Business Networks Chapter 3

Ace your homework & exams now with Quizwiz!

15) Methods that hackers use to break into computers are ________. A) cracks B) magics C) exploits D) compromises

C

18) In distributed DoS attacks, the attacker sends messages directly to ________. A) bots B) the intended victim of the DoS attack C) a command and control server D) DOS servers

C

29) A user picks the password "tiger." This is likely to be cracked quickly by a(n) ________. A) attack on an application running as root B) brute-force attack C) dictionary attack D) reverse engineering attack

C

40) When a packet that is part of an ongoing connection arrives at a stateful inspection firewall, the firewall usually ________. A) drops the packet B) drops the packet and notifies an administrator C) passes the packet D) passes the packet, but notifies an administrator

C

43) ________ is the dominant firewall filtering method used on main border firewalls today. A) ACL filtering B) Application content filtering C) Stateful packet inspection D) none of the above

C

47) Which type of firewall filtering collects streams of packets to analyze them as a group? A) static packet filtering B) stateful packet inspection C) next-generation D) none of the above

C

48) Which type of firewall filtering looks at application-layer content? A) static packet filtering B) stateful packet inspection C) NGFW D) all of the above

C

49) NGFWs ________. A) can implement different rules for different applications B) can detect threats that span multiple packets C) both A and B D) neither A nor B

C

1) The general name for evil software is ________. A) virus B) worm C) exploit D) malware

D

12) Pieces of code that are executed after the virus or worm has spread are called ________. A) vulnerabilities B) exploits C) compromises D) payloads

D

2) The general name for a security flaw in a program is a ________. A) virus B) malware C) security fault D) vulnerability

D

21) A specific encryption method is called a ________. A) code B) schema C) key method D) cipher

D

24) In symmetric key encryption, a key must be ________ bits long, or longer, to be considered strong. (Choose the choice closest to the correct answer.) A) 36 B) 56 C) 64 D) 128

D

28) Passwords are widely used because they ________. A) are demanded by users B) offer strong authentication C) are the only authentication techniques known by most security professionals D) are inexpensive to use

D

30) Prepare2 can be cracked most quickly by a(n) ________. A) authentication attack B) brute-force attack C) dictionary attack D) hybrid dictionary attack

D

4) Vulnerability-based attacks that occur before a patch is available are called ________ attacks. A) preinstallation B) stealth C) malware D) zero-day

D

16) DoS attacks attempt to ________. A) hack a computer B) reduce the availability of a computer C) steal information from a computer D) delete files on a computer

B

19) Which of the following can be upgraded after it is installed on a victim computer? (Choose the most specific answer.) A) Trojan horses B) bots C) viruses D) worms

B

22) Using encryption, you make it impossible for attackers to read your messages even if they intercept them. This is ________. A) authentication B) confidentiality C) both A and B D) neither A nor B

B

25) The messages of VPNs ________. A) share the same transmission lines B) are encrypted C) both A and B D) neither A nor B

B

29) Advanced persistent threats are ________. A) inexpensive for the attacker B) extremely dangerous for the victim C) both A and B D) neither A nor B

B

34) Iris scanning is attractive because of its ________. A) low cost B) precision C) both A and B D) neither A nor B

B

37) Firewall log files should be read ________. A) every month B) every day C) every week D) usually only when a serious attack is suspected

B

38) Egress filtering examines packets ________. A) arriving from the outside B) leaving to the outside C) both A and B D) neither A nor B

B

44) How will a stateful packet inspection (SPI) firewall handle a packet containing a TCP segment which is an acknowledgement? A) process it through the Access Control List (ACL) B) pass it if it is part of an approved connection C) both A and B D) neither A nor B

B

46) How will a stateful packet inspection (SPI) firewall handle a packet containing a TCP FIN segment? A) process it through the Access Control List (ACL) B) pass it if it is part of an approved connection C) both A and B D) neither A nor B

B

5) ________ are full programs. A) Viruses B) Worms C) both A and B D) neither A nor B

B

6) Which of the following sometimes uses direct propagation between computers? A) viruses B) worms C) Trojan horses D) downloaders

B

7) Mobile code is another name for ________. A) virus B) worm C) both A and B D) neither A nor B

D

8) Malware programs that masquerade as system files are called ________. A) viruses B) scripts C) payloads D) Trojan horses

D

9) Trojan horses can spread by ________. A) e-mailing themselves to victim computers B) directly propagating to victim computers C) both A and B D) neither A nor B

D

33) Which of the following is a form of biometrics? A) reusable passwords B) digital certificate authentication C) facial recognition D) all of the above

C

50) If a packet is highly suspicious but not a provable attack packet, a(n) ________ may drop it. A) SPI firewall B) IDS C) IPS D) all of the above

C

51) In a firewall, VPN traversal ________. A) increases the effectiveness of firewall filtering B) reduces firewall filtering effectiveness C) both A and B D) neither A nor B

B

35) The digital certificate provides the ________. A) private key of the supplicant B) private key of the true party C) public key of the supplicant D) none of the above

D

42) Stateful firewalls are attractive because of their ________. A) high filtering sophistication B) ability to filter complex application content C) QoS guarantees D) low cost

D

10) Small malware programs that download larger malware programs are called ________. A) downloaders B) scouts C) foothold programs D) stage-one programs

A

11) Unsolicited commercial e-mail is better known as ________. A) spam B) adware C) social engineering D) identity theft

A

13) Tricking users into doing something against their security interests is ________. A) social engineering B) hacking C) both A and B D) neither A nor B

A

14) An attack in which an authentic-looking e-mail or website entices a user to enter his or her username, password, or other sensitive information is called ________. (Select the most specific answer.) A) phishing B) identity theft C) social engineering D) a spyware attack

A

17) Attack programs that can be remotely controlled by an attacker are ________. A) bots B) DoS programs C) exploits D) sock puppets

A

23) In two-way dialogues using symmetric key encryption, how many keys are used for encryption and decryption? A) 1 B) 2 C) 4 D) none of the above

A

26) SSL/TLS is used for ________. A) Web applications B) any application C) both A and B D) neither A nor B

A

27) Using SSL/TLS for Web applications is attractive because SSL/TLS ________. A) is essentially free to use B) offers the strongest possible cryptographic protections C) both A and B D) neither A nor B

A

36) A firewall will drop a packet if it ________. A) is a definite attack packet B) is a probable attack packet C) both A and B D) neither A nor B

A

39) ACLs are used for packets in the ________ state. A) connection-opening B) ongoing communication C) both A and B D) neither A nor B

A

41) When a packet that is not part of an ongoing connection and that does not attempt to open a connection arrives at a stateful inspection firewall, the firewall ________. (Read this question carefully.) A) drops the packet B) passes the packet C) opens a new connection D) does not approve the connection

A

45) How will a stateful packet inspection (SPI) firewall handle a packet containing a TCP SYN segment? A) process it through the Access Control List (ACL) B) pass it if it is part of an approved connection C) both A and B D) neither A nor B

A

3) A ________ is a flaw in a program that permits a specific attack or set of attacks against this problem. A) malware B) security error C) vulnerability D) security fault

C

31) The password "NeVEr" can be defeated by a ________. A) dictionary attack B) hybrid dictionary attack C) brute-force attack D) none of the above

C

32) The password "R7%t&" can be defeated by a ________. A) dictionary attack B) hybrid mode dictionary attack C) brute-force attack D) All of the above could defeat the password equally quickly.

C


Related study sets

Lecture 10 (Vertebral column, ribs, sternum)

View Set

9.9 - State Securities Registration Procedures

View Set

chapter 14 textbook important things

View Set

California Hunter Safety - Unit 5 Quiz, California Hunter Safety - Unit 8 Quiz, California Hunter Safety - Unit 3 Quiz, California Hunter Safety - Unit 3 Quiz, California Hunter Safety - Unit 2 Quiz, Hunter Ed course, Hunters Course, Hunters Educatio...

View Set