a security guard to sniff the area with his or her nose before entering a secure area or location - used in a call-back modem - a program that records all LAN messages received for later analysis - secure hub program
a program that records all LAN messages received for later analysis
Symmetric encryption systems have two parts: the key and the ____________. - algorithm - spamming method - IP spoofer - clearance code - smart card bits
algorithm
A __________ is a trusted organization that can vouch for the authenticity of the person or the organization using the authentication. - disaster recovery firm - DES company - directory company - certificate authority fingerprint advisory board
certificate authority
The use of computer analysis techniques to gather evidence for criminal and/or civil trials is known as: - Trojan horse - sniffing - tunneling - computer forensics - misuse detection
computer forensics
IP spoofing means to: - fool the target computer and any intervening firewall into believing that messages from the intruder's computer are actually coming from an authorized user inside the organization's network - clad or cover the internal processing (IP) lines with insulating material to shield the IP lines from excess heat or radiation - illegally tape or listen in on telephone conversations - detect and prevent denial-of-service attacks - act as an intermediate host computer between the Internet and the rest of the organization's networks
fool the target computer and any intervening firewall into believing that messages from the intruder's computer are actually coming from an authorized user inside the organization's network
The use of hacking techniques to bring attention to a larger political or social goal is referred to as - cracking - ethical politics - hacktivism - social engineering - brute force attacks
hacktivism
Which of the following is a type of intrusion prevention system? - zoned-based - data link-based - host-based - transport-based -none of the above is an appropriate answer
host-based
A(n) __________ is any potential adverse occurrence that can do harm, interrupt the system using the network to cause monetary loss to the organization. - asset - service level agreement - threat - security plan - network design
threat
