CSCI290 Blackboard Quizzes

Ace your homework & exams now with Quizwiz!

A list of virus definitions is generally in a file with a _____ extension.

.dat

The Linux log file that contains activity related to the web server is ______.

/var/log/apache2/

The Linux log file that can reveal attempts to compromise the system or the presence of a virus or spyware is ______________.

/var/log/apport.log

What size key does a DES system use?

56 bit

The conflict between the users' goal unfettered access to data and the security administrator's goal to protect that data is an issue of _____.

Access control

A password policy for a 90- or 180-day replacement schedule is called password ________.

Age

The process to make a system as secure as it can be without adding on specialized software or equipment is _______________

Hardening

The virus scanning technique that uses rules to determine if a program behaves like a virus is ________ scanning.

Heuristic

Which of the following is not one of the basic types of firewalls?

Heuristic firewall

What should you be most careful of when looking for an encryption method to use?

How long the algorithm has been around.

If you experience a denial-of-servicce attack, you can use firewall logs to determine the _______ from which the attack originated.

IP address

1. ______________ is the use of spying techniques to find out key information that is of economic value.

Industrial espionage

Use for business communications only and the disallowing of the transmission of confidential business information are recommended guidelines for _______

Instant messaging

Why is binary mathematical encryption not secure?

It does not change letter or word frequency

What is the main problem with simple substitution?

It maintains letter and word frequency

Which of the following is a disadvantage to using an application gateway firewall?

It uses a great deal of resource.

What type of encryption uses different keys to encrypt and decrepit the message?

Public key

Which of the following is a common way to establish security between a web server and a network?

Put a firewall between the web server and the network.

The rule that packets not originating from inside your LAN should not be forwarded relates to ___________.

Routers

The virus scanning technique that means you have a separate area isolated from the operating system in which a file is run, so it won't infect the system is _______.

Sandbox

What is the term for a firewall that is simply software installed on an existing server?

Screened host

A document that defines how an organization deals with some aspect of security is a(n) _______.

Security policy

Which of the following is the most common way for a virus scanner to recognize a virus?

To compare a file to know virus attributes

Which of the following is a good reason to check dependencies before shutting down a service?

To determine whether shutting down this service will affect other services

A security policy is a document that defines how an organization deals with some aspect of security.

True

A server with fake data used to attract an attacker is a honeypot.

True

A stateful packet inspection firewall examines each packet, and denies or permits access based not only on the current packet, but also on data derived from previous packets in the conversation.

True

CNE, MCITP, CISSP, and CCNA are examples of industry certifications.

True

Cyberterrorism is the use of computers and the Internet connectivity between them to launch a terrorist attack.

True

Hactivists means individuals who work for a cause using cyberterrorism.

True

Heuristic scanning uses rules to determine whether a file or program behaves like a virus.

True

Kerberos is an authentication protocol that uses a ticket granting system that sends an encrypted ticket to the user's machine.

True

L2TP uses IPsec for its encryption

True

Many states have court records online.

True

Public key encryption is fast becoming the most widely used type of encryption because there are no issues to deal with concerning distribution of keys.

True

The U.S. Patriot Act specifically deals with cyberterrorism.

True

The Windows Registry lists USB devices that have been connected to the machine.

True

The category of intrusion detection systems that looks for patterns that don't match those of normal use is called anomaly detection.

True

The chain of custody accounts for the handling of evidence and documents that handling.

True

www.yellowpages.com, www.whowhere.com, and www.LinkedIn.com are good websites to locate a person's home address or telephone number.

True

If you determine a virus has struck a system, the first step is to _________.

Unplug the machines from the network

How might you ensure that system patches are kept up to date?

Use an automated patching system.

__________ is a global group of bulletin boards that exist on any subject you can imagine.

Usenet

Passwords, Internet use, email attachments, software installation, instant messaging, and desktop configuration are areas of _____.

User policies

Passwords, Internet use, email attachments, software installation, instant messaging, and desktop configuration are areas of ______.

User policies

The ________ War was the first modern war in which there was strong and widespread domestic opposition.

Vietnam

It would be advisable to obtain __________ before running a background check on any person.

Written permission

Typically, when you update virus definitions _______.

You are updating the virus definition file on your computer.

Using Linux to backup your hard drive, if you want to create a hash, you would use the command-line command ___________.

md5sum

The Windows command to list any shared files that are currently open is ___________.

openfiles

A website that may help locate federal prison records is ________.

www.bop.gov/

A good password should contain only letters and numbers.

False

For individual computers not running firewall software, you should directly close ports.

False

In Linux the command to set up a target forensics server to receive a copy of a drive is dd.

False

Linux and Windows typically are not shipped with firewalls.

False

The MyDoom virus was directed against the Pentagon.

False

The method to attract an intruder to a subsystem setup for the purpose of observing him is called intrusion deterrence.

False

Windows has a built in firewall, but Linux does not.

False

www.yahoo.people.com is the website for Yahoo! People Search.

False

The Windows command fc lists all active sessions to the computer.

False Ñ The command net sessions lists any active sessions connected to the computer you run it on.

Mistaking a legitimate program for a virus is a

False positive

For individual computers not running firewall software, you should directly close ports.

False. Shut down the systems using that port..

A _________ is a barrier between your network and the outside world.

Firewall

You may use Linux to make a ______________ of the hard drive.

Forensically valid copy

In Windows the log that contains events collected from remote computers is the ____________ log.

Forwarded events

The first rule of computer security is to check ___________.

Patches

Although the Cyberterrorism Preparedness Act of 2002 was not passed, many of its goals were addressed by the ___________.

Patriot Act

Any _________ you do not explicitly need should be shut down.

Ports

What are the six Ps of security?

Ports, patch, protect, probe, policies, physical

What is the term for blocking an IP address that haws been the source of suspicious activity?

Preemptive blocking

What is PGP?

Pretty Good Privacy, a public key encryption method

A propaganda agent can manage multiple online personalities, posting to many different _____________.

Bulletin boards and discussion groups

Hackers want information about a target person, organization, and _______ to assist in compromising security.

Clothing size system

Most companies perform the same _________ background check of network administrators as they do of any other person.

Cursory

___________ is the premeditated, politically motivated attack against information computer systems, computer programs, and data that results in violence against noncombatant targets by subnational groups or clandestine agents.

Cyberterrorism

A _________ involves setting up two firewalls: an outer and an inner firewall.

DMZ (Demilitarized Zone)

Which of the following is NOT an example of industrial espionage?

Denial-of-service attack

The background, screensaver, font size, and resolution are elements of _______.

Desktop configuration

Java and ActiveX codes should be scanned before they are ________.

Downloaded to your computer

__________ is the most obvious reason for organizations to provide their users with Internet access.

Emergency Communications

In May 2007, government offices of _________ were subjected to a mass denial-of-service attack because some people opposed the government's removal of a Russian WWII memorial.

Estonia

A firewall _______ is a tool that can provide information after an incident has occurred/

Log

When an employee leaves, all _______ should be terminated.

Logins

What is one way of checking emails for virus infections?

Look for subject lines that are from known virus attacks.

On a server, you should create your own accounts with ________ that do not reflect their level of permission.

Names

For an individual machine that is not running firewall software, you do not directly close ports. You shut down the _________ using that port.

None of the above.

Probing your network for security flaws should occur once a quarter, and a complete audit of your security should be completed ________ per year.

Once

Which of the following methods is available as an add-in for most email clients?

PGP

A packet-filtering firewall is a(n) _______ firewall.

Packet Filtering.

Many states have online __________ registries.

Sex offender

There have been cases of mistaken identity with _________lists.

Sex offender

The virus that infected Iranian nuclear facilities was exploiting vulnerability in SCADA systems.

Stuxnet

Procedures for adding users, removing users, and dealing with security issues are examples of _______ policies.

System administration

Procedures for adding users, removing users, and dealing with security issues are examples of ___________ policies

System administration

What are TSR programs?

Terminate and Stay Resident programs that actually stay in memory after you shut them down.


Related study sets

NA23- Patterns & General Rules 1

View Set

Investment Company Securities KM

View Set

Insurance License: Georgia Rules and Codes Pertinent to Life and Accident & Sickness Insurance Only

View Set

Advanced Formatting (Excel 2016)

View Set

Personal Finance 2 Variable earnings, Sources of Income, Financial Literacy: Net Pay vs Gross Pay, employee benefits, employee benefits

View Set

Business Law Chapter 4: Administrative Law

View Set

Chapter 12: Environmental Protection & Negative Externalities

View Set

World Geography- Chapter 19 Review

View Set

Anatomy and Physiology Chapter 2 Homework

View Set

Kenisiology Final Exam Practice Test

View Set