Cyber Security 290 Final

Ace your homework & exams now with Quizwiz!

The least access job requirements allow

13. What is the rule in access control?

DMZ (demilitarized zone)

A _________ involves setting up two firewalls: an outer and an inner firewall.

Identity

A discarded credit card receipt or utility bill could be the starting point from which a perpetrator finds enough information to assume a victim's _______________.

8

A good password has at least ______ characters.

True

A key logger can be hardware-based of software-based.

True

A stateful packet inspection firewall examines each packet, and denies or permits access based not only on the current packet, but also on data derived from previous packets in the conversation.

True

A virtual private network is a way to use the Internet to create a connection between a remote user and a central location.

False

An on-demand virus scanner runs in the background and is constantly checking your PC.

Information warfare

Any attempt to manipulate information in pursuit of a military or political goal is

True

CNE, MCITP, CISSP, and CCNA are examples of industry certifications.

True

Employees with access to any sensitive information should be asked to sign nondisclosure agreements.

true

Every open port on a router is a possible avenue of entry for a malware or intruder.

None of the above

For an individual machine that is not running firewall software, you do not directly close ports. You shut down the _________ using that port.

False

For individual computers not running firewall software, you should directly close ports.

True

Frequently the first responder to a computer crime is the network administrator.

By looking for known spyware

How do most anti spyware packages work?

He might find even more information about the target and use this information to conduct his crime.

How might an identity thief use the Internet to exploit his victim

False

IPsec can only encrypt the packet data but not the header information.

The information on the server

If a company purchases a high-end UNIX server to use for its research and development department what is probably the most valuable part of the system?

IP address

If you experience a denial-of-service attack, you can use firewall logs to determine the _______ from which the attack originated.

True

Information warfare is any attempt to manipulate information in pursuit of a military or political goal.

True

L2TP uses IPsec for its encryption.

Security/acceptable use

New employees should receive a copy of the company 's __________ policies.

Names

On a server, you should create your own accounts with ________ that do not reflect their level of permission.

Once

Probing your network for security flaws should occur once a quarter, and a complete audit of your security should be completed ________ per year.

System administration

Procedures for adding users, removing users, and dealing with security issues are examples of ___________ policies.

False

Sending a forged email asking for sensitive data is an example of steganography.

True

The category of intrusion detection systems that looks for patterns that dont match those of normal use is called anomaly detection.

Patches

The first rule of computer security is to check ___________.

Hardening

The process to make a system as secure as it can be without adding on specialized software or equipment is _______________

Routers

The rule that packets not originating from inside your LAN should not be forwarded relates to ___________.

Ports, patch, protect, probe, policies, physical

What are the six Ps of security?

1) Policy Procedure Development 2) Evidence Assessment 3) Evidence Acquisition 4) Evidence Examination 5) Documenting and Reporting

What are the steps and guidelines for cybersecurity investigation.

Pretty Good Privacy. Its a way to safely transfer information from one user to the next using encryption

What is PGP

Pretty Good Privacy, a public key encryption method

What is PGP?

The Onion Router. It uses a routing system to make users anonymous

What is Tor?

Its security is depended on the underlying operating system

What is a major weakness with a network host-based firewall?

None: they are interchangeable terms

What is the difference between corporate and industrial espionage?

Disgruntled employees

What is the greatest security risk to any company?

A level of security that makes the effort required to get information more than the value of the information

What is the highest level of security you can expect to obtain?

To prevent a thief from getting data off a stolen laptop

What is the reason for encrypting hard drives on laptop computers?

Honey Pot

What is the term for a fake system designed to lure intruders?

Screened host

What is the term for a firewall that is simply software installed on an existing server?

Preemptive blocking

What is the term for blocking an IP address that haws been the source of suspicious activity?

Economic

What is the usual motivating factor for corporate/industrial espionage?

Anomaly detection

What method do most IDS software implementations use?

How long the algorithm has been around

What should you be most careful of when looking for an encrytion method to use?

56 bit

What size key does a DES system use?

Public key

What type of encryption uses different keys to encrypt and decrypt the message?

True

When an administrator proactively seeks out intelligence on potential threats or groups, this is called infiltration.

Disruption of chemical plant control systems

Which of the following is a cyber attack that would likely cause imminent loss of life?

It uses a great deal of resources

Which of the following is a disadvantage to using an application gateway firewall?

Multi-alphabet encryption

Which of the following is an encryption method using two or more different shifts?

Intrusion deterrence

Which of the following is the correct term for simply making your system less attractive to intruders?

Blowfish

Which of the following methods uses a variable-length symmetric key?

A. Changing a message so it can only be easily read by the intended recipient

Which of the following most accurately defines encryption?

Changing a message so it can only be easily read by the intended recipient

Which of the following most accurately defines encryption?

False

Windows has a built in firewall, but Linux does not.

Resources needed to produce the information, plus resources gained from the information.

You can calculate the value of information by what formula?


Related study sets

Module 10, lesson 5, European settle in North America

View Set

Chapter 46 Managing Practice Finances

View Set

Maternity Final Fall 2018; Lowdermilk; Chapters 8-11 and 20-37

View Set

Chapter 13 Managerial Accounting

View Set