How can we help?

You can also find more resources in our Help Center.

440 terms

ISTY Final Exam Review

STUDY
PLAY
____ certificates are frequently used to secure e-mail transmissions and typically only require the user's name and e-mail address in order to receive this certificate.
Choose one answer.
a. Public digital
b. Private digital
c. Personal digital
d. Server digital
Personal digital
____ can verify the authenticity of the sender and enforce nonrepudiation to prove that the sender is who he claims to be and cannot deny sending it.
a. Asymmetric encryption
b. Elliptic encryption
c. Symmetric encryption
d. Private encryption
Asymmetric encryption
___________ certificates reduce the need to store multiple copies of the signing certificate.
Choose one answer.
a. Single-sided
b. Dual-key
c. EV-SSL
d. Class 1
Dual-key
The ____ function is a subordinate entity designed to handle specific CA tasks such as processing certificate requests and authenticating users.
Choose one answer.
a. Intermediate Authority
b. Repudiation Authority
c. Registration Authority
d. Certificate Authority
Repudiation Authority
Digital certificates cannot be used to identify objects other than users.
Answer:
True
False
False
Key ____ removes all private and public keys along with the user's identification information in the CA.
Choose one answer.
a. escrow
b. destruction
c. renewal
d. generation
destruction
A class 2 certificate is known as a ____ certificate.
Choose one answer.
a. signing digital
b. server digital
c. personal digital
d. code-signing
server digital
M-of-N control is a technique used in:
Choose one answer.
a. Key recovery
b. Third party trust
c. Bridge trust model
d. Key escrow
Key recovery
____ can be used to ensure the integrity of a file by guaranteeing that no one has tampered with it.
Choose one answer.
a. Blocking
b. Cloning
c. Hashing
d. Encrypting
Hashing
PGP and SSL function at the same layer of the Open System Interconnection (OSI) model.
Answer:
True
False
False
A(n) ____ serves as the trusted third-party agency that is responsible for issuing the digital certificates.
Choose one answer.
a. DA
b. RA
c. PA
d. CA
CA
At the ____ stage of the certificate life cycle, the certificate can no longer be used.
Choose one answer.
a. suspension
b. revocation
c. creation
d. expiration
expiration
ESP is a(n) _______________ protocol.
Choose one answer.
a. SHTTP
b. SSL
c. IPsec
d. PKI
IPsec
The ____ provides recommended baseline security requirements for the use and operation of CA, RA, and other PKI components.
Choose one answer.
a. DP
b. CP
c. AP
d. LP
CP
Which of the following would NOT be found in a digital certificate?
Choose one answer.
a. Owner's gender
b. Owner's address
c. Issuer's public key
d. Owner's public key
Issuer's public key
____ allows clients and the server to negotiate independently encryption, authentication, and digital signature methods, in any combination, in both directions.
Choose one answer.
a. SHTTP
b. HTTPS
c. SFTP
d. Telnets
SHTTP
Public keys can be stored by embedding them within digital certificates, while private keys can be stored on the user's local system.
Answer:
True
False
True
What does it mean when your web browser displays a padlock icon next to a digital certificate? Choose all that apply.
Choose at least one answer.
a. The CA certifies the Web site is the registered owner of the domain name
b. The certificate creates a cryptographic connection to protect communications
c. The CA has verified the identity of the organization
d. The CA certifies the organization is authorized to operate the Web site
e. The CA has verified the existence and identity of the web site owner
f. The CA has identified the existence of the organization
The CA has verified the identity of the organization
The CA has identified the existence of the organization
The CA has verified the existence and identity of the web site owner
Key ____ refers to a process in which keys are managed by a third party, such as a trusted CA.
Choose one answer.
a. management
b. escrow
c. renewal
d. destruction
escrow
A ____ trust refers to a situation in which two individuals trust each other because each trusts a third party.
Choose one answer.
a. third-party
b. distributed
c. mutual
d. web of
third-party
____ is a protocol developed by Netscape for securely transmitting documents over the Internet.
Choose one answer.
a. TLS
b. EAP
c. PEAP
d. SSL
SSL
_________ is referred to as a transparent protocol.
Choose one answer.
a. SSL
b. SSH
c. PGP
d. IPsec
IPsec
The ____ model is the basis for digital certificates issued to Internet users.
Choose one answer.
a. related trust
b. third-party trust
c. managed trust
d. distributed trust
distributed trust
____ certificates enable clients connecting to the Web server to examine the identity of the server's owner.
Choose one answer.
a. Private digital
b. Server digital
c. Personal digital
d. Public digital
Server digital
____ can protect the confidentiality of an e-mail message by ensuring that no one has read it.
Choose one answer.
a. Asymmetric encryption
b. Symmetric encryption
c. Standard encryption
d. Public encryption
Symmetric encryption
The primary function of a(n) ____ is to verify the identity of the individual.
Choose one answer.
a. DA
b. PA
c. RA
d. CA
RA
At the ____ stage of the certificate life cycle, the certificate is no longer valid.
Choose one answer.
a. revocation
b. creation
c. expiration
d. suspension
revocation
TLS is an extension of ____.
Choose one answer.
a. Telnet
b. HTTP
c. FTP
d. SSL
SSL
IPsec is an optional protocol with IPv4 but not with IPv6.
Answer:
True
False
True
With the ____ model, there is one CA that acts as a "facilitator" to interconnect all other CAs.
Choose one answer.
a. bridge trust
b. third-party trust
c. distributed trust
d. transitive trust
bridge trust
Digital signatures actually only show that the public key labeled as belonging to person was used to encrypt the digital signature.
Answer:
True
False
True
Since telnet is a cleartext protocol, a more secure alternative would be:
Choose one answer.
a. SSH
b. S/Telnet
c. Slogin
d. RSH
SSH
One of the duties of a CA is to distribute public key certificates.
Answer:
True
False
True
____ involves public-key cryptography standards, trust models, and key management.
Choose one answer.
a. Private key infrastructure
b. Shared key infrastructure
c. Public key infrastructure
d. Network key infrastructure
Public key infrastructure
Cryptography cannot protect data as it is being transported across a network.
Answer:
True
False
False
The PIV standard is applied by the DOD in applying a(n) ________ infrastructure to issue common access cards.
Choose one answer.
a. Bridge trust model
b. PKI
c. Transport encryption
d. IPsec
Bridge trust model
PKI can best be defined as:
Choose one answer.
a. The framework for security infrastructure management
b. The framework for digital certificate management
c. The framework for certifying users of security applications
d. The framework for supporting public key enabled security services
The framework for digital certificate management
SSL is more likely to be faster than IPSEC.
Answer:
True
False
False
The entity requesting a digital certificate usually sends their public key to the CA who issues and signs the certificate with the CA's __________.
Choose one answer.
a. Public hash
b. Public key
c. Private key
d. Private hash
Private key
What is the maximum fine for those who wrongfully disclose individually identifiable health information with the intent to sell it?
Choose one answer.
a. $100,000
b. $500,000
c. $1,000,000
d. $250,000
$250,000
Select the five steps of an attack.
a. Replace software on systems
b. Paralyze networks and devices
c. Probe for information
d. Hide evidence of an attack
e. Penetrate defenses
f. Modify security settings
g. Circulate to other systems
b. Paralyze networks and devices
c. Probe for information
e. Penetrate defenses
f. Modify security settings
g. Circulate to other systems
____ ensures that the individual is who they claim to be (the authentic or genuine person) and not an imposter.
Choose one answer.
a. Accounting
b. Encryption
c. Authorization
d. Authentication
Authentication
A study by Foote Partners showed that security certifications earn employees ____ percent more pay than their uncertified counterparts.
Choose one answer.
a. 10 to 14
b. 13 to 14
c. 14 to 16
d. 12 to 15
10 to 14
The position of ____ is generally an entry-level position for a person who has the necessary technical skills.
Choose one answer.
a. CISO
b. security manager
c. security technician
d. security administrator
security technician
A comprehensive definition of information security is: that which protects the _______ , _______ , and availability of information on the devices that ________, ___________ , and transmit the information through products, people, and procedures.
a. Store
b. Confidentiality
c. Usability
d. Manipulate
e. Integrity
f. Create
Store
Confidentiality
Manipulate
Integrity
Targeted attacks against financial networks, unauthorized access to information, and the theft of personal information is sometimes known as ____.
Choose one answer.
a. cyberterrorism
b. spam
c. phishing
d. cybercrime
cybercrime
Select the five fundamental security principles in designing defenses against attacks.
Choose at least one answer.
a. Diversity
b. Complexity
c. Layering
d. Obscurity
e. Limiting
f. Depth
g. Simplicity
Diversity
Layering
Obscurity
Limiting
Simplicity
Recent employment trends indicate that employees with security certifications are in high demand.
Answer:
True
False
True
In information security, a loss can be ____.
Choose one answer.
a. theft of information
b. a delay in transmitting information that results in a financial penalty
c. the loss of good will or a reputation
d. all of the above
all of the above
The demand for IT professionals who know how to secure networks and computers is at an all-time low.
Answer:
True
False
False
Approximately ____ percent of households in the United States use the Internet for managing their finances.
Choose one answer.
a. 80
b. 60
c. 90
d. 70
80
____ involves stealing another person's personal information, such as a Social Security number, and then using the information to impersonate the victim, generally for financial gain.
Choose one answer.
a. Scam
b. Cyberterrorism
c. Phishing
d. Identity theft
Identity theft
Weakness in software can be more quickly uncovered and exploited with new software tools and techniques.
Answer:
True
False
True
The FBI defines cyberterrorism as any premeditated, politically motivated attack against information, computer systems, computer programs, and data owned and operated by government and military organizations.
Answer:
True
False
False
____ ensures that only authorized parties can view information.
Choose one answer.
a. Security
b. Integrity
c. Confidentiality
d. Availability
Confidentiality
In a general sense, assurance may be defined as the necessary steps to protect a person or property from harm.
Answer:
True
False
False
To understand information security by examining its goals and accomplishments, one must:
Choose at least one answer.
a. First, ensure that people are properly trained in security procedures
b. Second, protect information that provides value to people and organizations
c. Second, implement policies that provide guarantees that procedures are being followed
d. First, ensure that protective measures are properly implemented
Second, protect information that provides value to people and organizations
First, ensure that protective measures are properly implemented
According to Panda, over 30 million new specimens of malware were created in a ten month period in 2010.
Answer:
True
False
False
According to researchers at GTRI, a password with fewer than 7 characters will be vulnerable very soon.
Answer:
True
False
False
Annually, the number of malware attacks against online banking is increasing by ____ and about _____ of banks reported loses from thoe attacks.
Choose at least one answer.
a. 60,000
b. 75%
c. 55%
d. 100,000
e. 70,000
f. 85%
f. 85%
60,000
85%
____ attacks are responsible for half of all malware delivered by Web advertising.
Choose one answer.
a. Melissa
b. Slammer
c. Fake antivirus
d. "Canadian Pharmacy"
Fake antivirus
Choose the statement(s) below that are correct concerning USB drives and attacks.
Choose at least one answer.
a. About one out of every 6 attacks came by USB flash drive devices.
b. As long as you always know where your USB flash drive has been used it is safe from infection.
c. Attackers leave infected USB flash drives in public places, hoping someone will pick them up and insert them into their computers.
d. USB flash drives are inherently safe from attacks due to Universal Serial Bus design.
Attackers leave infected USB flash drives in public places, hoping someone will pick them up and insert them into their computers.
The CompTIA Security+ Certification is aimed at an IT security professional with the recommended background of a minimum of two years experience in IT administration, with a focus on security.
Answer:
True
False
True
An information security ____ position focuses on the administration and management of plans, policies, and people.
Choose one answer.
a. manager
b. engineer
c. inspector
d. auditor
manager
____ is text that has no formatting (such as bolding or underlining) applied.
Choose one answer.
a. Simpletext
b. Plaintext
c. Simple text
d. Plain text
Plain text
Symmetric encryption is also called ____ cryptography.
Choose one answer.
a. symmetric key
b. public key
c. shared key
d. private key
private key
The most basic type of cryptographic algorithm is a ____ algorithm.
Choose one answer.
a. block
b. key
c. hash
d. digest
hash
____ was first proposed in the mid-1980s and it uses sloping curves.
Choose one answer.
a. FCC
b. RSA
c. ECC
d. IKE
ECC
____ ensures that the information is correct and no unauthorized person or malicious software has altered that data.
Choose one answer.
a. Integrity
b. Encryption
c. Availability
d. Confidentiality
Integrity
Block ciphers are considered more secure than stream ciphers because they are more random.
Answer:
True
False
True
NTRUEncrypt uses ____ cryptography that relies on a set of points in space.
Choose one answer.
a. linear
b. matrix-based
c. quantum
d. lattice-base
lattice-base
Cryptography is used in the encryption process but not in the steganography process.
Answer:
True
False
True
Select the true statement(s) about public keys.
Choose at least one answer.
a. They use the Diffie-Hellman algorithm
b. They should not be posted publicly on the Internet
c. They are used to encrypt content to be decrypted with the matching private key
d. They automatically create a digital signature to verify the sender is who they claim to be
e. They are used to decrypt content encrypted with the matching private key
They are used to encrypt content to be decrypted with the matching private key
They are used to decrypt content encrypted with the matching private key
The simplest type of stream cipher is a ____ cipher.
Choose one answer.
a. substitution
b. lock
c. loop
d. shift
substitution
Self-encrypting HDD is commonly found in copiers and multifunction printers as well as point-of-sale systems used in government, financial, and medical environments.
Answer:
True
False
True
Select the correct statements regarding stream and block ciphers.
Choose at least one answer.
a. Stream ciphers tend to be slower as the size of the plaintext increases
b. Block ciphers reset the entire document to its original state after processing it
c. Block ciphers can randomize the blocks of plaintext to be encrypted
d. Stream ciphers are less prone to attack
Stream ciphers tend to be slower as the size of the plaintext increases
Block ciphers can randomize the blocks of plaintext to be encrypted
In MD5, the length of a message is padded to ____ bits.
Choose one answer.
a. 64
b. 512
c. 32
d. 128
512
RC6 is used in WEP encryption.
Answer:
True
False
False
An advantage of TPM is that malicious software cannot attack it.
Answer:
True
False
True
The basis for a digital signature rests on the ability of ____ keys to work in both directions.
Choose one answer.
a. asymmetric
b. unique
c. shared
d. symmetric
Asymmetric
EFS uses GPG to encrypt and decrypt files.
Answer:
True
False
False
With most _________ the final step in the process is to combine the cipher stream with the plaintext to create the ciphertext.
Choose one answer.
a. Asymmetric algorithms
b. Symmetric ciphers
c. Quantum cryptography
d. Hash algorithms
Symmetric ciphers
Steganography can use image files, audio files, or even video files to contain hidden information.
Answer:
True
False
True
____ is designed to replace DES.
Choose one answer.
a. Twofish
b. 3DES
c. RSA
d. AES
3DES
____ takes plaintext of any length and creates a hash 128 bits long.
Choose one answer.
a. RSA
b. SHA1
c. MD5
d. MD2
MD2
The ____ is essentially a chip on the motherboard of the computer that provides cryptographic services.
Choose one answer.
a. TPM
b. SCM
c. ODS
d. reference monitor
TPM
A ____ is a number divisible only by itself and 1.
Choose one answer.
a. prime number
b. prime decimal
c. compound number
d. neutral number
prime number
Select the correct statement(s) below concerning PGP and GPG.
Choose at least one answer.
a. None are correct
b. Their keys are interchangable with each other
c. Both are examples of asymmetric encryption
d. They are essentially the same except one is designed primarily for Windows and the other primarily for Linux
None are correct
The algorithm ____ is a block cipher that operates on 64-bit blocks and can have a key length from 32 to 448 bits.
Choose one answer.
a. RSA
b. AES
c. Blowfish
d. 3DES
Blowfish
____ is a relatively recent cryptographic hash function that has received international recognition and adoption by standards organizations, including the International Organization for Standardization (ISO).
Choose one answer.
a. Twofish
b. Blowfish
c. Rijndal
d. Whirlpool
Twofish
The____ is a symmetric cipher that was approved by the NIST in late 2000 as a replacement for DES.
Choose one answer.
a. 3DES
b. Twofish
c. AES
d. RSA
AES
One of the most famous ancient cryptographers was ____.
Choose one answer.
a. Caesar Augustus
b. Albert Einstein
c. Julius Caesar
d. Isaac Newton
Julius Caesar
____ encryption uses two keys instead of only one and these keys are mathematically related.
Choose one answer.
a. Symmetric
b. Public key
c. Asymmetric
d. Shared
Asymmetric
Most HSMs are PAN-based appliances that can provide services to multiple devices.
Answer:
True
False
False
A hash that is created from a set of data can be reversed.
Answer:
True
False
False
_______ can be used to ensure the integrity of a message or file.
Choose one answer.
a. Metadata
b. Checksum
c. Hashing
d. Stream cipher
Hashing
A ____ cipher rearranges letters without changing them.
Choose one answer.
a. transposition
b. block
c. loop
d. substitution
transposition
The ____ algorithm is the most common asymmetric cryptography algorithm and is the basis for several products.
Choose one answer.
a. Twofish
b. RSA
c. Blowfish
d. AES
RSA
____ attempts to use the unusual and unique behavior of microscopic objects to enable users to securely develop and share keys as well as to detect eavesdropping.
Choose one answer.
a. Symmetric cryptography
b. Analog cryptography
c. Quantum cryptography
d. Reactive cryptography
Quantum cryptography
Cryptography cannot be applied to entire disks.
Answer:
True
False
False
In OAuth, token credentials can be revoked at any time by the user without affecting other token credentials issued to other sites.
Answer:
True
False
True
Trusted OSs have been used since the late 1960s, initially for government and military applications.
Answer:
True
False
False
Choose the correct statement regarding keystroke dynamics.
Choose one answer.
a. It is a representation of what you are
b. It is a representation of what you know
c. It is not a very accurate authentication method
d. It is a type of adaptive biometrics
It is a representation of what you are
Today's operating systems have roots dating back 20 or more years, well before security was identified as a critical process.
Answer:
True
False
True
A token uses passwords that are referred to as one time passwords.
Answer:
True
False
True
____ is using a single authentication credential that is shared across multiple networks.
Choose one answer.
a. Access management
b. Authorization management
c. Identity management
d. Risk management
Identity management
Phishing, shoulder surfing, and dumpster diving are examples of what kind of attacks against passwords?
Choose one answer.
a. Rainbow table
b. Social engineering
c. Cracking
d. Capturing
Social engineering
An operating system that has been reengineered so that it is designed to be secure from the ground up is known as a ____.
Choose one answer.
a. reference monitor
b. trusted OS
c. system monitor
d. transaction monitor
trusted OS
Although brute force and dictionary attacks were once the primary tools used by attackers to crack an encrypted password, today attackers usually prefer ____.
Choose one answer.
a. online cracking
b. offline cracking
c. rainbow tables
d. cascade tables
rainbow tables
____ attack is where every possible combination of letters, numbers, and characters is used to create encrypted passwords.
Choose one answer.
a. Known ciphertext
b. Brute force
c. Known plaintext
d. Space division
Brute force
If a user typically accesses his bank's Web site from his home computer on nights and weekends, then this information can be used to establish a ____ of typical access.
Choose one answer.
a. computer footprint
b. system
c. usage map
d. beachhead
computer footprint
Select the advantage(s) below of using rainbow tables.
Choose at least one answer.
a. Reduces amount of memory needed on attacking computer
b. Can be used over and over for cracking passwords
c. All are advantages
d. Faster than dictionary attacks
All are advantages
In 2010, 75% of attacks against Microsoft Office and Internet Explorer would have been prevented if the user had not been logged in as an administrator.
