Chapter 5 CGS 3300 test bank
14. A _____ is a programming routine built into a system by its designer or programmer. a. logic bomb c. virus b. worm d. backdoor
A: Feedback: A backdoor (also called a trapdoor) is a programming routine built into a system by its designer or programmer. This routine enables the designer or programmer to bypass system security and sneak back into the system later to access programs or files.
13. A logic bomb is a type of _____. a. Trojan program c. blended threat b. worm d. backdoor
A: Feedback: A logic bomb is a type of Trojan program used to release a virus, worm, or other destructive code.
22. _____ are usually placed in front of a firewall and can identify attack signatures and trace patterns. a. Intrusion detection systems c. Physical security measures b. Proxy servers d. Biometric security measures
A: Feedback: An intrusion detection system (IDS) can protect against both external and internal access. It is usually placed in front of a firewall and can identify attack signatures, trace patterns, generate alarms for the network administrator, and cause routers to terminate connections with suspicious sources.
24. Which of the following is a physical security measure? a. Fitting electronic trackers to a computer c. Filtering data packets using a firewall b. Restricting access through passwords d. Checking a user's signature
A: Feedback: Electronic trackers are a physical security measure. These devices are secured to a computer at the power outlet. If the power cord is disconnected, a transmitter sends a message to an alarm that goes off or to a camera that records what happens.
9. A level 2 security system protects _____. a. back-end systems c. Web servers b. corporate networks d. e-mail servers
A: Feedback: In level 2 security, back-end systems (such as users' workstations and internal database servers) must be protected to ensure confidentiality, accuracy, and integrity of data.
33. In _____ encryption, the same key is used to encrypt and decrypt a message. a. symmetric c. synchronous b. asymmetric d. asynchronous
A: Feedback: In symmetric encryption (also called secret key encryption), the same key is used to encrypt and decrypt a message.
2. _____ is the process of capturing and recording network traffic. a. Sniffing c. Spoofing b. Phishing d. Pharming
A: Feedback: Sniffing is capturing and recording network traffic. Although it can be done for legitimate reasons, such as monitoring network performance, hackers often use it to intercept information.
30. _____ ensures data security and integrity over public networks, such as the Internet. a. Transport Layer Security c. Transmission Control Protocol b. Terminal Resource Security d. User Datagram Protocol
A: Feedback: Transport Layer Security (TLS) is a recent cryptographic protocol, which ensures data security and integrity over public networks, such as the Internet.
4. _____ is a computer crime that involves destroying or disrupting computer services. a. Sabotage c. Libel b. Slander d. Keystroke logging
A: Feedback: Sabotage is a computer crime that involves destroying or disrupting computer services. Computer criminals change, delete, hide, or use computer files for personal gain.
2. _____ is a form of spyware that collects information about a user (without the user's consent) to determine which advertisements to display in the user's Web browser.
Adware
13. What is the function of a virtual private network (VPN)?
Answer: A VPN provides a secure "tunnel" through the Internet for transmitting messages and data via a private network. It is often used so remote users have a secure connection to the organization's network.
10. How is a sender notified of packet delivery using a packet-filtering firewall?
Answer: A packet-filtering firewall informs senders if packets are rejected but does nothing if packets are dropped; senders have to wait until their requests time out to learn that the packets they sent were not received.
4. How does a worm disrupt computing services?
Answer: A worm might corrupt data, but it usually replicates itself into a full-blown version that eats up computing resources, eventually bringing a computer or network to a halt.
9. What are the actions that a firewall might take after examining a packet?
Answer: After examining a packet, a firewall can take one of the following actions: a. Reject the incoming packet. b. Send a warning to the network administrator. c. Send a message to the packet's sender that the attempt failed. d. Allow the packet to enter (or leave) the private network.
11. What is an intrusion detection system (IDS)?
Answer: An intrusion detection system (IDS) can protect against both external and internal access. It is usually placed in front of a firewall and can identify attack signatures, trace patterns, generate alarms for the network administrator, and cause routers to terminate connections with suspicious sources.
5. Describe how blended threats work.
Answer: Blended threats search for vulnerabilities in computer networks and then take advantage of these vulnerabilities by embedding malicious codes in the server's HTML files or by sending unauthorized e-mails from compromised servers with a worm attachment. They may launch a worm through a Trojan horse or launch a denial-of-service (DoS) attack at a targeted IP address. Their goal is not just to start and transmit an attack but to spread it.
8. Explain the use of callback modems as a nonbiometric security measure.
Answer: Callback modems verify whether a user's access is valid by logging the user off and then calling the user back at a predetermined number. They are useful in organizations with many employees who work off-site and who need to connect to the network from remote locations.
15. What are the functions of a computer emergency response team (CERT)?
Answer: Currently, CERT focuses on security breaches and DoS attacks and offers guidelines on handling and preventing these incidents. CERT also conducts a public awareness campaign and researches Internet security vulnerabilities and ways to improve security systems.
14. What is data encryption?
Answer: Data encryption transforms data, called plaintext or cleartext, into a scrambled form called ciphertext that cannot be read by others. The rules for encryption, known as the encryption algorithm, determine how simple or complex the transformation process should be. The receiver then unscrambles the data by using a decryption key.
12. How are identification (ID) badges used as a physical security measure against thefts?
Answer: ID badges are checked against a list of authorized personnel, which must be updated regularly to reflect changes in personnel.
3. List nine types of intentional computer and network threats.
Answer: Intentional computer and network threats include: a. Viruses b. Worms c. Trojan programs d. Logic bombs e. Backdoors f. Blended threats (e.g., a worm launched by Trojan) g. Rootkits h. Denial-of-service attacks i. Social engineering
2. Explain the concept of mirror disks.
Answer: Mirror disks are a fault-tolerant method that uses two disks containing the same data so that if one fails, the other is available, allowing operations to continue. Mirror disks are usually a less expensive, level-1 redundant array of independent disks (RAID) system and can be a suitable solution for small organizations.
6. What is shoulder surfing? Provide an example.
Answer: Shoulder surfing—in other words, looking over someone's shoulder—is the easiest form of collecting information. Social engineers use this technique to observe an employee entering a password or a person entering a PIN at the cash register, for example.
1. What is the McCumber cube?
Answer: The Committee on National Security Systems (CNSS) proposed a model called the "McCumber cube." John McCumber created this framework for evaluating information security. Represented as a three-dimensional cube, it defines nine characteristics of information security, which are transaction, storage, processing, confidentiality, integrity, availability, human factors, policy and practices, and technology.
7. Describe the process of vein analysis in biometric security measures.
Answer: The vein analysis method analyzes the pattern of veins in the wrist and back of the hand without making any direct contact with the veins.
29. _____ is a commonly used encryption protocol that manages transmission security on the Internet. a. Applications Layer c. Transmission Control Protocol b. Secure Sockets Layer d. User Datagram Protocol
B: Feedback: A commonly used encryption protocol is Secure Sockets layer (SSL), which manages transmission security on the Internet.
15. A _____ attack floods a network or server with service requests to prevent legitimate users' access to the system. a. social engineering c. backdoor b. denial-of-service d. phishing
B: Feedback: A denial-of-service (DoS) attack floods a network or server with service requests to prevent legitimate users' access to the system.
12. A (n) _____ travels from computer to computer in a network, but it does not usually erase data. a. Trojan program c. applet b. worm d. backdoor
B: Feedback: A worm travels from computer to computer in a network, but it does not usually erase data.
31. _____ encryption uses a public key known to everyone and a private key known only to the recipient. a. Symmetric c. Synchronous b. Asymmetric d. Asynchronous
B: Feedback: Asymmetric encryption uses two keys: a public key known to everyone and a private or secret key known only to the recipient.
32. A(n) _____ encryption usually works better for public networks, such as the Internet. a. symmetric c. synchronous b. asymmetric d. asynchronous
B: Feedback: Asymmetric encryption usually works better for public networks, such as the Internet. Each company conducting transactions or sending messages gets a private key and a public key; a company keeps its private key and publishes its public key for others to use.
5. In the context of computer and network security, _____ means that a system must not allow the disclosing of information by anyone who is not authorized to access it.
B: Feedback: Confidentiality means that a system must not allow the disclosing of information by anyone who is not authorized to access it.
10. A level 3 security system focuses on protecting _____. a. back-end systems c. users' work stations b. corporate networks d. front-end servers
B: Feedback: In level 3 security, the corporate network must be protected against intrusion, denial-of-service attacks, and unauthorized access.
1. _____ can interfere with users' control of their computers, through such methods as installing additional software and redirecting Web browsers. a. Kernels c. Cookies b. Spyware d. Log files
B: Feedback: Spyware can interfere with users' control of their computers, through such methods as installing additional software and redirecting Web browsers.
