CS 70070 | Course Paper

Unlock access to all the studying documents.

View Full Document

For general-purpose block-oriented transmission you would typically use _______

mode.

A. CBC

B. CTR

C. CFB

D. OFB

A(n) _________ is an attempt to learn or make use of information from the system that

does not affect system resources.

A. passive attack

B. outside attack

C. inside attack

D. active attack

In the case of ________ only the digital signature is encoded using base64.

A. enveloped data

B. signed and enveloped data

C. signed data

D. clear-signed data

A capability set up for the purpose of assisting in responding to computer

security-related incidents that involve sites within a defined constituency is called a

______.

A. CIRT

B. CIRC

C. CSIRT

D. all of the above

The first critical step in securing a system is to secure the __________.

A. base operating system

B. system administrator

C. malware protection mechanisms

D. remote access privileges

In a relational database rows are referred to as _________.

A. relations

B. attributes

C. views

D. tuples

When a DoS attack is detected, the first step is to _______.

A. identify the attack

B. analyze the response

C. design blocking filters

D. shut down the network

In a _______ attack the attacker creates a series of DNS requests containing the spoofed

source address for the target system.

A. SYN flood

B. DNS amplification

C. poison packet

D. UDP flood

The _________ is the encryption algorithm run in reverse.

A. decryption algorithm

B. ciphertext

C. plaintext

D. secret key

The ________ accepts the message submitted by a message user agent and enforces the

policies of the hosting domain and the requirements of Internet standards.

A. mail submission agent

B. message user agent

C. mail delivery agent

D. message transfer agent

Kerberos uses the _______ encryption algorithm.

A. AES

B. PKI

C. DES

D. TGS

A ________ attack involves trying all possible private keys.

A. mathematical

B. timing

C. brute-force

D. chosen ciphertext

The __________ component deals with the management and control of the ways

entities are granted access to resources.

A. resource management

B. access management

C. privilege management

D. policy management

Each individual who is to be included in the database of authorized users must first be

__________ in the system.

A. verified

B. identified

C. authenticated

D. enrolled

The __________ is the encryption algorithm run in reverse.

A. decryption algorithm

B. plaintext

C. ciphertext

D. encryption algorithm

A __________ is code inserted into malware that lies dormant until a predefined

condition, which triggers an unauthorized act, is met.

A. logic bomb

B. trapdoor

C. worm

D. Trojan horse

_______ is a text-based protocol with a syntax similar to that of HTTP.

A. RIP

B. DIP

C. SIP

D. HIP

__________ refers to setting a maximum number with respect to roles.

A. Cardinality

B. Prerequisite

C. Exclusive

D. Hierarchy

______ relates to the capacity of the network links connecting a server to the wider

Internet.

A. Application resource

B. Network bandwidth

C. System payload

D. Directed broadcast

Cryptographic file systems are another use of _______.

A. encryption

B. testing

C. virtualizing

D. acceleration

The most common variant of injecting malicious script content into pages returned to

users by the targeted sites is the _________ vulnerability.

A. XSS reflection

B. chroot jail

C. atomic bomb

D. PHP file inclusion

The follow-up stage of the management process includes _________.

A. maintenance of security controls

B. security compliance checking

C. incident handling

D. all of the above

_____ is a markup language that uses sets of embedded tags or labels to characterize

text elements within a document so as to indicate their appearance, function, meaning,

or context.

A. HML

B. HTTP

C. XML

D. SOAP

______ attempts to monopolize all of the available request handling threads on the Web

server by sending HTTP requests that never complete.

A. HTTP

B. Reflection attacks

C. SYN flooding

D. Slowloris

The ________ access mode allows the subject only write access to the object.

A. read

B. append

C. write

D. execute

A __________ is an entity capable of accessing objects.

A. group

B. object

C. subject

D. owner

One of the earliest and most widely used services is _________.

A. Kerberos

B. FIM

C. PKI

D. X.509

Traditionally the function of __________ was to transfer control to a user

command-line interpreter, which gave access to any program available on the system

with the privileges of the attacked program.

A. shellcode

B. C coding

C. assembly language

D. all of the above

Security classes are referred to as __________.

A. security clearances

B. security classifications

C. security levels

D. security properties

A contingency plan for systems critical to a large organization would be _________

than that for a small business.

A. smaller, less detailed

B. larger, less detailed

C. larger, more detailed

D. smaller, more detailed

__________ is the scrambled message produced as output.

A. Plaintext

B. Ciphertext

C. Secret key

D. Cryptanalysis

__________ is a term that refers to the means of delivering a key to two parties that

wish to exchange data without allowing others to see the key.

A. Session key

B. Subkey

C. Key distribution technique

D. Ciphertext key

A single device that integrates a variety of approaches to dealing with network-based

attacks is referred to as a __________ system.

The overall scheme of Kerberos is that of a trusted third-party authentication service.

The best defense against broadcast amplification attacks is to block the use of _______

broadcasts.

The wireless environment consists of three components that provide point of attack: the

wireless client, the transmission medium, and the _________.

__________, in the context of passwords, refers to an adversary’s attempt to learn the

password by observing the user, finding a written copy of the password, or some similar

attack that involves the physical proximity of user and adversary.

The assets of a computer system can be categorized as hardware, software,

communication lines and networks, and _________.

A hash function such as SHA-1 was not designed for use as a MAC and cannot be used

directly for that purpose because it does not rely on a secret key.

The two criteria used to validate that a sequence of numbers is random are

independence and _________ .

When multiple categories or levels of data are defined, the requirement is referred to as

__________ security.

CMP, defined in RFC 2510, is designed to be a flexible protocol able to accommodate a

variety of technical, operational, and business models.

A _______ flood refers to an attack that bombards Web servers with HTTP requests.

SQL Server allows users to create roles that can then be assigned access rights to

portions of the database.

The optimal temperature for computer systems is between 10 and 32 degrees

Fahrenheit.

In a __________ attack, an application or physical device masquerades as an authentic

application or device for the purpose of capturing a user password, passcode, or

biometric.

Public-key encryption was first publicly proposed by __________ in 1976.

A symmetric encryption scheme has five ingredients: plaintext, encryption algorithm,

ciphertext, decryption algorithm and _________.

An independent review and examination of system records and activities in order to test

for adequacy of system controls, to ensure compliance with established policy and

operational procedures, to detect breaches in security, and to recommend any indicated

changes in control, policy and procedures is a(n) __________ .

The certification _________ is the issuer of certificates and certificate revocation lists.

Any program that is owned by, and SetUID to, the ‘superuser” potentially grants

unrestricted access to the system to any user executing that program.