Answer:
True
False
False
It has been found that about 90% of passwords have an ending suffix.
Answer:
True
False
True
Nearly all operating systems and applications accept non-keyboard characters in passwords.
Answer:
True
False
False
Windows Live ID was originally designed as a ____ system that would be used by a wide variety of Web servers.
Choose one answer.
a. liberated identity management
b. distributed identity management
c. federated identity management
d. central identity management
federated identity management
____ is the time it takes for a key to be pressed and then released.
Choose one answer.
a. Dwell time
b. Show time
c. Lead time
d. Sync time
Dwell time
____ is related to the perception, thought process, and understanding of the user.
Choose one answer.
a. Reactive biometrics
b. Affective biometrics
c. Standard biometrics
d. Cognitive biometrics
Cognitive biometrics
A ____ is a secret combination of letters, numbers, and/or characters that only the user should know.
Choose one answer.
a. password
b. challenge
c. token
d. biometric detail
password
The set of letters, symbols, and characters that make up the password are known as a ____ set.
Choose one answer.
a. search
b. problem
c. character
d. result
character
Twenty five percent of passwords can be cracked by combining the following.
Choose at least one answer.
a. 100 common suffixes
b. 5,000 common dictionary words
c. 10, 000 names
d. Database of 1,000 common passwords
e. Phonetic patterns dictionary
f. Substituting characters, such as $ for S
100 common suffixes
Database of 1,000 common passwords
Using a rainbow table to crack a password requires three steps.
Answer:
True
False
False
Passwords provide strong protection.
Answer:
True
False
False
OpenID is an example of a(n) _________ that is a(n) ______ based system.
Choose at least one answer.
a. FIM
b. CAC
c. OTP
d. MFA
e. URL
FIM
URL
The weakness of passwords centers on ____.
Choose one answer.
a. human memory
b. human reliability
c. handshake technology
d. encryption technology
human memory
A(n) ____ can also capture transmissions that contain passwords.
Choose one answer.
a. application analyzer
b. function analyzer
c. protocol analyzer
d. system analyzer
protocol analyzer
It is predicted that ____ could become a key element in authentication in the future.
Choose one answer.
a. reactive biometrics
b. affective biometrics
c. cognitive biometrics
d. standard biometrics
cognitive biometrics
____ holds the promise of reducing the number of usernames and passwords that users must memorize.
Choose one answer.
a. ISO
b. SSL
c. SSO
d. IAM
SSO
To create a rainbow table, each ____ begins with an initial password that is encrypted.
Choose one answer.
a. chain
b. pass
c. block
d. link
chain
Microsoft ____ is a feature of Windows that is intended to provide users with control of their digital identities while helping them to manage privacy.
Choose one answer.
a. CardSpace
b. CAPI
c. CryptoAPI
d. MAPI
CardSpace
____ permits users to share resources stored on one site with a second site without forwarding their authentication credentials to the other site.
Choose one answer.
a. OpenAuth
b. Kerberos
c. OAuth
d. SAML
OAuth
____ accepts spoken words for input as if they had been typed on the keyboard.
Choose one answer.
a. Speech recognition
b. Text recognition
c. Linguistic recognition
d. Speech differentiation
Speech recognition
The ____ attack will slightly alter dictionary words by adding numbers to the end of the password, spelling words backward, slightly misspelling words, or including special characters such as @, $, !, or %.
Choose one answer.
a. network replay
b. hash replay
c. hybrid
d. brute force
hybrid
____ can use fingerprints or other unique characteristics of a person's face, hands, or eyes (irises and retinas) to authenticate a user.
Choose one answer.
a. Standard biometrics
b. Affective biometrics
c. Cognitive biometrics
d. Reactive biometrics
Standard biometrics
Due to the limitations of online guessing, most password attacks today use ____.
Choose one answer.
a. hash replay
b. online cracking
c. token replay
d. offline cracking
offline cracking
A user or a process functioning on behalf of the user that attempts to access an object is known as the ____.
Choose one answer.
a. reference monitor
b. subject
c. entity
d. label
subject
A user under Role Based Access Control can be assigned only one ____.
Choose one answer.
a. label
b. group
c. role
d. access list
role
__________ is the process of verifying a persons credentials and determining they are who they claim to be.
Choose one answer.
a. Authorization
b. Access control
c. Authentication
d. Permission
Authentication
____ is often used for managing user access to one or more systems.
Choose one answer.
a. Rule Based Access Control
b. Mandatory Access Control
c. Discretionary Access Control
d. Role Based Access Control
Rule Based Access Control
____ is an authentication service commonly used on UNIX devices that communicates by forwarding user authentication information to a centralized server.
Choose one answer.
a. RADIUS
b. Kerberos
c. TACACS
d. FTP
TACACS
The action that is taken by the subject over the object is called a(n) ____.
Choose one answer.
a. access
b. control
c. authorization
d. operation
operation
____ accounts are user accounts that remain active after an employee has left an organization.
Choose one answer.
a. Stale
b. Fragmented
c. Orphaned
d. Active
Orphaned
TACACS+ and RADIUS are designed to support hundreds of remote connections.
Answer:
True
False
False
____________ limits the time an individual is in a position to manipulate security configurations.
Choose one answer.
a. Least privilege
b. Separation of duties
c. Secure time constraints
d. Job rotation
Job rotation
____ requires that if the fraudulent application of a process could potentially result in a breach of security, then the process should be divided between two or more individuals.
Choose one answer.
a. Mandatory vacation
b. Job rotation
c. Role reversal
d. Separation of duties
Separation of duties
________ is considered a more "real world" access control than other models.
Choose one answer.
a. Discretionary Access Control
b. Mandatory Access Control
c. Role Based Access Control
d. Rule Based Access Control
Role Based Access Control
The X.500 standard defines a protocol for a client application to access an X.500 directory called ____.
Choose one answer.
a. DAP
b. LDAP
c. DIT
d. DIB
DAP
A shield icon warns users if they attempt to access any feature that requires UAC permission.
Answer:
True
False
True
Authorization and access are viewed as synonymous and in access control, they are the same step.
Answer:
True
False
False
____ attacks may allow an attacker to construct LDAP statements based on user input statements.
Choose one answer.
a. LDAP cracking
b. LDAP injection
c. SQL injection
d. LDAP hijacking
LDAP injection
A strength of RADIUS is that messages are always directly sent between the wireless device and the RADIUS server.
Answer:
True
False
False
____ indicates when an account is no longer active.
Choose one answer.
a. Password expiration
b. Account expiration
c. Last login
d. Account last used
Account expiration
Entries in the DIB are arranged in a tree structure called the ____.
Choose one answer.
a. DIT
b. DAP
c. PEAP
d. EAP
DIT
The Bell-LaPadula model differs from the Lattice model by:
Choose one answer.
a. Preventing a user from opening documents higher than their security level
b. Preventing a user from changing levels or labels
c. Preventing a user from printing top secret documents
d. Preventing a user from copying the contents of a higher level document into a lower level document
Preventing a user from copying the contents of a higher level document into a lower level document
During RADIUS authentication the AP, serving as the authenticator that will accept or reject the wireless device, creates a data packet from this information called the ____.
Choose one answer.
a. verification request
b. authentication request
c. accounting request
d. access request
authentication request
The most restrictive access control model is ____.
Choose one answer.
a. Role Based Access Control
b. Rule Based Access Control
c. Mandatory Access Control
d. Discretionary Access Control
Mandatory Access Control
In the DAC model, permissions are inherited from the subject and granted to programs the subject runs.
Answer:
True
False
True
The ____ model is the least restrictive.
Choose one answer.
a. CAC
b. DAC
c. MAC
d. RBAC
DAC
____ is an authentication system developed by the Massachusetts Institute of Technology (MIT) and used to verify the identity of network users.
Choose one answer.
a. Aurora
b. CHAP
c. TACACS
d. Kerberos
Kerberos
A(n) ____ model is a standard that provides a predefined framework for hardware and software developers who need to implement access control in their devices or applications.
Choose one answer.
a. accounting
b. authorization control
c. access control
d. user control
access control
In the UAC dialog boxes, the color ____ indicates the lowest risk.
Choose one answer.
a. gray
b. yellow
c. green
d. red
gray
A computer user may be authorized or granted permission to log on to a system by presenting valid credentials, yet that authorization does not mean that the user can then access any and all resources.
Answer:
True
False
True
Implicit deny commands override all other commands and will block access regardless of what is specifically allowed.
Answer:
True
False
False
____ is suitable for what are called "high-volume service control applications" such as dial-in access to a corporate network.
Choose one answer.
a. RADIUS
b. Telnet
c. ICMP
d. FTP
RADIUS
Select the correct statement below.
Choose one answer.
a. Once a SID has been orphaned it can be reused
b. An account that has not been accessed for a stated period of time is a dormant account
c. Group policies are set and applied to only a single domain
d. An account that has not been accessed for a stated period of time is a orphaned account
An account that has not been accessed for a stated period of time is a dormant account
Select the correct statements below on Kerberos.
Choose at least one answer.
a. Kerberos access approvals expire almost immediately upon issuance
b. Kerberos approves access through tickets
c. Kerberos keys are encrypted
d. A weakness of Kerberos is that it requires users to approve access requests
e. Kerberos can interact with TACACS
f. Kerberos+ is not compatible with Kerberos
Kerberos approves access through tickets
Kerberos keys are encrypted
A user accessing a computer system must present credentials or ____ when logging on to a system.
Choose one answer.
a. access
b. authorize
c. identification
d. token
identification
A(n) ____ is a set of permissions that are attached to an object.
Choose one answer.
a. DAC
b. ACL
c. ACE
d. entity
ACL
Operating systems with a graphical user interface (GUI) configure access control lists (ACL's) by using:
Choose one answer.
a. Access control values
b. Access control tables
c. Access control entries
d. Access control variables
Access control entries
An access point can bridge a LAN and a WLAN.