25. Which of the following is a type of access control used to protect systems from unauthorized access? a. Steel encasements c. Firewalls b. Passwords d. Identification badges
B: Feedback: The two widely used access controls are terminal resource security and passwords.
35. _____ outlines procedures for keeping an organization operational in the event of a natural disaster or a network attack or intrusion. a. Social engineering c. An intrusion detection system b. Business continuity planning d. Terminal resource security
B: Feedback: To lessen the effects of a natural disaster or a network attack or intrusion, planning the recovery is important. This should include business continuity planning, which outlines procedures for keeping an organization operational.
11. A(n) _____ is a security threat that combines the characteristics of computer viruses, worms, and other malicious codes with vulnerabilities found on public and private networks.
Blended Threat
36. A _____ plan lists the tasks that must be performed to restore damaged data and equipment. a. risk assessment c. disaster recovery b. systems engineering d. security compliance
C: Feedback: A disaster recovery plan lists the tasks that must be performed to restore damaged data and equipment as well as steps to prepare for disaster.
21. A _____ is the software that acts as an intermediary between two systems. a. database c. proxy server b. backdoor d. Trojan program
C: Feedback: A proxy server is the software that acts as an intermediary between two systems—between network users and the Internet, for example.
26. A(n) _____ is often used, so remote users have a secure connection to an organization's network. a. biometric security system c. virtual private network b. intrusion detection system d. terminal resource network
C: Feedback: A virtual private network (VPN) provides a secure tunnel through the Internet for transmitting messages and data via a private network. It is often used so remote users have a secure connection to the organization's network.
11. Which of the following is considered an intentional security threat? a. Floods c. Backdoors b. A user's accidental deletion of data d. Power outages
C: Feedback: Backdoors are considered an intentional security threat.
34. The main function of Cyber Incident Response Capability (CIRT) is to: a. provide level 1 security. c. provide information on security incidents. b. restrict access controls to unauthorized personnel. d. create backdoors to bypass security protocols.
C: Feedback: Cyber Incident Response Capability's (CIRC's) main function is to provide information on security incidents, including information systems' vulnerabilities, viruses, and malicious programs.
6. In the context of computer and network security, _____ refers to the accuracy of information resources within an organization. a. validity c. integrity b. confidentiality d. availability
C: Feedback: Integrity refers to the accuracy of information resources within an organization. In other words, the security system must not allow data to be corrupted or allow unauthorized changes to a corporate database.
3. Similar to phishing, _____ is directing Internet users to fraudulent Web sites with the intention of stealing their personal information, such as Social Security numbers, passwords, bank account numbers, and credit card numbers. a. sniffing c. pharming b. spoofing d. cybersquatting
C: Feedback: Pharming is similar to phishing in that Internet users are directed to fraudulent Web sites with the intention of stealing their personal information, such as Social Security numbers, passwords, bank account numbers, and credit card numbers.
20. Which of the following is a nonbiometric security measure?
C: Feedback: The three main nonbiometric security measures are callback modems, firewalls, and intrusion
6. _____ is the unauthorized use of computer data for personal gain, such as transferring money from another's account or charging purchases to someone else's account.
Computer fraud
7. In the context of computer and network security, _____ means that computers and networks are operating and authorized users can access the information they need. a. validity c. integrity b. confidentiality d. availability
D: Feedback: Availability means that computers and networks are operating and authorized users can access the information they need. It also means a quick recovery in the event of a system failure or disaster.
18. _____ use a physiological element to enhance security measures. a. Modems c. Intrusion detection systems b. Firewalls d. Biometric security measures
D: Feedback: Biometric security measures use a physiological element that is unique to a person and cannot be stolen, lost, copied, or passed on to others.
28. Which of the following forms of text used in an encryption algorithm is unreadable without a decryption key? a. Plaintext c. Codetext b. Cleartext d. Ciphertext
D: Feedback: Data encryption transforms data, called plaintext or cleartext, into a scrambled form called ciphertext that cannot be read by others. The receiver then unscrambles the data by using a decryption key.
27. Data sent through a virtual private network (VPN) can be encrypted using the _____ protocol. a. User Datagram c. Secured Sockets layer b. Transmission Control d. Layer Two Tunneling
D: Feedback: Data is encrypted before it is sent through the virtual private network (VPN) with a protocol, such as Layer Two Tunneling Protocol (L2TP) or Internet Protocol Security (IPSec).
