CSCI 3200 Final

Lakukan tugas rumah & ujian kamu dengan baik sekarang menggunakan Quizwiz!

Calculate the SLE based on the following information: The asset value is 4 million dollars. The exposure factor is about 25 percent. What is the SLE? - 3 million dollars - 4.25 million dollars - 5 million dollars - 1 million dollars

1 million dollars

Which TCP port does POP3 use? - 25 - 110 - 143 - 443

110

Question 9 4 / 4 pts <p>What TCP port does IMAP use?</p> What TCP port does IMAP use? - 110 - 25 - 143 - 443

143

Which of the following is the strongest password? - swordfish - Supercalifragilisticexpialidocious - 1Aw3u$iaIiWtww1s1a! - P@$$w0rd

1Aw3u$iaIiWtww1s1a!

Calculate the ALE based on the following information: The SLE is 4 million dollars. The ARO is 5%. What is the ALE? - 4.5 million dollars - 2 million dollars - 200,000 dollars - 4,200,000 dollars

200,000 dollars

What TCP port does SMTP use? - 25 - 110 - 143 - 443

25

HTTPS uses TCP port - 433 - 443 - 344 - 434

443

SSMTP uses TCP port - 25 - 110 - 465 - 456

465

In a UNIX operating system, which run level reboots the machine? - 0 - 1 - 3 - 6

6

ActiveX refers to A collection of APIs, protocols, and programs developed by Microsoft to automatically download and execute code over the Internet - A library of security protocols for Microsoft's Internet Explorer - A patch to fix a vulnerability that hackers exploit where the user downloads an MP3 file and the buffers of the sound card are overwritten You Answered - A method of blocking java scripts that comes from non Microsoft web sites

A collection of APIs, protocols, and programs developed by Microsoft to automatically download and execute code over the Internet

A buffer overflow can best be described as - A hacker who makes a website that has more content than the browser can handle - A hacker who sends more data than is expected in an attempt to overwrite legitimate memory - A hacker who uses an e-mail virus to format the hard drive with junk code - A hacker who sends repeated requests for information from a server in an attempt to crash the server

A hacker who sends more data than is expected in an attempt to overwrite legitimate memory

What is the waterfall model characterized by? - A generic, repeatable process for debugging software - A protocol limiting liquids in the workplace - A linear, multistep process - A process for ensuring that all inputs are tested

A linear, multistep process

What is the Gramm-Leach-Bliley Act? - Implements the principle that a signature, contract, or other record may not be deleted - Denies legal effect, validity, or enforceability solely because it is electronic form - Addresses a myriad of legal privacy issues that were resulting from the increasing use of computers and other technology specific to telecommunications - Makes it a violation of federal law to knowingly use another's identity - A major piece of legislation affecting the financial industry and containing significant privacy provisions for individuals

A major piece of legislation affecting the financial industry and containing significant privacy provisions for individuals

Running Java applets from the Web on your system is considered - A security risk - Not risky - Somewhat secure - Very secure

A security risk

A signature database contains a list of the contents of the IP packet header's signature block, for every type of packet the IDS monitors. True or False

A signature database contains a list of the contents of the IP packet header's signature block, for every type of packet the IDS monitors.

What does a host-based IDS monitor? - A single system - Networks - Physical intrusions into facilities - A system and all its surrounding systems

A single system

Which of the following is used to calculate the threshold for evaluating the cost/benefit ratio of a given countermeasure? - SLE - ALE - SRO - ARO

ALE

The first instant messaging program was ___________. - AOL Instant Messenger - Yahoo Instant Messenger - MSN Instant Messenger - Linux Instant Messenger

AOL Instant Messenger

Which of the following is the value for the number of times an event is expected to occur in a year? - SLE - ALE - SRO - ARO

ARO

Simple rule sets that are applied to port number and IP addresses are called - Network address translation - Stateful packet filtering - Access control lists - Basic packet filtering

Access control lists

The Electronic Communications Privacy Act (ECPA) of 1986 - Implements the principle that a signature, contract, or other record may not be - Denies legal effect, validity, or enforceability solely because it is electronic form - Addresses a myriad of legal privacy issues that were resulting from the increasing use of computers and other technology specific to telecommunications - Makes it a violation of federal law to knowingly use another's identity - A major piece of legislation affecting the financial industry and containing significant privacy provisions for individuals

Addresses a myriad of legal privacy issues that were resulting from the increasing use of computers and other technology specific to telecommunications

What are laws and regulations created by government-sponsored agencies such as the EPA, the FAA, and the FCC? - Statutory laws - Administrative laws - Common laws - Blue laws

Administrative laws

An initial baseline should be performed when? - After every update to a system - Before patches are installed on a system - After administrators have finished patching, securing, and preparing a system - Every 90-120 days, as determined by local policy

After administrators have finished patching, securing, and preparing a system

Your boss would like you to implement a network device that will monitor traffic and turn off processes and reconfigure permissions as necessary. To do this you would use - A firewall - A sniffer - A passive HIDS - An active HIDS

An active HIDS

The Wassenaar Arrangement can be described as which of the following? - An international arrangement on export controls for conventional arms as well as dual-use goods and technologies - An international arrangement on import controls - A rule governing import of encryption in the United States - A rule governing export of encryption in the United States

An international arrangement on export controls for conventional arms as well as dual-use goods and technologies

Which component of an IDS examines the collected network traffic and compares it to known patterns of suspicious or malicious activity? - Traffic collector - Analysis engine - Signature database - Examination collector

Analysis engine

The difference between misuse and anomaly IDS models is - Misuse models require knowledge of normal activity, whereas anomaly models don't. - Anomaly models require knowledge of normal activity, whereas misuse models don't. - Anomaly models are based on patterns of suspicious activity. - Anomaly model-based systems suffer from many false negatives

Anomaly models require knowledge of normal activity, whereas misuse models don't.

The security tool that will hide information about the requesting system and make the browsing experience secret is a - Web proxy - Reverse proxy - Anonymizing proxy - Open proxy

Anonymizing proxy

What is a software bomb? - A firework that destroys all the disks and CDs in your library - Any commands executed on the computer that have an adverse effect on the data being investigated - Screensavers that show fireworks going off - Software trying to access a computer

Any commands executed on the computer that have an adverse effect on the data being investigated

What is the process of assessing the state of an organization's security compared against an established standard called? - Pen testing - Auditing - Vulnerability testing - Accounting

Auditing

One way a user can feel confident that the code they are downloading is from a legitimate vendor and has not been modified is with the implementation of - SSL - Authenticode - SFTP - HTTPS

Authenticode

What was the primary reason for the spread of the ILOVEYOU worm. - Network firewalls failed. - Systems did not have the appropriate software patch. - Automatic execution such as Microsoft Outlook's preview pane. - Virus scan software was not updated.

Automatic execution such as Microsoft Outlook's preview pane

Which document's main focus is the continued operation of the organization? - BIA - DRP - AUP - BCP

BCP

________________ serves as a foundation for comparison or measurement. - Configuration identification - Configuration status accounting - Baseline - Configuration items

Baseline

What is the process of establishing a system's security state called? - Hardening - Baselining - Securing - Controlling

Baselining

Your boss would like you to make company files available to the general public, but does not want you to have to create user accounts for anyone that would want access to the file transfer. In this case you should use - FTP - Blind FTP - SFTP - FTPS

Blind FTP

Antivirus products do all of the following EXCEPT: - Automated updates - Media scanning - Block network traffic based on policies - Scan e-mail for malicious code and attachments

Block network traffic based on policies

Risk management is most often - Purely qualitative - Purely quantitative - Both qualitative and quantitative - Purely objective

Both qualitative and quantitative

Which of the following do not enhance the security of the browser? - Browser plug-ins - Patches - Disabling javascript - Rejecting cookies

Browser plug-ins

What is the one item that could labeled as the "most wanted" item in coding security? - Run length overflow - Proper string handling - Herman the Fly - Buffer overflow

Buffer overflow

When an attacker purposely sends more data for input that the program was designed to handle and it results in a system crash, what is this an example of? - Syn flood - Buffer overflow - Incomplete mediation - Logic bomb

Buffer overflow

Which are the most common exploit used to hack into a system? - Buffer overflows - Birthday attacks - Weak key attacks - Man-in-the-middle attacks

Buffer overflows

Contract management, fraud, regulatory risk management, and business continuity management are examples of - Business risks - Technology risks - Market risks - Operational risks

Business risks

The law that regulates unsolicited commercial e-mail is the - Computer Fraud and Abuse Act - Stored Communications Act - CAN-SPAM Act - Sarbanes-Oxley Act

CAN-SPAM Act

Which type of error occurs when a program executes the error checking routine, prior to manipulating strings to a base form? - Canonicalization error - Improper output handling - Injection - Buffer overflow

Canonicalization error

Which management tool is used for identifying relationships between a risk and the factors that can cause it? - Affinity grouping - Cause and effect analysis - Interrelationship digraphs - Risk management plan

Cause and effect analysis

Which policy dictates the action that should be taken when a significant modification to the software or hardware takes place? - Acceptable use policy - Due care policy - Change management policy - Disposal and destruction policy

Change management policy

Change management can be applied to every type of software development EXCEPT: - Security patches - Source code - Web pages - Change management should be applied to all types of software development.

Change management should be applied to all types of software development.

Whenever a modified program is moved to the production source-code library, the executable version is moved to the production system. This is an example of which of the following? - Authenticode - Code integrity - Separation of duties - Output code variation

Code integrity

Which type of alternative site has the basic environmental controls necessary to operate, but has few of the computing components necessary for processing? - Hot site - Warm site - Cold site - Temporary site

Cold site

What do you call a law based on previous events or precedents? - Statutory law - Administrative law - Common law - Blue law

Common law

Which law makes it a crime to knowingly access a computer that is either considered a government computer or used in interstate commerce, or to use a computer in a crime that is interstate in nature? - Computer Fraud and Abuse Act - Stored Communications Act - CAN-SPAM Act - Sarbanes-Oxley Act

Computer Fraud and Abuse Act

_____________ is the unauthorized entry into a computer system via any means. - Computer trespass - Computer entry - Computer hacking - Cyber crime

Computer trespass

Which of the following is the first step in change management? - Configuration control - Configuration status accounting - Configuration identification - Configuration audit

Configuration identification

Groups are used to - Create a collection of users to simplify privilege management - Circumvent an overly restrictive ACL ruleset - Create a collection of programs simplifying ACL implementation - Separate computers into logical groups that perform similar functions

Create a collection of users to simplify privilege management

If the loss of a business function would severely impact an organization, that function would be categorized as which of the following? - Critical - Necessary for normal processing - Desirable - Optional

Critical

The art of "secret writing" is called - Spoofing - Smurfing - Cryptography - Cryptanalysis

Cryptography

A file or resource owner has the ability to change the permissions on that file or resource. - MAC - DAC - RBAC - RBOC

DAC

What environment does UNIX use? - DAC - MAC - Role-based access control - Rule-based access control

DAC

What is it called when a person registers a domain name, relinquishes it in less than five days, and then gets the same name again, repeating this cycle over and over again? - DNS spoofing - DNS jacking - DNS pilfering - DNS kiting

DNS kiting

Which document defines the required data, resources, and steps to restore critical organizational processes? - BIA - BCP - DRP - AUP

DRP

Which type of backup is conducted at specific intervals, and only copies the portions of the files that have been changed? - Partial - Differential - Incremental - Delta

Delta

What type of evidence is used to aid a jury and may be in the form of a model, experiment, chart, and so on, to indicate that an event occurred? - Direct evidence - Real evidence - Documentary evidence - Demonstrative evidence

Demonstrative evidence

SYN flooding is an example of a - Viral attack - Denial of service attack - Logic bomb - Trojan horse

Denial of service attack

Run levels are used to - Determine which users are allowed on a Windows machine - Describe the state of initialization and what system services are operating in a Linux system - Determine the level of user in Linux systems - Are a Windows construct to manage which services are allowed to autostart

Describe the state of initialization and what system services are operating in a Linux system

In the secure development lifecycle, in which phase should minimizing the attack surface area take place? - Coding phase - Design phase - Requirements phase - Testing phase

Design phase

What is the term for when a large list of words are used to try and crack a password? - Dictionary attack - Brute-force attack - Hybrid attack - Lister crack

Dictionary attack

Which type of backup copies all files, but only since the last full backup? - Full - Differential - Incremental - Delta

Differential

Which law makes it illegal to develop, produce, and trade any device or mechanism designed to circumvent technological controls used in copy protection? - Sarbanes-Oxley Act - Digital Millennium Copyright Act - US Digital Signatures Law - Computer Fraud and Abuse Act

Digital Millennium Copyright Act

Oral testimony that proves a specific fact with no inferences or presumptions is what type of evidence? - Hearsay - Real evidence - Direct evidence - Demonstrative evidence

Direct evidence

What is the name of the policy outlining procedures to combat dumpster diving? - Recycling - Disposal and destruction - Password management - Need to know

Disposal and destruction

Business records, printouts, and manuals are what type of evidence? - Direct evidence - Real evidence - Documentary evidence - Demonstrative evidence

Documentary evidence

What is the automated downloading of malware that takes advantage of a browsers' ability to the download different files that compose a web page called? - Download of death - Trojanized download - Drive-by download - War-downloading

Drive-by download

Which security policy establishes an organization's need to take reasonable precautions to demonstrate that it is being responsible in its operations (and to avoid possible litigation)? - AUP - E-mail policy - Due diligence - Separation of duties

Due diligence

Which of the following is NOT a strategy for alternative site processing? - Hot site - Empty site - Cold site - Mutual aid agreements

Empty site

What must you do in order to sniff the traffic on all ports on a switch? - Nothing; you can see all the traffic on a switch by default. - Nothing; a switch does not allow you do see all traffic. - Enable port mirroring. - Run a cable to each port.