Answer:
True
False
True
____ is an attack that sends unsolicited messages to Bluetooth-enabled devices.
Choose one answer.
a. Bluetalking
b. Bluejacking
c. Bluecracking
d. Bluesnarfing
Bluejacking
Because PEAP can be vulnerable to specific types of attacks, Cisco now recommends that users migrate to a more secure EAP than PEAP.
Answer:
True
False
False
An ____ is an AP that is set up by an attacker.
Choose one answer.
a. internal replica
b. evil twin
c. authorized twin
d. active twin
evil twin
The IEEE 802.15.1-2005 Wireless Personal Area Network standard was based on the ____ specifications.
Choose one answer.
a. Bluetooth v2.1
b. Bluetooth v 1.0
c. Bluetooth v 1.1
d. Bluetooth v1.2
Bluetooth v1.2
Because antennas are generally positioned to provide the broadest area of coverage, APs should be located at the end of the coverage area.
Answer:
True
False
False
A ____ access point is an unauthorized AP that allows an attacker to bypass many of the network security configurations and opens the network and its users to attacks.
Choose one answer.
a. sanctioned
b. legitimate
c. rogue
d. random
rogue
A(n) ____ acts as the "base station" for the wireless network.
Choose one answer.
a. endpoint
b. AP
c. ad-hoc peer
d. WMM
AP
The SSID can generally be any alphanumeric string from 2 to ___ characters.
Choose one answer.
a. 28
b. 34
c. 32
d. 23
32
Slave devices that are connected to the piconet and are sending transmissions are known as ____ slaves.
Choose one answer.
a. hybrid
b. neutral
c. passive
d. active
active
Most Bluetooth devices use a Class 2 radio that has a range of ____ feet.
Choose one answer.
a. 18
b. 10
c. 33
d. 15
33
Because of the weaknesses of WEP, it is possible for an attacker to identify two packets derived from the same IV.
Answer:
True
False
True
To use a wireless protocol analyzer, a wireless NIC must operate in which mode.
Choose one answer.
a. Repeater
b. RFMON
c. AD-HOC
d. AP
RFMON
____ requires mutual authentication used for WLAN encryption using Cisco client software.
Choose one answer.
a. LEAP
b. PEAP
c. EAP
d. TKIP
LEAP
____ is a framework for transporting authentication protocols instead of the authentication protocol itself.
Choose one answer.
a. PEAP
b. TKIP
c. SSL
d. EAP
EAP
The CRC in WEP is replaced with a MIC in WPA for what purpose?
Choose one answer.
a. MIC guarantees packets are received in the order sent
b. MIC creates an IPSEC tunnel between the sender and receiver
c. MIC protects the integrity of a data packet
d. MIC guarantees the sender is trusted
MIC protects the integrity of a data packet
____ allow a single access point to service different types of users.
Choose one answer.
a. Wireless encryption standards
b. Wireless multimedia protocols
c. Wireless VLANs
d. Wireless VPNs
Wireless VLANs
Attacks against wireless networks can be categorized as:
Choose at least one answer.
a. Man in the middle
b. RF spectrum
c. Discovering the network
d. Access points
RF spectrum
Discovering the network
Access points
____ is the encryption protocol standard for WPA2.
Choose one answer.
a. AES-SCMP
b. AES-TKIP
c. AES-CCMP
d. AES-CTR
AES-CCMP
Select the statement(s) below that describe the vulnerabilities of WEP.
Choose at least one answer.
a. WEP is limited to 64 bit encryption
b. WEP uses a 64 bit CRC
c. WEP uses a 24 bit IV
d. WEP uses a repetitive pattern of encryption
WEP uses a 24 bit IV
WEP uses a repetitive pattern of encryption
War driving is searching for wireless signals.
Answer:
True
False
True
A(n) ____ packet contains a field that indicates the function of the packet and an identifier field used to match requests and responses.
Choose one answer.
a. ICMP
b. EAP
c. RADIUS
d. TKIP
EAP
Select the advantage(s) of using 802.11n over previous WLAN standards.
Choose at least one answer.
a. It doubles the outdoor range and triples the indoor range
b. It uses different frequencies for reduced interference
c. It can transmit up to 600 Mbps
d. Wireless security is backward compatible
It uses different frequencies for reduced interference
It can transmit up to 600 Mbps
Bluetooth is a ____ technology designed for data communication over short distances.
Choose one answer.
a. Personal Area Network
b. Limited Area Network
c. Private Area Network
d. Small Area Network
Personal Area Network
APs use antennas that radiate a signal in all directions.
Answer:
True
False
True
Standard access points are also referred to as independent access points.
Answer:
True
False
False
____ is considered a more flexible EAP scheme because it creates an encrypted channel between the client and the authentication server.
Choose one answer.
a. TKIP
b. LEAP
c. PEAP
d. ICMP
PEAP
____ is an attack that accesses unauthorized information from a wireless device through a Bluetooth connection, often between cell phones and laptop computers.
Choose one answer.
a. Bluejacking
b. Bluesnarfing
c. Bluetalking
d. Bluecracking
Bluesnarfing
____ access points are serious threats to network security because they allow attackers to intercept the RF signal and bypass network security to attack the network or capture sensitive data.
Choose one answer.
a. Legitimate
b. Sanctioned
c. Twin
d. Rogue
Rogue
____ is designed to detect any changes in a packet, whether accidental or intentional.
Choose one answer.
a. AES
b. CBC
c. TKIP
d. CRC
CRC
When a device receives a beacon frame from an AP, the device then sends a frame known as a(n) ____ frame to the AP.
Choose one answer.
a. broadcast SSID
b. disassociation request
c. association request
d. connect request
association request
A group of piconets in which connections exist between different piconets is called a ____.
Choose one answer.
a. boundnet
b. broadnet
c. scatternet
d. honeynet
scatternet
EAP request packets are issued by the ____.
Choose one answer.
a. supplicant
b. authenticator
c. proxy
d. authorization server
authenticator
A vulnerability of PSK is that keys are shared manually in plain text.
Answer:
True
False
True
Bluetooth devices are not backward compatible with previous versions.
Answer:
True
False
False
TCP is the main ____ protocol that is responsible for establishing connections and the reliable data transport between devices.
Choose one answer.
a. Network Layer
b. Transport Layer
c. Presentation Layer
d. Application Layer
Transport Layer
IEEE 802.1x is commonly used on wireless networks.
Answer:
True
False
True
IP is the protocol that functions primarily at the Open Systems Interconnection (OSI) ____.
Choose one answer.
a. Data link Layer
b. Network Layer
c. Presentation Layer
d. Transport Layer
Network Layer
The ____ is a database, organized as a hierarchy or tree, of the name of each site on the Internet and its corresponding IP number.
Choose one answer.
a. TACACS+
b. NIS
c. WINS
d. DNS
DNS
Select the statements below that correctly explain different ways to increase security of FTP traffic.
Choose at least one answer.
a. Use agressive mode to randomize port numbers
b. Use passive mode and limit port ranges
c. Use SSL/TLS, known as SFTP, to encrypt commands
d. Use Secure FTP, known as FTPS, to encrypt commands and data
Use passive mode and limit port ranges
____ is a pay-per-use computing model in which customers pay only for the computing resources they need.
Choose one answer.
a. Cloud computing
b. Cloud Software as a Service
c. Infrastructure as a Service
d. Virtualization
Cloud computing
____ can be used to determine whether new IP addresses are attempting to probe the network.
Choose one answer.
a. Proxy logs
b. DNS logs
c. Firewall logs
d. DHCP logs
Firewall logs
TCP/IP uses its own five-layer architecture that includes Network Interface, Internet, Control, Transport, and Application.
Answer:
True
False
False
It is possible to segment a network by physical devices grouped into logical units through a(n) ____.
Choose one answer.
a. VLAN
b. MAC address
c. subnets
d. IP address
VLAN
The most common protocol suite used today for local area networks (LANs) as well as the Internet is ____.
Choose one answer.
a. ASN.1
b. TCP/IP
c. UDP
d. BER
TCP/IP
TCP port ____ is the FTP control port used for passing FTP commands.
Choose one answer.
a. 21
b. 22
c. 19
d. 20
21
IP telephony and Voice over IP (VoIP) are identical.
Answer:
True
False
False
A ____ can create entries in a log for all queries that are received.
Choose one answer.
a. DHCP log
b. network log
c. DNS log
d. proxy log
DNS log
In the ____ model, the cloud computing vendor provides access to the vendor's software applications running on a cloud infrastructure.
Choose one answer.
a. Cloud Infrastructure as a Service
b. Cloud Software as a Service
c. Cloud System as a Service
d. Cloud Application as a Service
Cloud Software as a Service
Switches, not individual switch ports are configured for MAC limiting and filtering.
Answer:
True
False
False
TCP is responsible for addressing packets and sending them on the correct route to the destination, while IP is responsible for reliable packet transmission.
Answer:
True
False
False
DNS poisoning can be prevented by using the latest editions of the DNS software known as ____.
Choose one answer.
a. WINS
b. DHCP
c. BIND
d. finger
BIND
Broadcast storms can be prevented with ____.
Choose one answer.
a. VLAN management
b. Dijkstra's algorithm
c. loop protection
d. 802.11x
loop protection
____ is a means of managing and presenting computer resources by function without regard to their physical layout or location.
Choose one answer.
a. Portability
b. Migration assistance
c. Availability
d. Virtualization
Virtualization
What would log entries showing probes to obscure ports indicate?
Choose one answer.
a. Pre DoS attack reconnaissance
b. A worm looking for an open port to infect the target
c. Pre attack scanning to see if a port is open and being used
d. A trojan trying to send information to the attacker
Pre attack scanning to see if a port is open and being used
____ is used to relay query messages.
Choose one answer.
a. ICMP
b. TCP
c. FTP
d. UDP
ICMP
____ provides a greater degree of security by implementing port-based authentication.
Choose one answer.
a. IEEE 802.3ad
b. IEEE 802.11n
c. IEEE 802.1x
d. IEEE 802.1z
IEEE 802.1x
A ____ forwards packets across computer networks.
Choose one answer.
a. hub
b. switch
c. router
d. bridge
router
DNS uses port 35.
Answer:
True
False
False
In the ____ cloud computing model, the customer has the highest level of control.
Choose one answer.
a. Cloud Application as a Service
b. Cloud System as a Service
c. Cloud Infrastructure as a Service
d. Cloud Software as a Service
Cloud Infrastructure as a Service
A ____ is a feature that controls a device's tolerance for unanswered service requests and helps to prevent a DoS attack.
Choose one answer.
a. link guard
b. flood guard
c. protocol guard
d. frame guard
flood guard
An example of a smurf DoS attack is when an attacker spoofs broadcasted ICMP packets to make them appear as though they came from the target of the attack.
Answer:
True
False
True
Despite its promise to dramatically impact IT, cloud computing raises significant security concerns.
Answer:
True
False
True
Server virtualization typically relies on the ____, which is software that runs on a physical computer to manage one or more virtual machine operating systems.
Choose one answer.
a. kernel
b. supervisor
c. hypervisor
d. hypercard
hypervisor
SNMP agents are protected with a password known as a(n) ____ in order to prevent unauthorized users from taking control over a device.
Choose one answer.
a. OID
b. entity
c. community string
d. MIB
community string
Routers operate at the ____ Layer.
Choose one answer.
a. Transport
b. Network
c. Presentation
d. Application
Network
Examining network traffic, activity, transactions, or behavior and looking for well-known patterns is known as ____-based monitoring
Choose one answer.
a. packet
b. application
c. protocol
d. signature
signature
A ____ is a computer or an application program that intercepts a user request from the internal secure network and then processes that request on behalf of the user.
Choose one answer.
a. proxy server
b. telnet server
c. VPN server
d. DNS server
proxy server
What layer of the OSI model performs physical addressing?
Choose one answer.
a. Transport layer
b. Network layer
c. Physical layer
d. Data Link layer
Data Link layer
A(n) ____ can block malicious content in "real time" as it appears without first knowing the URL of a dangerous site.
Choose one answer.
a. firewall
b. Web security gateway
c. security proxy
d. application gateway
Web security gateway
A(n) ____ is the end of the tunnel between VPN devices.
Choose one answer.
a. client
b. proxy
c. endpoint
d. server
endpoint
A ____ is a network device that can forward packets across computer networks.
Choose one answer.
a. firewall
b. switch
c. router
d. bridge
router
Select the statement that is true of anomaly based monitoring.
Choose one answer.
a. Has a low processesing load on systems
b. Can be quickly completed and deployed
c. Has a low false positive rate
d. Requires a baseline of normal data be established
Requires a baseline of normal data be established
____ IP addresses are IP addresses that are not assigned to any specific user or organization.
Choose one answer.
a. Public
b. Private
c. Private domain
d. Public domain
Private
____ is a technique that allows private IP addresses to be used on the public Internet.
Choose one answer.
a. NAPT
b. NAT
c. PNAT
d. PAT
NAT
A ____ is a standard network device for connecting multiple Ethernet devices together by using twisted-pair copper or fiber-optic cables in order to make them function as a single network segment.
Choose one answer.
a. hub
b. switch
c. firewall
d. router
hub
Security is enhanced by subnetting a single network into multiple smaller subnets in order to isolate groups of hosts.
Answer:
True
False
True
Each operation in a computing environment starts with a ____.
Choose one answer.
a. unit call
b. system exception
c. system call
d. hardware instruction
system call
Select the correct statement(s) below concerning NAT and PAT.
Choose at least one answer.
a. In PAT, every one unique private address is mapped to one public address
b. In NAT, every one unique private address is mapped to one public address
c. In NAT, every one unique private address is mapped to one unique public address
d. In PAT, every one unique private address is mapped to one unique public address
In PAT, every one unique private address is mapped to one public address
In NAT, every one unique private address is mapped to one unique public address
Select the true statement(s) below of host based intrusion detection systems.
Choose at least one answer.
a. They can detect modifications to the registry
b. They can monitor input and output activity
c. They can detect what programs are opening what files
d. They cannot detect activity to and from the NIC Incorrect
They can detect modifications to the registry
They can monitor input and output activity
They can detect what programs are opening what files
Select the method(s) below for monitoring network traffic on a switch.
Choose at least one answer.
a. Configure port mirroring
b. Network traffic can only be monitored on a hub
c. Configure the port for the monitoring computer as a trunk port
d. Configure the port for the monitoring computer as an access port
e. Use a router to route traffic to the monitoring computer
f. Install a network tap
Configure port mirroring
Install a network tap
IP addresses are ____-bit addresses.
Choose one answer.
a. 8
b. 4
c. 32
d. 16
32
A(n) ____ does not serve clients, but instead routes incoming requests to the correct server.
Choose one answer.
a. system proxy
b. forward proxy
c. application proxy
d. reverse proxy
reverse proxy
____ switches are connected directly to the devices on a network.
Choose one answer.
a. Workgroup
b. Core
c. Intermediate
d. Distribution
Workgroup
Select the statement(s) below that are true of a load balancer.
Choose at least one answer.
a. They do not work with SQL servers
b. They reduce server overload
c. They can detect and stop DoS attacks
d. They cannot monitor the overall performance of the servers they balance
They reduce server overload
They can detect and stop DoS attacks
____ is typically used on home routers that allow multiple users to share one IP address received from an Internet service provider (ISP).
Choose one answer.
a. PAT
b. PNAT
c. PAN
d. NAT
PAT
A(n) ____ encrypts all data that is transmitted between the remote device and the network.
Choose one answer.
a. IKE tunnel
b. endpoint
c. router
d. VPN
VPN
In order to allow untrusted outside users access to resources such as Web servers, most networks employ a ____.
Choose one answer.
a. DMZ
b. choke
c. reduction point
d. bastion
DMZ
A VPN concentrator is hardware that compacts a VPN into a smaller footprint, allowing for more throughput.
Answer:
True
False
False
What must be done to allow a third party to filter spam?
Choose one answer.
a. The MX record must be changed in DNS
b. The ARP record must be changed on the firewall
c. The third party must have a VPN to the customer organization
d. The third party must use primary and backup SMTP port numbers to redirect email
The MX record must be changed in DNS
Layer 5 of the OSI model is the ____ layer.
Choose one answer.
a. Session
b. Presentation
c. Data Link
d. Network
Session
Select the statement(s) below that correctly describe hubs and switches.
Choose at least one answer.
a. Switches can pass both unicast and broadcast traffic, but a hub can only pass unicast traffic
b. Like switches, hubs can learn what devices are connected to its ports
c. Port mirroring can be configured on a switch but not a hub
d. Protocol analyzers can capture traffic on networks with hubs or switches
Port mirroring can be configured on a switch but not a hub
Protocol analyzers can capture traffic on networks with hubs or switches
____ is a technology that can help to evenly distribute work across a network.
Choose one answer.
a. DNS caching
b. DNS poisoning
c. Stateful packet filtering
d. Load balancing
Load balancing
A basic level of security can be achieved through using the security features found in network hardware.
Answer:
True
False
True
____ keeps a record of the state of a connection between an internal computer and an external device and then makes decisions based on the connection as well as the conditions.
Choose one answer.
a. Stateful frame filtering
b. Stateless frame filtering
c. Stateless packet filtering
d. Stateful packet filtering
Stateful packet filtering
Workgroup switches must work faster than core switches.
Answer:
True
False
False
The OSI model breaks networking steps down into a series of six layers.
Answer:
True
False
False
____ provides remote users with the same access and functionality as local users through a VPN or dial-up connection.
Choose one answer.
a. Extranet
b. Remote access
c. Intranet
d. Virtual access
Remote access
A ____ allows scattered users to be logically grouped together even though they may be attached to different switches.
Choose one answer.
a. VLAN
b. DMZ
c. subnet
d. broadcast domain
VLAN
Behavior-based monitoring attempts to overcome the limitations of both anomaly-based monitoring and signature-based monitoring by being more adaptive and proactive instead of reactive.
Answer:
True
False
True
Hubs work in the OSI physical layer to pass traffic from one device to another.
Answer:
True
False
True
Select the true statement about proxy servers.
Choose one answer.
a. One of the security advantages of a proxy server is that it will always connect to the requested external web server to download the content requested by the LAN client
b. Internet attackers see the IP address of the proxy server instead of the IP address of the target internal computer
c. They can accept connections from inside or outside the internal LAN
d. Proxy servers can help secure a network, but they can also slow it down
Internet attackers see the IP address of the proxy server instead of the IP address of the target internal computer
NAC can use which of the following to connect a computer to a quarantine network? Select all that are correct.
Choose at least one answer.
a. TCP/IP redirection
b. DNS poisoning
c. DHCP
d. ARP poisoning
DHCP
ARP poisoning
Because of the many complex rules required in a rule based firewall, they operate at a higher level than a settings based firewall.
Answer:
True
False
False
Tight physical security of a switch will prevent which of the following attack methods?
Choose at least one answer.
a. ARP poisoning
b. MAC address impersonation
c. Network tap
d. MAC flooding
e. Port Mirroring
Port Mirroring
Securing a restricted area by erecting a barrier is called ____.
Choose one answer.
a. fencing
b. boundary placement
c. blocking
d. moating
fencing
A ____ can be inserted into the security slot of a portable device and rotated so that the cable lock is secured to the device, while a cable connected to the lock can then be secured to a desk or immobile object.
Choose one answer.
a. safe lock
b. shield lock
c. cable lock
d. U-lock
cable lock
Select the answer below that best describes how anti-virus (AV) companies scan for viruses.
