Unlock document.
This document is partially blurred.
Unlock all pages and 1 million more documents.
Get Access
The most common form of deletion in Windows-based systems is nominal deletion.
Answer:
Trade secret theft can occur through interception, hacking, and other traditional
cybercrimes.
Answer:
Incident response is defined as reacting to incidents according to plan.
Answer:
Users usually must click on malicious links in order to execute them.
Answer:
Backing up data to a second hard drive on a computer is more expensive than backup
onto to magnetic tape.
Answer:
A shoulder surfing attack will not be successful unless the attacker can read the entire
password.
Answer:
According to the book, r%Dv$ is a strong password.
Answer:
In response to a chain of attack, victims can often trace the attack back to the final
attack computer.
Answer:
DES uses block encryption.
Answer:
The firewall should go through vulnerability testing after each change.
Answer:
Nearly all wireless access points can support 802.11i.
Answer:
Microsoft domains can be organized into trees, and trees can be organized into forests.
Answer:
A firm can be its own certificate authority for internal users.
Answer:
Policies should specify the details of how protections are to be applied.
Answer:
Each media access control (MAC) address has a network interface card (NIC).
Answer:
The 802.1X protocol created for wired LANs can work in wireless LANs without
significant modification.
Answer:
An indirect attack occurs when an attacker tries to flood a victim with a stream of
packets directly from the attacker's computer.
Answer:
The definition of hacking is "accessing a computer resource without authorization or in
excess of authorization."
Answer:
A Trojan horse is a program that hides itself by deleting a system file and taking on the
system file's name.
Answer:
The primary purpose for attackers to send port scanning probes to hosts is to identify
which ports are open.
Answer:
In DNS cache poisoning, an attacker replaces the IP address of a host name with
another IP address.
Answer:
Access control is more of a problem for wired LANs than for wireless LANs.
Answer:
In a man-in-the-middle attack, an evil twin sends own attacks, impersonating the
victim.
Answer:
It is better to have an ACL that permits access to a single internal webserver than one
that allows access to all internal webservers.
Answer:
Rainbow tables contain lists of pre-computed password hashes that are indexed to
expedite the password cracking process.
Answer:
Password hashes are created when a password is passed from a user to a hashing
function.
Answer:
Most countermeasure controls are detective controls.
Answer:
According to the book, r%Dv$ is a strong password.
Answer:
Sanitation can protect against SQL injection attacks.
Answer:
It is easier to create appropriate ACL rules for server host firewalls than for border
firewalls.
Answer:
Similar to a direct attack, an indirect attack occurs when an attacker spoofs his/her IP
address.
Answer:
As far as possible, identities should be managed by people closest to the situation.
Answer:
Vulnerability patches can result in a loss of functionality in the patched host.
Answer:
Confidentiality means that attackers cannot change or destroy information.
Answer:
Magnetic tape is ________.
A) expensive to use
B) very fast
C) Both A and B
D) Neither A nor B
Answer:
________ can greatly reduce patching costs.
A) Vulnerability management servers
B) Manual downloads
C) Patch management servers
D) All of the above
Answer:
Assigning security measures to groups is ________ than assigning security measures to
individuals within groups.
A) cheaper
B) less accurate
C) Both A and B
D) Neither A nor B
Answer:
A ________ is a type of fix for vulnerabilities.
A) work-around
B) service pack
C) Both A and B
D) Neither A nor B
Answer:
________ requires multiple countermeasures to be defeated for an attack to succeed.
A) Defense in depth
B) Weakest link analysis
C) Both A and B
D) Neither A nor B
Answer:
In mutual authentication between two parties, ________.
A) there are two verifiers and two supplicants
B) there are two verifiers, but there is only one supplicant
C) there is one verifier, but there are two supplicants
D) None of the above.
Answer:
A security assertion may contain ________.
A) authenticity information
B) attributes, such as spending limits for purchasers
C) Both A and B
D) Neither A nor B
Answer:
Which of the following is a danger created by notebook computer loss or theft?
A) Loss of capital investment
B) Loss of sensitive data
C) Both A and B
D) Neither A nor B
Answer:
________ security uses the RC4 cipher in encryption for confidentiality and the
Temporal Key Integrity Protocol for keying and rekeying.
