COSC 316 Exam One

Ace your homework & exams now with Quizwiz!

buffer overrun

A ______________ is an application error that occurs when more data is sent to a program buffer than it is designed to handle.

man-in-the-middle

Another name for TCP hijacking is _________.

False, Department of Homeland Security

True or False: The National Security Agency (NSA) is responsible for the security of all national critical infrastructure.

waterfall model

A formal approach to solving a problem based on a structured sequence of procedures is called a _________.

integer bug

An ___________ can result when a programmer does not validate the inputs to a calculation to verify that the integers are of the expected size.

Possession

Ownership or control of information is called the characteristic of ___________.

DMCA (Digital Millennium Copyright Act)

The American contribution to an effort to improve copyright protection internationally is called the ______________.

SDLC methodology

The ____________ illustrates that each phase of the SDLC begins with the resuts and information gained from the previous phase.

Confidentiality

The characteristic of information that deals with preventing disclosure is __________.

copyright

The generally recognized term for the government protection afforded to intellectual property (written and electronic) is ____________.

FOIA (Freedom of Information Act of 1966)

The law that provides any person with the right to request access to federal agency records is the ___________.

HIPAA

The law that regulates the role of the health-care industry in protecting the privacy of individuals is the ____________.

True

True of False: The Domain Name Server (DNS) is a function of the World Wide Web that converts a URL (Uniform Resource Locator) like www.course.com into the IP address of the Web server host.

True

True or False : The cornerstone of many current federal computer-related criminal laws is the Computer Fraud and Abuse Act of 1986.

True

True or False: A computer worm consists of segments of code that perform malicious actions.

True

True or False: Cyberterrorism has thus far been largely limited to acts such as the defacement of NATO Web pages during the war in Kosovo.

False, SSL (Secure Socket Layer)

True or False: HTTP is a protocol programmers use to transfer sensitive data, such as credit card numbers and other personal information, between a client and a server.

True

True or False: If information has a state of being genuine or original and is not a fabrication, it has the characteristic of authenticity.

True

True or False: Information security programs that begin at a grassroots level by system administrators to improve security are often called a bottom-up approach.

False, Physical Security

True or False: Network security address the issues needed to protect items, objects, or areas.

False, NSA

True or False: The Federal Bureau of Investigation (FBI) is the federal agency responsible for signal intelligence and information system security of classified systems.

True

True or False: Warnings of attacks that are not valid are usually called hoaxes.

False, brute force attack

True or False: When a program tries to reverse-calculate passwords, this is known as a brute force spoof.

Back door

Using a known or previously installed access mechanism is called using a __________.

Criminal law

What is a type of law that addresses violations harmful to society and that is enforced by prosecution by the state?

Civil law

What is a type of law that represents all of the laws that apply to a citizen (or subject) of a jurisdiction?

Dictionary attack

When a program tries using all commonly used passwords, this is known as a _______________.

Top-down

When projects are initiated at the highest levels of an organization and then pushed to all levels, they are said to follow a ____________ approach.

Stage 6

Which SecSDLC phase keeps the security systems in a high state of readiness?

Communication Security

_______ addresses the protection of all communications media, technology, and content.

Script-Kiddies

_______ are hackers of limited skill who use expertly written software to attack a system.

Ethics

________ define socially acceptable behaviors.

Public law

_________ is a type of law that regulates the structure and administration of government agencies.

Network Security

__________ encompasses the protection of voice and data networking components, connections, and content.

Cyberterrorists

__________ hack systems to conduct terrorist activities via network or Internet pathways.

Civil law

__________ is a type of law that regulates the relationship between an individual and an organization.

International Information Systems Security Certification Consortium

___________ is a nonprofit organization that focuses on the development and implementation of information security certifications.

Pharming

____________ is the "redirection of legitimate Web traffic to an illegitimate site for the purpose of obtaining private information".

SQL injection

____________ occurs when developers fail to properly validate user input before using it to query a relational database.

Aggregate information

_____________ is created by combining pieces of nonprivate data—often collected during software updates, and via cookies—that when combined may violate privacy.

ACM (Association of Computing Machinery)

______________ is a respected professional society founded in 1947 as "the world's first educational and scientific computing society."

Information extortion

______________ occurs when an attacker or trusted insider steals information from a computer system and demands compensation for its return or for an agreement not to disclose it.


Related study sets

*Med-surge Ch 37 BISHOP (Nursing 3 exam 1)

View Set

FINC 302 Chapter 3 Homework and Quiz

View Set

APUSH Finals Period 5 Study Guide

View Set

Judicial Branch and Executive Branch

View Set