Choose one answer.
a. A new approach to AV detection is wildcard scanning because it can detect viruses without an exact match
b. Heuristic detection creates a virtualized environment to detect viruses
c. The strength of signature file detection is that once the signature is created it will not change
d. Heuristic scanning is also called mismatch scanning
Heuristic detection creates a virtualized environment to detect viruses
____ can be prewired for electrical power as well as wired network connections.
Choose one answer.
a. Locking cabinets
b. Locking drawers
c. Desks
d. Fences
d. Fences
Locking cabinets
Cipher locks are the same as combination padlocks.
Answer:
True
False
False
Each host (desktop, wireless laptop, smartphone, gateway server) runs a local application called a ____, which is sent over the network to the devices and runs as an OS service.
Choose one answer.
a. DLP manager
b. DLP control
c. DLP agent
d. DLP cipher
DLP agent
In Microsoft Windows, a ____ is a collection of security configuration settings.
Choose one answer.
a. security summary
b. security baseline
c. security template
d. security reference
security template
ID badges that can be detected by a proximity reader are often fitted with tiny radio ____ tags.
Choose one answer.
a. pulse
b. RFID
c. AFID
d. wave
RFID
____ use multiple infrared beams that are aimed across a doorway and positioned so that as a person walks through the doorway some beams are activated.
Choose one answer.
a. Engineering sensors
b. Proximity sensors
c. Lockout sensors
d. Tailgate sensors
Tailgate sensors
Data, once restricted to papers in the office filing cabinet, now flows freely both in and out of organizations, among employees, customers, contractors, and business partners.
Answer:
True
False
True
Mobile device security should include the ability to remotely wipe a device.
Answer:
True
False
True
Passive tags have ranges from about 1/3 inch to ____ feet.
Choose one answer.
a. 19
b. 15
c. 25
d. 12
19
_________ is a software testing technique that inputs invalid, unexpected, or random data to software to test for errors.
Choose one answer.
a. Input validation
b. Phazing
c. Escaping
d. Fuzzing
Fuzzing
____ is a system of security tools that is used to recognize and identify data that is critical to the organization and ensure that it is protected.
Choose one answer.
a. IDS
b. LLP
c. DLP
d. ADP
DLP
Choose the management procedure(s) that should be followed when using keyed locks.
Choose at least one answer.
a. Establish procedure to replace keyed locks with cipher locks
b. Keep record of keys issued, including their number and identification
c. Establish procedure to monitor use of locks and keys
d. Change locks after loss or theft of keys
e. Master keys should be designated as such to avoid confusion
f. After keys are issued they should be kept in a safe
Keep record of keys issued, including their number and identification
Establish procedure to monitor use of locks and keys
Change locks after loss or theft of keys
A ____ is software that is a cumulative package of all security updates plus additional features.
Choose one answer.
a. feature pack
b. patch
c. service pack
d. roll-up
service pack
A ____ is designed to separate a nonsecured area from a secured area.
Choose one answer.
a. closet
b. lockout
c. mantrap
d. pit
mantrap
A(n) ____ is hardware or software that is designed to prevent malicious packets from entering or leaving computers.
Choose one answer.
a. firewall
b. scanner
c. IPS
d. honeypot
firewall
In __________ spam is detected by comparing evey word in known spam emails to every word in spam free emails.
Choose one answer.
a. Wildcard filtering
b. Bayesian filtering
c. Blacklist filtering
d. Trap filtering
Bayesian filtering
Just as important as securing the host hardware, the operating system of the host should be protected by which process(es)?
Choose at least one answer.
a. Lock the operating system to prevent changes
b. Perform host baselining
c. Develop an organizational security policy
d. Implement patch management
e. GPS tracking
f. Require anti virus software on the host
Perform host baselining
Develop an organizational security policy
Implement patch management
Instead of using a key or entering a code to open a door, a user can display a ____ to identify herself.
Choose one answer.
a. physical sensor
b. hybrid sensor
c. physical token
d. logical token
physical token
Concerning secure coding standards, choose the statement below that is correct.
Choose one answer.
a. They can hinder the code review process
b. They eliminate errors in coding
c. They help increase the consistency, reliability, and security of applications
d. They are widely adopted
They help increase the consistency, reliability, and security of applications
Select the two common types of security related operating system logs.
Choose at least one answer.
a. Audit records
b. System events
c. Anti virus logs
d. Security logs
Audit records
System events
Securing the host involves protecting the physical device itself, securing the operating system software on the system, using security-based software applications, and monitoring logs.
Answer:
True
False
True
A security policy determines how security is to be enforced; a baseline determines what must be protected.
Answer:
True
False
False
Keyed entry locks are much more difficult to defeat than deadbolt locks.
Answer:
True
False
False
DLP examines data in what three states?
Choose at least one answer.
a. Data in transition
b. Data in an open state
c. Data in a closed state
d. Data in use
e. Data in motion
f. Data at rest
Data in use
Data in motion
Data at rest
When a policy violation is detected by the DLP agent, it is reported back to the DLP server.
Answer:
True
False
True
In ____, a virtualized environment is created that simulates the central processing unit (CPU) and memory of the computer.
Choose one answer.
a. hybrid detection
b. mismatch scanning
c. heuristic detection
d. pattern detection
heuristic detection
____ is defined as a security analysis of the transaction within its approved context.
Choose one answer.
a. Content aggregation
b. Content inspection
c. Content delivery
d. Content management
Content inspection
Using video cameras to transmit a signal to a specific and limited set of receivers is called ____.
Choose one answer.
a. CCTV
b. ITV
c. ICTV
d. IPTV
CCTV
One important point in secure coding concepts is that errors not be trapped.
Answer:
True
False
False
____ are combination locks that use buttons which must be pushed in the proper sequence to open the door.
Choose one answer.
a. Reaction locks
b. Cipher locks
c. Biometric locks
d. Multifactor locks
Cipher locks
When security is done right, an organization would create a different baseline for each class of computer.
Answer:
True
False
True
A ____ outlines the major security considerations for a system and becomes the starting point for solid security.
Choose one answer.
a. minimum
b. reference
c. baseline
d. profile
baseline
A ____ is an independently rotating large cups affixed to the top of a fence prevent the hands of intruders from gripping the top of a fence to climb over it.
Choose one answer.
a. fence
b. top hat
c. bollard
d. roller barrier
roller barrier
An anti-climb collar is a ____ that extends horizontally for up to 3 feet (1 meter) from the pole to prevent anyone from climbing.
Choose one answer.
a. spiked collar
b. flat collar
c. slippery collar
d. sharp collar
spiked collar
The signal from an ID badge is detected as the owner moves near a ____, which receives the signal.
Choose one answer.
a. magnetic scanner
b. proximity reader
c. barcode scanner
d. mantrap
proximity reader
Office File Validation is only available in Microsoft Office 2010.
Answer:
True
False
True
Choose the best point in implementing patch management.
a. Organizations should use an automated patch update service so they can control patch management
b. Organizations should use the vendors online update service so they can control patch management
c. Organizations should deploy patches and hotfixes immediately, but test service packs before deploying
d. Organizations should use a Windows operating system because they have the best online update services
Organizations should use an automated patch update service so they can control patch management
In an empty box test, the tester has no prior knowledge of the network infrastructure that is being tested.
Answer:
True
False
False
Select the relationship between an attack tree and threat modeling.
Choose one answer.
a. An attack tree is a visual image of the attacks that could be launched against an asset
b. The threat model is a graphical representation of an attack tree
c. An attack tree determines the threat modeling process
d. The threat model determines the structure of an attack tree
An attack tree is a visual image of the attacks that could be launched against an asset
When performing a vulnerability assessment, many organizations use ____ software to search a system for any port vulnerabilities.
Choose one answer.
a. application profiler
b. port scanner
c. threat scanner
d. vulnerability profiler
port scanner
A(n) ____ indicates that no process is listening at this port.
Choose one answer.
a. closed address
b. open port
c. open address
d. closed port
closed port
Stealth scans are so named because they can pass through firewalls undected.
Answer:
True
False
False
____ is a comparison of the present state of a system compared to its baseline.
Choose one answer.
a. Baseline assessment
b. Compliance reporting
c. Compliance review
d. Baseline reporting
Baseline reporting
A risk retention pool is a variation of accepting the risk.
Answer:
True
False
False
Choose the elements of a security posture.
Choose at least one answer.
a. Continuous monitoring
b. Remediation
c. Risk management
d. Attack mitigation
e. Baseline configuration
f. Security controls
Continuous monitoring
Remediation
Baseline configuration
In vulnerability ________ , each asset must be assessed against every possible threat against that asset.
Choose one answer.
a. Identification
b. Appraisal
c. Assessment
d. Evaluation
Appraisal
Select the three options an organization has to mitigate risk.
Choose at least one answer.
a. Purchase insurance
b. Diminish the risk
c. Accept the risk
d. Transfer the risk
e. Eliminate the risk
f. Risk retention pool
Diminish the risk
Accept the risk
Transfer the risk
A baseline is the standard by which the level of security in an organization is measured.
Answer:
True
False
True
____ is the probability that a risk will occur in a particular year.
Choose one answer.
a. ALE
b. SLE
c. ARO
d. EF
ARO
The ____ for software is the code that can be executed by unauthorized users.
Choose one answer.
a. risk profile
b. attack surface
c. vulnerability surface
d. input surface
attack surface
A ____ outlines the major security considerations for a system and becomes the starting point for solid security.
Choose one answer.
a. threat
b. control
c. baseline
d. profile
baseline
____ is a means by which an organization can transfer the risk to a third party who can demonstrate a higher capability at managing or reducing risks.
Choose one answer.
a. Outsourcing
b. Outcasting
c. Insourcing
d. Inhousing
Outsourcing
A(n) ____ means that the application or service assigned to that port is listening for any instructions.
Choose one answer.
a. interruptible system
b. closed port
c. open port
d. empty port
open port
A ____ is a network set up with intentional vulnerabilities.
Choose one answer.
a. honeypot
b. honeycomb
c. honey hole
d. honeynet
honeynet
If port 20 is available, then an attacker can assume that FTP is being used.
Answer:
True
False
True
While the code for a program is being written, it is being analyzed by a ____.
Choose one answer.
a. white box
b. black box
c. code review
d. scanner
code review
A ____ tester has an in-depth knowledge of the network and systems being tested, including network diagrams, IP addresses, and even the source code of custom applications.
Choose one answer.
a. replay
b. black box
c. white box
d. system
white box
In what phase of software development are errors and bugs identified and corrected?
Choose one answer.
a. Pre-implementation
b. Verification
c. Beta testing
d. Design review
Verification
A security weakness is known as a(n) ____.
Choose one answer.
a. risk
b. threat
c. vulnerability
d. opportunity
vulnerability
Select the steps of a vulnerability assessment.
a. Threat mitigation
b. Vulerability evaluation
c. Risk assessment
d. Threat evaluation
e. Asset assessment
f. Vulerability appraisal
g. Asset identification
h. Risk mitigation
Risk assessment
Threat evaluation
Vulerability appraisal
Asset identification
Risk mitigation
Well known TCP/IP port numbers fall into the lowest range of port numbers.
Answer:
True
False
True
Choose the statement below that is correct.
a. Because of the automated tools used in pentesting, scanning for vulnerabilities often requires more skill than penetration testing . b. A vulnerability scan looks for vulnerabilities, but a penetration test exploits them.
c. There are open source products that automate vulnerability scans and penetration tests.
d. Scanning for vulnerabilities can be disruptive to normal operations, but pentesting uses stealthy techniques that go undetected.
A vulnerability scan looks for vulnerabilities, but a penetration test exploits them.
A ____ in effect takes a snapshot of the current security of the organization.
Choose one answer.
a. risk assessment
b. vulnerability appraisal
c. threat analysis
d. threat assessment
vulnerability appraisal
A(n) ____ examines the current security in a passive method.
Choose one answer.
a. vulnerability scan
b. system scan
c. application scan
d. threat scan
vulnerability scan
____ is the proportion of an asset's value that is likely to be destroyed by a particular risk.
Choose one answer.
a. ER
b. SLE
c. EF
d. ARO
EF
Risk assessments should focus on the impact to the individual area(s) affected by an attacked asset and not the organization as a whole.
Answer:
True
False
False
The end product of a penetration test is the penetration ____.
Choose one answer.
a. test report
b. test system
c. test profile
d. test view
test report
Registered TCP/IP port numbers are reserved for the most universal applications.
Answer:
True
False
False
The first step in a vulnerability assessment is to determine the assets that need to be protected.
Answer:
True
False
True
A ____ is a computer typically located in an area with limited security and loaded with software and data files that appear to be authentic, yet they are actually imitations of real data files.
Choose one answer.
a. write blocker
b. honeycomb
c. honeypot
d. port scanner
honeypot
A(n) _________________ determines the damages from an attack and the likelihood that the vulnerability is a risk to the organization.
Choose one answer.
a. Risk mitigation
b. Risk assessment
c. Threat evaluation
d. Asset appraisal
Risk assessment
The ____ is the expected monetary loss every time a risk occurs.
Choose one answer.
a. ALE
b. SRE
c. ARO
d. SLE
SLE
The goal of ____ is to better understand who the attackers are, why they attack, and what types of attacks might occur.
Choose one answer.
a. risk modeling
b. threat modeling
c. threat mitigation
d. threat profiling
threat modeling
A healthy security posture results from a sound and workable strategy toward managing risks.
Answer:
True
False
True
Vulnerability scans are usually performed from outside the security perimeter.
Answer:
True
False
False
A(n) ____ is hardware or software that captures packets to decode and analyze its contents.
Choose one answer.
a. threat profiler
b. application analyzer
c. protocol analyzer
d. system analyzer
protocol analyzer
Choose the statement below that best describes a TCP SYN scan.
Choose one answer.
a. If the target port is closed it responds with TCP + FIN
b. If the target port is open it will respond with SYN + ACK
c. The scanner leaves the target port open so it can begin an attack
d. A TCP SYN scan is one of the most popular scans
If the target port is open it will respond with SYN + ACK
Released in 1995, one of the first tools that was widely used for penetration testing was ____.
Choose one answer.
a. NESSUS
b. SAINT
c. SATAN
d. GOPHER
SATAN
In software development, the design review phase is conducted after the initial writing of the code before the verification phase.
Answer:
True
False
False
Select the statement(s) that are correct.
Choose at least one answer.
a. Once created, cookies allow Web sites access to private information on the users computer
b. Cookies are created by the users browser to store personally identifiable information pertaining to a Web site
c. Cookies, which contain user-specific information, are created by Web sites and stored on the users computer
d. Third party cookies are also called drive-by cookies
e. Cookies can only be read by the Web site it was created from
f. Session cookies are stored in RAM
Cookies, which contain user-specific information, are created by Web sites and stored on the users computer
Cookies can only be read by the Web site it was created from
Session cookies are stored in RAM
The SQL injection statement ____ erases the database table.
Choose one answer.
a. whatever'; UPDATE TABLE members; --
b. whatever'; RENAME TABLE members; --
c. whatever'; DROP TABLE members; --
d. whatever'; DELETE TABLE members; --
whatever'; DROP TABLE members; --
____ is a language used to view and manipulate data that is stored in a relational database.
Choose one answer.
a. DQL
b. SQL
c. ISL
d. C
SQL
Web application attacks are considered ____ attacks.
Choose one answer.
a. server-side
b. client-side
c. hybrid
d. relationship
server-side
A DoS attack is designed to flood a system with so many requests that the target system eventually stops responding or crashes.
Answer:
True
False
True
SQL injection attacks target Web servers by injecting SQL commands into the HTML code, thus causing the Web site to crash.
Answer:
True
False
False
The ____ is part of an HTTP packet that is composed of fields that contain the different characteristics of the data being transmitted.
Choose one answer.
a. SSL header
b. HTML header
c. HTTP header
d. XML header
HTTP header
The dangerous aspect of a client-side Web attack is that compromised Web sites initiate connections with clients in an attempt to infect them.
Answer:
True
False
False
The expression ____ traverses up one directory level.
Choose one answer.
a. ./
b. %/
c. ;/
d. ../
../
ARP poisoning is successful because there are few authentication procedures to verify ARP requests and replies.
Answer:
True
False
False
The "omnipresence" of access from any computer with only an Internet connection and a Web browser has made Web applications an essential element of organizations today.
Answer:
True
False
True
DNS poisoning can be done in two locations: the local lmhosts table or the external DNS server.
Answer:
True
False
False
A client-side attack that results in a user's computer becoming compromised just by viewing a Web page and not even clicking any content is known as a ____.
Choose one answer.
a. denial of service
b. stack underflow
c. drive-by-download
d. buffer overflow
drive-by-download
The differences between XML and HTML include: (Choose all that apply)
Choose at least one answer.
a. Users define tags in HTML
b. XML carries data
c. Users define tags in XML
d. HTML is less secure than XML
XML carries data
Users define tags in XML
The two types of network attacks that attempt to poison normal network operations are:
Choose at least one answer.
a. ARP poisoning
b. DNS poisoning
c. MAC poisoning
d. TCP/IP poisoning
ARP poisoning
DNS poisoning
Although traditional network security devices can block traditional network attacks, they cannot always block Web application attacks.
Answer:
True
False
True
Because of the minor role it plays, DNS is never the focus of attacks.
Answer:
True
False
False
Choose the statement(s) below that are correct concerning ARP and ARP poisoning attacks.
Choose at least one answer.
a. ARP poisoning attacks can insert a fradulant IP address in ARP cache
b. ARP is immune to man-in-the-middle attacks, but not DoS attacks
c. ARP has no authentication procedures, making it susceptible to poisoning attacks
d. An IP address and corresponding physical address for a computer are stored in ARP cache
ARP has no authentication procedures, making it susceptible to poisoning attacks
An IP address and corresponding physical address for a computer are stored in ARP cache
A ____ attack is similar to a passive man-in-the-middle attack.
Choose one answer.
a. hijacking
b. buffer overflow
c. denial
d. replay
replay
Select the two ways in which a session hijacking attack is generally carried out.
Choose at least one answer.
a. Steal the session token cookie
b. Steal the session token
c. Hijack the TCP session
d. Launch a command injection attack
Steal the session token cookie
Steal the session token
In an active man-in-the-middle attack, the attacker:
Choose one answer.
a. Takes over as the reciever without the sender knowing Incorrect
b. Takes over as the sender without the reciever knowing Incorrect
c. Records the transmissions between sender and reciever before sending them on Incorrect
d. Intercepts and alters the transmissions between sender and reciever before sending them on
Intercepts and alters the transmissions between sender and reciever before sending them on
The SQL injection statement ____ discovers the name of a table.
Choose one answer.
a. whatever' AND 1=(SELECT COUNT(*) FROM tabname); --
b. whatever; AND 1=(SELECT COUNT(*) FROM tabname); --
c. whatever%; AND 1=(SELECT COUNT(*) FROM tabname); --
d. whatever%20 AND 1=(SELECT COUNT(*) FROM tabname); --
whatever' AND 1=(SELECT COUNT(*) FROM tabname); --
The SQL injection statement ____ determines the names of different fields in a database.
Choose one answer.
a. whatever AND email IS NULL; --
b. whatever; AND email IS NULL; --
c. whatever' AND email IS NULL; --
d. whatever" AND email IS NULL; --
whatever' AND email IS NULL; --
Attacks that can be written and deployed in a single day are known as zero day attacks.
Answer:
True
False
False
When TCP/IP was developed, the host table concept was expanded to a hierarchical name system for matching computer names and numbers known as the ____.
