CDA 52988

subject Type Homework Help
subject Pages 16
subject Words 1559
subject Authors Randy J. Boyle, Raymond R. Panko

Unlock document.

This document is partially blurred.
Unlock all pages and 1 million more documents.
Get Access
page-pf1
Misappropriation of assets is an example of employee financial theft.
Answer:
The first task in establishing a cryptographic system is selecting a cryptographic system
standard for the dialogue.
Answer:
When a hashing algorithm is applied, the hash will ALWAYS have a fixed length.
Answer:
In hacking, the perpetrator tries to obtain money or other goods by threatening to take
actions that would be against the victim's interest.
Answer:
page-pf2
Most firms do a satisfactory job overseeing the deployment of custom programs used to
supplement packaged software.
Answer:
Using the delete key prevents data from being easily recovered.
Answer:
From a security viewpoint, a false acceptance is always worse than a false rejection.
Answer:
For watch lists of criminals, a false acceptance is worse than a false rejection from a
security viewpoint.
page-pf3
Answer:
The NAT firewall places only the internal socket in the translation table.
Answer:
When considering penalties for hacking, motivation is irrelevant.
Answer:
Since Windows Server 2003, servers can be programmed to check for updates
automatically.
Answer:
page-pf4
A remote access VPN typically gives users access to multiple resources within a site.
Answer:
The super user account in Windows is called root.
Answer:
Most firewall database policies include less than 5 rules.
Answer:
The Skype protocol is relatively easy for corporate firewalls to filter.
Answer:
page-pf5
802.11i offers strong security.
Answer:
Rootkits replace legitimate programs and are considered a deeper threat than a set of
programs called Trojan horses.
Answer:
It is very important for testers to get permission before running a password cracking
program on their company's computers to check for weak passwords even if such
testing is in their job definitions.
Answer:
page-pf6
Generally speaking, script kiddies have high levels of technical skills.
Answer:
Application proxy firewalls can always examine application layer content.
Answer:
Wireless IDSs get their data from the company's access points.
Answer:
Fingerprint recognition is easily deceived.
Answer:
page-pf7
A connection designates a specific program designated by a port number on a specific
computer's IP address.
Answer:
WEP mandates private keys.
Answer:
In a SQL injection attack, attackers may use lookup commands to obtain unauthorized
information.
Answer:
Operating system hardening is more total work than application hardening.
page-pf8
Answer:
SSL/TLS protection is transparent to applications.
Answer:
Java applets are large Java programs.
Answer:
Firewalls do not stop provable attack packets
Answer:
page-pf9
The goal of IT security is risk elimination.
Answer:
In a MITM attack, access to the local network is not required in order to work.
Answer:
Companies should replace their legacy security technologies immediately.
Answer:
In Kerberos, the verifier is explicitly notified that the supplicant has been authenticated.
Answer:
page-pfa
Attacks in which a user reaches a directory outside of the WWW root directory and its
subdirectories is called a(n) ________ attack.
A) cross-site scripting
B) SQL injection
C) mobile code
D) directory traversal
Answer:
Dropping all future packets from a particular IP address is called ________.
A) black holing
B) disconnection
C) IP address spoofing
D) damaging
Answer:
Microsoft's directory server product is ________.
page-pfb
A) Kerberos
B) Active Directory
C) LDAP
D) MS Directory
Answer:
________ investigate(s) most violations of local and state computer laws.
A) Local police
B) The FBI
C) Both A and B
D) Neither A nor B
Answer:
Long passwords that use several types of keyboard characters are called ________
passwords.
A) complex
B) reusable
C) dictionary
page-pfc
D) one-time
Answer:
In a(n) ________ attack, information that a user enters is sent back to the user in a
webpage.
