Unlock document.
This document is partially blurred.
Unlock all pages and 1 million more documents.
Get Access
Many security administrators view strong security as an impediment to efficient and
user-friendly operation of an information system.
The source of the attack is explicitly identified in the classic ping flood attack.
Many forms of infection can be blocked by denying normal users the right to modify
programs on the system.
In S/MIME each conventional key is used a total of three times.
The firewall may be a single computer system or a set of two or more systems that
cooperate to perform the firewall function.
Passwords installed by default are secure and do not need to be changed.
The legal and ethical aspects of computer security encompass a broad range of topics.
The implementation phase comprises not only the direct implementation of the controls,
but also the associated training and general security awareness programs for the
organization.
In the context of security our concern is with the vulnerabilities of system resources.
A cyberslam is an application attack that consumes significant resources, limiting the
server's ability to respond to valid requests from
other users.
The IDS component responsible for collecting data is the user interface.
Every bot has a distinct IP address.
To implement a physical security program an organization must conduct a risk
assessment to determine the amount of resources to devote to physical security and the
allocation of those resources against the various threats.
The more critical a component or service, the higher the level of availability required.
Backup and archive processes are often linked and managed together.
Given sufficiently privileged access to the network handling code on a computer
system, it is difficult to create packets with a forged source
address.
Packet sniffers are mostly used to retrieve sensitive information like usernames and
passwords.
Signature-based approaches attempt to define normal, or expected, behavior, whereas
anomaly approaches attempt to define proper behavior.
Cryptanalytic attacks try every possible key on a piece of ciphertext until an intelligible
translation into plaintext is obtained.
Keyware captures keystrokes on a compromised system.
Data integrity assures that information and programs are changed only in a specified
and authorized manner.
User authentication is the fundamental building block and the primary line of defense.
A common location for a NIDS sensor is just inside the external firewall.
Flooding attacks take a variety of forms based on which network protocol is being used
to implement the attack.
The BLP model effectively breaks down when (untrusted) low classified executable
data are allowed to be executed by a high clearance (trusted) subject.
A virus that attaches to an executable program can do anything that the program is
permitted to do.
Many computer security vulnerabilities result from poor programming practices.
The National Bureau of Standards is now the National Institute of Standards and
Technology.
Intruders typically use steps from a common attack methodology.
Network-based intrusion detection makes use of signature detection and anomaly
detection.
For stream-oriented transmission over noisy channel you would typically use _______
mode.
A. ECB
B. CTR
C. OFB
D. CBC
A(n) __________ is a structured collection of data stored for use by one or more
applications.
A. attribute
B. database
C. tuple
D. inference
______ are resources that should be used as part of the system security planning
process.
A. Texts
B. Online resources
C. Specific system hardening guides
D. All of the above
A _________ monitors the characteristics of a single host and the events occurring
within that host for suspicious activity.
A. host-based IDS
B. security intrusion
C. network-based IDS
D. intrusion detection
__________ will integrate with the operating system of a host computer and monitor
program behavior in real time for malicious actions.
A. Fingerprint-based scanners
B. Behavior-blocking software
C. Generic decryption technology
D. Heuristic scanners
__________ is an organization that receives the encrypted data from a data owner and
makes them available for distribution to clients.
A. User
B. Client
C. Data owner
D. Server
An assault on system security that derives from an intelligent act that is a deliberate
attempt to evade security services and violate the security policy of a system is a(n)
__________.
A. risk
B. attack
C. asset
D. vulnerability
_________ is choosing to accept a risk level greater than normal for business reasons.
A. Risk avoidance
B. Reducing likelihood
C. Risk transfer
D. Risk acceptance
ESP supports two modes of use: transport and _________.
A. padding
B. tunnel
C. payload
D. sequence
The term "computer virus" is attributed to __________.
A. Herman Hollerith
B. Fred Cohen
C. Charles Babbage
D. Albert Einstein
Relative humidity should be maintained between ________ to avoid the threats from
both low and high humidity.
A. 20% and 80%
B. 40% and 60%
C. 50% and 50%
D. 30% and 70%
_______ is important as part of the directory service that it supports and is also a basic
building block used in other standards.
A. PKI
B. X.509
C. Kerberos
D. FIM
System conditions requiring immediate attention is a(n) _______ severity.
A. alert
B. err
C. notice
D. emert
SHA-1 produces a hash value of __________ bits.
A. 256
B. 160
C. 384
D. 180
Applications, especially applications with a certain level of privilege, present security
problems that may not be captured by system-level or user-level auditing data.
A(n) ________ event is an alert that is generated when the gossip traffic enables a
platform to conclude that an attack is under way.
A. PEP
B. DDI
C. IDEP
D. IDME
A(n) ________ is inserted into a network segment so that the traffic that it is monitoring
must pass through the sensor.
A. passive sensor
B. analysis sensor
C. LAN sensor
D. inline sensor
The _______ consists of two dates: the first and last on which the certificate is valid.
A. version
B. period of validity
C. extension
D. unique identifier
Using forged source addresses is known as _________.
A. source address spoofing
B. a three-way address
C. random dropping
D. directed broadcast
The ______ process retains copies of data over extended periods of time in order to
meet legal and operational requirements.
A. archive
B. virtualization
C. patching
D. backup
The _______ category is a transitional stage between awareness and training.
A. roles and responsibilities relative to IT systems
B. security basics and literacy
C. education and experience
D. security awareness
__________ data are data that may be derived from corporate data but that cannot be
used to discover the corporation's identity.
A. Reference
B. Trust
C. Sanitized
D. MAC
__________ provide a means of adapting RBAC to the specifics of administrative and
security policies in an organization.
A. Constraints
B. Mutually Exclusive Roles
C. Cardinality
D. Prerequisites
The ______ attacks the ability of a network server to respond to TCP connection
requests by overflowing the tables used to manage such connections.
A. DNS amplification attack
B. SYN spoofing attack
C. basic flooding attack
D. poison packet attack
A program that is covertly inserted into a system with the intent of compromising the
integrity or confidentiality of the victim's data is __________.
A. Adobe
B. Animoto
C. malware
D. Prezi
________ security provides perimeter security, access control, smoke and fire detection,
fire suppression, some environmental protection, and usually surveillance systems,
alarms, and guards.
A. Premises
B. Infrastructure
C. Logical
D. Physical
A restricted area within close proximity of a security interest has a classification of
______.
A. exclusion
B. controlled
C. limited
D. unrestricted
Eavesdropping and wiretapping fall into the ________ category.
A. theft
B. vandalism
C. misuse
D. unauthorized physical access
A _______ policy states that the company may access, monitor, intercept, block access,
inspect, copy, disclose, use, destroy, or recover using computer forensics any data
covered by this policy.
A. standard of conduct
B. unlawful activity prohibited
C. company rights
D. business use only
The _________ Model was developed for commercial applications in which conflicts of
interest can arise.
A. Biba
B. Clark-Wilson Integrity
C. Bell-Lapadula
D. Chinese Wall
A stack buffer overflow is also referred to as ___________ .
A. stack framing
B. stack smashing
C. stack shocking
D. stack running
"Incorrect Calculation of Buffer Size" is in the __________ software error category.
A. Porous Defenses
B. Allocation of Resources
C. Risky Resource Management
D. Insecure Interaction Between Components
Because serial numbers are unique within a CA, the serial number is sufficient to
identify the certificate.
Fixed server roles operate at the level of an individual database.
The basic audit objective is to establish accountability for system entities that initiate or
participate in security-relevant events and actions.
The Diffie-Hellman algorithm depends for its effectiveness on the difficulty of
computing discrete logarithms.
Any action that threatens one or more of the classic security services of confidentiality,
integrity, availability, accountability, authenticity, and reliability in a system constitutes
a(n) ________.
Developed by IBM and refined by Symantec, the __________ provides a malware
detection system that will automatically capture, analyze, add detection and shielding,
or remove new malware and pass information about it to client systems so the malware
can be detected before it is allowed to run elsewhere.
"Failure to Preserve SQL Query Structure" is in the __________ CWE/SANS software
error category.
The right to seek civil recourse against anyone infringing his or her property is granted
to the ________.
A ____________ attack involves persuading a user and an access point to believe that
they are talking to each other when in fact the communication is going through an
intermediate attacking device.
_________ is the process of attempting to discover the plaintext or key.
An ADMD is an Internet e-mail provider.
The most powerful, and most common, approach to countering the threats to network
security is ________.
Replay, masquerade, modification of messages, and denial of service are example of
_________ attacks.
External devices such as firewalls cannot provide access control services.
With ___________ administration the owner (creator) of a table may grant and revoke
access rights to the table.
A ________ cipher processes the input one block of elements at a time, producing an
output block for each input block.
The assignment of responsibilities relating to the management of IT security and the
organizational infrastructure is not addressed in a corporate security policy.
