CAS CS 43171 | Course Paper

Unlock access to all the studying documents.

View Full Document

The most common form of deletion in Windows-based systems is nominal deletion.

Answer:

Trade secret theft can occur through interception, hacking, and other traditional

cybercrimes.

Answer:

Incident response is defined as reacting to incidents according to plan.

Answer:

Users usually must click on malicious links in order to execute them.

Answer:

Backing up data to a second hard drive on a computer is more expensive than backup

onto to magnetic tape.

Answer:

A shoulder surfing attack will not be successful unless the attacker can read the entire

password.

Answer:

According to the book, r%Dv$ is a strong password.

Answer:

In response to a chain of attack, victims can often trace the attack back to the final

attack computer.

Answer:

DES uses block encryption.

Answer:

The firewall should go through vulnerability testing after each change.

Answer:

Nearly all wireless access points can support 802.11i.

Answer:

Microsoft domains can be organized into trees, and trees can be organized into forests.

Answer:

A firm can be its own certificate authority for internal users.

Answer:

Policies should specify the details of how protections are to be applied.

Answer:

Each media access control (MAC) address has a network interface card (NIC).

Answer:

The 802.1X protocol created for wired LANs can work in wireless LANs without

significant modification.

Answer:

An indirect attack occurs when an attacker tries to flood a victim with a stream of

packets directly from the attacker’s computer.

Answer:

The definition of hacking is “accessing a computer resource without authorization or in

excess of authorization.”

Answer:

A Trojan horse is a program that hides itself by deleting a system file and taking on the

system file’s name.

Answer:

The primary purpose for attackers to send port scanning probes to hosts is to identify

which ports are open.

Answer:

In DNS cache poisoning, an attacker replaces the IP address of a host name with

another IP address.

Answer:

Access control is more of a problem for wired LANs than for wireless LANs.

Answer:

In a man-in-the-middle attack, an evil twin sends own attacks, impersonating the

victim.

Answer:

It is better to have an ACL that permits access to a single internal webserver than one

that allows access to all internal webservers.

Answer:

Rainbow tables contain lists of pre-computed password hashes that are indexed to

expedite the password cracking process.

Answer:

Password hashes are created when a password is passed from a user to a hashing

function.

Answer:

Most countermeasure controls are detective controls.

Answer:

According to the book, r%Dv$ is a strong password.

Answer:

Sanitation can protect against SQL injection attacks.

Answer:

It is easier to create appropriate ACL rules for server host firewalls than for border

firewalls.

Answer:

Similar to a direct attack, an indirect attack occurs when an attacker spoofs his/her IP

address.

Answer:

As far as possible, identities should be managed by people closest to the situation.

Answer:

Vulnerability patches can result in a loss of functionality in the patched host.

Answer:

Confidentiality means that attackers cannot change or destroy information.

Answer:

Magnetic tape is ________.

A) expensive to use

B) very fast

C) Both A and B

D) Neither A nor B

Answer:

________ can greatly reduce patching costs.

A) Vulnerability management servers

B) Manual downloads

C) Patch management servers

D) All of the above

Answer:

Assigning security measures to groups is ________ than assigning security measures to

individuals within groups.

A) cheaper

B) less accurate

C) Both A and B

D) Neither A nor B

Answer:

A ________ is a type of fix for vulnerabilities.

A) work-around

B) service pack

C) Both A and B

D) Neither A nor B

Answer:

________ requires multiple countermeasures to be defeated for an attack to succeed.

A) Defense in depth

B) Weakest link analysis

C) Both A and B

D) Neither A nor B

Answer:

In mutual authentication between two parties, ________.

A) there are two verifiers and two supplicants

B) there are two verifiers, but there is only one supplicant

C) there is one verifier, but there are two supplicants

D) None of the above.

Answer:

A security assertion may contain ________.

A) authenticity information

B) attributes, such as spending limits for purchasers

C) Both A and B

D) Neither A nor B

Answer:

Which of the following is a danger created by notebook computer loss or theft?

A) Loss of capital investment

B) Loss of sensitive data

C) Both A and B

D) Neither A nor B

Answer:

________ security uses the RC4 cipher in encryption for confidentiality and the

Temporal Key Integrity Protocol for keying and rekeying.

A) 802.11i

B) WPA

C) WEP

D) None of the above

Answer:

Which of the following is not one of the three rules for apologies?

A) Explain what happened.

B) Acknowledge responsibility and harm.

C) Use wording aimed at reducing lawsuits.

D) Explain what action will be taken to compensate victims, if any.

Answer:

The ________ field in a packet ensures that misaddressed packets will not circulate

endlessly.

A) header checksum

B) TTL

C) Both A and B

D) Neither A nor B

Answer:

The super user account in Windows is called the ________.

A) root

B) Administrator

C) MMC

D) Super

Answer:

Someone who pretends to be someone else is ________.

A) a social engineer

B) a hacker

C) a cryptanalyst

D) an impostor

Answer:

In public key encryption for authentication, the supplicant uses ________ to encrypt.

A) the supplicant’s private key

B) the supplicant’s public key

C) the verifier’s private key

D) the verifier’s public key

Answer:

A(n) ________ is a professional who is trained to collect and evaluate computer

evidence in ways that are likely to be admissible in court.

A) expert witness

B) computer forensics expert

C) Both A and B

D) Neither A nor B

Answer:

What type of filtering do IDSs do?

A) Packet stream analysis

B) SPI filtering

C) Both A and B

D) Neither A nor B

Answer:

A governance framework specifies how to do ________.

A) planning

B) implementation

C) oversight

D) All of the above.

Answer:

In regards to network security, ________ means preventing unauthorized users from

gaining information about the network structure, data flowing across the network,

network protocols used, or packet header values.

A) confidentiality

B) integrity

C) availability

D) authentication

Answer:

The policies for protecting sensitive information should be applied to all mobile data on

________.

A) mobile hard drives

B) USB RAM drives

C) MP3 players

D) All of the above

Answer:

SSL/TLS operates at the ________ layer.

A) internet

B) transport

C) application

D) None of the above.

Answer:

In addition to deauthenticate messages, an attacker could flood wireless clients with

________.

A) RTS

B) CTS

C) Both A and B

D) Neither A nor B

Answer:

A ________ is the path that a frame takes across a single switched network.

A) physical link

B) data link

C) route

D) connection

Answer:

A walkthrough is also called a ________.

A) table-top exercise

B) live test

C) Both A and B

D) Neither A nor B

Answer:

The three common core goals of security are ________.

A) confidentiality, integrity, and availability

B) confidentiality, information, and availability

C) confidentiality, integrity, and authentication

D) confidentiality, information, and authorization

Answer:

To get configuration information from managed devices on the network and to change

the configuration of managed devices, companies use ________.

A) DNS

B) DHCP

C) SNMP

D) ICMP

Answer:

In FISMA, ________ is done internally by the organization.

A) certification

B) accreditation

C) Both A and B

D) Neither A nor B

Answer:

Cyberwar consists of computer-based attacks conducted by ________.

A) national governments

B) terrorists

C) Both A and B

D) Neither A nor B

Answer:

Having realistic goals for reducing vulnerabilities ________.

A) is giving in to the problem

B) helps to focus on the most critical threats

C) is a cost-saving method

D) is risk avoidance

Answer:

The ________ layer is roughly the same in OSI and TCP/IP.

A) transport

B) session

C) Both A and B

D) Neither A nor B

Answer:

________ are an additional layer of compromised hosts that are used to manage large

groups of bots.

A) Botnets

B) Handlers

C) Phatbots

D) None of the above

Answer:

MS-CHAP is used for ________ authentication.

A) initial

B) message-by-message

C) Both A and B

D) Neither A nor B

Answer:

Ping sends ________ messages and receives replies in the same protocol.

A) DNS

B) DHCP

C) ICMP

D) All of the above.

Answer:

Software vendors typically release ________ patches per product in a typical year.

A) many

B) a few

C) no

Answer:

________ specify how a company will maintain or restore core business operations

after disasters.

A) Business continuity plans

B) IT disaster recovery plans

C) Both A and B

D) Neither A nor B

Answer: