Info and Network Security Chapter 8-15

Ace your homework & exams now with Quizwiz!

Java and ActiveX codes should be scanned before they are _________. Deleted Known about Downloaded to your computer Infected

Downloaded to your computer

In which firewall configuration is the firewall running on a server with at least two network interfaces? Network host-based Router-based Screen host Dual-homed host

Dual-homed host

A _________ is a barrier between your network and the outside world. Web server Firewall File server Virus scanner

Firewall

Use for business communications only and the disallowing of the transmission of confidential business information are recommended guidelines for _______ Desktop configuration Phone calls USB drives Instant messaging

Instant messaging

With asymmetric cryptography a different ______ is used to encrypt the message and to decrypt the message. a. Script b. Code c. Key d. Lock

Key

New employees should receive a copy of the company's __________ policies. Business continuation Password sharing Disacter recovery Security/acceptable use

Security/acceptable use

Cipher text is encrypted text. True False

True

You cannot disable some USB devices from end-user computers and allow others. True False

False

Mistaking a legitimate program for a virus is a ____________. Heiristic error False negative False positive Machine error

False positive

Mistaking a legitimate program for a virus is a ____________. Heiristic error Machine error False negative False positive

False positive

What is the rule in access control? Grant the least access job requirement allow Grant standard access for all users Grant the most access you can securely give Strictly limited access for most users

Grant the least access job requirement allow

Windows stores passwords using a method called __________. a. Exchange b. Hashing c. Authentication d. Keberos

Hashing

Use for business communications only and the disallowing of the transmission of confidential business information are recommended guidelines for _______ USB drives Phone calls Instant messaging Desktop configuration

Instant messaging

Which of the following is the correct term for making a system less attractive to intrude? Intrusion camouflage Intrusion deflection Intrusion deterrence Intrusion avoidance

Intrusion deterrence

Why is binary mathematical encryption not secure? a. It leaves the message intact. b. It does not change letter or word frequency. c. It is too simple. d. The mathematics of it is flawed.

It does not change letter or word frequency.

What advantage does a symmetric key system using 64-bit blocks have? a. It is unbreakable. b. It is complex. c. It uses asymmetric keys. d. It is fast.

It is fast.

Which of the following is most likely to be true of an encryption method advertised as unbreakable? a. It is likely to be exaggerated. b. It is probably suitable for military use. c. It is unbreakable. d. It may be too expensive for your organization.

It is likely to be exaggerated.

Many classic ciphers are easy to understand, but not secure. What is the main problem with simple substitution? a. It does not use complex mathematics. b. It maintains letter and word frequency. c. It is too simple. d. It is easily broken with modern computers.

It maintains letter and word frequency.

Which of the following is a disadvantage to using an application gateway firewall? It is not very secure. It uses a great deal of resources. It can be difficult to configure. It can only work on router-based firewalls.

It uses a great deal of resources.

Which of the following methods is available as an add-in for most email clients? a. DES b. RSA c. Caesar cipher d. PGP

PGP

Which of following is used as firewall? Application gateway Domain gateway Circuit-level gateway Packet Filtering

Packet Filtering

Which of the following should NOT be a part of an organization's policy regarding email attachments? It was an expected attachment. It cam from a known source, and the source is confirmed. It appears to be a legitimate business document. Personal use for online shopping.

Personal use for online shopping.

________ refers to unencrypted text. a. Algorithm b. Plain text c. Cipher text d. Key

Plain text

What is the term for blocking an IP address that has been the source of suspicious activity? Intrusion deflection Preemptive blocking Proactive deflection Intrusion blocking

Preemptive blocking

What is PGP? a. Pretty Good Privacy, a public key encryption method b. Pretty Good Privacy, a symmetric key encryption method c. Pretty Good Protection, a public key encryption method d. Pretty Good Protection, a symmetric key encryption method

Pretty Good Privacy, a public key encryption method

What type of encryption uses different keys to encrypt and decrypt the message? a. Public key b. Secure c. Private key d. Symmetric

Public key

____ key is used to encrypt a message, and another is used to decrypt the message. a. Cipher b. Hash c. Private key d. Public key

Public key

Which of the following is most true regarding certified encryption methods? a. It depends on the source of the certificatio. b. It depends on the level of certification. c. There are the only methods you should use. d. There is no such thing as certified encryption.

