CSCI 290 Final
A screening firewall works in application layer of the OSI model?
False
An on-demand virus scanner runs in the background and is constantly checking you PC
False
The method to attract an intruder to a subsystem setup for the purpose of observing him is called intrusion deterrence?
False
netstat is a command you can use with a forensic copy of a machine to compare two files
False
www.yahoo.people.com is the website from Yahoo! people search
False
What is the term for a fake system designed to lure intruders?
Honey Pot
What should you be most careful of when looking for an encryption method to use?
How long the algorithm has been around
A discarded credit card receipt or utility bill could be starting point from which a perpetrator finds enough information to assume a victim's
Identity
You would set a ___ to prevent users from immediately changing their password several times in one day to the current password.
Minimum password age
On a server, you should create your own accounts with ____ that do not reflect their level of permission.
Names
What is the term for a firewall that is simply software installed on an existing server?
Network host based
Which of the following is most true regarding encryption methods?
Never Use them until they have been proven
In 1998, ethnic Tami Guerrillas swamped ____ embassies with 800 emails a day
Sri Lankan
The virus that infected Iranian nuclear facilities was exploiting vulnerability in SCADA systems
Stuxnet
Hackers want information about a target person, organization, and ____ to assist in compromising security
System
What are TSR programs?
Terminate and Stay resident programs that actually stay in memory after you shut them down
Which of the following is an activity that falls into a gray area and might be acceptable internet use in some organizations but not others?
Online shopping during a break
Which of the following is methods is available as an add-in for most email clients?
PGP
The first rule of computer security is to check ____
Patches
Any ____ you do not explicitly need should be shut down
Ports
What is the term for blocking an IP address that has been the source of suspicious activity
Preemptive Blocking
What type of encryption uses different keys to encrypt and decrypt the message?
Public Key
The Rule that packets not originating from inside your LAN should not be forwarded related to ___
Routers
A document that defines how an organization deals with some aspect of security is a
Security Policy
New employees should receive a copy of the company's ___ policies
Security/acceptable use
Many states have online ____ registries
Sex offender
A discarded credit card receipt may become the starting point from which an identity fraud perpetrator finds enough information to assume the victim's identity
True
A virtual private network is a way to use the internet to create a connection between a remove user and central location?
True
CNE, MCITP, CISSP, and CCNA are examples of industry certifications?
True
CNE, MCITP, and CONA are examples of industry certifications
True
Cyberterrorism is the use of computers and the internet connectivity between them to launch a terrorist attack
True
Experience is the most important factor when looking for a security professional
True
Information warfare is any attempt to manipulate information in pursuit of a military or political goal.
True
Kerberos is an authentication protocol that uses a ticket granting system that sends an encrypted ticket to the user's machine?
True
Microsoft baseline security analyzer (MBSA) checks one or more windows machines to see if they have basic security in place
True
One technique of disinformation is to pad a message with noise that the enemy will perceive as valuable information
True
Public Key encryption is fast becoming the most widely used type of encryption because there are no issues to deal with concerning distribution of key?
True
The U.S. Patriot Act specifically deals with cyberterrorism
True
There are no restrictions on information you can post on usenet
True
There should be a firewall between your network and outside world.
True
Windows Logging can be turned on and off with a tool called auditpol.exe.
True
the windows registry contains a list of USB devices that have been connected to the machine
True
Microsoft Baseline Security (MBSA) checks one or more windows machines to see if they have basic security in place?
TrueC
The joint task force representing components of all four U.S. armed services is the
U.S. Cyber Command
When an employee leaves, all ____ should be terminated
logins
using linux to backup your hard drive, if you want to create a hash, you would use the command-line command
md5sum
you can use the service Yahoo!people search by going to
people.yahoo.com
The linux log file that contains activity related to the web server is ____
/var/log/apache 2/
the linux log file that can reveal attempts to compromise the system to the presence of a virus or spyware is ____
/var/log/apport.log
What size key does a DES system use?
56 bit
A good password has at least ____ characters?
8
What method do most IDS software implementations use?
Anomaly Detection
Which binary mathematical operation can be used for a simple encryption method?
Bit shift
How do most Anti-spyware package work?
By looking for known spyware
How do most anti spyware packages work?
By looking for known spyware
Which of the following is the oldest encryption method discussed in this text?
Caesar Cipher
Chinese hackers whose stated goal is to infiltrate western computer systems are called the
China Eagle Union
_____ is the premeditated, politically motivated attack against information computer systems, computer programs, and data that results in violence against noncombatant targets by subnational groups or clandestine agents
CyberterrorismAn
A _____ involves setting up two firewalls: an outer and inner
DMZ
the background, screensaver, font size, and resolution are elements of
Desktop configuration
An ____ attack on data can include stealing or destroying data
Economic
____ is the most obvious reason for organizations to provide their users with internet access
Emergency Comms
Windows stores info on web address, search queries, and recently opened files in a file called ____
index.dat
Using Linux to wipe the target drive, the command-line command would be___
dd
In windows the log that contains events collected from remote computers is the _____ log
forwarded events
there have been cases of mistaken identity ___ lists
sex offender
frequently the first responder to a computer crime is ___
the network administrator
If you determine a virus has struck a system, the first step is to ___
unplug the machines from the network
_____ is a global group of bulletin exist on any subject you can imagine
usenet
A website that may help locate federal prison records is ___
www.bop.gov/
