Upgrade to remove ads
Adv. Computer Security Final
Terms in this set (115)
What is the most common method by which viruses spread?
By reading the e-mail address book and mailing itself to everyone listed.
What was the taxpayer virus hoax?
An email that claimed that online tax submissions were infected and unsafe
Which of the following is a useful feature in Avast! Antivirus not found in most other antivirus solutions?
It starts with a tutorial for new users
Which of the following is the primary reason that Microsoft Outlook is so often a target for virus attacks?
It is easy to write programs that access Outlook's inner mechanisms.
Which best describes the relationship between ease of use and security?
The easier it is to use a system, the less secure it is.
How does the Santy worm attack?
It uses Perl script to attack a vulnerability in certain PHP bulletin board applications.
A computer worm
can spread without user action such as downloading a file or opening an attachment.
In the context of viruses, what is a .dat file?
A file with virus definitions
Which of the following is a useful feature in Norton AntiVirus not found in most other antivirus solutions?
It does a pre-installation scan.
Which antivirus software provides Private Data Protection and Home Network Control components for home users?
After cleaning a virus infection, what is the best way to assure that it does not recur?
Determine how the infection happened in the first place
Which is a worm that infects with a variant of the Rbot via various Microsoft messenger services?
Which is the most effective and common method for defending a system against viruses and worms?
Install and run antivirus software all the time.
In addition to any malicious payload, what is the most common way a virus or worm causes harm to a system?
By increasing network traffic and overloading the system
Which is LEAST likely to be an effective method to isolate a suspected virus?
Disconnect an infected machine from the network
Which is the most widespread danger to a computer connected to the Internet?
Viruses and worms
What was the most dangerous aspect of the Zafi.d?
It tried to overwrite parts of virus scanners
Which is a virus/worm spread in the form of a holiday greeting card?
Which antivirus software provides audible voice alerts?
What is the most common method of virus propagation?
Through e-mail attachments
What additional malicious activity did the Mabutu virus attempt?
It sent out information about the infected computer.
Which of the following did the most to contribute to the wide spread of the Zafi.d. worm?
It claimed to be a holiday card and was released just prior to a major holiday.
Which of the following is a useful feature in McAfee not found in most other antivirus solutions?
Its main screen has a security rating for your system
What is active code scanning?
Scanning for active Web elements (Scripts, ActiveX, etc.)
What differentiates a virus from a worm?
Worms propagate without human intervention
A computer virus:
self-replicates and spreads rapidly
What was the primary propagation method for the Mabutu virus?
It used its own SMTP engine to email itself
Which antivirus software provides home and commercial versions which utilize known virus signatures and heuristics methods to identify new worms?
What is Heuristic scanning?
Scanning using a rules-based approach
In the event a virus is isolated on an infected machine, which would likely NOT be a necessary step to remove the threat?
Reformat the machine and restore from backup.
What is different about the Bropia infection?
It carries two worms rather than one
Which of the following should be the least important consideration when purchasing antivirus software?
Cost of the software.
Which antivirus software includes a virus infection map?
Which is NOT an effective strategy to improve antivirus protection?
Respond to Microsoft security alerts and install advertised patches immediately.
What is the first priority in the event a virus is detected on your computer?
Stop the spread of the virus
What tools, besides port and security scanners, might you wish to use to assess security?
A password cracker
What is the most important reason to use NetState or NetStat Live?
To determine normal network traffic
Which of the following is the least necessary security device/software?
Encryption for all internal transmission
What is the minimum level of security, using the 1-10 scale, that any organizational network should have?
What must one consider in evaluating the value of the information on a system?
The impact of such data being made public.
The author's security evaluation scoring system is based on scoring several factors on a scale of:
1 to 10
Which of the following scanners provides information regarding the target system's registry?
Which of the following scanners provides information regarding the target system's registry?
Its prioritization of vulnerabilities
In evaluating security aspects to arrive at a numeric score, which is NOT an aspect the author included?
Threats to system security
Which of the following scanners provides information about the Windows Registry?
What is the best security threat score a system can achieve with the author's system?
Which of the following is the most fundamental aspect of security?
patching the operating system
What is the best approach when using scanners?
Use three or four different scanners
VPNs should be used for what type of communications?
All external connections to your network
What is not a primary reason for documenting your security activities and audits?
To demonstrate how much work the network administrators actually do
How should used media be disposed of?
It should be destroyed thoroughly prior to disposal.
What is the worst security threat score a system can achieve with the author's system?
What is the best device, method, or technique to help you be aware of attacks in progress?
Which of the following utilities can reveal shared drives on a system?
Which of the following scanners is a Unix-only tool popular with hackers?
Who publishes a series of color-coded books on information security?
Department of Defense
Which is a security model using the concepts of subjects, objects, and programs?
Which of the following models is based on the concept of conflict of interest?
Which operating systems qualify for an A2 rating?
Which variation of the Unix operating system provides the higher security level?
Operating systems such as HP-UX BLS, Cray Research Trusted Unicos 8.0, and Digital SEVMS all are within which security division?
B - Mandatory Protection
What is an EAL?
Evaluation assurance level
Which of the following subject-object models introduced the element of programs?
Of the following, which has the highest security level?
To what does the "Discretionary Protection" category refer?
TCBs with some file and device protection
What is the purpose of the concept of "separation of duties" as used in some security models?
To prevent authorized users from making improper modifications to data.
Which is a security model originally designed in anticipation of United States military applications?
Which was NOT part of the origins of the Common Criteria?
SANS International Guidelines for Computer Security
If you wanted to study methods for verification of trusted systems, which book in the Rainbow series should you consult?
Which is true about the Department of Defense security categories?
They are designated by a letter ranging from D to A.
The Common Criteria applies mostly to what types of system?
What division designation is given to a system with a classification so low it is not rated?
D - Minimal Protection
What is a Chinese wall, in the context of business practices?
A barrier to information flow within an organization
To which of the following does the C2 rating apply?
What level of protection is available in IBM OS/400, Windows XP, and Novell Netware?
C2 - Controlled Access Protection
To what does the term trusted computing base refer?
A completely unified structure of protection mechanisms within a computer system
What Canadian standard was used as one basis for the Common Criteria?
Which of the following models focuses on any transaction that changes the system's state?
Which of the following models considers a system to be in a secure state when there is no instance of security breach at the time of state transition?
What is the common name given to one of a series of color-coded books that outlines criteria for rating various operating systems?
Which book in the Rainbow series would you consult to look up a particular security term?
The Orange Book is primarily used for what purpose?
Evaluating security of operating systems
Mandatory access over all objects and devices is required at what level of security rating?
What is the purpose of the Orange Book statement "All authorizations to the information contained within a storage object shall be revoked prior to initial assignment, allocation, or reallocation..." as used within level C?
It prevents a user with lower security access from logging on after someone else and accessing materials for which they lack access rights.
What does the concept of "write up" mean?
Sending data to an object at a higher security level
Which of the following best defines espionage?
Any acquisition of any data via illicit means
Which is NOT an encryption program discussed by the author?
Without compromising highly secure systems, which of the following is not a likely way for a terrorist to disrupt military operations using hacking?
Causing (or stopping) the launch of a missile
The author provides information about groups of people flooding Internet sites such as Yahoo news boards with anonymous postings to attempt to sway public opinion as an example of:
Excessive network traffic between a server and a single workstation would most likely indicate what?
A large amount of file copying to the workstation is occurring.
Which is a multi-platform packet sniffer?
What differentiates cyber terrorism from other computer crimes?
It is politically or ideologically motivated
Which of the following is the least likely reason the United States has not yet been the victim of a significant, large scale cyber terrorist attack?
Terrorist groups underestimate the impact of such attacks
Which is NOT a way in which a cyber attack is likely to cause economic loss to a company?
Misdirecting military services
Which of the following is NOT a recommended strategy for preventing employees from disclosing organizational data?
Require frequent polygraph examinations.
What is information warfare?
Any use of information to manipulate any political/military situation
If a group were using the Internet in information warfare, which of the following would be the least likely use?
To directly recruit new members
What is the best strategy for protecting sensitive data on portable computers from compromise in the event of loss or theft of the computer?
Encrypt hard drives
Putting their own political spin on a conflict or issue is a technique often used by governments and political organizations and is called:
Use of computers and their Internet connectivity to launch terrorist attacks is called:
In which attack did the hacker sign off with the statement "You have yet to see true electronic terrorism. This is a promise."?
Attack against a Massachusetts ISP by a White Supremacist group
Which of the following is not one of the recommended measures to prevent employee-based industrial espionage?
Perform random polygraph tests
Which of the following is the most likely way in which cyber terrorism could lead to loss of life?
By disrupting safeguards at a power or chemical plant
Which of the following best defines a packet sniffer?
A program that intercepts packets and copies their contents
What does the author say is the only reason that there have not been more damaging and more frequent terrorist attacks against computer systems?
Terrorist groups do not have the computer skills required.
Which of the following would not be considered information warfare?
A factual political documentary
Which of the following attacks may have been an example of domestic cyber terrorism?
The MyDoom virus
Which is LEAST likely to provide access to sensitive data to unauthorized people?
Sending a false message with weak encryption, intending it to be intercepted and deciphered, is an example of what?
What is the mostly likely damage from an act of cyber terrorism?
Which permits a user to read sensitive data without ever having physical access to the target system?
Breaking into computer systems for purposes that the perpetrator feels are ethically valid is called
Where did the first known attack by terrorists against a country's computer systems occur?
Which is likely to be a more threatening type of computer attack?
A general and unfocused attack with no specific
THIS SET IS OFTEN IN FOLDERS WITH...
Adv. Computer Security Ch 9-14 Short Answer
Adv. Computer Security Ch 13
YOU MIGHT ALSO LIKE...
Info Assurance Multiple Choice Final
Chapter 12 Test Part A (12.1-12.6)
OTHER SETS BY THIS CREATOR
TCP/IP Protocol Ch 8
TCP/IP Protocol Ch 7
TCP/IP Protocol Test 2
Adv. Computer Security Ch 14
OTHER QUIZLET SETS
histo digestive lab 2
Exam Review - Jamestown Portion
Ch.4 Mastery Quiz