There is no such thing as certified encryption.

Which of the following is most true regarding binary operations and encryption? a. They are only useful as a teaching method. b. They can provide secure encryption. c. They are completely useless. d. They can form a part of viable encryption methods.

They can form a part of viable encryption methods.

One reason allowing a user to change the desktop configuration poses a security problem is that to change a desktop the user must also be given rights to change other system settings. True False

True

Public key encryption is fast becoming the most widely used type of encryption because there are no issues to deal with concerning distribution of keys. True False

True

Security policies toward programmers and web developers are developmental policies. True False

True

The category of intrusion detection systems that looks for patterns that don't match those of normal use is called anomaly detection. True False

True

The most widely used symmetric key algorithm is Advanced Encryption Standard. True False

True

When an administrator proactively seeks out intelligence on potential threats or groups, this is called infiltration. True False

True

If you determine a virus has struck a system, the first step is to _________. Notify appropriate organization leaders Log the incident Unplug the machines from the network Scan and clean infected systems

Unplug the machines from the network

L2TP uses IPsec for its encryption. True False

True

A screening firewall works in the application layer of the OSI model. True False

False

A firewall ______ is a tool that can provide information after an incident has occurred. Scan Hub Port Log

Log

Binary numbers are made up of 0s and 1s. True False

True

A list of virus definitions is generally in a file with a ________ extension. .txt .def .vir .dat

.dat

A(n) ___________is a set of steps for doing something. a. Algorithm b. Formula c. Encryption d. Cipher

Algorithm

What size key does a DES system use? a. 64 bits b. 56 bits c. 128 bits d. 256 bits

56 bits

Which of the following is an operation used on binary numbers not found in normal math? a. PLUS b. DIVIDES c. MINUS d. AND

AND

The conflict between the users' goal for unfettered access to data and the security administrator's goal to protect that data is an issue of ______________. Access control Password protection Social engineering System administration

Access control

What method do most IDS software implementations use? Infiltration Anomaly detection Intrusion deterrence Preemptive blocking

Anomaly detection

Heuristic scanning uses rules to determine whether a file or program behaves like a virus. True False

True

Which of the following methods uses a variable-length symmetric key? a. RSA b. DES c. Carsar d. Blowfish

Blowfish

_________ is a block cipher that uses a variable-length key ranging from 32 to 448 bits. a. AES b. RC4 c. Blowfish d. 3DES

Blowfish

Which of the following is the appropriate sequence for a change request? Business unit manager requests change, IT unit verifies request, request is implemented. Business unit manager requests change, IT unit verifies request, request is scheduled with rollback plan, request is implemented. Business unit manager requesst change, IT unit verifies request, security unit verifies request, request is implemented. Business unit manager requests change, IT unit verifies request, security unit verifies request, request is scheduled with rollback plan, request is implemented.

Business unit manager requests change, IT unit verifies request, security unit verifies request, request is scheduled with rollback plan, request is implemented.

Using the __________ cipher you choose some number by which to shift each letter of a text. a. Caesar b. ASCII c. Multi-alphabet substitution d. DC4

Caesar

Which of the following is the oldest encryption method discussed in this text? a. Caesar cipher b. PGP c. Cryptic cipher d. Multi-alphaber encryption

Caesar cipher

It is important to understand the concepts and application of cryptography. Which of the following most accurately defines encryption? a. Changing a message using complex mathematics. b. Changing a message so it can only be easily read by the intended recipient. c. Applying keys to a message to conceal it. d. Using complex mathematics to conceal a message.

Changing a message so it can only be easily read by the intended recipient.

__________refers to encrypted text. a. Algorithm b. Key c. Plain text d. Cipher text

Cipher text

__________ is the art to write in or decipher secret code. a. Keying b. Decryption c. Cryptography d. Encryption

Cryptography

Principal of least privilege means that no one person can perform critical tasks. True False

False

Snort is an open-source firewall. True False

False

The method to attract an intruder to a subsystem setup for the purpose of observing him is called intrusion deterrence. True False

False

Which of the following is a symmetric key system using 64-bit blocks? a. PGP b. RSA c. Blowfish d. DES

DES

The plan to return a business to full normal operations is ____________ BIA BCP DRP ALE

DRP

Which of the following is not a significant security risk posed by instant messaging? Employees may send harassing messages. Employees might send out confidential information. An instant messaging program could actually be a Trojan horse. A virus or worm might infect the workstation via instant messaging.

Employees may send harassing messages.

______________ is the process to scramble a message or other information so that it cannot be easily read. a. Cryptography b. Encryption c. Decryption d. Keying

Encryption

Which of the following does not demonstrate the need for policies? Activirus software cannot prevent a user from downloading infected files. The most secure password is not at all secure if it's posed on a note by the computer. Technological security measures are dependent upon the employee's implementation. End users are generally not particularly bright and must be told everything,

End users are generally not particularly bright and must be told everything,

An on-demand virus scanner runs in the background and is constantly checking your PC True False

False

IPsec can only encrypt the packet data but not the header information. True False

False

Linux and Windows typically are not shipped with firewalls. True False

False

PGP involves only private key encryption. True False

False

The virus scanning technique that uses rules to determine if a program behaves like a virus is _________ scanning. File Download Heuristic Sandbox

Heuristic

Which of the following is not one of the basic types of firewalls? Application gateway Heuristic firewall Screening firewall Circuit-level gateway

Heuristic firewall

What is the name for scanning that depends on complex rules to define what is and is not a virus? Rule-based scanning (RBS) Logic-based scanning (LBS) Heuristic scanning TSR scanning

Heuristic scanning

What is the term for a fake system designed to lure intruders? Entrapment Honey pot Faux system Deflection system

Honey pot

What should you be most careful of when looking for an encryption method to use? a. Speed of the algorithm b. A complexity of the algorithm c. How long the algorithm has been around d. Veracity of the vendor's claims

How long the algorithm has been around

Which of the following is the appropriate sequence of events for a departing employee? IT is notified of the departure, all logon accounts are shut down, all access (physical and electronic) are disabled, the employee's workstation is searched/scanned. IT is notified of the departure, all logon accounts are shut down, all access (physical and electronis) are disabled. IT is notified of the departure, all electronis accesses are shut down, all physical accesses are shut down. IT is notified of the departure, all physical accesses are shut down, all electronic accesses are shut shown.

IT is notified of the departure, all logon accounts are shut down, all access (physical and electronic) are disabled, the employee's workstation is searched/scanned.

Which of the following is the best reason users should be prohibited from installing software? They may install incorrect version of software, and oftern incompatible. Software installation is often complex and should be done by professionals. They may not install it correctly, which could cause security problems for the workstation. If a user's account does not have installation privileges, then it is likely that a Trojan horse will not be inadvertently installed under their account.

If a user's account does not have installation privileges, then it is likely that a Trojan horse will not be inadvertently installed under their account.

Which of the following is not an area that user policies need to cover? What a user should do if she believes her password has been compromised. What websites a user can or cannot visit If and when to share passwors Minimum length of passwords

If and when to share passwors

The principal that users have access to only network resources when an administrator explicitly grants them is called ___________. Separation of duty Implicit deny Least privilege Job rotation

Implicit deny

What is a major weakness with a network host-based firewall? It can be easily hacked. It is very expensive. It is difficult to configure. Its security depends on the underlying operating system.

Its security depends on the underlying operating system.

A(n) ________ refers to the bits that are combined with the plain text to encrypt it. a. Plain b. Key c. Cipher text d. Algorithm

Key

What is one way of checking emails for virus infections by antivirus software? Block all emails with attachments Look for subject lines and content that are from known virus attacks. Block all active attachments (for example, ActiveX, scripting). Look for emails from known virus sources.

