Unlock document.
This document is partially blurred.
Unlock all pages and 1 million more documents.
Get Access
It is not possible to spread a virus via an USB stick.
Depending on the details of the overall authentication system, the registration authority
issues some sort of electronic credential to the subscriber.
A DoS attack targeting application resources typically aims to overload or crash its
network handling software.
Complying with regulations and contractual obligations is a benefit of security
awareness, training, and education programs.
Anomaly detection is effective against misfeasors.
An intruder can also be referred to as a hacker or cracker.
One way to secure against Trojan horse attacks is the use of a secure, trusted operating
system.
A plan needs to identify appropriate personnel to install and manage the system, noting
any training needed.
The first step in devising security services and mechanisms is to develop a security
policy.
Functionality is the security features provided by a product.
Although important, security auditing is not a key element in computer security.
The one-way hash function is important not only in message authentication but also in
digital signatures.
IT security management consists of first determining a clear view of an organization's
IT security objectives and general risk profile.
The Common Criteria specification is primarily concerned with the privacy of personal
information concerning the individual rather than the privacy of an individual with
respect to that individual's use of computer resources.
Those who hack into computers do so for the thrill of it or for status.
DoS attacks cause damage or destruction of IT infrastructures.
Hardware is the most vulnerable to attack and the least susceptible to automated
controls.
An object is said to have a security clearance of a given level.
An attacker can generally determine in advance exactly where the targeted buffer will
be located in the stack frame of the function in which it is defined.
Intrusion detection is based on the assumption that the behavior of the intruder differs
from that of a legitimate user in ways that can be quantified.
The purpose of the system does not need to be taken into consideration during the
system security planning process.
You should run automatic updates on change-controlled systems.
A bot propagates itself and activates itself, whereas a worm is initially controlled from
some central facility.
To be of practical use an IDS should detect a substantial percentage of intrusions while
keeping the false alarm rate at an acceptable level.
A malicious driver can potentially bypass many security controls to install malware.
E-mail is a common method for spreading macro viruses.
It is possible for a system to be compromised during the installation process.
Computer security is protection of the integrity, availability, and confidentiality of
information system resources.
Legal and regulatory constraints may require specific approaches to risk assessment.
Multilevel security is of interest when there is a requirement to maintain a resource in
which multiple levels of data sensitivity are defined.
The SYN spoofing attack targets the table of TCP connections on the server.
A subject can exercise only accesses for which it has the necessary authorization and
which satisfy the MAC rules.
The Biba models deals with confidentiality and is concerned with unauthorized
disclosure of information.
Lower layer security does not impact upper layers.
Anyone can join the Ad Hoc Committee on Responsible Computing.
An inline sensor monitors a copy of network traffic; the actual traffic does not pass
through the device.
A query language provides a uniform interface to the database.
"No write down" is also referred to as the *-property.
A macro virus infects executable portions of code.
The result of S/MIME encrypting the digest using DSS and the sender's private DSS
key is the ________.
A. digital signature
B. envelope
C. digest code
D. mail extension
A _______ is conducted to determine the adequacy of system controls, ensure
compliance with established security policy and procedures, detect breaches in security
services, and recommend any changes that are indicated for countermeasures.
A. security audit trail
B. security audit
C. user-level audit
D. system-level audit trail
__________ involves an attempt to define a set of rules or attack patterns that can be
used to decide if a given behavior is that of an intruder.
A. Profile based detection
B. Signature detection
C. Threshold detection
D. Anomaly detection
The operations performed during a round consist of circular shifts, and primitive
Boolean functions based on DSS, MD5, SHA, and RSA.
A concept that evolved out of requirements for military information security is ______ .
A. reliable input
B. mandatory access control
C. open and closed policies
D. discretionary input
The _______ field in the outer IP header indicates whether the association is an AH or
ESP security association.
A. protocol identifier
B. security parameter index
C. IP destination address
D. sequence path counter
Blocking assignment of form field values to global variables is one of the defenses
available to prevent a __________ attack.
A. PHP remote code injection
B. mail injection
C. command injection
D. SQL injection
The intent of ________ is to determine whether the program or function correctly
handles all abnormal inputs or whether it crashes or otherwise fails to respond
appropriately.
A. shell scripting
B. fuzzing
C. canonicalization
D. deadlocking
It is possible to specifically defend against the ______ by using a modified version of
the TCP connection handling code.
A. three-way handshake
B. UDP flood
C. SYN spoofing attack
D. flash crowd
________ is when a new document consolidates information from a range of sources
and levels so that some of that information is now classified at a higher level than it was
originally.
A. Classification creep
B. Trusted platform
C. Common criteria
D. Polyinstantiation
A characteristic of reflection attacks is the lack of _______ traffic.
A. backscatter
B. network
C. three-way
D. botnet
______ is intended to permit others to perform, show, quote, copy, and otherwise
distribute portions of the work for certain purposes.
A. Reverse engineering
B. Personal privacy
C. Fair use
D. Encryption research
A (n) __________ is a hacker with minimal technical skill who primarily uses existing
attack toolkits.
