









Study with the several resources on Docsity
Earn points by helping other students or get them with a premium plan
Prepare for your exams
Study with the several resources on Docsity
Earn points to download
Earn points by helping other students or get them with a premium plan
A comprehensive set of questions and answers covering various aspects of computer security. It delves into the motivations of traditional external hackers, explores different types of attacks like dos and ddos, and examines the importance of governance frameworks like coso and cobit. The document also covers cryptography, authentication, and hashing, providing insights into key concepts like symmetric and asymmetric encryption, digital signatures, and public key cryptography. It is a valuable resource for students studying computer security, offering a structured approach to understanding key concepts and principles.
Typology: Exams
1 / 17
This page cannot be seen from the preview
Don't miss anything!










What were the motivations of traditional external hackers? - Correct answer Ego, the trill of the break-in, and the validation of their skills Did traditional external hackers engage in theft? - Correct answer They often did What is an exploit? - Correct answer The specific attack method that the attacker uses to break into the computer What does "owning" a computer mean? - Correct answer Being able to do anything the attacker wishes on the computer. What is IP address spoofing? - Correct answer Sending packets with false IP source addresses. Why is IP address spoofing done? - Correct answer So that the attacker cannot determine the identity of the attacker. When can an attacker not use IP address spoofing? - Correct answer when they are trying to read replies of probe packets. How can social engineering be used to get access to a sensitive file? - Correct answer Simply by asking someone to send the file or to give access to the file What is piggybacking? - Correct answer Following someone through the door to a secure area without authenticating oneself. What is shoulder surfing? - Correct answer Watching someone type his or her password in order to learn the password. What is pretexting? - Correct answer an attacker calls claiming to be a certain person in order to ask for private information about that person.
What is a DoS attack? - Correct answer attack that attempts to make a server or network unavailable to serve legitimate users by flooding it with attack packets Describe a DDoS attack. - Correct answer an attacker controls many computers with bots. The attacker (or "botmaster") sends the bots a command to attack. All the bots then send the victim a flood of attack packets Why do many botnets have multiple owners over time? - Correct answer Typically, a botmaster will use the botnet for his or her purpose, then sell the botnet to someone else. What are the two primary characteristics of skilled hackers? - Correct answer Strong technical skills and dogged persistence Why are script kiddies dangerous? - Correct answer because of their sheer numbers and because their many attacks make it difficult to recognize the few attacks that are highly sophisticated Why are malware and exploit toolkits expanding the danger of script kiddies? - Correct answer They are making it much easier for script kiddies to act. What is a governance framework? - Correct answer Something that specifies how to do planning, implementation, and oversight. What does COSO focus on - Correct answer It focuses on corporate level governance What does COBIT focus on - Correct answer It focuses on IT governance What are the four objectives of COSO? - Correct answer Strategic, Operations, Reporting, and Compliance List the four COBIT domains. - Correct answer Planning & organization; acquisition & implementation; delivery & support; and monitoring How many high-level control objectives does COBIT have? - Correct answer 34
What is the advantage of codes? - Correct answer people can do encoding and decoding manually, without a computer. What are the disadvantages of codes? - Correct answer code books must be distributed ahead of time, and if one code book is intercepted, all confidentiality is lost Why is the word symmetric used in symmetric key encryption? - Correct answer Because two parties only use a single key for encryption and decryption in both directions When two parties communicate with each other using symmetric key encryption, how many keys are used in total? - Correct answer Only 1 key What type of encryption cipher is almost always used in encryption for confidentiality? - Correct answer Nearly all encryption What is the best way to thwart exhaustive searches by cryptanalysts? - Correct answer make the key so long that the time needed for attackers to crack the key is far too long for practicality How long must a symmetric encryption key be to be considered strong today? - Correct answer must be 100 bits or longer to be considered a strong key Why is an RC4 key length of 40 bits commonly used? - Correct answer because national export limits in many countries once limited commercial products up to 40-bit encryption. How long is a DES key? - Correct answer DES keys are 56 bits long How does 3DES work? - Correct answer It applies DES 3 times, with two or three different keys What are the two common effective key lengths in 3DES? - Correct answer 112 bit and 168 bit What is the disadvantage of 3DES? - Correct answer DES is slow and having to apply DES three times is extremely slow, therefore, extremely expensive in terms of processing cost