Look for subject lines and content that are from known virus attacks.

Classic ciphers were improved with multiple shifts (multiple substitution alphabets). Which of the following is an encryption method using two or more different shifts? a. Carsar cipher b. DES c. Multi-alphabet encryption d. PGP

Multi-alphabet encryption

Using the _________ cipher you select multiple numbers by which to shift letters. a. Multi-alphabet substitution b. ASCII c. DC4 d. Caesar

Multi-alphabet substitution

In which firewall configuration is the software installed on an existing machine with an exiting operating system? Network host-based Dual-homed host Screened host Router-based

Network host-based

Which of the following is most true regarding new encryption methods? a. Use them only if they are certified. b. Use them only if they are rated unbreakable. c. You can use them, but you myst be cautious. d. Never use them until they have been proven.

Never use them until they have been proven.

The virus scanning technique that means you have a separate area isolated from the operating system in which a file is run, so it won't infect the system is ________. File Heuristic Download Sandbox

Sandbox

What is the term for a firewall that is a combination of a bastion host and a screening router. Router-based firewall Dual-homed firewall Screened host Network host-based firewall

Screened host

Which of the following is the most basic type (i.e., first line of defense) of firewall? Screening firewall Heuristic firewall Circuit-level gateway Application gateway

Screening firewall

A(n)___________ firewall examines the entire conversation between client and server, not just individual packets. a. Packet filtering b. Domain gateway c. Circuit-level gateway d. Stateful Packet Inspection

Stateful Packet Inspection

What does SPI stand for? System packet inspection Stateful packet inspection Stateful packet interception System packet interception

Stateful packet inspection

A file that stays in memory after it executes is a(n) _____________. Terminate and Stay Resident program Executable Text file Bug

Terminate and Stay Resident program

What are TSR programs? Terminate and scan remote programs, which scan remote systems prior to terminating Terminate and stay resident programs, which stay in memory after you shut them down. Terminate signal registry programs, which alter the system Registry Terminate and system remove programs, which erase themselves when complete

Terminate and stay resident programs, which stay in memory after you shut them down.

Kerberos is an authentication protocol that uses a ticket granting system that sends an encrypted ticket to the user's machine. True False

True

Which of the following is the most common way for a virus scanner to recognize a virus? To use complex rules to look for virus-like behavior To look for only TSR programs To compare a file to known virus attributes To look for TSR programs or programs that alter the Registry

To compare a file to known virus attributes

Which of these is NOT a type of symmetric algorithm? a. Stream b. Transcription c. Block d. Ceasar

Transcription

Which of these is NOT a type of symmetric algorithm? a. Transcription b. Stream c. Block d. Ceasar

Transcription

A digital signature is used to guarantee who sent a message. This is referred to as non-repudiation. True False

True

A server with fake data used to attract an attacker is a honeypot. True False

True

A stateful packet inspection firewall examines each packet, and denies or permits access based not only on the current packet, but also on data derived from previous packets in the conversation. True False

True

A virtual private network is a way to use the Internet to create a connection between a remote user and a central location. True False

True

Which binary mathematical operation can be used for a simple (but unsecured) encryption method and is in fact a part of modern symmetric ciphers? a. Bit shift b. OR c. XOR d. Bit swap

XOR

Typically, when you update virus definitions _____________. Your computer restarts. Your computer modifies virus. The virus program scans your computer. You are updating the virus definition file on your computer

You are updating the virus definition file on your computer


Related study sets

Assessment of Skin, Hair, and Nails

View Set

Study Set Practice questions #1 econ

View Set

15.5.4 - The xinetd Super Daemon (Practice Question)

View Set

Operations Management, Chapters 1 & 2

View Set

LUOA 9th Grade Survey of the Bible Semester Exam

View Set

NURS 221 Nclex and Book Questions

View Set

Anthropology Exam 3 - Chapters 15-20

View Set