Study with the several resources on Docsity
Earn points by helping other students or get them with a premium plan
Prepare for your exams
Study with the several resources on Docsity
Earn points to download
Earn points by helping other students or get them with a premium plan
Community
Ask the community for help and clear up your study doubts
Discover the best universities in your country according to Docsity users
Free resources
Download our free guides on studying techniques, anxiety management strategies, and thesis advice from Docsity tutors
A wide range of cybersecurity topics, including system startup and shutdown, file management, cryptography, security tools, risk assessment, security policies, and various types of cyber threats and attacks. It provides an overview of fundamental cybersecurity concepts and best practices that are essential for understanding and maintaining the security of computer systems and networks. The document touches on topics such as certificate authorities, encryption algorithms, security incident response, and security auditing, making it a valuable resource for anyone interested in the field of cybersecurity.
Typology: Exams
1 / 22
A boot sector virus goes to work when what event takes place? A. Reboot or system startup B. File is deleted C. File is saved D. March 16th E - ANSWER Which of the following organizations can be a valid Certificate Authority (CA)? A. Verisign B. Microsoft C. Netscape D. Dell E. All of the entities listed could be valid Certificate Authorities A - ANSWER It is difficult to prosecute a computer criminal if warning banners are not deployed? A. True B. False B - ANSWER What is the following paragraph an example of? <<ATTN: This system is for the use of authorized persons only. If you use this system without authority, or if you abuse your authority, then you are subject to having all of your activities on this system monitored and recorded by system personnel.
A. Audit Trail Banner B. Warning Banner C. Welcome Banner D. Access Control Banner Test virus - ANSWER EICAR is an example of a _____________ used to test AV products without introducing a live virus into the network.
D - ANSWER __________ is the most famous Unix password cracking tool. A. SNIFF B. ROOT C. NMAP D. CRACK E. JOLT C - ANSWER PGP & PEM are programs that allow users to send encrypted messages to each other. What form of encryption do these programs use? A. DES B. 3DES C. RSA D. 3RSA E. Blowfish F. All of the above A B C - ANSWER Which of the following are NT Audit events? (Choose all that apply) A. Logon and Logoff B. Use of User Rights C. Security Policy Change D. Registry Tracking E. All of choices are correct D - ANSWER The most secure method for storing backup tapes is? A. In a locked desk drawer B. In the same building, but on a different floor C. In a cool dry climate D. Off site in a climate controlled area E. In a fire proof safe inside the data center (for faster retrieval) F. None of the above Sniffer - ANSWER __________ is a tool used by network administrators to capture packets from a network. C - ANSWER The IDEA algorithm (used in PGP) is _______ bits long. A. 56 B. 158 C. 128 D. 168
E - ANSWER Which organization(s) are responsible for the timely distribution of information security intelligence data? A. CERT B. SANS C. CERIAS D. COAST E. All of the organizations listed E - ANSWER A password audit consists of checking for ____________? A. Minimum password length B. Password aging C. Password Strength D. Blank Passwords E. All of the items listed Authentication, Authorization - ANSWER Accounting, __________, and ____________ are the AAAs of information security. D - ANSWER What term describes the amount of risk that remains after the countermeasures have been deployed and the vulnerabilities classified? A. Terminal risk B. Infinite risk C. Imminent risk D. Residual risk B - ANSWER Risk assessment deals with constant monitoring? A. True B. False E - ANSWER Countermeasures address security concerns in which of the following categories? A. Physical B. Operations C. Computer D. Communication E. Information F. All of the listed categories A E - ANSWER Which of these virus incidents did not occur in 1999? (Choose all that apply)
A. ILoveYou B. Chernobyl C. Melissa D. Michelangelo E. AnnaKournikova F. None of the above - they all happened in 1999 A - ANSWER Companies can now be sued for privacy violations just as easily as they can be sued for security compromises. A. True B. False C D - ANSWER Passfilt.dll enforces which of the following? (Choose all that apply) A. 8 character minimum password length B. 90 day password change C. Each password must have a combination of upper case, lower case, numbers and special characters D. 6 character minimum password length D - ANSWER _________ is a form of Denial of Service attack which interrupts the TCP three way handshake and leaves half open connections. A. DNS Recursion B. NMAP C. Land Attack D. SYN Flooding E. Port Scanning A C - ANSWER The following actions have been noted as providing motivation to virus writers? (Choose all that apply) A. Fame B. Fortune C. Boredom D. Stupidity PAP CHAP - ANSWER The ____________ protocol sends passwords in clear text, while ____________ encrypts
passwords. Both protocols are used by PPP (Point to Point Protocol) to transport IP traffic, E - ANSWER Which of the following are used in Biometrics? A. Retinal Scanning B. Fingerprints C. Face Recognition D. Voice Recognition E. All of the above F. None of the above C - ANSWER Smart cards are a secure alternative to which weak security mechanism? A. Biometrics B. Public Key Encryption C. Passwords D. Tokens D - ANSWER What type of software can be used to prevent, detect (and possibly correct) malicious activities on a system? A. Personal Firewall B. IDS - host based C. Antivirus D. All methods listed C - ANSWER Information security policies are a ___________________. A. Necessary evil B. Waste of time C. Business enabler D. Inconvenience for the end user E. All of the answers are correct B - ANSWER Macintosh computers are not at risk for receiving viruses. A. True B. False Hoaxes - ANSWER Unlike like viruses and worm, __________ are bogus messages that spread via email forwarding. D - ANSWER There are 6 types of security control practices. ___________ controls are management policies, procedures, and guidelines that usually effect the entire system. These types of controls deal with