A. Master
B. Apprentice
C. Journeyman
D. Activist
The range of logging data acquired should be determined _______.
A. during security testing
B. as a final step
C. after monitoring average data flow volume
D. during the system planning stage
A __________ is when an adversary attempts to achieve user authentication without
access to the remote host or to the intervening communications path.
A. client attack
B. host attack
C. eaves dropping attack
D. Trojan horse attack
The DSS makes use of the _________ and presents a new digital signature technique,
the Digital Signature Algorithm (DSA).
A. HMAC
B. XOR
C. RSA
D. SHA-1
________ is the process of receiving, initial sorting, and prioritizing of information to
facilitate its appropriate handling.
A. Incident
B. Triage
C. Constituency
D. Handling
________ specification indicates the impact on the organization should the particular
threat in question actually eventuate.
A. Risk
B. Consequence
C. Threat
D. Likelihood
The purpose of the ________ module is to collect data on security related events on the
host and transmit these to the central manager.
A. central manager agent
B. LAN monitor agent
C. host agent
D. architecture agent
In relational database parlance, the basic building block is a __________, which is a flat
table.
A. attribute
B. tuple
C. primary key
D. relation
The National Institute of Standards and Technology has published Federal Information
Processing Standard FIPS PUB 186, known as the __________.
A. XOR
B. MD5
C. MAC
D. DSS
Computer viruses first appeared in the early __________.
A. 1960s
B. 1970s
C. 1980s
D. 1990s
An institution that issues debit cards to cardholders and is responsible for the
cardholder's account and authorizing transactions is the _________.
A. cardholder
B. issuer
C. auditor
D. processor
A buffer overflow in Microoft Windows 2000/XP Local Security Authority Subsystem
Service was exploited by the _________ .
A. Aleph One
B. Sasser worm
C. Slammer worm
D. none of the above
Transmitted data stored locally are referred to as __________ .
A. ciphertext
B. DES
C. data at rest
D. ECC
Land and things permanently attached to the land, such as trees, buildings, and
stationary mobile homes are _______.
A. real property
B. cyber property
C. personal property
D. intellectual property
__________ includes people, processes, and systems that are used to manage access to
enterprise resources by assuring that the identity of an entity is verified, and then
granting the correct level of access based on this assured identity.
A. CSP
B. DLP
C. IAM
D. IPS
A prevalent concern that is often overlooked is ________.
A. overvoltage
B. undervoltage
C. dust
D. noise
A _______ is a collection of requirements that share a common focus or intent.
A. trust
B. family
C. class
D. component
_______ is a list that contains the combinations of cryptographic algorithms supported
by the client.
A. Compression method
B. Session ID
C. CipherSuite
D. All of the above
A ________ monitors network traffic for particular network segments or devices and
analyzes network, transport, and application protocols to identify suspicious activity.
A. host-based IDS
B. security intrusion
C. network-based IDS
D. intrusion detection
In 2003 the _________ exploited a buffer overflow in Microsoft SQL Server 2000.
A. Slammer worm
B. Morris Internet Worm
C. Sasser worm
D. Code Red worm
A __________ is a password guessing program.
A. password hash
B. password biometric
C. password cracker
D. password salt
________ is a means of managing risk, including policies, procedures, guidelines,
practices, or organizational structures.
At the basic machine level, all of the data manipulated by machine instructions
executed by the computer processor are stored in either the processor's registers or in
memory.
Physical security threats are organized into three categories: environmental threats,
human-caused threats, and _________ threats.
The recipient of a message can decrypt the signature using DSS and the sender's public
DSS key.
The _________ was issued as a federal information-processing standard and is intended
to replace DES and 3DES with an algorithm that is more secure and efficient.
A logical means of implementing an IPSec is in a firewall.
In July 1998 the __________ announced that it had broken a DES encryption using a
special purpose "DES cracker" machine.
SHA-2 shares the same structure and mathematical operations as its predecessors and
this is a cause for concern.
Security labels indicate which system entities are eligible to access certain resources.
The ICMP echo response packets generated in response to a ping flood using randomly
spoofed source addresses is known as _______ traffic.
The _________ controls focus on the response to a security breach, by warning of
violations or attempted violations of security policies or the identified exploit of a
vulnerability and by providing means to restore the resulting lost computing resources.
System security begins with the installation of the ________.
_______ management is the process used to review proposed changes to systems for
implications on the organization's systems and use.
Not proceeding with the activity or system that creates the risk is _________.
The __________ cloud infrastructure is operated solely for an organization.
The functional components of an _________ are: data source, sensor, analyzer,
administration, manager, and operator.
A threat may be either natural or human made and may be accidental or deliberate.
A user program executes in a kernel mode in which certain areas of memory are
protected from the user's use and certain instructions may not be executed.
The four lines of defense against DDoS attacks are: attack prevention and preemption,
attack detection and filtering, attack source traceback and identification and _______.
