CS 84680 | Course Paper

Unlock access to all the studying documents.

View Full Document

A ________ server gives an original host the IP address of another host to which the

original host wishes to send packets.

A) DHCP

B) DNS

C) Both A and B

D) Neither A nor B

Answer:

When risk analysis deals with costs and benefits that vary by year, the computations

should use ________.

A) NPV

B) IRR

C) Either A or B

D) Neither A nor B

Answer:

The main TCP/IP interior dynamic routing protocol for large networks is ________.

A) OSPF

B) RIP

C) BGP

D) EIGRP

Answer:

Client usually get ________.

A) static IP addresses

B) ephemeral IP addresses

C) dynamic IP addresses

D) None of the above.

Answer:

In ________ filtering, the firewall examines packets entering the network from the

outside.

A) ingress

B) egress

C) Both A and B

D) Neither A nor B

Answer:

Code on a webpage that is executed on the client PC is ________.

A) a Trojan horse

B) a Virus

C) mobile code

D) an XSS attack

Answer:

DML triggers are used to ________.

A) maliciously attack databases

B) produce automatic responses if the data of the database has been altered.

C) Both A and B

D) Neither A nor B

Answer:

NAT is able to stop ________.

A) scanning probes

B) sniffers from learning anything about the internal IP address of internal hosts

C) Both A and B

D) Neither A nor B

Answer:

Plaintiffs initiate legal proceedings in ________ cases.

A) civil

B) criminal

C) Both A and B

D) Neither A nor B

Answer:

File/directory data backup copies ________.

A) programs

B) data

C) registry settings

D) Both A and B.

Answer:

If a company wishes to prosecute people or companies that steal its trade secrets, it

must take ________ precautions to protect those trade secrets.

A) at least some

B) reasonable

C) extensive

D) no (Trade secret protection is automatic under the law.)

Answer:

________ eliminates the problem of having to re-baseline the system to proper security

levels.

A) Using a disk image

B) Total software reinstallation

C) Both A and B

D) Neither A nor B

Answer:

A botmaster can remotely ________.

A) fix a bug in the bots

B) update bots with new functionality

C) Both A and B

D) Neither A nor B

Answer:

3DES is ________.

A) very slow

B) strong enough for communication in corporations

C) expensive in terms of processing cost

D) All of the above

Answer:

Sending packets with false IP source addresses is called ________.

A) a IP address scanning attack

B) IP address spoofing

C) a port scanning attack

D) None of the above.

Answer:

Which of the following are elements of host hardening?

A) Encrypting data on the host

B) Read operating system log files

C) Both A and B

D) Neither A nor B

Answer:

A private key/public key pair is usually created by the ________.

A) client

B) PKI server

C) Both A and B

D) Neither A nor B

Answer:

Which companies do PCI-DSS affect?

A) E-commerce firms

B) Medical firms

C) Government organizations

D) Companies that accept credit card payments

Answer:

Policies should be written by ________.

A) IT security

B) corporate teams involving people from multiple departments

C) a senior executive

D) an outside consultant, to maintain independence

Answer:

A normal TCP close takes ________ segments.

A) 2

B) 3

C) 4

D) None of the above.

Answer:

The only person who should speak on behalf of a firm should be ________.

A) the public relations director

B) the firm’s legal counsel

C) Both A and B

D) Neither A nor B

Answer:

After an antivirus server performs filtering, it may ________.

A) drop the object

B) send the object to the firewall to pass to the destination

C) pass the object to the destination directly

D) All of the above

Answer:

When two parties communicate with each other using symmetric key encryption, how

many keys are used in total to encrypt and decrypt?

A) 1

B) 2

C) 4

D) 8

Answer:

What is missing from the definition of response as “recovery?”

A) The phrase “according to plan” must be added to “recovery.”

B) The definition must refer to specific resources.

C) The phrase “Reasonable degree of” must begin the definition.

D) The phrase “and prosecution” must be added after “recovery.”

Answer:

Before doing a vulnerability test, a security employee must ensure that ________.

A) doing a vulnerability test is in his or her job description

B) no damage will be done

C) he or she has a specific contract to do a specific test

D) the test is a surprise to everyone, including the tester’s superior, who may be

engaged in illicit activities

Answer:

Cookies are dangerous because they ________.

A) allow a website to track what pages you have visited

B) may contain sensitive private information about you

C) Both A and B

D) Neither A nor B

Answer:

A device attached to a network is called a ________.

A) client

B) server

C) host

D) Neither A nor B

Answer:

________ firewalls always examine application messages in depth.

A) Static packet filtering

B) SPI

C) Application proxy

D) All of the above

Answer:

Single-network core standards are for message delivery through ________.

A) LANs

B) WANs

C) Both A and B

D) Neither A nor B

Answer:

In SSL/TLS, a specific set of protocols that a particular cryptographic system will use

to provide protection is called a ________.

A) system standard

B) cipher suite

C) security method

D) security method and options

Answer:

In public key encryption for authentication, the supplicant must prove that it knows

________, which nobody else should be able to know.

A) the supplicant’s public key

B) the supplicant’s private key

C) the true party’s private key

D) the verifier’s private key

Answer:

During enrollment, the scanner sends ________ to the authentication system.

A) scan data

B) key features

C) Both A and B

D) Neither A nor B

Answer:

________ are areas of responsibility within which different government bodies can

make and enforce laws but beyond which they cannot.

A) Mens rea

B) Jurisdictions

C) Statutes

D) Precedents

Answer: