CSCI 290 Final Exam

Lakukan tugas rumah & ujian kamu dengan baik sekarang menggunakan Quizwiz!

A digital signature is used to guarantee who sent a message. This is referred to as non-repudiation.

False

A good password should contain only letters and numbers.

False

An on-demand virus scanner runs in the background and is constantly checking your PC.

False

IPsec can only encrypt the packet data but not the header information.

False

Sending a forged email asking for sensitive data is an example of steganography.

False

The Patriot Act was the first U.S. law to criminalize theft of commercial trade secrets

False

The Stuxnet virus was directed against Iraqi nuclear facilities.

False

You may use Linux to make a ______________ of the hard drive.

Forensically valid copy

In Windows the log that contains events collected from remote computers is the ____________ log.

Forwardedevents

What is the term for a fake system designed to lure intruders?

Honey Pot

If you experience a denial-of-service attack, you can use firewall logs to determine the _______ from which the attack originated.

IP address

A discarded credit card receipt or utility bill could be the starting point from which a perpetrator finds enough information to assume a victim's _______________.

Identity

The principal that users have access to only network resources when an administrator explicitly grants them is called ___________.

Implicit deny

Use for business communications only and the disallowing of the transmission of confidential business information are recommended guidelines for ______

Instant messaging

What advantage does a symmetric key system using 64-bit blocks have?

It is fast

What is the main problem with simple substitution?

It maintains letter and word frequency

Which of the following is a likely reason that an organization might be reluctant to admit it has been a victim of corporate espionage?

It might cause stock value to decline

Which of the following is a disadvantage to using an application gateway firewall?

It uses a great deal of resources

What is a major weakness with a network host-based firewall?

Its security is depended on the underlying operating system

When an employee leaves, all _______ should be terminated.

Logins

You would set a ___________ to prevent users from immediately changing their password several times in one day to return to the current password. This is particularly important if your password policy has a history depth of five.

Minimum password age

On a server, you should create your own accounts with ________ that do not reflect their level of permission.

Names

Which of the following is most true regarding new encryption methods?

Never use them until they have been proven

What is the difference between corporate and industrial espionage?

None: they are interchangeable terms

In 1998, ethnic Tami guerrillas swamped _________ embassies with 800 emails a day.

Sri Lankan

What is SPI?

Stateful packet inspection

The virus that infected Iranian nuclear facilities was exploiting vulnerability in SCADA systems.

Stuxnet

Hackers want information about a target person, organization, and _______ to assist in compromising security.

System

Procedures for adding users, removing users, and dealing with security issues are examples of ___________ policies.

System administration

Usually, the first thing you do to a computer to prevent further tampering is to _________.

Take it offline.

Probing your network for security flaws should occur once a quarter, and a complete audit of your security should be completed ________ per year.

Once

The first rule of computer security is to check ___________.

Patches

Although the Cyberterrorism Preparedness Act of 2002 was not passed, many of its goals were addressed by the ___________.

Patriot Act

Any _________ you do not explicitly need should be shut down.

Ports

What is the term for blocking an IP address that haws been the source of suspicious activity?

Preemptive blocking

What type of encryption uses different keys to encrypt and decrypt the message?

Public key

You can calculate the value of information by what formula?

Resources needed to produce the information, plus resources gained from the information.

New employees should receive a copy of the company 's __________ policies.

Security/acceptable use

Many states have online __________ registries.

Sex offender

There have been cases of mistaken identity with _________lists.

Sex offender

If a company purchases a high-end UNIX server to use for its research and developement department what is probably the most valuable part of the system?

The information on the server

Why would you want to scan an employee's computer when he leave the organization?

To check for signs of corporate espionage

Which of the following is the most common way for a virus scanner to recognize a virus?

To compare a file to know virus attributes

What is the reason for encrypting hard drives on laptop computers?

To prevent a thief from getting data off a stolen laptop

A discarded credit card receipt may become the starting point from which an identity fraud perpetrator finds enough information to assume the victim's identity.

True

A good rule of thumb for a password history policy is a history depth of five.

True

A server with fake data used to attract an attacker is a honeypot.

True

Binary numbers are made up of 0s and 1s.

True

CNE, MCITP, CISSP, and CCNA are examples of industry certifications.

True

Hactivists means individuals who work for a cause using cyberterrorism.

True

Heuristic scanning uses rules to determine whether a file or program behaves like a virus.

True

Information warfare is any attempt to manipulate information in pursuit of a military or political goal.

True

Microsoft Windows includes BitLocker in some editions, so entire hard drives can be encrypted.

True

Nessus is the premiere network vulnerability scanner

True

The FBI maintains a list of individual state sex registries at www.fbi.gov/scams-safety/registry

True

The U.S. Patriot Act specifically deals with cyberterrorism

True

The Windows Registry contains a list of USB devices that have been connected to the machine

True

The Windows Registry lists USB devices that have been connected to the machine.

True

The chain of custody accounts for the handling of evidence and documents that handling

True

www.yellowpages.com, www.whowhere.com, and www.LinkedIn.com are good websites to locate a person's home address or telephone number.

True

The joint task force representing components of all four U.S armed services is the ____________.

U.S. Cyber Command

If you determine a virus has struck a system, the first step is to _________.

Unplug the machines from the network

You can use the service Yahoo!People Search by going to _________.

people.yahoo.com

The Linux log file that contains activity related to the web server is ______.

/var/log/apache2/

A good password has at least ______ characters.

8

What method do most IDS software implementations use?

Anomaly detection

In Windows, the log that stores events from a single application or component rather than events that might have system wide impact is the ____________ log.

Applications and services

Which binary mathematical operation can be used for a simple encryption method?

Bit shift

Which of the following methods uses a variable-length symmetric key?

Blowfish

Documentation of every person who had access to evidence, how they interacted with it, and where it was stored is called the ________________.

Chain of custody

Chinese hackers whose stated goal is to infiltrate Western computer systems are called the ___________.

China Eagle Union

During the ___________ War, Western democracies invested time and money for radio broadcasts into communist nations.

Cold

Which of the following is a symmetric key system using 64-bit blocks?

DES

A _________ involves setting up two firewalls: an outer and an inner firewall

DMZ (demilitarized zone)

What is the greatest security risk to any company?

Disgruntled employees

It would be advisable to obtain __________ before running a background check on any person.

Written permission

Using Linux to wipe the target drive, the command-line command would be ___ .

dd

A website that may help locate federal prison records is ________.

www.bop.gov/


Set pelajaran terkait

Chapter 5 ethernet (802.3) switches LANS

View Set

October Sky Characters/Questions

View Set

Legitimacy & Sources of Authority

View Set

Chapter 1: Introduction to Networking

View Set

CISM - Information Security Governance Flash

View Set