Enable port mirroring.

The Terms RC4 and 3DES refer to - Protocols used by servers to create dynamic websites - Encryption algorithms used to encrypt data - Protocols used to create directories for web services - Classes of XML protocols used for web services

Encryption algorithms used to encrypt data

A network administrator wants to be sure that when users change their passwords they do not reuse a previous password. What domain password policy will need to be configured? - Enforce password history - Maximum password age - Minimum password age - Minimum password length

Enforce password history

What is configuration auditing? - Ensures that configuration items are built and maintained according to the requirements, standards, or contractual agreements - Ensures that only approved changes to a baseline can be implemented - Ensures all changes made separate from the baseline are well documented and controlled - Identifies which assets need to be controlled

Ensures that configuration items are built and maintained according to the requirements, standards, or contractual agreements

What is configuration control? - Ensures that configuration items are built and maintained according to the requirements, standards, or contractual agreements - Ensures that only approved changes to a baseline are allowed to be implemented - Ensures all changes made separate from the baseline are well documented and controlled - Identifies which assets need to be controlled.

Ensures that only approved changes to a baseline are allowed to be implemented

Which of the following rules applies to evidence obtained in violation of the Fourth Amendment of the Constitution? - Best evidence rule - Exclusionary rule - Hearsay rule - Evidentiary rule

Exclusionary rule

Which of the following is NOT a component of an IDS? - Traffic collector - Signature database - Expert knowledge database - User interface and reporting

Expert knowledge database

A principal reference for rules governing the export of encryption can be found in the - Bureau of Industry and Security - U.S. Department of Commerce - Export Administration Regulations - State Department

Export Administration Regulations

Which of the following is a characteristic of the Patriot Act? - Extends the tap-and-trace provisions of existing wiretap statutes to the Internet, and mandates certain technological modifications at ISPs to facilitate electronic wiretaps on the Internet - A major piece of legislation affecting the financial industry, and also one with significant privacy provisions for individuals - Makes it a violation of federal law to knowingly use another's identity - Implements the principle that a signature, contract, or other record may not be deleted - Denies legal effect, validity, or enforceability solely because it is electronic form

Extends the tap-and-trace provisions of existing wiretap statutes to the Internet, and mandates certain technological modifications at ISPs to facilitate electronic wiretaps on the Internet

The protocol that provides a method for the transfer of files, both to and from a server is - Telnet - SSH - SNMP - FTP

FTP

TCP Ports 989 and 990 are associated with what application? - SSL/TLS 3.0 - SPOP3 - SFTP - FTPS

FTPS

A birthday attack is a type of logic bomb virus that releases its payload on some famous person's birthday, such as Michelangelo. True or False

False

A risk management plan is a comprehensive document that explains how risks will be identified on a given project. True or False

False

A syn flood is type of spam that floods the inbox with pornographic material. True or False

False

A warm site is a fully configured environment that is similar to the normal operating environment, and that can be operational immediately. True or False

False

Adding more services and applications to a system helps to harden it. True or False

False

An organization can reduce its risks to zero through careful planning and implementation. True or False

False

An organization must choose between using Capability Maturity Model Integration (CMMI) or change management. True or False

False

Authenticode is used to encrypt program code so that it is more difficult for hackers to reverse engineer it. True or False

False

Buffer overflows, while a dangerous form of code vulnerability, are the least common. True or False

False

Canonicalization vulnerabilities are restricted to Windows systems. True or False

False

Cause and effect analysis is the process of identifying relationships between a risk and the organization's needs. True or False

False

Change management and configuration management are two very different processes. True or False

False

Change management is only needed in the development and testing phases of the systems life cycle. True or False

False

Change management is the process of changing the middle managers in a company during a merger. True or False

False

Change management makes localization efforts more complex. True or False

False

Cryptography is the solution to all security problems. True or False

False

Defense begins by eliminating threats. True or False

False

Deploying, maintaining, and upgrading host-based IDSs in a large network is cheaper than NIDSs. True or False

False

Despite all the benefits from separation of duties, the biggest disadvantage is that the people who know the software best (the developers, designers, and testers) are not the ones that install and administer the software. True or False

False

Evidence offered by the witness that is not based on the personal knowledge of the witness—but is being offered to prove the truth of the matter asserted—falls under the exclusionary rule. True or False

False

FTP encrypts traffic by default. True or False

False

Falsifying header information is not covered by the CAN-SPAM Act. True or False

False

Generating true random numbers is a fairly trivial task. True or False

False

Groups are assigned by location, not function. True or False

False

HTTP uses TCP port 8080. True or False

False

Hostile activity that does not match an IDS signature and goes undetected is called a false positive. True or False

False

In 2002, Microsoft increased the number of services that were installed and running due to public demand. True or False

False

Incremental backups back up all information since the last full backup. True or False

False

It is recognized throughout the industry that the best type of risk assessment to conduct is a purely quantitative one. True or False

False

Lease privilege refers to removing all controls from a system. True or False

False

Mac OS X FileVault encrypts files with 3DES encryption. True or False

False

Minimum password age policy specifies the number of days a password may be used before it must be changed. True or False

False

Minor procedural missteps are not important provided the overall investigation is properly conducted. True or False

False

Most instant messaging programs natively support encryption. True or False

False

Names not on a DNS blacklist get filtered out, and those messages are not received. True or False

False

Network-based IDS examines activity on a system such, as a mail server or web server. True or False

False

Once an organization implements a security plan, they can expect to remain secure for an extended period of time. True or False

False

Only one person is needed to collect and document evidence obtained in performing forensics on a computer system. True or False

False

Oral testimony that proves a specific fact is considered real evidence. True or False

False

Performing a cost/benefit analysis to determine the effectiveness of a countermeasure is not a useful way to evaluate a countermeasure, because risk needs to be reduced at any cost. True or False

False

Permissions are applied to users, not to groups. True or False

False

Policies are generally step-by-step instructions. True or False

False

Privacy laws in Europe are built around the concept that privacy is not a fundamental human right. True or False

False

RAID 5 implements exact copies of disks, with all the data mirrored on another drive. True or False

False

Relevant evidence must be convincing or measure up without question. True or False

False

Residual risk is covered by insurance companies. True or False

False

Role-based access control is a method of managing access and privileges based on a set of predefined rules. True or False

False

SMTP uses TCP port 110. True or False

False

Scanning is when an attacker attempts to crash the system with programs such as ping sweep or superscan. True or False

False

Securing access to files and directories in Solaris is vastly different from most UNIX variants. True or False

False

Service pack is the term given to a small software update designed to address a specific problem, such as a buffer overflow in an application that exposes the system to attacks. True or False

False

Targeted attacks are easier and take less time and effort than attacks on targets of opportunity. True or False

False

Telnet is used to upload and download files. True or False

False

Testing is not an essential part of the generation of secure code. True or False

False

The BCP is part of the larger DRP. True or False

False

The disadvantage to full backups is that the restore process is complex. True or False

False

The formulas used to justify the single loss expectancy (SLE) are extremely accurate. True or False

False

The last step in minimizing possible avenues of attack is updating system patches. True or False

False

The low risk of being caught is one of the reasons that criminals are turning to computer crime. True or False

False

The lowest level of classified information, which is defined as information that would "damage" national security, is known as "unclassified." True or False

False

The misuse detection IDS model is more difficult to implement than the anomaly detection model, and is not as popular as a result. True or False

False

The ping of death is a type of distributed denial of service. True or False

False

The presence of the keyword "secure" in a cookie indicates that it can only be accessed by the web site that placed it there in the first place. True or False

False

The recycle bin contains all the deleted files on a computer. True or False

False

The specific security needs of a program being developed should be defined in the design phase of the secure development lifecycle. True or False

False

The spiral model is characterized by iterative development, where requirements and solutions evolve through an ongoing collaboration between self-organizing, cross-functional teams. True or False

False

The trends show that e-mail hoaxes are being thwarted due to new technology. True or False

False

Unsolicited commercial e-mail is referred to as a hoax e-mail. True or False

False

Using SSL protects your data from interception by devices such as key loggers. True or False

False

Viruses can exist independent of a file, whereas worms require a file to infect. True or False

False

When analyzing computer storage components, the original system should be analyzed. True or False

False

When performing forensics on a computer system you should use the utilities provided by that system. True or False

False

While NIDS are able to detect activities such as port scans and brute force attacks, it is unable to detect tunneling. True or False

False

Windows Defender is new, personal firewall software included in Vista. True or False

False

Which of the following is NOT an advantage of decentralized privilege management? - It is highly flexible; changes can be made whenever they are needed. - It does not require a dedicated set of personnel and resources. - It reduces bureaucracy. - Fewer people must be trained on tasks associated with privilege management.

Fewer people must be trained on tasks associated with privilege management.

Clusters that are marked by the operating system as usable is referred to as which of the following? - Free space - Slack space - Open space - Unused space

Free space

Which type of backup is the simplest to do, but takes the most storage space? - Full - Differential - Incremental - Delta

Full

What technique can be used to find potentially exploitable buffer overflows, without any specific knowledge of the coding? - Code injection - Use cases - Fuzzing - Backdoors

Fuzzing

Which management tool is used for diagramming schedules, events, and activity duration? - Pareto charts - Gantt charts - Interrelationship digraphs - PERT charts

Gantt charts

A new breed of IDS that is designed to identify and prevent malicious activity from harming a system. - Dynamic IDS - Preventive IDS - Active IDS - HIPS

HIPS

Which of the following has the least volatile data? - CPU storage - RAM - Hard drive - Kernel tables

Hard drive

Evidence offered by a witness that is not based on the personal knowledge of the witness, but is being offered to prove the truth of the matter asserted, fall under which rule of evidence? - Best evidence rule - Exclusionary rule - Hearsay rule - Relevant evidence rule

Hearsay rule

What device would you use to attract potential attacks, so that you could safely monitor the activity and discover the intentions of the attacker? - Firewall - Antivirus - IDS - Honeypot

Honeypot

Which alternative site is the most costly to maintain? Correct! - Hot site - Warm site - Cold site - Mutual aid agreement site

Hot site

Which type of alternative site is a fully configured environment that is similar to the normal operating environment and can be operational within hours? - Hot site - Warm site - Cold site - Immediate site

Hot site

How does IPS differ from an IDS? - IPS is passive and IDS is active. - IPS uses heuristics and IDS is signature based. - IPS will block, reject, or redirect unwanted traffic; an IDS will only alert. - IDS will block, reject, or redirect unwanted traffic; an IPS will only alert.

IPS will block, reject, or redirect unwanted traffic; an IDS will only alert.

What are the steps for the software engineering institute model for risk management? - Identify, analyze, plan, track, and control - Analyze, track, identify, plan, and control - Identify assets, threats, vulnerabilities, and exposure factor - Cost benefit analysis, control, and review

Identify, analyze, plan, track, and control

Which of the following describes the process of asset identification during a risk assessment? - Collecting data on the value of bank accounts and other financial notes controlled by the organization - Identifying and classifying the assets, systems, and -processes that need protection because they are vulnerable to threats - Collecting data on the property plant and equipment to be prepared to file an insurance claim - Hiring an outside auditing firm to assess the total net worth of the company

Identifying and classifying the assets, systems, and processes that need protection because they are vulnerable to threats

Which of the following describes the process of threat assessment during a risk assessment? - Identifying the possible threats and vulnerabilities associated with each asset, and the likelihood of their occurrence - Categorizing and cataloging any threats made against the organization in the last 10 years - Establishing a human resource procedure to notify the police if anyone threatens an employee - Assessing the total net worth of the company, and then selecting an insurance company to insure the company against all threats.

Identifying the possible threats and vulnerabilities associated with each asset, and the likelihood of their occurrence

Using the general risk management model, direct loss of money, interruption of business activity, and breach of confidence, fall under which step? - Asset identification - Threat assessment - Impact determination and quantification - Residual risk management

Impact determination and quantification

The electronic signatures in the Global and National Commerce Act - Implement the principle that a signature, contract, or other record may not be denied legal effect, validity, or enforceability solely because it is electronic form - Address a myriad of legal privacy issues resulting from the increased use of computers and other technology specific to telecommunications - Make it a violation of federal law to knowingly use another's identity - Are a major piece of legislation affecting the financial industry, and contains significant privacy provisions for individuals

Implement the principle that a signature, contract, or other record may not be denied legal effect, validity, or enforceability solely because it is electronic form

Which policy outlines how the organization will prepare for and handle security incidents when they occur? - Acceptable use policy - Incident response policy - E-mail policy - Due diligence policy

Incident response policy

Unvalidated input that changes the code functioning in an unintended way is which type of coding error? - Canonicalization error - Improper output handling - Injection - Buffer overflow

