Security + Prax questions

According to the 2007 FBI Computer Crime and Security Survey, the loss due to the theft of confidential data for 494 respondents was approximately ____. a. $1 million b. $10 million c. $50 million d. $100 million

$10 million

What is the maximum fine for those who wrongfully disclose individually identifiable health information with the intent to sell it? ) $100,000 B) $250,000 C) $500,000 D) $1,000,000

$250,000

A security ____ focuses on the administration and management of plans, policies, and people. A) manager B) engineer C) auditor D) inspector

manager

In order to avoid detection some viruses can alter how they appear. These are known as ____ viruses. A) macro B) metamorphic C) boot D) companion

metamorphic

Known as ____, this practice requires that if the fraudulent application of a process could potentially result in a breach of security, then the process should be divided between two or more individuals. a. separation of duties b. job rotation c. least privilege d. implicit deny

separation of duties

Creating and managing multiple server operating systems is known as ____ virtualization. A) operating system B) host C) guest D) server

server

A ____ is a cumulative package of all security updates plus additional features. A) service patch B) hotfix C) service pack D) security patch

service pack

With wireless CSMA/CA, the amount of time that a device must wait after the medium is clear is called the ____. a. collision time b. slot time c. clear time d. tx time

slot time

What is another name for unsolicited e-mail messages? A) spam B) spawn C) trash D) scam

spam

According to the research group Postini, over ____ of daily email messages are unsolicited and could be carrying a malicious payload. a. one-third b. two-thirds c. three-fourths d. four-fifths

two-thirds

A computer ____ is a program that secretly attaches itself to a legitimate "carrier," such as a document or program, and then executes when that document is opened or program is launched. A) virus B) worm C) adware D) spyware

virus

Known as ____, this in effect takes a snapshot of the security of the organization as it now stands. a. risk identification b. risk mitigation c. threat identification d. vulnerability appraisal

vulnerability appraisal

____ is the presentation of credentials or identification, typically performed when logging on to a system. a. Authentication b. Identification c. Authorization d. Access

Identification

A study by Foote Partners showed that security certifications earn employees ____ percent more pay than their uncertified counterparts. a.10 to 14 b. 12 to 15 c. 13 to 14 d. 14 to 16

10 to 14

COPPA requires operators of online services or Web sites designed for children under the age of _____ to obtain parental consent prior to the collection, use, disclosure, or display of a child's personal information. A) 8 B) 10 C) 13 D) 16

13

In the early 1980s, the IEEE began work on developing computer network architecture standards. This work was called Project ____, and it quickly expanded into several different categories of network technology. a. 100 b. 302 c. 513 d. 802

802

_____ ensures that only authorized parties can view information. A) Security B) Availability C) Integrity D) Confidentiality

Confidentiality

The goal of ____ is to make it harder to predict where the operating system functionality resides in memory. A) DEP B) ASLR C) NX D) ASNX

ASLR

____ involves using someone's personal information, such as social security numbers, to establish bank or credit card accounts that are then left unpaid, leaving the victim with the debts and ruining their credit rating. A) Cyberterrorism B) Identity theft C) Phishing D) Scam

Identity theft

____, also called add-ons, represent a specific way of implementing ActiveX and are sometimes called ActiveX applications. A) Applets B) ActiveX controls C) Scripts D) Beans

ActiveX controls

____ is a software program that delivers advertising content in a manner that is unexpected and unwanted by the user. A) Adware B) Keylogger C) Spam D) Trojan

Adware

____ is the verification of the credentials to ensure that they are genuine and not fabricated. a. Authentication b. Identification c. Authorization d. Access

Authentication

____ is granting permission for admittance. a. Authentication b. Identification c. Authorization d. Access

Authorization

____ is the unauthorized access of information from a wireless device through a Bluetooth connection. a. Blue jacking b. Bluesnarfing c. Blue poisoning d. Blue spoofing

Bluesnarfing

____ is the name given to a wireless technology that uses short-range RF transmissions. a. Bluetooth b. Piconet c. Scatternet d. Wi-fi

Bluetooth

____ are portable communication devices that function in a manner that is unlike wired telephones. A) USB devices B) NAS devices C) Cell phones D) SAN