What is the big advantage of AES over 3DES? - Correct answer It offers 3 alternative key lengths instead of two What are the three key lengths offered by AES? - Correct answer 128 bit, 192 bit, and 256 bit. Which strong symmetric key encryption cipher can be used with small mobile devices? - Correct answer AES can be used with small mobile devices. Which symmetric key encryption cipher probably will dominate in the near future? - Correct answer AES What is security through obscurity, and why is it bad? - Correct answer It relies on attackers not to obtain learnable information and it is bad because it could result in catastrophic loss of security if known. What is an impostor? - Correct answer someone who pretends to be someone else What is authentication? - Correct answer Proving your identity to communicate to a partner What is mutual authentication? - Correct answer When both parties authenticate themselves to the other Why is a secure keying phase necessary? - Correct answer because if the key is not protected, it can be stolen and this will defeat the purpose of encrypting the data. What three protections do cryptographic systems provide on a message- by-message basis? - Correct answer An electronic signature, message integrity, and message encryption. What is an electronic signature? - Correct answer a field in a message that authenticates the message. What two protections do electronic signatures usually provide? - Correct answer message-by-message authentication and message integrity
What is the purpose of Diffie-Hellman key exchange? - Correct answer Keying Can an attacker who captures the exchanged keying information compute the symmetric session key? - Correct answer No What is a man-in-the-middle attack? - Correct answer A form of attack in which an attacker intercepts messages being sent between two parties and forwards them on What is a replay attack? - Correct answer It's where an adversary intercepts an encrypted message and transmits it again later. In public key authentication, what must the sender know that an impostor should not be able to learn? - Correct answer The true party's private key For what type of authentication is a digital signature used—initial authentication or message-bymessage authentication? - Correct answer Digital signatures How does the supplicant create a message digest? - Correct answer by hashing the plaintext message. How does the supplicant create a digital signature? - Correct answer by encrypting the message digest with its own private key In public key encryption, what is "signing?" - Correct answer the act of encrypting the message digest with its own private key What combined message does the supplicant send? - Correct answer It is the digital signature plus the plaintext How is the combined message encrypted for confidentiality? - Correct answer The sender will use symmetric key encryption. Besides authentication, what security benefit does a digital signature provide? - Correct answer Message integrity
From what kind of organization can a verifier receive digital certificates? - Correct answer The certificate authority (CA) Are most CAs regulated? - Correct answer CAs in many countries are not regulated What are the two most critical fields in the digital certificate? - Correct answer The name of the true party and the true party's public key What two cryptographic protections does an HMAC provide? - Correct answer Authentication and message integrity Do HMACs use symmetric key encryption, public key encryption, or hashing? - Correct answer a combination of hashing and symmetric key encryption What is the benefit of HMACs over digital signatures? - Correct answer HMACs are much faster and less expensive What is quantum key distribution? - Correct answer It's a way to deliver enormously long keys to communication partners. What is the definition of a VPN? - Correct answer It's a cryptographic system that provides secure communication over an untrusted network. Which types of VPNs use VPN gateways? - Correct answer Remote access and site-to-site VPNs For what type of VPN was SSL/TLS developed? - Correct answer Host-to- host VPNs For what type of VPN is SSL/TLS increasingly being used? - Correct answer Remote access VPN At what layer does SSL/TLS operate? - Correct answer at the transport layer. What are the two commonly SSL/TLS-aware applications? - Correct answer Web applications and e-mail
What is a handler? - Correct answer an additional layer of compromised hosts that are used to manage large groups of bots How does a reflected attack work? - Correct answer uses responses from legitimate services to flood a victim What is a DRDoS attack, and how does it work? - Correct answer Using a botnet in a reflected attack using legitimate services What is a Smurf flood? - Correct answer a variation of a reflected attack that takes advantage of an incorrectly configured network device (router) to flood a victim What is black holing? - Correct answer when a firm drops all IP packets from an attacker. How can the effects of SYN floods be mitigated? - Correct answer by validating the TCP handshake, rate limiting, or even black holing Can ARP poisoning be used outside the LAN? - Correct answer Typically not What is ARP spoofing? - Correct answer uses false ARP replies to map any IP address to any MAC address How could an attacker use ARP spoofing to manipulate host ARP tables? - Correct answer they do not require authentication or verification Do switches record IP addresses? - Correct answer No, they only look at MAC addresses What is the main access control threat to wireless LANs? - Correct answer An intruder can connect by radio to an unprotected wireless access point. Is eavesdropping usually a concern for wired LANs, wireless LANs, or both? - Correct answer It is a concern in both Why is 802.1X called Port-Based Access Control? - Correct answer because security is implemented on specific ports of an Ethernet workgroup switch
Where is the heavy authentication work done? - Correct answer on a central authentication server How does an EAP session start? - Correct answer When a switch senses a connection, it sends an EAP Start message to the RADIUS server. What types of messages carry requests for authentication information and responses to these requests? - Correct answer EAP request and response messages. When a new authentication method is added, what device software must be changed to use the new method? - Correct answer the central authentication server and supplicant What standard do most central authentication servers follow? - Correct answer the RADIUS standard How are EAP and RADIUS related in terms of functionality? - Correct answer RADIUS is an AAA server that uses EAP for authentication What authentication method does RADIUS use? - Correct answer EAP What is the most common attack against wireless networks? - Correct answer unauthorized access, or connecting to a network without permission. Which IEEE standard governs WLAN transmission? - Correct answer IEEE 802. Which device acts as a relay between wired and wireless networks? - Correct answer An access point What is the typical range of a WLAN? - Correct answer 30 to 100 meters extending in all directions from the AP Who would set up a rogue access point? - Correct answer internal employees for convenience
What mistake did the 802.11 Working Group make in selecting the length of the IV? - Correct answer making IVs too short How long may WEP take to crack today? - Correct answer two or three minutes Should corporations today use WEP for security today? - Correct answer No. What does the Wi-Fi Alliance call 802.11i? - Correct answer WPA Despite its security weaknesses, why do many companies continue to use WPA instead of 802.11i? - Correct answer to avoid the cost of reconfiguring all access points and wireless clients to support WPA Why is 802.1X mode unsuitable for homes and small offices? - Correct answer Because the use of a central authentication server is very expensive. What mode was created for homes or very small businesses with a single access point? - Correct answer PSK/personal mode ) How do users in this mode authenticate themselves to the access point? - Correct answer via the use of a single, shared initial key How are PSK/personal keys generated? - Correct answer The administrator types a passphrase into every client and into the access point. How long must passphrases be for adequate security? - Correct answer at least 20 characters long for adequate security What is the purpose of a wireless IDS? - Correct answer to collect data from wireless access points that can be used to detect attacks. What is a rogue access point? - Correct answer Unauthorized access points set up by individuals or departments What are MAC access control lists? - Correct answer list of pre-approved stations allowed to use the access point.
List the AAA access controls - Correct answer Authentication, Authorizations, and Auditing. What are the four bases for authentication credentials? - Correct answer What you know, What you have ,Who you are , What you do What is two-factor authentication's promise? - Correct answer defense in depth What is Role-based access control? - Correct answer When authorizations are assigned to roles instead of to individuals Why is RBAC less expensive than access control based on individual accounts? - Correct answer because fewer assignments need be made Why is having a single point of building entry important? - Correct answer easier to apply protections to people coming into and going out of the building. Why are emergency exits important? - Correct answer In case of fire or other problems, people must be able to escape List the four elements of entry authorization in CobiT? - Correct answer building entry must be justified, authorized, logged, and monitored. Why is loading dock security important? - Correct answer This is a busy area with many strangers. It is a likely penetration point. What is siting? - Correct answer synonym for locating or placing If wiring cannot be run through walls, what should be done to protect the wiring? - Correct answer the wiring should be protected by running it through conduits What should be done to protect laptops taken off-premises? - Correct answer should never be left unattended What controls should be applied to equipment disposal? - Correct answer sensitive data must be removed
What are USB tokens? - Correct answer a small device that plugs into a computer's USB port to identify the owner What is the advantage of USB tokens compared to cards? - Correct answer can be used to authenticate a user without the cost of having a smart card reader attached to the PC What is the attraction of proximity tokens? - Correct answer they do not require physical contact with a reader or USB port Why is it important to disable lost or stolen access devices? - Correct answer if not done, they can still be used by the thief What is a PIN (personal identification number)? - Correct answer a short number you type in manually to authenticate yourself What is biometric authentication? - Correct answer authentication based on biological metrics. On what two things about you is biometric authentication based? - Correct answer based upon something you are and something you do What is the major promise of biometrics? - Correct answer to make reusable passwords obsolete. What are key features? - Correct answer specific metrics extracted from the scanning data. What does the server do with the key features created by the enrollment scan? - Correct answer it uses these key features as the template for that user What is a template? - Correct answer the file entry containing key features from the enrollment process for a single individual. What is user access data? - Correct answer This is data collected during an access attempt scan What does a match index do? - Correct answer compares access key features with the template.
In biometrics, what is a match? - Correct answer occurs when a match index meets the decision criteria What are false acceptance rates (FARs) and false rejection rates (FRRs)? - Correct answer These are the percentages of time there is a false acceptance or a false rejection from a scan For computer access, why is a false acceptance bad? - Correct answer because someone other than the authorized user, possibly an imposter, will gain access to the resource. Why is a false rejection bad? - Correct answer because a legitimate user is denied access to a resource. For watch lists of criminals, what is a false acceptance? - Correct answer an innocent person is identified as a criminal. What is failure to enroll? - Correct answer something that occurs if a system will not enroll a user