IS Security Quiz 3

Ace your homework & exams now with Quizwiz!

What is not a typical sign of virus activity on a system?

Unexpected power failures

What file type is least likely to be impacted by a file infector virus?

.docx

How many values can be used at a time with each of the following operators? + not and !=

2 1 2 2

What is the maximum value for any octet in an Internet Protocol version 4 (IPv4) address?

255

What network port number is used for unencrypted web-based communication by default?

80

Alice would like to send a message to Bob using a digital signature. What cryptographic key does Alice use to create the digital signature?

Alice's private key

Bob received a message from Alice that contains a digital signature. What cryptographic key does Bob use to verify the digital signature?

Alice's public key

Tonya would like to protect her users and the network when users browse to known dangerous sites. She plans to maintain a list of those sites and drop messages from those websites. What type of approach is Tonya advocating?

Blacklisting

Alice would like to send a message to Bob securely and wishes to use asymmetric encryption to encrypt the contents of the message. What key does she use to encrypt this message?

Bob's public key

Miriam is a network administrator. She would like to use a wireless authentication technology similar to that found in hotels where users are redirected to a webpage when they connect to the network. What technology should she deploy?

Captive portal

Which cryptographic attack is relevant in only asymmetric key systems and hash functions?

Chosen ciphertext

Bob is sending a message to Alice. He wants to ensure that nobody can read the content of the message while it is in transit. What goal of cryptography is Bob attempting to achieve?

Confidentiality

Larry recently viewed an auction listing on a website. As a result, his computer executed code that popped up a window that asked for his password. What type of attack has Larry likely encountered?

Cross-site scripting (XSS)

What program, released in 2013, is an example of ransomware?

Cryptolocker

Maria receives a ciphertext message from her colleague Wen. What type of function does Maria need to use to read the plaintext message?

Decryption

Alice and Bob would like to communicate with each other using a session key, but they do not already have a shared secret key. Which algorithm can they use to exchange a secret key?

Diffie-Hellman

What is not a symmetric encryption algorithm?

Diffie-Hellman

Security objectives add value to relationships between businesses or between businesses and their customers. Which objective binds a message or data to a specific entity?

Digital signature

What type of attack occurs in real time and is often conducted against a specific target?

Direct

What protocol is responsible for assigning Internet Protocol (IP) addresses to hosts on many networks?

Dynamic Host Configuration Protocol (DHCP)

Which of the following is not an objective of cryptanalysis, the process of breaking codes?

Encrypt the plaintext of a target message

Some ciphers, regardless of type, rely on the difficulty of solving certain mathematical problems, which is the basis for asymmetric key cryptography. Which of the following is a branch of mathematics that involves multiplicative inverses that these ciphers use?

Field theory

What type of firewall security feature limits the volume of traffic from individual hosts?

Flood guard

What type of system is intentionally exposed to attackers in an attempt to lure them out?

Honeypot

Carrie is a network technician developing the Internet Protocol (IP) addressing roadmap for her company. While IP version 4 (IPv4) has been the standard for decades, IP version 6 (IPv6) can provide a much greater number of unique IP addresses. Which addressing system should she designate for primary use on her roadmap and why?

IPv6 is only slowly being adopted. She should make IPv4 the primary addressing scheme in her roadmap until IPv6 is more widely adopted.

Bob is sending a message to Alice. He wants to ensure that nobody tampers with the message while it is in transit. What goal of cryptography is Bob attempting to achieve?

Integrity

Yolanda would like to prevent attackers from using her network as a relay point for a smurf attack. What protocol should she filter?

Internet Control Message Protocol (ICMP)

Alison is a security professional. A user reports that, after opening an email attachment, every document he saves is in a template format and other Microsoft Word documents will not open. After investigating the issue, Alison determines that the user's Microsoft Office normal.dot template has been damaged, as well as many Word files. What type of virus is the most likely cause?

Macro virus

Maria is a freelance network consultant. She is setting up security for a small business client's wireless network. She is configuring a feature in the wireless access point (WAP) that will allow only computers with certain wireless network cards to connect to the network. This feature filters out the network cards of any wireless computer not on the list. What is this called?

Media Access Control (MAC) address filtering

Isabella is a network engineer. She would like to strengthen the security of her organization's networks by adding more requirements before allowing a device to connect to a network. She plans to add authentication to the wireless network and posture checking to the wired network. What technology should Isabella use?

Network access control (NAC)

When Alice receives a message from Bob, she wants to be able to demonstrate to Miriam that the message actually came from Bob. What goal of cryptography is Alice attempting to achieve?

Non-repudiation

Which approach to cryptography uses highly parallel algorithms that could solve problems in a fraction of the time needed by conventional computers?

Quantum cryptography

Karen is a hacker. She wants to access a server and control it remotely. The tool she plans to use is a type of Trojan. What tool will Karen use for this purpose?

Remote Access Tool (RAT)

What firewall approach is shown in the figure, assuming the firewall has three network cards?

Screened subnet

There are a large number of protocols and programs that use port numbers to make computer connections. Of the following, which ones do not use port numbers?

Secure Sockets Layer (SSL) or Transport Layer Security (TLS)

Devaki is investigating an attack. An intruder managed to take over the identity of a user who was legitimately logged in to Devaki's company's website by manipulating Hypertext Transfer Protocol (HTTP) headers. Which type of attack likely took place?

Session hijacking

Arturo discovers a virus on his system that resides only in the computer's memory and not in a file. What type of virus has he discovered?

Slow virus

The chief executive officer (CEO) of a company recently fell victim to an attack. The attackers sent the CEO an email that appeared to come from the company's attorney. The email informed the CEO that his company was being sued and he needed to view a subpoena at a court website. When visiting the website, malicious code was downloaded onto the CEO's computer. What type of attack took place?

Spear phishing

Bob is developing a web application that depends on a backend database. What type of attack could a malicious individual use to send commands through his web application to the database?

Structured Query Language (SQL) injection

Which set of characteristics describes the Caesar cipher accurately?

Symmetric, stream, substitution

Which of the following is a type of denial of service (DoS) attack?

Synchronize (SYN) flood

Which type of virus targets computer hardware and software startup functions?

System infector

Which of the following is not true of hash functions?

The hashes produced by a specific hash function may vary in size.

Which type of cipher works by rearranging the characters in a message?

Transposition

Lin installed a time-management utility that she downloaded from the Internet. Now several applications are not responding to normal commands. What type of malware did she likely encounter?

Trojan horse

Wen is a network security professional. He wants to strengthen the security of his agency's network infrastructure defenses. Which control can he use to protect the network?

Use proxy services and bastion hosts to protect critical services

Bob has a high-volume virtual private network (VPN). He would like to use a device that would best handle the required processing power. What type of device should he use?

VPN concentrator

What is the only unbreakable cipher when it is used properly?

Vernam

Wen is a network engineer. He would like to isolate several systems belonging to the product development group from other systems on the network, without adding new hardware. What technology is best to use?

Virtual LAN (VLAN)

Juan is a wireless security professional. He is selecting a standard for wireless encryption protocols for access points and devices for his agency. For the highest security, which protocol should Juan choose?

Wi-Fi Protected Access version 3 (WPA3)

Which information security objective verifies the action to create an object or verifies an object's existence by an entity other than the creator?

Witnessing

Hacking groups create _______ to launch attacks whereby they infect vulnerable machines with agents that perform various functions at the command of the controller.

botnets

Susan is troubleshooting a problem with a computer's network cabling. At which layer of the Open Systems Interconnection (OSI) Reference Model is she working?

physical

A ________ is used to identify the part of an Ethernet network where all hosts share the same host address.

subnet mask

On early Ethernet networks, all computers were connected to a single wire, forcing them to take turns on a local area network (LAN). Today, this situation is alleviated on larger networks because each computer has a dedicated wire connected to a ___________ that controls a portion of the LAN.

switch

What tool might be used by an attacker during the reconnaissance phase of an attack to glean information about domain registrations?

whois


Related study sets

PEDS Chapter 46: Nursing Care of the Child With an Alteration in Cellular Regulation/Hematologic or Neoplastic Disorder 1

View Set

Salesforce Admin - Practice Test Question

View Set

Chapter 14 Care of the patient with neurological disorders

View Set

ART - ACADEMIC DECATHLON 2023-2024

View Set