Choose one answer.
a. URNS
b. NSDB
c. HTTP
d. DNS
DNS
The Chinese government uses _____ to prevent Internet content that it considers unfavorable from reaching its citizenry.
Choose one answer.
a. DNS blacklisting
b. DNS bonding
c. DNS poisoning
d. DNS spooking
DNS poisoning
____ is for the transport and storage of data, with the focus on what the data is.
Choose one answer.
a. SML
b. XML
c. HTML
d. SGML
XML
____ is designed to display data, with the primary focus on how the data looks.
Choose one answer.
a. SGML
b. HTML
c. ISL
d. XML
HTML
When DNS servers exchange information among themselves it is known as a ____.
Choose one answer.
a. zone disarticulation
b. resource request
c. zone removal
d. zone transfer
zone transfer
Users who access a Web server are usually restricted to the ____ directory.
Choose one answer.
a. www
b. root
c. tap
d. top
root
For a Linux system Web server, the default root directory is typically ____.
Choose one answer.
a. /var/wwwroot
b. C:\inetpub\wwwroot
c. /home/root
d. /var/www
/var/www
One security concern with ActiveX is that it has full access to the Windows operating system.
Answer:
True
False
True
The most common Web application attacks are XSS, XML injection, and Macro injection.
Answer:
True
False
False
____ substitutes DNS addresses so that the computer is automatically redirected to another device.
Choose one answer.
a. DNS marking
b. DNS phishing
c. DNS poisoning
d. DNS overloading
DNS poisoning
Because the XSS is a widely known attack, the number of Web sites that are vulnerable is small.
Answer:
True
False
False
HTML is a markup language that uses specific ____ embedded in brackets.
Choose one answer.
a. taps
b. marks
c. blocks
d. tags
tags
IIS Web servers are vulnerable to command injection because Web sites are given root account access permissions.
Answer:
True
False
False
The default root directory of the Microsoft Internet Information Services (IIS) Web server is ____.
Choose one answer.
a. C:\var\wwwroot
b. /var/html
c. C:\Inetpub\ wwwroot
d. /etc/var/www
C:\Inetpub\ wwwroot
If a SQL injection attack returns the message "Server Failure" the attacker knows that a SQL attack cannot be rendered on the site.
Answer:
True
False
False
A Cross Site Scripting (XSS) attack requires a Web site that allows which two criteria?
Choose at least one answer.
a. Accepts user input without validating it
b. Active scripting is allowed as valid input
c. Uses input in a response without encoding it
d. JavaScript or HTML are used in the design and coding of the Web site
Accepts user input without validating it
Securing Web applications requires different approaches from traditional security practices because:
Choose at least one answer.
a. Since no one owns the Web, it is difficult to secure the Web
b. A Web site request is processed on the Web server at the application level
c. Because not enough Web sites have replaced HTTP with HTTPS
d. Many network based security devices ignore HTTP traffic, which is the source of many Web attacks
A Web site request is processed on the Web server at the application level
Many network based security devices ignore HTTP traffic, which is the source of many Web attacks
The SQL injection statement ____ finds specific users.
Choose one answer.
a. whatever' OR full_name IS '%Mia%'
b. whatever' OR full_name LIKE '%Mia%'
c. whatever' OR full_name = '%Mia%'
d. whatever' OR full_name equals '%Mia%'
whatever' OR full_name LIKE '%Mia%'
Attackers seldom use buffer overflow attacks to install malware on the target computer.
Answer:
True
False
False
____ is an attack in which an attacker attempts to impersonate the user by using his session token.
Choose one answer.
a. Session hijacking
b. Session spoofing
c. Session replay
d. Session blocking
Session hijacking
According to a major security vendor, 34% of all known malware was created in 2010.
True or False
True
Approximately two out of three malicious Web attacks have been developed using one of four popular attack toolkits.
True or False
False
Attack toolkits range in price from only $400 to as much as $8,000.
True or False
False
Even though rootkits are difficult to detect and remove, ultimately they can always be safely removed without reformatting the hardrive and re-installing the Operating System.
True or False
False
Like a virus, a worm needs the user to perform an action such as starting a program or opening an e-mail attachment to start the infection.
True or False
False
Psychological approaches to social engineering often involve impersonation, phishing, spam, and hoaxes.
True or False
False
Software keyloggers are programs that silently capture all keystrokes, including passwords and sensitive information.
True or False
True
Tailgating is when a spam message gets through a spam filter while the filter is allowing a legitimate email through.
True or False
True
Removing a rootkit from an infected computer is difficult.
True or False
False
A computer ____ is malicious computer code that reproduces itself on the same computer.
a. worm
b. adware
c. virus
d. spyware
virus
A phishing attack is launched through what mediums?
a. Web announcements
b. E-mail
c. Well placed USB drives
d. Phone calls
Web announcements
E-mail
Phone calls
A ____ is a computer program or a part of a program that lies dormant until it is triggered by a specific logical event.
a. macro virus
b. metamorphic virus
c. Trojan
d. logic bomb
logic bomb
A ____ is a program advertised as performing one activity but actually does something else.
a. worm
b. Trojan
c. script
d. virus
Trojan
A ____ is a series of instructions that can be grouped together as a single command and are often used to automate a complex set of tasks or a repeated series of tasks.
a. macro
b. process
c. rootkit
d. program
macro
A ____ is a set of software tools used by an attacker to hide the actions or presence of other types of malicious software, such as Trojans, viruses, or worms.
a. wrapper
b. rootkit
c. backdoor
d. shield
rootkit
A ____ virus infects program executable files.
a. boot sector
b. program
c. macro
d. companion
program
A ____ virus infects the Master Boot Record of a hard disk drive.
a. companion
b. boot
c. resident
d. file infector
boot
A ____ virus is loaded into random access memory (RAM) each time the computer is turned on and infects files that are opened by the user or the operating system.
a. companion
b. boot
c. resident
d. file infector
resident
A _______ cannot automatically spread to other computers on its own. Humans need to copy it from computer to computer.
a. Worm
b. Malware
c. Virus
d. Trojan
Virus
A ____ virus adds a program to the operating system that is a malicious copycat version of the legitimate program.
a. macro
b. boot
c. companion
d. metamorphic
companion
A(n) ____ refers to an undocumented, yet benign, hidden feature, that launches by entering a set of special commands, key combinations, or mouse clicks.
a. bug
b. Easter egg
c. virus
d. Trojan horse
Easter egg
Each time an infected program is launched a virus performs which two actions.
a. First, it conceals itself into the program to resist detection
b. First, it reproduces itself by inserting its code into another file on the computer
c. First, it steals personal information such as passwords
d. Second, it creates a backdoor to send the personal information it has stolen to the attacker
e. Second, it unloads a malicious payload and performs an action.
f. Second, it reproduces itself by inserting its code into another file on the computer
First, it reproduces itself by inserting its code into another file on the computer
Second, it unloads a malicious payload and performs an action
In a(n) ____ infection, a virus injects itself into the program's executable code instead of at the end of the file.
a. stealth
b. split
c. Swiss cheese
d. appender
Swiss cheese
Select the statement that best describes the relationship between a zombie and a botnet.
a. A botnet is a network of zombies
b. They are the same thing
c. A botnet creates zombies as it replicates
d. A zombie is the attacker who controls the botnet
A botnet is a network of zombies
Select the types of malware that have the primary objective of hiding their presence from the user.
a. Rootkit
b. Worm
c. Virus
d. Trojan
e. Backdoor
f. Logic bomb
Rootkit
Trojan
Backdoor
Logic bomb
Spammers use the following technique(s) to get spam messages with easily filtered words like Viagra to pass through spam filters.
a. Word splitting
b. Algebraic variance
c. Image spam
d. Email splitting
e. Message images
f. GIF layering
Word splitting
Image spam
GIF layering
Spyware impairs a users control over:
a. System changes that affect a users privacy or security
b. Basic hardware such as keyboards and mice
c. The collection, use, and distribution of sensitive information
d. The people in their email address book
e. Computer resources
System changes that affect a users privacy or security
The collection, use, and distribution of sensitive information
Computer resources
The category of malware that is intended to make a profit for the attacker includes:
a. Botnets
b. Keyloggers
c. Adware
d. Trojans
e. Spyware
f. Zombies
Botnets
Keyloggers
Adware
Spyware
The most popular attack toolkit, which has almost half of the attacker toolkit market is ____.
a. ZeuS
b. MPack
c. NeoSploit
d. SpyEye
MPack
The primary source of sending SPAM email is widely recognized as being:
a. Zombies
b. Botnets
c. Worms
d. Trojans
Botnets
The two types of malware that have the primary objective of spreading are ____.
a. viruses and worms
b. rootkits and Trojans
c. rootkits and worms
d. Trojans and worms
viruses and worms
There are almost ____ different Microsoft Windows file extensions that could contain a virus.
a. 70
b. 50
c. 80
d. 60
70
There are over _____ different methods that viruses use to infect files.
a. 10
b. 20
c. 15
d. 30
20
Unlike other malware, a ____ is heavily dependent upon the user for its survival.
a. Trojan
b. worm
c. rootkit
d. virus
virus
Viruses and worms are said to be self-____.
a. copying
b. updating
c. replicating
d. duplicating
replicating
____ involves horizontally separating words, although it is still readable by the human eye.
a. Word splitting
b. Layer variance
c. GIF layering
Word splitting
____ is a software program that delivers advertising content in a manner that is unexpected and unwanted by the user.
a. Adware
b. Spam
c. Keylogger
d. Trojan
Adware
____ is an image spam that is divided into multiple images.
a. Layer variance
b. Word splitting
c. GIF layering
d. Geometric variance
GIF layering
____ is when an attacker tricks users into giving out information or performing a compromising action.
a. Phreaking
b. Social engineering
c. Hacking
d. Reverse engineering
Social engineering
____ uses "speckling" and different colors so that no two spam e-mails appear to be the same.
a. Word splitting
b. GIF layering
c. Geometric variance
d. Layer variance
Geometric variance