A) 802.11i
B) WPA
C) WEP
D) None of the above
Answer:
Which of the following is not one of the three rules for apologies?
A) Explain what happened.
B) Acknowledge responsibility and harm.
C) Use wording aimed at reducing lawsuits.
D) Explain what action will be taken to compensate victims, if any.
Answer:
The ________ field in a packet ensures that misaddressed packets will not circulate
endlessly.
A) header checksum
B) TTL
C) Both A and B
D) Neither A nor B
Answer:
The super user account in Windows is called the ________.
A) root
B) Administrator
C) MMC
D) Super
Answer:
Someone who pretends to be someone else is ________.
A) a social engineer
B) a hacker
C) a cryptanalyst
D) an impostor
Answer:
In public key encryption for authentication, the supplicant uses ________ to encrypt.
A) the supplicant's private key
B) the supplicant's public key
C) the verifier's private key
D) the verifier's public key
Answer:
A(n) ________ is a professional who is trained to collect and evaluate computer
evidence in ways that are likely to be admissible in court.
A) expert witness
B) computer forensics expert
C) Both A and B
D) Neither A nor B
Answer:
What type of filtering do IDSs do?
A) Packet stream analysis
B) SPI filtering
C) Both A and B
D) Neither A nor B
Answer:
A governance framework specifies how to do ________.
A) planning
B) implementation
C) oversight
D) All of the above.
Answer:
In regards to network security, ________ means preventing unauthorized users from
gaining information about the network structure, data flowing across the network,
network protocols used, or packet header values.
A) confidentiality
B) integrity
C) availability
D) authentication
Answer:
The policies for protecting sensitive information should be applied to all mobile data on
________.
A) mobile hard drives
B) USB RAM drives
C) MP3 players
D) All of the above
Answer:
SSL/TLS operates at the ________ layer.
A) internet
B) transport
C) application
D) None of the above.
Answer:
In addition to deauthenticate messages, an attacker could flood wireless clients with
________.
A) RTS
B) CTS
C) Both A and B
D) Neither A nor B
Answer:
A ________ is the path that a frame takes across a single switched network.
A) physical link
B) data link
C) route
D) connection
Answer:
A walkthrough is also called a ________.
A) table-top exercise
B) live test
C) Both A and B
D) Neither A nor B
Answer:
The three common core goals of security are ________.
A) confidentiality, integrity, and availability
B) confidentiality, information, and availability
C) confidentiality, integrity, and authentication
D) confidentiality, information, and authorization
Answer:
To get configuration information from managed devices on the network and to change
the configuration of managed devices, companies use ________.
A) DNS
B) DHCP
C) SNMP
D) ICMP
Answer:
In FISMA, ________ is done internally by the organization.
A) certification
B) accreditation
C) Both A and B
D) Neither A nor B
Answer:
Cyberwar consists of computer-based attacks conducted by ________.
A) national governments
B) terrorists
C) Both A and B
D) Neither A nor B
Answer:
Having realistic goals for reducing vulnerabilities ________.
A) is giving in to the problem
B) helps to focus on the most critical threats
C) is a cost-saving method
D) is risk avoidance
Answer:
The ________ layer is roughly the same in OSI and TCP/IP.
A) transport
B) session
C) Both A and B
D) Neither A nor B
Answer:
________ are an additional layer of compromised hosts that are used to manage large
groups of bots.
A) Botnets
B) Handlers
C) Phatbots
D) None of the above
Answer:
MS-CHAP is used for ________ authentication.
A) initial
B) message-by-message
C) Both A and B
D) Neither A nor B
Answer:
Ping sends ________ messages and receives replies in the same protocol.
A) DNS
B) DHCP
C) ICMP
D) All of the above.
Answer:
Software vendors typically release ________ patches per product in a typical year.
A) many
B) a few
C) no
Answer:
________ specify how a company will maintain or restore core business operations
after disasters.
A) Business continuity plans
B) IT disaster recovery plans
C) Both A and B
D) Neither A nor B
Answer:
