CMCS 76277

subject Type Homework Help
subject Pages 20
subject Words 1965
subject Authors Randy J. Boyle, Raymond R. Panko

Unlock document.

This document is partially blurred.
Unlock all pages and 1 million more documents.
Get Access
page-pf1
Because fingerprint scanning is often deceived, it should never be used as a security
measure.
Answer:
In benefits, costs and benefits are expressed on a per-year basis.
Answer:
Incremental and full backups may be restored out of order in which they were created.
Answer:
Attackers rarely use IP address spoofing to conceal their identities.
Answer:
page-pf2
DoS network attacks are fairly uncommon.
Answer:
Baselines are used to go beyond default installation configurations for high-value
targets.
Answer:
In ingress and egress filtering, an SPI firewall always considers its ACL rules when a
new packet arrives that attempts to open a connection.
Answer:
Preventative countermeasures keep attacks from succeeding.
page-pf3
Answer:
Properly hardened hosts and securely coded applications can help protect data while it
is processed.
Answer:
A DES key is 40 bits long.
Answer:
Restrictions on removable media should be enforced by relying on user behavior, rather
than technological restrictions.
Answer:
page-pf4
Normally, there is no limit on how long shadowing may maintain backed up files.
Answer:
SPI firewalls cannot handle UDP communications because UDP is connectionless.
Answer:
When you wish to create a specific firewall, you should create a security policy for that
firewall specifically.
Answer:
After performing a preliminary security assessment, a company should develop a
remediation plan for EVERY security gap identified.
page-pf5
Answer:
Windows GPOs can restrict PCs from changing standard configurations.
Answer:
Rogue access points are authorized access points set up by individuals or departments.
Answer:
A state is a distinct phase in a connection between two applications.
Answer:
page-pf6
The person the supplicant claims to be is the true party.
Answer:
Identification requires more matches against templates than does verification.
Answer:
In military security, SBU documents are unclassified.
Answer:
A DoS attack makes a server or network unavailable by flooding it with attack packets.
Answer:
page-pf7
H.323 uses Ports 1719 and 1720
Answer:
Half-open TCP SYN attacks can be stopped by many border firewalls.
Answer:
The amount of money companies should spend on identity management can be
measured through risk analysis.
Answer:
Identification is the process where the verifier determines whether the supplicant is a
particular person that the supplicant claims who he or she is.
page-pf8
Answer:
In pretexting, an attacker calls claiming to be a certain person in order to ask for private
information about that person.
Answer:
Packets are carried inside frames.
Answer:
It is easier to punish employees than to prosecute outside attackers.
Answer:
page-pf9
Passwords should be changed frequently.
Answer:
A route is the path a frame takes across a single network, from the source host to the
destination host, across multiple switches.
Answer:
It is illegal to go through a company's trash bins even if the trash bins are outside the
corporation.
Answer:
E-commerce software is not complex and has few subsystems.
page-pfa
Answer:
Retaining data can create negative consequences.
Answer:
IT security people should maintain a negative view of users.
Answer:
The combination of high safety and low cost makes SPI firewalls extremely popular.
Answer:
page-pfb
When executing attack code, if the attacker has skillfully overwritten the return address,
the return address will not point back to "data" in the buffer.
Answer:
Most users who have access to servers use reusable passwords for authentication.
Answer:
Some ________ can jump directly between computers without human intervention.
A) viruses
B) worms
C) Both A and B
D) Neither A nor B
Answer:
page-pfc
To obtain IP addresses through reconnaissance, an attacker can use ________.
A) IP address spoofing
B) a chain of attack computers
C) Both A and B
D) Neither A nor B
Answer:
An attack where an adversary intercepts an encrypted message and transmits it again
later is called a ________.
A) replay attack
B) reflex attack
C) reflection attack
D) resend attack
Answer:
IPsec works with ________.
A) IPv4
B) IPv6
page-pfd
C) Both A and B
D) Neither A nor B
Answer:
Automatic protections for application proxy firewalls include ________.
A) protocol fidelity
B) header destruction
C) Both A and B
D) Neither A nor B
Answer:
Checkouts of backup media for restoration ________.
A) are very common
B) should be possible to be done immediately if the person checking out the tapes is an
on-duty system administrator and signs out for the backup media.
C) Both A and B
D) Neither A nor B
page-pfe
Answer:
________ are programs that attach themselves to legitimate programs.
A) Viruses
B) Worms
C) Both A and B
D) Neither A nor B
Answer:
Strong RSA keys are at least ________ bits long.
A) 100
B) 256
C) 512
D) 1,024
Answer:
page-pff
Companies use carriers for WAN transmission because ________.
A) companies lack rights of way
B) carriers have extremely strong security
C) Both A and B
D) Neither A nor B
Answer:
Assigning security measures to groups is better than assigning security measures to
individuals within groups because ________.
A) applying security measures to groups takes less time than applying them
individually
B) applying security measures in groups reduces errors in assigning security settings
C) Both A and B
D) Neither A nor B
Answer:
Inheritance can be modified from the ________ box in the security tab.
A) allow permissions
B) deny permissions
page-pf10
C) Both A and B
D) Neither A nor B
Answer:
A ________ is a persistent conversation between different programs on different
computers.
A) connection
B) state
C) Both A and B
D) Neither A nor B
Answer:
Updating should be done on client PCs ________.
A) manually
B) automatically
C) only after careful testing of the update
D) Client PCs should not be updated.
page-pf11
Answer:
With RAID 1, the following is achieved ________.
A) Redundancy
B) Striping
C) Both A and B.
D) Neither A nor B.
Answer:
A planned series of actions in a corporation is a(n) ________.
A) strategy
B) sequence
C) process
D) anomaly
Answer:
page-pf12
The ________ is a subnet that contains all of the servers and application proxy firewalls
that must be accessible to the outside world.
A) Internet subnet
B) server subnet
C) external subnet
D) None of the above
Answer:
DML triggers are used to ________.
A) maliciously attack databases
B) produce automatic responses if the structure of the database has been altered.
C) Both A and B
D) Neither A nor B
Answer:
UNIX offers ________ directory and file permissions than (as) Windows.
A) fewer
B) more
page-pf13
C) about the same number of
D) None of the above
Answer:
Getting a firm's IT back into operation is ________.
A) IT disaster recovery
B) business continuity recovery
C) response
D) None of the above
Answer:
Which of the following is a type of countermeasure?
A) Detective
B) Corrective
C) Both A and B
D) Neither A nor B
page-pf14
Answer:
Backup creation policies should specify ________.
A) what data should be backed up
B) backup restoration tests
C) Both A and B
D) Neither A nor B
Answer:
Which of the following is a good rule for handling exceptions?
A) Only some people should be allowed to request exceptions.
B) The requestor and approver should be different people.
C) The exception should be documented.
D) All of the above.
Answer:
page-pf15
________ backups only back up data that has changed since the most recent full
backup.
A) Differential
B) Incremental
C) Delta
D) None of the above
Answer:
________ places a relatively small traffic load on networks.
A) TCP
B) UDP
C) Both A and B
D) Neither A nor B
Answer:
Digital signatures are used for ________ authentication.
A) initial
B) message-by-message
page-pf16
C) Both A and B
D) Neither A nor B
Answer:
A Windows systems administrator should use the Administrator account ________.
A) as little as possible, and only when needed
B) as his or her main account, for auditability
C) his or her main account, for the permissions it provides
D) None of the above. The Windows systems administrator should never user the
Administrator account.
Answer:
Which of the following is transmitted across a network?
A) The plaintext
B) The ciphertext
C) Both A and B
D) Neither A nor B
page-pf17
Answer:
In COSO, a company's overall control culture is called its ________.
A) control culture
B) tone at the top
C) control environment
D) security culture
Answer:
An EAP message begins with an ________ message.
A) EAP request
B) EAP accept
C) EAP start
D) EAP response
Answer:
page-pf18
Which of the following is not a type of fix for vulnerabilities?
A) Work-arounds
B) Patches
C) Version upgrades
D) All of the above are types of fixes for vulnerabilities
Answer:
A(n) ________ is a program that takes advantage of a(n) ________.
A) exploit, vulnerability
B) vulnerability, exploit
C) Both A and B
D) Neither A nor B
Answer:
________ is/are effective method(s) to preventing ARP poisoning attacks.
A) Static tables
B) Limiting local access
C) Both A and B
page-pf19
D) Neither A nor B
Answer:
Once a company's resources are enumerated, the next step is to ________.
A) create a protection plan for each
B) assess the degree to which each is already protected
C) enumerate threats to each
D) classify them according to sensitivity
Answer:
The ________ standard is designed to prevent impostors from sending false supervisory
messages to switches.
A) 802.1X
B) 802.1AE
C) Both A and B
D) Neither A nor B
page-pf1a
Answer:
CobiT focuses on ________.
A) corporate governance
B) controlling entire IT function
C) IT security governance
D) All of the above about equally
Answer:

Trusted by Thousands of
Students

Here are what students say about us.

Copyright ©2022 All rights reserved. | CoursePaper is not sponsored or endorsed by any college or university.