Type
Quiz
Book Title
Computer Security Fundamentals (Pearson IT Cybersecurity Curriculum (ITCC)) 3rd Edition
ISBN 13
978-0789757463

978-0789757463 Chapter 9

February 27, 2021
True / False
1. The category of intrusion detection systems that looks for patterns that don’t match
those of normal use is called anomaly detection.
2. Snort is an open-source firewall.
3. A server with fake data used to attract an attacker is a honeypot.
4. When an administrator proactively seeks out intelligence on potential threats or groups,
this is called infiltration.
5. The method to attract an intruder to a subsystem setup for the purpose of observing
him is called intrusion deterrence.
6. An on-demand virus scanner runs in the background and is constantly checking your
7. Heuristic scanning uses rules to determine whether a file or program behaves like a
8. Linux and Windows typically are not shipped with firewalls.
9. A screening firewall works in the application layer of the OSI model.
10. A stateful packet inspection firewall examines each packet, and denies or permits
access based not only on the current packet, but also on data derived from previous
packets in the conversation.
Multiple Choice
1. A list of virus definitions is generally in a file with a ________ extension.
a. .dat
b. .txt
c. .vir
d. def
2. Typically, when you update virus definitions _____________.
a. The virus program scans your computer.
b. Your computer restarts.
c. You are updating the virus definition file on your computer
d. None of the above
3. A file that stays in memory after it executes is a(n) _____________.
a. Terminate and Stay Resident program
b. Executable
c. Text file
d. Bug
4. The virus scanning technique that uses rules to determine if a program behaves like a
virus is _________ scanning.
a. Download
b. File
c. Heuristic
d. Sandbox
5. The virus scanning technique that means you have a separate area isolated from the
operating system in which a file is run, so it won’t infect the system is ________.
a. Download
b. File
c. Heuristic
d. Sandbox
6. Java and ActiveX codes should be scanned before they are _________.
a. Downloaded to your computer
b. Known about
c. Infected
d. None of the above
7. Mistaking a legitimate program for a virus is a ____________.
a. Heuristic error
b. False negative
c. False positive
d. None of the above
8. A _________ is a barrier between your network and the outside world.
a. Firewall
b. Web server
c. File server
d. None of the above
9. A packet-filtering firewall is a(n) ____________ firewall.
a. Packet Filgering
b. Application gateway
c. Circuit-level gateway
d. Domain gateway
10. A(n)___________ firewall examines the entire conversation between client and
server, not just individual packets.
a. Stateful Packet Inspection
b. Packet filtering
c. Circuit-level gateway
d. Domain gateway
11. In which firewall configuration is the software installed on an existing machine with
an exiting operating system?
a. Network host-based
b. Dual-homed host
c. Router-based
d. Screened host
12. In which firewall configuration is the firewall running on a server with at least two
network interfaces?
a. Network host-based
b. Dual-homed host
c. Router-based
d. Screened host
13. A firewall ______ is a tool that can provide information after an incident has
occurred.
a. Log
b. Scan
c. Port
d. None of the above
1. a list of virus definitions is generally in a file with a ________ extension. a. .dat b. .txt c. .vir d. def answer a. 2. typically, when you update virus definitions _____________. a. the virus program scans your computer. b. your computer restarts. c. you are updating the virus definition file on your computer d. none of the above answer b. the new virus definition file comes from the vendor’s website. 3. a file that stays in memory after it executes is a(n) _____________. a. terminate and stay resident program b. executable c. text file d. bug answer a. not all tsrs are harmful, but this can be a sign of a virus. 4. the virus scanning technique that uses rules to determine if a program behaves like a virus is _________ scanning. a. download b. file c. heuristic d. sandbox answer c. a new virus may not be on a virus definition list, so you must examine its behavior to determine if it is a virus. 5. the virus scanning technique that means you have a separate area isolated from the operating system in which a file is run, so it won’t infect the system is ________. a. download b. file c. heuristic d. sandbox answer c. this is safer than opening files on your system and hoping there is no infection. 7. mistaking a legitimate program for a virus is a ____________. a. heuristic error b. false negative c. false positive d. none of the above answer c. the best way to minimize false positives is to keep your virus software up to date. 8. a _________ is a barrier between your network and the outside world. a. firewall b. web server c. file server d. none of the above answer a. a firewall filters inbound data based on certain parameters such as packet size, source ip address, protocol, and destination port. 9. a packet-filtering firewall is a(n) ____________ firewall. a. packet filgering b. application gateway c. circuit-level gateway d. domain gateway answer a. a packet filtering firewall examines incoming packets and allows or disallows them based on rules already configured. 10. a(n)___________ firewall examines the entire conversation between client and server, not just individual packets. a. stateful packet inspection b. packet filtering c. circuit-level gateway d. domain gateway answer a. 11. in which firewall configuration is the software installed on an existing machine with an exiting operating system? a. network host-based b. dual-homed host c. router-based d. screened host answer a. using this configuration, it is essential that the computer hosting the firewall has a hardened operating system. 12. in which firewall configuration is the firewall running on a server with at least two network interfaces? a. network host-based b. dual-homed host c. router-based d. screened host answer b. systems inside and outside the firewall can communicate with the dual- homed host but not directly with each other. 13. a firewall ______ is a tool that can provide information after an incident has occurred. a. log b. scan c. port d. none of the above answer a. logs can provide valuable information and help ascertain the perpetrator of the attack.