A) login screen bypass
B) buffer overflow
C) XSS
D) SQL injection attack
Answer:
In ________ the department has discretion over giving access to individuals, within
policy standards set by higher authorities.
A) policy-based access control
B) mandatory access control
C) discretionary access control
D) delegated access control
page-pfd
Answer:
Which of the following are examples of opportunity?
A) Weak security controls
B) Insufficient oversight from management
C) An unlocked safe
D) All of the above
Answer:
In directory servers, information is organized ________.
A) hierarchically
B) rhizomatically
C) relationally
D) None of the above
Answer:
page-pfe
At what core layer do you find WAN standards?
A) Single-network
B) Internet
C) Application
D) None of the above.
Answer:
Which of the following measures offers strong security?
A) Using spread spectrum transmission in 802.11
B) Turning oFf SSID broadcasting
C) WEP
D) None of the above
Answer:
Using a shared initial key is dangerous in ________.
A) WEP
B) WPA pre-shared key mode
C) Both A and B
page-pff
D) Neither A nor B
Answer:
In ________, users authenticate themselves to the access point via the use of a single,
shared initial key.
A) WEP
B) 802.11i pre-shared key mode
C) WPA pre-shared key mode
D) All of the above.
Answer:
The strongest form of authentication is ________.
A) biometrics
B) cryptographic authentication
C) reusable passwords
D) smart cards
page-pf10
Answer:
Cryptanalysts have found weaknesses in ________.
A) MD5
B) SHA-512
C) Both A and B
D) Neither A nor B
Answer:
________ occurs when companies believe they have good security because they are
using proprietary ciphers that hackers do not know.
A) Security through obscurity
B) Weakest link ignorance
C) Reasonable protection
D) Hidden security
Answer:
page-pf11
Data can be lost by ________.
A) mechanical failure
B) environmental casualties
C) malware
D) All of the above
Answer:
Buildings should be set back from streets and protected with rolling hill landscaping to
reduce threats from ________.
A) wireless eavesdropping
B) industrial espionage
C) casual observation
D) terrorism
Answer:
The prevention of sensitive information from being sent out of a company is called
________.
A) unified threat management
B) antivirus filtering
page-pf12
C) attachment deletion
D) extrusion prevention
Answer:
Which of the following security protections are provided by recent version of Windows
Server?
A) Server software firewalls
B) The ability to encrypt data
C) Both A and B
D) Neither A nor B
Answer:
SIP Identity protocols ________.
A) ensure that traffic is authenticated between two companies holding public/private
keys
B) are uncommon on IP telephones
C) Both A and B
D) Neither A nor B
page-pf13
Answer:
LDAP can be used ________.
A) to update information in the directory server
B) to retrieve data from the directory server
C) Both A and B
D) Neither A nor B
Answer:
Companies usually conduct full backups on a ________ basis.
A) hourly
B) daily
C) weekly
D) monthly
Answer:
page-pf14
The Local Users and Groups snap-in is available on the ________ MMC.
A) Computer Management
B) Security
C) Permissions
D) Local Permissions
Answer:
The Wi-Fi Alliance calls 802.11i ________.
A) WPA
B) WPA2
C) WEP
D) None of the above
Answer:
________ firewalls may be able to stop attacks by employees within the firm against
internal site resources.
A) Internal
page-pf15
B) External
C) UTM
D) Border
Answer:
________ punishments may result in jail time.
A) Criminal
B) Civil
C) Both A and B
D) Neither A nor B
Answer:
________ offers transparent protection.
A) SSL/TLS
B) IPsec
C) Both A and B
D) Neither A nor B
page-pf16
Answer:
What security functions typically are outsourced?
A) Policy
B) Vulnerability testing
C) Both A and B
D) Neither A nor B
Answer:
Which of the following are types of countermeasures?
A) Preventative
B) Detective
C) Corrective
D) All of the above
Answer:

Trusted by Thousands of
Students

Here are what students say about us.

Copyright ©2022 All rights reserved. | CoursePaper is not sponsored or endorsed by any college or university.