Cell phones

____ typically involves using client-side scripts written in JavaScript that are designed to extract information from the victim and then pass the information to the attacker. a. Spam b. SQL injection c. Cross-site scripting (XSS) d. SQL scripting

Cross-site scripting (XSS)

____ are a loose-knit network of attackers, identity thieves, and financial fraudsters. A) Cybercriminals B) Cyberterrorists C) Computer spies D) Hackers

Cybercriminals

____ is a Windows Vista and Windows XP Service Pack 2 (SP2) feature that prevents attackers from using buffer overflow to execute malware. A) DEP B) NX C) ASLR D) ASDEP

DEP

Flash memory is a type of ____, nonvolatile computer memory that can be electrically erased and rewritten repeatedly. A) EROM B) ROM C) EEPROM D) RAM

EEPROM

____ logs can be used to determine whether new IP addresses are attempting to probe the network and if stronger firewall rules are necessary to block them. a. Proxy servers b. Firewall c. Authentication servers d. DNS

Firewall

____ is an image spam that is divided into multiple images. A) Word splitting B) Geometric variance C) Layer variance D) GIF layering

GIF layering

____ uses "speckling" and different colors so that no two spam e-mails appear to be the same. A) GIF layering B) Geometric variance C) Word splitting D) Layer variance

Geometric variance

Under the _____ , healthcare enterprises must guard protected health information and implement policies and procedures to safeguard it, whether it be in paper or electronic format. A) HIPAA B) HLPDA C) HCPA D) USHIPA

HIPAA

____ is a process of ensuring that any inputs are "clean" and will not corrupt the system. a. Cross-site scripting b. SQL injection c. Script injection d. Input validation

Input validation

_____ ensures that information is correct and that no unauthorized person or malicious software has altered that data. A) Availability B) Confidentiality C) Integrity D) Identity

Integrity

The ____, sometimes called X.500 Lite, is a simpler subset of DAP. a. Kerberos b. RADIUS c. TACACS+ d. LDAP

LDAP

____ technology enables a virtual machine to be moved to a different physical computer with no impact to the users. A) Live migration B) Load balancing C) Operating system virtualization D) Server virtualization

Live migration

____ is the process for generating, transmitting, storing, analyzing, and disposing of computer security log data. a. Log management b. Log auditing c. Event management d. Event auditing

Log management

The single most expensive malicious attack was the 2000 ____, which cost an estimated $8.7 billion. A) Nimda B) Slammer C) Love Bug D) Code Red

Love Bug

The ____ is the link between the cellular network and the wired telephone world and controls all transmitters and base stations in the cellular network. A) SAN B) NAS C) RF cell D) MTSO

MTSO

A ____ is a single, dedicated hard disk-based file storage device that provides centralized and consolidated disk storage available to LAN users through a standard network connection. A) NAS B) NSA C) NSF D) NFS

NAS

____ works to protect the entire network and all devices that are connected to it. a. HIPS b. HIDS c. Reverse proxy d. NIPS

NIPS

____ is a decentralized open source FIM that does not require specific software to be installed on the desktop. a. OpenID b. Windows CardSpace c. NET Passport d. Windows Live ID

OpenID

____ is a very basic authentication protocol that was used to authenticate a user to a remote access server or to an Internet service provider (ISP). a. MS-CHAP b. EAP-MD5 c. EAP-TLS d. PAP

PAP

Regarding e-mail, ____ is responsible for incoming mail. A) SMTP B) IMAP C) POP3 D) SNMP

POP3

Today's computer systems have a(n) ____ chip in which the contents can be rewritten to provide new functionality. A) ROM B) RAM C) EROM D) PROM

PROM

____ IP addresses are not assigned to any specific user or organization; instead, they can be used by any user on the private internal network. a. Public b. Virtual c. DMZ d. Private

Private

____ can fully decode application-layer network protocols. Once these protocols are decoded, the different parts of the protocol can be analyzed for any suspicious behavior. a. Proxy servers b. Protocol analyzers c. Firewalls d. HIDS

Protocol analyzers

____ refers to any combination of hardware and software that enables access to remote users to a local internal network. a. LDAP b. EAP c. RAS d. VPN

RAS

The Windows file and folder ____ permission allows files or folders to be opened as read-only and to be copied. a. Write b. Read and Execute c. Modify d. Read

Read

____ honeypots are complex to deploy and capture extensive information. These are used primarily by research, military, and government organizations. a. Research b. Production c. Clustered d. Virtual

Research

____ generally denotes a potential negative impact to an asset. a. Risk b. Threat c. Weakness d. Vulnerability

Risk

____ hinges on an attacker being able to enter an SQL database query into a dynamic Web page. A) XSS B) SQL injection C) Script injection D) Sandboxing

SQL injection

The ____ model can dynamically assign roles to subjects based on a set of rules defined by a custodian. a. Discretionary Access Control (DAC) b. Role Based Access Control (RBAC) c. Rule Based Access Control (RBAC) d. Mandatory Access Control (MAC)

Rule Based Access Control (RBAC)

Regarding e-mail, ____ handles outgoing mail. A) SMTP B) POP3 C) IMAP D) SNMP

SMTP

If SMTP relay is not controlled, an attacker can use it to forward thousands of spam e-mail messages. An uncontrolled SMTP relay is known as a(n) ____. A) IMAP open relay B) SMTP open relay C) open POP D) open IMAP

SMTP open relay

SMTP servers can forward e-mail sent from an e-mail client to a remote domain. This is known as ____. A) SMTP relay B) IMAP C) Spam D) Spam relay

SMTP relay

____ is a language used to view and manipulate data that is stored in a relational database. A) CSS B) XSS C) SQL D) DEP

SQL

The ____ is the expected monetary loss every time a risk occurs. a. Single Loss Expectancy (SLE) b. Exposure Factor (EF) c. Asset Value (AV) d. Annualized Loss Expectancy (ALE)

Single Loss Expectancy (SLE)

____ packet filtering keeps a record of the state of a connection between an internal computer and an external server and then makes decisions based on the connection as well as the rule base. a. Stateless b. Stateful c. Classful d. Classless

Stateful

____ is an industry standard protocol specification that forwards username and password information to a centralized server. a. TACACS+ b. LDAP c. RADIUS d. Kerberos

TACACS+

____ are active Internet connections that download a specific file that is available through a tracker. a. Torrents b. Applets c. ActiveX controls d. Scripts

Torrents

A ____ is a program advertised as performing one activity but actually does something else. a. script b. virus c. Trojan d. worm

Trojan

The _____ Act is designed to broaden the surveillance of law enforcement agencies so they can detect and suppress terrorism. a. Gramm-Leach-Bliley b. Sarbanes-Oxley c. California Database Security Breach d. USA Patriot

USA Patriot

____ is a means of managing and presenting computer resources by function without regard to their physical layout or location. A) Expansion B) Virtualization C) Load balancing D) Distribution

Virtualization

____ was designed to ensure that only authorized parties can view transmitted wireless information. a. WECA b. MAC c. WEP d. 802.11g

WEP

In order to address growing wireless security concerns, in October 2003 the Wi-Fi Alliance introduced ____. a. RC5 b. WEP2 c. AES d. WPA

WPA

____ involves horizontally separating words, although it is still readable by the human eye. A) Word splitting B) GIF layering C) Geometric variance D) Layer variance

Word splitting

The Windows file and folder ____ permission allows the creation of files and folders, and allows data to be added to or removed from files. a. Modify b. Read and Execute c. Write d. Read

Write

The International Organization for Standardization (ISO) created a standard for directory services known as ____. a. X.400i b. X.459 c. X.500 d. X.589

X.500

In information security, a loss can be _____. A) Security B) Availability C) Integrity D) Confidentiality

all of the above

A ____ virus infects the Master Boot Record of a hard disk drive. A) file infector B) companion C) resident D) boot

boot

In information security, a threat agent can be defined as _____. A) a force of nature such as a tornado that could destroy computer equipment. B) a virus that attacks a computer network. C) an unsecured computer network. D) both a and b.

both a and b

The ____ are the operating system settings that impose how the policy will be enforced. A) security policies B) group policies C) security templates D) configuration baselines

configuration baselines

Instead of the Web server asking the user for the same information each time she visits that site, the server can store that user-specific information in a file on the user's local computer and then retrieve it later. This file is called a(n) ____. A) cookie B) bug C) ActiveX control D) script

cookie

Targeted attacks against financial networks, unauthorized access to information, and the theft of personal information is sometimes known as ____. A) spam B) phishing C) cybercrime D) cyberterrorism

cybercrime

Business ____ theft involves stealing proprietary business information such as research for a new drug or a list of customers that competitors are eager to acquire. A) identity B) data C) plan D) record

data

The most common type of antenna for war driving is an omnidirectional antenna, also known as a ____ antenna. a. bipole b. dipole c. GPS d. tagging

dipole

In a ____ attack, attackers can use hundreds or thousands of computers in an attack against a single computer or network. A) centered B) local C) remote D) distributed

distributed

A(n) ____ is the end of the tunnel between VPN devices. a. concentrator b. demux c. VPN server d. endpoint

endpoint

In a company of 500 employees, it is estimated that _____ employees would be required to combat a virus attack. A) two B) five C) seven D) ten

five

With operating system virtualization, a virtual machine is simulated as a self-contained software environment by the ____ system (the native operating system to the hardware). A) guest B) host C) root D) server

host

The plaintext to be transmitted has a cyclic redundancy check (CRC) value calculated, which is a checksum based on the contents of the text. WEP calls this the ____ and appends it to the end of the text. a. integrity check value (ICV) b. keystream c. initialization vector (IV) d. pre-pended IV

integrity check value (ICV)

The principle of ____ in access control means that each user should be given only the minimal amount of privileges necessary to perform his or her job function. a. job rotation b. implicit deny c. separation of duties d. least privilege

least privilege

Live migration can be used for ____; if the demand for a service or application increases, then network managers can quickly move this high-demand virtual machine to another physical server with more RAM or CPU resources.

load balancing

A ____ is a computer program or a part of a program that lies dormant until it is triggered by a specific logical event. A) Trojan B) logic bomb C) macro virus D) metamorphic virus

logic bomb

Regarding access control, a(n) ____ is a specific resource, such as a file or a hardware device. a. object b. subject c. operation d. asset

object

One type of virtualization in which an entire operating system environment is simulated is known as ____ virtualization. a. NOS b. guest c. operating system d. host

operating system

TCP/IP uses a numeric value as an identifier to applications and services on the systems. This is known as the ____. a. process b. socket c. port number d. protocol

port number

Most communication in TCP/IP involves the exchange of information between a program running on one device (known as a ____) and the same or a corresponding process running on another device. a. port b. socket c. scanner d. process

process

A ____ virus can interrupt almost any function executed by the computer operating system and alter it for its own malicious purposes. A) companion B) file infector C) resident D) boot

resident

In a ____, the risk is spread over all of the members of the pool. a. retained risk b. risk retention pool c. joined risk d. cooperative risk

risk retention pool

A(n) ____ is a computer programming language that is typically interpreted into a language the computer can understand. A) ActiveX control B) cookie C) shell D) scripting language

scripting language

ILM strategies are typically recorded in ____ policies. a. user security b. storage and retention c. data confidentiality d. group

storage and retention

____, networks can essentially be divided into three parts: network, subnet, and host. a. classful addressing b. subnetting c. stateful addressing d. stateless addressing

subnetting

A ____ monitor is typically a low-level system program that uses a notification engine designed to monitor and track down hidden activity on a desktop system, server, or even personal digital assistant (PDA) or cell phone. a. performance b. baseline c. behavior d. system

system

A ____ is an instruction that interrupts the program being executed and requests a service from the operating system. a. system call b. system command c. kernel call d. system module

system call

There are several types of OTPs. The most common type is a ____ OTP. a. time-synchronized b. challenge-based c. token-based d. biometric-based

time-synchronized

While most attacks take advantage of vulnerabilities that someone has already uncovered, a(n) ____ occurs when an attacker discovers and exploits a previously unknown flaw. A) zero day B) identity theft C) phishing D) scam

zero day