8. A level 1 security system is used to protect _____ against unauthorized access. a. users' work stations c. internal database servers b. corporate networks d. front-end servers
D: Feedback: In level 1 security, front-end servers, those available to both internal and external users, must be protected against unauthorized access. Typically, these systems are e-mail and Web servers.
17. _____ take advantage of the human element of security systems. a. Denial-of-service attacks c. Blended threats b. Trojan programs d. Social engineering attacks
D: Feedback: In the context of security, social engineering means using "people skills"—such as being a good listener and assuming a friendly, unthreatening air—to trick others into revealing private information. Social engineering attacks take advantage of the human element of security systems.
23. _____ security measures primarily control access to computers and networks, and they include devices for securing computers and peripherals from theft. a. Nonbiometric c. Biometric b. Physiological d. Physical
D: Feedback: Physical security measures primarily control access to computers and networks, and they include devices for securing computers and peripherals from theft.
19. Which of the following is a biometric security measure? a. Electronic trackers c. Firewalls b. Passwords d. Signature analysis
D: Feedback: Signature analysis is a biometric security measure. It involves checking the user's signature as well as deviations in pen pressure, speed, and length of time used to sign the name.
21. An intrusion detection system (IDS) cannot prevent denial-of-service (DoS) attacks.
False: Feedback: An intrusion detection system (IDS) can prevent denial-of-service (DoS) attacks. It monitors network traffic and uses the "prevent, detect, and react" approach to security.
18. Application-filtering firewalls are less expensive than packet-filtering firewalls.
False: Feedback: Application-filtering firewalls are generally more secure and flexible than packet-filtering firewalls, but they are also more expensive.
28. Symmetric encryption is also called public key encryption.
False: Feedback: Asymmetric encryption is also called public key encryption. Symmetric encryption is also called secret key encryption.
30. Backup facilities should never be shared in an attempt to reduce costs.
False: Feedback: Backup facilities can be shared to reduce costs.
22. Corner bolts are an expensive way to secure a computer to a desktop or a counter.
False: Feedback: Corner bolts are an inexpensive way to secure a computer to a desktop or counter. These often have locks as an additional protection against theft.
14. Social engineering is an attack that takes advantage of the backdoors in security systems.
False: Feedback: In the context of security, social engineering means using "people skills"—such as being a good listener and assuming a friendly, unthreatening air—to trick others into revealing private information. This is an attack that takes advantage of the human element of security systems.
17. After examining an incoming packet, a firewall cannot reject that packet.
False: Feedback: Information being transmitted is stored in what's called a packet, and after examining a packet, a firewall can reject the incoming packet.
6. Level 1 security protects the back-end systems to ensure confidentiality, accuracy, and integrity of data.
False: Feedback: Level 2 security protects the back-end systems to ensure confidentiality, accuracy, and integrity of data. Level 1 security protects front-end servers.
2. Spoofing is sending fraudulent e-mails that seem to come from legitimate sources, such as a bank or university.
False: Feedback: Phishing is sending fraudulent e-mails that seem to come from legitimate sources, such as a bank or university. Spoofing is an attempt to gain access to a network by posing as an authorized user in order to find sensitive information, such as passwords and credit card information.
9. Social engineering is an example of an unintentional security threat.
False: Feedback: Social engineering is an example of an intentional security threat.
15. In the context of security, social engineering protects the integrity of information resources.
False: Feedback: Social engineers use the private information they have gathered to break into servers and networks and steal data, thus compromising the integrity of information resources.
25. The cost of setting up a virtual private network (VPN) is usually high.
False: Feedback: The cost of setting up a virtual private network (VPN) is usually low, but transmission speeds can be slow, and lack of standardization can be a problem.
1. Phishing is different from pharming as phishing usually involves hijacking an official Web site address by hacking a Domain Name System server.
False: Feedback: The difference between phishing and pharming is that pharmers usually hijack an official Web site address by hacking a Domain Name System server, then alter the legitimate Web site IP address so that users who enter the correct Web address are directed to the pharmers's fraudulent Web site.
27. The main advantage of asymmetric encryption is that it is faster and requires only a small amount of processing power.
False: Feedback: The main drawback of asymmetric encryption is that it is slower and requires a large amount of processing power.
12. Trojan programs replicate themselves as viruses and worms do.
False: Feedback: Trojan programs can erase data and wreak havoc on computers and networks, but they do not replicate themselves, as viruses and worms do.
11. Viruses can only be transmitted through sharing of infected files directly from one computer to another.
False: Feedback: Viruses can be transmitted through a network or through e-mail attachments.
8. When using mirror disks, if one of the two disks containing the same data fails, the other disk also fails.
False: Feedback: When using mirror disks, if one of the two disks containing the same data fails, the other is available, allowing operations to continue.9. Social engineering is an example of an unintentional security threat.
7. When planning a comprehensive security system, the first step is designing _____, which use a combination of hardware and software for improving reliability—a way of ensuring availability in case of a system failure.
Fault-tolerant systems
14. A(n) _____ is a combination of hardware and software that acts as a filter or barrier between a private network and external computers or networks.
Firewall
5. _____ monitor and record the keys pressed on a keyboard and can be software or hardware devices.
Keystroke loggers
3. _____ is sending fraudulent e-mails that seem to come from legitimate sources, such as a bank or university.
Phishing
12. In the context of security, _____ means using "people skills"—such as being a good listener and assuming a friendly, unthreatening air—to trick others into revealing private information.
Social engineering
4. _____ is an attempt to gain access to a network by posing as an authorized user in order to find sensitive information, such as passwords and credit card information.
Spoofing
1. _____ is software that secretly gathers information about users while they browse the Web.
Spyware
15. _____ is a software feature that erases the screen and signs the user off automatically after a specified length of inactivity.
Terminal resource security
10. A(n) _____ contains code intended to disrupt a computer, network, or Web site, and it is usually hidden inside a popular program.
Trojan Program
13. A distributed denial-of-service (DDoS) attack involves hundreds of computers working together to bombard a Web site with thousands of requests for information in a short period.
True: Feedback: A distributed denial-of-service (DDoS) attack occurs when hundreds or thousands of computers work together to bombard a Web site with thousands of requests for information in a short period, causing it to grind to a halt.
19. A proxy server is often used to help protect the network against unauthorized access from outside the network by hiding the network addresses of internal systems.
True: Feedback: A proxy server is often used to help protect the network against unauthorized access from outside the network by hiding the network addresses of internal systems.
20. An intrusion detection system (IDS) can protect networks against both external and internal access.
True: Feedback: An intrusion detection system (IDS) can protect against both external and internal access.
26. Data encryption transforms data into a scrambled form called ciphertext.
True: Feedback: Data encryption transforms data, called plaintext or cleartext, into a scrambled form called ciphertext that cannot be read by others.
16. Hand geometry is an example of a biometric security measure.
True: Feedback: Hand geometry is an example of a biometric security measure.
7. If a drive in a redundant array of independent disks (RAID) system fails, data stored on it can be reconstructed from data stored on the remaining drives.
True: Feedback: If a drive in a redundant array of independent disks (RAID) system fails, data stored on it can be reconstructed from data stored on the remaining drives. RAID systems vary in cost, performance, and reliability.
29. In symmetric encryption, the same key is used to encrypt and decrypt a message.
True: Feedback: In symmetric encryption, the same key is used to encrypt and decrypt a message. The sender and receiver must agree on the key and keep it secret.
3. Keystroke loggers can be used for malicious purposes, such as collecting the credit card numbers that users enter while shopping online.
True: Feedback: Keystroke loggers can be used for malicious purposes, such as collecting the credit card numbers that users enter while shopping online.
5. Part of ensuring integrity is identifying authorized users and granting them access privileges.
True: Feedback: Part of ensuring integrity is identifying authorized users and granting them access privileges.
23. Terminal resource security is a software feature that erases the screen and signs the user off automatically after a specified length of inactivity.
True: Feedback: Terminal resource security is a software feature that erases the screen and signs the user off automatically after a specified length of inactivity.
4. Confidentiality, integrity, and availability are collectively referred to as the CIA triangle.
True: Feedback: There are three important aspects of computer and network security: confidentiality, integrity, and availability, collectively referred to as the CIA triangle.
24. An ideal password should be eight characters or longer.
True: Feedback: To increase the effectiveness of passwords, they should be made eight characters or longer.
10. When a program containing a virus is used, the virus attaches itself to other files, and the cycle continues.
True: Feedback: When a program or operating system containing a virus is used, the virus attaches itself to other files, and the cycle continues.
8. A(n) _____ consists of self-propagating program code that is triggered by a specified time or event.
Virus
13. The _____ biometric security measure translates words into digital patterns, which are recorded and examined for tone and pitch.
Voice Recognition
9. _____ are independent programs that can spread themselves without having to be attached to a host program.
Worms