Injection

Your boss is concerned about employees viewing in appropriate or illegal web sites in the workplace. Which device would be the best at addressing this concern? - Antivirus - Firewall - Protocol analyzer - Internet content filter

Internet content filter

The model that most modern intrusion detection systems use is largely based upon a model created by Dorothy Denning and Peter Neumann called: - Intrusion Detection Interface System (IDIS) - Intrusion Response Interdiction system (IRIS) - Intrusion Detection Expert System (IDES) - Discovery, Haystack, Multics Intrusion Detection and Alerting System (MIDAS)

Intrusion Detection Expert System (IDES)

The Open Vulnerability and Assessment Language (OVAL) ___________. - Is an XML framework for describing vulnerabilities - Is a framework for UDDI data structures to be passed between applications in a language-neutral and platform-independent fashion - Is used by web browsers to block harmful java scripts from executing on a system - Is used by a web browser to clean cookies and spy ware off the system hard drive

Is an XML framework for describing vulnerabilities

Which of the following is true of BitLocker, in Windows Vista? - It's where malicious code is stored when it's discovered. - It's a form of data storage for network traffic. - It allows encryption of all data on a server. - It monitors Internet Explorer traffic.

It allows encryption of all data on a server.

In Mac OS X, what does library randomization do? - It defeats buffer overflows. - It is used for encryption. - It restricts network access. - It increases the ease of code writing.

It defeats buffer overflows.

What is a message digest? - It is a hash function that can be used to compare two files to see if they are identical. - A condensed version of the messages that the computer receives. - Messages that the computer sends to other computers - Availability protocol that establishes links to other computers.

It is a hash function that can be used to compare two files to see if they are identical.

Which of the following is the command to stop a service in UNIX? - Stop - Kill - End - Finish

Kill

All access to systems, software, and data should be assigned using what principle? Least privilege - Role-based access - Minimum use - Activity-based access

Least privilege

Determining what needs to be accessed, and the appropriate level of permission for every item accessed is an example of what principle? - Least functionality - Least privilege - Least access - Least rights

Least privilege

According to SANS Internet Storm Center, the average survival time of an unpatched Windows PC on the Internet is - Less than two minutes - Less than two hours - Less than two days - Less than two weeks

Less than two hours

Malicious code that sits dormant until a particular event occurs to release its payload is called what? - Trojan - Logic bomb - Trigger virus - Logic worm

Logic bomb

What is the name of the process that controls access to information based on the sensitivity of that information and whether or not the user is operating at the appropriate sensitivity level and has the authority to access that information? - MAC - DAC - RBAC - RBOC

MAC

Which of the following is NOT a general step in securing a networking device? - Choosing good passwords - Password-protecting the console - Maintaining SNMP community strings - Turning off unnecessary services

Maintaining SNMP community strings

Antispam does all of the following EXCEPT: - Blacklisting - Malicious code detection - Language filtering - Trapping

Malicious code detection

What is it called when an attacker makes his data look like it is coming from a different source address, and is able to intercept information transferred between two computers? - Spoofing - Man-in-the-middle attack - Sniffing - Injecting

Man-in-the-middle attack

A network administrator wants to specify the number of days a password must be used before it can be changed again. What domain password policy will need to be configured? - Enforce password history - Maximum password age - Minimum password age - Minimum password length

Minimum password age

Which of the following is NOT a UNIX file permission? - Read - Write - Modify - Execute

Modify

If an organization can last without a business function for up to 30 days before it is severely impacted, that function would be categorized as which of the following? - Critical - Necessary for normal processing - Desirable - Optional

Necessary for normal processing

On a UNIX system, if a file has the permission r-x rw- ---, what permission does the world have? - Read and execute - Read and write - Read, write, execute - No permissions

No permissions

Which management tool is used for diagramming the interdependencies between project activities, showing the sequence and duration of each activity? - Pareto charts - Gantt charts - Interrelationship digraphs - PERT charts

PERT charts

Two tools that can be used to encrypt e-mail are ___________________. - MIME/S and PGP - PGP and S/MIME - PSP and MIME/S - PGP and SIME

PGP and S/MIME

With the RSA and Diffie-Hellman handshakes - The server and the client agree on what type of browser to use. - Parameters are agreed upon and certificates and keys are exchanged. - Parameters are agreed upon so that java scripts cannot execute inside the client system. - Office applications are able to e-mail secure documents.

Parameters are agreed upon and certificates and keys are exchanged.

Which of the following is NOT an element of a DRP? - Backup - Alternate sites - Fault tolerance - Password management

Password management

Management password policy should address all of the following except? - Password reuse - Password complexity rules - Protection of passwords - Password salting to ensure unique hash values

Password salting to ensure unique hash values

Which of the following is one of those critical activities that is often neglected as part of a good security baseline? - Password selection - Hardening the OS - Securing the firewall - Hardening applications

Password selection

A _________ is a more formal, large software update that may address several or many software problems. - Script - Log - Hotfix - Patch

Patch

Zone Alarm, Windows ICF, and iptables are all examples of - Antivirus - Antispyware - Antispam - Personal firewalls

Personal firewalls

Bob gets an e-mail addressed from his bank, asking for his user ID and password. He then notices that the e-mail has poor grammar and incorrect spelling. He calls up his bank to ask if they sent the e-mail, and they promptly tell him they did not and would not ask for that kind of information. What is this type of attack called? - Phishing - Pharming - Spear pharming - Spishing

Phishing

When taking photographs for use as evidence, what type should be taken? - Digital camera pictures - Film with a high speed shutter - Film with a low speed shutter - Polaroid

Polaroid

___________ are high-level, broad statements of what the organization wants to accomplish. - Policies - Procedures - Standards - Guidelines

Policies

Common Gateway Interface (CGI) security issues include - Poorly configured CGIs can crash when users input unexpected data. - CGI can only be programmed in one insecure language. - CGI can only perform one process at a time making it very susceptible to denial of service attacks. - CGI will only work with Internet Explorer

Poorly configured CGIs can crash when users input unexpected data

The nuisance of web pages that automatically appear on top of your current web page can be remedied with - Antivirus - Antispam - Pop-up blockers - Firewalls

Pop-up blockers

What is the process used to ensure that users have the correct rights to perform their jobs? - Usage auditing - Audit trails - Privilege management - Escalation auditing

Privilege management

What is the term for step-by-step instructions that describe exactly how employees are expected to act in a given situation or to accomplish a specific task? - Policies - Procedures - Standards - Usage lists

Procedures

Which of the following is NOT a component of a security policy? - Acceptable use policy - Separation of duties - Need to know - Programming language conformity policy

Programming language conformity policy

Which type of RAID does not provide redundancy to improve reliability? - RAID 0 - RAID 1 - RAID 5 - All RAID types provide redundancy and improve reliability.

RAID 0

Which type of RAID uses disk mirroring? - RAID 0 - RAID 1 - RAID 2 - RAID 5

RAID 1

Which type of RAID spreads data across disks, and also adds parity, meaning that the loss of any single disk in the array will not result in the loss of any data? - RAID 0 - RAID 1 - RAID 2 - RAID 5

RAID 5

The access control model that most closely resembles an organization's structure. - MAC - DAC - RBAC - RBOC

RBAC

On a UNIX system, if a file has the permission rwx r-- ---, what permission does the group have? - Execute, read, write - Read - Read, write, execute - No permissions

Read

Tangible objects that prove or disprove fact are what type of evidence? - Direct evidence - Real evidence - Documentary evidence - Demonstrative evidence

Real evidence

In which incident response phase might it be necessary to implement the BCP? - Preparation phase - Detection phase - Containment and eradication phase - Recovery phase

Recovery phase

How is high availability generally achieved? - Full backup - Fault tolerance - Test, exercise, rehearse - Redundant systems

Redundant systems

Evidence that is material to the case or has bearing on the matter at hand is what standard of evidence? - Sufficient evidence - Competent evidence - Relevant evidence - Real evidence

Relevant evidence

In the secure development lifecycle, how must the specific security needs of software being developed be defined? - Coding phase - Design phase - Requirements phase - Testing phase

Requirements phase

Which of the following is usually synonymous with a job or set of functions? - Superuser - Role - Privilege - Sign on

Role

What is the use of "securityadmin" in Microsoft SQL Server an example of? - DAC - MAC - Role-based access control - Rule-based access control

Role-based access control

What is the term for malware that changes the way the operating system functions to avoid detection? - Rootkit - Boot sector virus - Spyware - Dieware

Rootkit

Which of the following is the value for the expected loss of a single asset? - SLE - ALE - SRO - ARO

SLE

Which of the following is NOT one of the three primary e-mail protocols? - SMTP - SNMP - POP3 - IMAP

SNMP

Which is related to a code injection error? - VB.NET - SQL - JavaScript - C#

SQL

Which type of attack is used especially against databases? - DB manipulation - DB injection - SQL injection - SQL rejection

SQL injection

The SFTP protocol incorporates what into FTP? - SSL - Secure java scripting - 28 bit encryption key - the TCP protocol

SSL

What is the law that overhauled the financial accounting standards for publicly traded firms in the United States? - Computer Fraud and Abuse Act - Stored Communications Act - CAN-SPAM Act - Sarbanes-Oxley Act

Sarbanes-Oxley Act

Egress filtering - Scans incoming mail to catch spam - Scans outgoing mail to catch spam - Messages are scan for specific words or phrases - Filters out POP traffic

Scans outgoing mail to catch spam

Selecting a good password for each user account is critical to protecting information systems. How should you select a good password? - Use letters in your first name and letters in your last name. - Select a password that is still relatively easy to remember, but still difficult to "guess." - Unfortunately, there is way to keep a password safe, so it really doesn't matter what you use. - Create a password that would be hard to remember, and then write it down so you won't forget it.

Select a password that is still relatively easy to remember, but still difficult to "guess."

What is the key concept in change management? - Least privilege - Separation of duties - Defense in depth - Redundancy

Separation of duties

Which is more secure? - Common Gateway Interface (CGI) - Server side scripting - Third-party scripting - All are equally secure

Server side scripting

Your boss expressed concern about employees working on the network on weekends. She asks if there is something you can do to ensure that they do not have access. What would be the best way to accomplish this? - Publish a memo stating that employees will not be allowed to access the network on weekends. - Set time-of-day restrictions on employee accounts for the weekend. - Keep the building locked. - Set up closed-circuit TV cameras on employee workstations.

Set time-of-day restrictions on employee accounts for the weekend.

Which of the following is the most effective password policy to enforce for system security? - Setting password lengths to be 14 characters or more - Setting the password history to be 20 or higher - Setting a password expiration of 60 days - Setting a minimum password age of 180 days or more

Setting a password expiration of 60 days

What is the space in a cluster that is not occupied by a file called? - Free space - Slack space - Open space - Unused space

Slack space

_____________ relies on lies and misrepresentation to trick an authorized user into providing information or access to an attacker. - Social engineering - User exploitation - War-driving - Indirect attack

Social engineering

An attack that takes advantage of bugs or weaknesses in the software is referred to as what? - A brute-force attack - Software exploitation - A dictionary attack - Weakness exploitation

Software exploitation

Windows Defender does all of the following EXCEPT: - Spyware detection and removal - Real-time malware protection - Spam filtering - Examine programs running on your computer

Spam filtering

Making data look like it has come from a different source is called - Sniffing - A man-in-the-middle attack - A replay attack - Spoofing

Spoofing

What is software that records and reports activities of the user (typically without their knowledge) called? - Snoopware - Malware - Spyware - Eyeware

Spyware

How does stateful packet filtering differ from basic packet filtering? - Stateful packet filtering looks only at each packet individually. - Stateful packet filtering looks at the packets in relation to other packets. - Stateful packet filtering looks at the destination address. - Stateful packet filtering looks at the source address.

Stateful packet filtering looks at the packets in relation to other packets

What is a law passed by a legislative branch of government called? - Statutory law - Administrative law - Common law - Blue law

Statutory law

Creating a graphical representation of the required elements for an attack vector occurs in which step of Threat Modeling? - Step 1-Define scope - Step 4-Enumerate threats - Step 5-Classify threats - Step 8-Create threat trees

Step 8-Create threat trees

Scoring the efforts to reduce the effects of threats occurs in which step of threat modeling? - Step 2-Enumerate assets - Step 7-Score and rank threats - Step 8-Create threat trees - Step 9-Determine and score mitigation

Step 9-Determine and score mitigation

Evidence that is convincing or measures up without question is what standard of evidence? - Sufficient evidence - Competent evidence - Relevant evidence - Real evidence

Sufficient evidence

A(n) _________ is used by the change control board to track changes. - Situation process report - Software problem report - Segregated personnel responsibilities - System progress report

System progress report

A term used to refer to the process of taking control of an already existing session between a client and a server is - TCP/IP hijacking - Replay attacking - Denial-of-service attack - Password guessing

TCP/IP hijacking

Information systems testing, change management, and reliability and performance management are examples of which of the following? - Business risks - Technology risks - Market risks - Operational risks

Technology risks

In the secure development lifecycle, employing use cases to compare program responses to known inputs, and then comparing the outputs to the desired outputs should take place in which phase? - Coding phase - Design phase - Requirements phase - Testing phase

Testing phase

Which of the following is NOT a disadvantage of host-based IDS? - The IDS uses local system resources. - The IDS can have a high cost of ownership and maintenance. - The IDS must have a process on every system you want to watch. - The IDS is ineffective when traffic is encrypted.

The IDS is ineffective when traffic is encrypted.

Which of the following is the formula for single loss expectancy (SLE)? - The exposure factor added to the asset - The asset multiplied by the exposure factor - The asset divided by the annual rate of expectancy - The asset multiplied by the exposure factor and divided by the annual rate of expectancy

The asset multiplied by the exposure factor

What is the Convention on Cybercrime? - A convention of black hats who trade hacking secrets Correct Answer - The first international treaty on crimes committed via the Internet and other computer networks - A convention of white hats who trade hacker prevention knowledge - A treaty regulating international conventions

The first international treaty on crimes committed via the Internet and other computer networks

What is the first step in addressing issues with passwords? - The first step in addressing password issues is to create an effective and manageable password policy that both system administrators and users can work with. - The first step in addressing password issues is to find a systematic, alpha-numeric combination and then assign passwords, so that both system administrators and users can tell which department is using what system. - The first step in addressing password issues is to see how many passwords are required. - The first step in addressing password issues is to see how many accounts can use the same password.

The first step in addressing password issues is to create an effective and manageable password policy that both system administrators and users can work with.

How can risk best be described? - The possibility of suffering harm or loss - The chance that the organization will go bankrupt - Something that is dependent on the types of insurance the company buys - Something that is dependent on the overall asset value of the company

The possibility of suffering harm or loss

What is the formula for annual rate of expectancy? - The asset multiplied by the exposure factor - The exposure factor added to the asset - The single loss expectancy multiplied by the annual rate of occurrence - The asset divided by the annual rate of expectancy

The single loss expectancy multiplied by the annual rate of occurrence

What does the term spiral method refer to? - SQL - The software engineering process model - Proper coding of SSL - Physical security of facilities

The software engineering process model

Which of the following in a browser guarantees perfect security? - SSL/TLS - SSH - Secure java scripting - There is no guarantee of perfect security.

There is no guarantee of perfect security

Which is a 100% secure method to download applications from the Internet? - Signed applets - SSH - HTTPS - There is none.

There is none

Which of the following is NOT an advantage of network-based IDS? - It takes fewer systems to provide IDS coverage. - They can reduce false positive rates. - Development, maintenance, and upgrade costs are usually lower. - Visibility into all network traffic and can correlate attacks among multiple systems.

They can reduce false positive rates.

One of the advantages of HIDS is that - They can reduce false-positive rates - Their signatures are broader - They can examine data before it has been decrypted - They are inexpensive to maintain in the enterprise

They can reduce false-positive rates

Which of the following is true of the registry permissions area settings in security templates? - They control who should be allowed to join or be part of certain groups. - They are for services that run on the system. - They control who can access the registry and how it can be accessed. - They are settings that apply to files and folders, such as permission inheritance.

They control who can access the registry and how it can be accessed.

Which of the following is true about change control boards? - They are made up of non-administrative staff to prevent bias in decision making. - They should meet annually to revise the change control executive plan. - They should facilitate adequate change management oversight and better coordination between projects. - They are only necessary in extremely large corporations that wish to maintain standards across multinational divisions.

They should facilitate adequate change management oversight and better coordination between projects.

Using the general risk management model, natural disasters, terrorism, fraud, equipment failure, fall under which step? - Asset identification - Threat assessment - Impact determination and quantification - Residual risk management

Threat assessment

The main purpose of a honeypot is - To identify hackers so they can be tracked down by the FBI - To slow hackers down by providing an additional layer of security that they must pass before accessing the actual network - To distract hackers away from attacking an organization's live network - To help security professionals better understand and protect against threats to the system

To help security professionals better understand and protect against threats to the system

What is the primary purpose of a business impact analysis? - To address procedures for selecting user passwords - To create and maintain system backups - To identify and describe the most important functions for an organization - To outline an organization's plans to recover in the event a disaster strikes

To identify and describe the most important functions for an organization

How can the purpose of risk management best be described? - A method to improve the performance of the organizations stock portfolio - To take cost effective measures to reduce potential risk to the organization to an acceptable level - A method to inform management of the types of assets the company controls - A means of getting cheaper insurance for the organization

To take cost effective measures to reduce potential risk to the organization to an acceptable level

A type of malicious code that appears to be a safe program but that actually has a hidden purpose is called a ____________. vvirus - hoax - Trojan - worm

Trojan

Johnny received a "new version" of the game Solitaire in an e-mail. After running the program, a backdoor was installed on his computer without his knowledge. What kind of an attack is this? - Logic bomb - Hoax - Trojan - Worm

Trojan

SubSeven and Back Orifice are examples of what kinds of malicious code? - Virus - Hoax - Worm - Trojan

Trojan

A computer system is attacked for one of two reasons: it is specifically targeted by the attacker, or it is a target of opportunity. True or False

True

A configuration item is an asset that needs to be controlled or managed. True or False

True

A disaster recovery plan is critical for effective disaster recovery efforts. True or False

True

A key element in a business continuity plan is the availability of backups. True or False

True

A qualitative risk assessment relies on judgment and experience; quantitative risk assessment applies historical information and trends to attempt to predict future performance. True or False

True

A sniffer must use a NIC in promiscuous mode; otherwise it will not see all the network traffic coming into the NIC. True or False

True

ALE = SLE * ARO True or False

True

Administrator, root, and superuser are accounts that have the power to do anything that can be done on a system. True or False

True

An attacker will do reconnaissance by going to public sites like SEC.gov and whois.net to get important information that can be used in an attack. True or False

True

Attacks on computer systems can be grouped into two broad categories: attacks on specific software, and attacks on a specific protocol or service. True or False

True

CVE provides security personnel with a common language to use when discussing vulnerabilities. True or False

True

Carnivore is an eavesdropping program for the Internet. True or False

True

Categorizing business functions is useful in determining which functions will be restored first in the event of a disaster. True or False

True

Change control prevents inadvertent overwriting of critical reference data. True or False

True

Computer trespass is treated as a crime in many countries. True or False

True

Configuration status accounting consists of the procedures for tracking and maintaining data relative to each configuration item in the baseline. True or False

True

Content-based signatures detect character patterns and TCP flag settings. True or False

True

E-mail traffic is sent in plaintext by default and can be read easily by anyone who intercepts it. True or False

True

Errors found after development is complete are expensive. True or False

True

Fuzzing is a powerful tool used in testing code. True or False

True

Generally speaking, you should back up the computer using DOS instead of Windows. True or False

True

HTTPS uses TCP port 443. True or False

True

Hardening applications is similar to hardening operating systems, in that you remove functions that are not needed, restrict access where you can, and make sure the application is up to date with patches. True or False

True

Hoax e-mails can have a real impact on bandwidth and productivity due to the distraction that can be caused by them. True or False

True

Hotfixes are usually smaller than patches, and patches are usually smaller than service packs. True or False

True

Inlining is using an embedded control from another site, with or without the other site's permission True or False

True

Mandatory access control is the process of controlling access to information based on the sensitivity of that information, as well as whether or not the user is operating at the appropriate sensitivity level and has the authority to access that information. True or False

True

Network and system administrators use change management to ensure configurations consistently meet security standards. True or False

True

Only active intrusion detection systems (IDS) can aggressively respond to suspicious activity, whereas passive IDS cannot. True or False

True

Permissions under Linux are the same as for other UNIX-based operating systems. True or False

True

Rights tend to be actions that deal with accessing the system itself, process control, and logging. True or False

True

S/MIME is a secure implementation of the MIME protocol. True or False

True

The CAN-SPAM Act allows unsolicited e-mail as long as there is an unsubscribe link; the content must not be deceptive and not harvest emails. True or False

True

The DMCA protects the rights of recording artists and the music industry. True or False

True

The NIDS signature database is usually much larger than that of a host-based system. True or False

True

The Patriot Act permits the Justice Department to proceed with its rollout of the Carnivore program, an eavesdropping program for the Internet. True or False

True

The goal of the AUP is to ensure employee productivity, while limiting organizational liability due to inappropriate use of the organization's assets. True or False

True

The sale of some types of encryption overseas is illegal. True or False

True

The space that is left over in a cluster is called slack space. True or False

True

Two laws that provide wide-sweeping tools for law enforcement to convict people who hack into computers—or use them to steal information—are the ECPA and the CFAA. True or False

True

User account passwords can be set up to automatically expire. True or False

True

Viruses started as simple self-replicating program that spread via the transfer of floppy disks. True or False

True

When hardening Mac OS X, the same guidelines for all UNIX systems apply. True or False

True

When the function of code is changed in an unintended way, it is an example of code injection. True or False

True

Windows operating systems use the concept of permissions AND rights to control access to files, folders, and information resources. True or False

True

What is used to compare program responses to known inputs and comparison of the output to desired output? - Use cases - Waterfall models - Requirements testing - Good practices

Use cases

Securing e-mail is something that must be done by - Networking administrators - Security administrators - Outlook express - Users

Users

All of the following techniques help to secure IM communications EXCEPT which of the following? - Running a corporate IM server - Using a different user name - Avoiding file transfers - Using encryption

Using a different user name

What is the term used to describe a hacker's attempt to discover unprotected modem connections to computer systems and networks called? - Software exploitation - Indirect attack - War-dialing - Spoofing

War-dialing

The activity where hackers wander throughout an area with a computer with wireless capability, searching for wireless networks they can access is referred to as which of the following? - War-driving - War-dialing - Indirect attack - Brute force attack

War-driving

Which alternative site is partially configured, usually having the peripherals and software, but not the more expensive main processing computer? - Hot site - Warm site - Cold site - Temporary site

Warm site

PGP uses _______________ encryption. - symmetric - asymmetric - shared key - elliptical

asymmetric

The two main places to filter spam are ________________. - at the host itself and the server - the firewall and the LAN - the proxy server and the LAN - the host and the firewall

at the host itself and the server

In a ______________, a password cracking program attempts all possible password combinations. - brute-force attack - dictionary attack - man-in-the-middle attack - replay attack

brute-force attack

Linux and other operating systems use the _______ command to change the read-write-execute properties of a file or directory. - tracert - ifconfig - chmod - chkconfig

chmod

Which UNIX command would you use to change permissions associated with a file or directory? - chmod - chown - chgrp - chng

chmod

The Kurt Vonnegut commencement speech, the Neiman-Marcus Chocolate Chip Cookie Recipe, and the get-well e-mails to the dying boy are examples of __________. - social engineering - hoax e-mails - e-mail viruses - worms

hoax e-mails

Which of the following URL segments signifies that it is secure for transmission over the Internet? - wwws - https - shtml - aspx

https

A(n) ___________ finds weaknesses in the mechanisms surrounding the cryptography. - viral attack - worm attack - indirect attack - password attack

indirect attack

A worm is a type of virus that ____________. - is scripted to send itself to other systems - is designed to crawl in under a firewall - buries itself between the kernel and the application layer of the operating system - is passed through e-mails with a subject heading that has the word "worm" in it

is scripted to send itself to other systems

One of the steps that the majority of system administrators running Internet e-mail servers have taken to reduce spam is to shut down ________. - spam filters - mail relaying - e-mail attachments - Outlook Express

mail relaying

The term ___________ refers to software that has been designed for some nefarious purpose. - virus - worm - Trojan horse - malware

malware

A _____________ is a software or hardware device that is used to observe traffic as it passes through a network on shared broadcast media. - logic bomb - network sniffer - backdoor - trapdoor

network sniffer

One of the ways spam is able to propagate is by taking advantage of servers that will accept e-mail from anyone; these are known as ___________. - open servers - server relays - open relays - relay servers

open relays

Which UNIX command can be used to show the patches that are installed for a specific software package? - pkglist - pkgparam - pkgqury - pkgdump

pkgparam

An attack where the attacker captures a portion of a communication between two parties and retransmits it at another time is called a(n) ___________ attack. - smurf - denial-of-service - viral - replay

replay

The term forensics relates to the application of ____________ knowledge to ___________ problems. - legal; computer - complete; software - scientific; legal - familiar; unfamilia

scientific; legal

Most modern UNIX versions store the passwords associated with a user account in a - BitLocker - shadow file - passwd file - Registry

shadow file

In a ___________ attack, the attacker sends a spoofed packet to the broadcast address for a network, which distributes the packet to all systems on that network. - smurf - denial-of-service - viral - worm

smurf

Unsolicited commercial e-mail is known as __________. - hoax e-mail - worm - spam - spork

spam

One of the largest security problems with IM programs is ___________. - their inability to share files - the lack of support for encryption - the lack of support for video - the lack of support for hiding online presence

the lack of support for encryption

Malicious code that is scripted to send itself to other users is known as a ________. - virus - worm - Trojan - logic bomb

worm


Set pelajaran terkait

A Whole Bunch of Sentence Patterns

View Set

Chapter 18 EAQ: Eating & Feeding Disorders

View Set

MKTG - Chapter 14 Practice Questions

View Set

Concepts of Programming Languages - Chapter 5 (Names, Bindings, and Scopes) Part 2

View Set

Health Assessment Ch.27 Children and Adolescents PrepU

View Set