system auditing and usability. A. Preventive B. Detective C. Corrective D. Directive E. Recovery F. Combination host based, network based - ANSWER Name two types of Intrusion Detection Systems ________ and ________. A - ANSWER Today, privacy violations are almost as serious as security violations? A. True B. False D - ANSWER _________ is a protocol developed by Visa and MasterCard to protect electronic transactions. A. SSL B. SHA- 1 C. HMAC D. SET E. ETP F - ANSWER Which of the following are Unix / Linux based security tools? A. Tiger B. TCP Wrappers C. TripWire D. LogCheck E. SATAN F. All of the tools listed can work on theUnix platforms B - ANSWER Layer 4 of the OSI model corresponds to which layer of the DoD model? A. Layer 4 - Application B. Layer 3 - Host to Host C. Layer 2 - Internet D. Layer 1 - Network E. Layer 6 - Presentation C D - ANSWER When gathering digital evidence it is very important to do the following: (Choose all that apply) A. Shut down the compromised system to avoid further attacks
B. Reboot the victim system offline C. Document the chain of evidence by taking good notes D. Perform a bit-level back up of the data before analysis B - ANSWER A security policy is a rigid set of rules that must be followed explicitly in order to be effective. A. True B. False B - ANSWER DES - Data Encryption standard has a 128 bit key and is very difficult to break. A. True B. False B - ANSWER What is the main difference between computer abuse and computer crime? A. Amount of damage B. Intentions of the perpetrator C. Method of compromise D. Abuse = company insider; crime = company outsider C - ANSWER A standardized list of the most common security weaknesses and exploits is the __________. A. SANS Top 10 B. CSI/FBI Computer Crime Study C. CVE - Common Vulnerabilities and Exposures D. CERT Top 10 C - ANSWER A salami attack refers to what type of activity? A. Embedding or hiding data inside of a legitimate communication - a picture, etc. B. Hijacking a session and stealing passwords C. Committing computer crimes in such small doses that they almost go unnoticed D. Setting a program to attack a website at11:59 am on New Year's Eve D - ANSWER Multi-partite viruses perform which functions? A. Infect multiple partitions B. Infect multiple boot sectors C. Infect numerous workstations D. Combine both boot and file virus behavior
B - ANSWER What security principle is based on the division of job responsibilities - designed to prevent fraud? A. Mandatory Access Control B. Separation of Duties C. Information Systems Auditing D. Concept of Least Privilege A - ANSWER ________ is the authoritative entity which lists port assignments A. IANA B. ISSA C. Network Solutions D. Register.com E. InterNIC B - ANSWER Cable modems are less secure than DSL connections because cable modems are shared with other subscribers? A. True B. False D - ANSWER ____________ is a file system that was poorly designed and has numerous security flaws. A. NTS B. RPC C. TCP D. NFS E. None of the above Log files - ANSWER Trend Analysis involves analyzing historical ___________ files in order to look for patterns of abuse or misuse. D - ANSWER HTTP, FTP, SMTP reside at which layer of the OSI model? A. Layer 1 - Physical B. Layer 3 - Network C. Layer 4 - Transport D. Layer 7 - Application E. Layer 2 - Data Link D - ANSWER Layer 4 in the DoD model overlaps with which layer(s) of the OSI model?
A. Layer 7 - Application Layer B. Layers 2, 3, & 4 - Data Link, Network, and Transport Layers C. Layer 3 - Network Layer D. Layers 5, 6, & 7 - Session, Presentation, and Application Layers B - ANSWER A Security Reference Monitor relates to which DoD security standard? A. LC B. C C. D D. L2TP E. None of the items listed D - ANSWER The ability to identify and audit a user and his / her actions is known as ____________. A. Journaling B. Auditing C. Accessibility D. Accountability E. Forensics A,B,C - ANSWER There are 5 classes of IP addresses available, but only 3 classes are in common use today, identify the three: (Choose three) A. Class A: 1- 126 B. Class B: 128- 191 C. Class C: 192- 223 D. Class D: 224- 255 E. Class E: 0.0.0.0 - 127.0.0. B - ANSWER The ultimate goal of a computer forensics specialist is to ___________________. A. Testify in court as an expert witness B. Preserve electronic evidence and protect it from any alteration C. Protect the company's reputation D. Investigate the computer crime A - ANSWER One method that can reduce exposure to malicious code is to run applications as generic accounts with little or no privileges. A. True B. False
Risk assessment - ANSWER ______________ is a major component of an overall risk management program. Cryptanalysis - ANSWER An attempt to break an encryption algorithm is called _____________. C - ANSWER The act of intercepting the first message in a public key exchange and substituting a bogus key for the original key is an example of which style of attack? A. Spoofing B. Hijacking C. Man In The Middle D. Social Engineering E. Distributed Denial of Service (DDoS) Cramming - ANSWER If Big Texas telephone company suddenly started billing you for caller ID and call forwarding without your permission, this practice is referred to as __________________. Disable - ANSWER When an employee leaves the company, their network access account should be __________? 90 - ANSWER Passwords should be changed every ________ days at a minimum. 90 days is the recommended minimum, but some resources will tell you that 30-60 days is ideal. C - ANSWER IKE - Internet Key Exchange is often used in conjunction with what security standard? A. SSL B. OPSEC C. IPSEC D. Kerberos E. All of the above A - ANSWER Wiretapping is an example of a passive network attack? A. True B. False A,C,E - ANSWER What are some of the major differences of Qualitative vs. Quantitative methods of performing risk analysis? (Choose all that apply) A. Quantitative analysis uses numeric values B. Qualitative analysis uses numeric values C. Quantitative analysis is more time consuming
D. Qualitative analysis is more time consuming E. Quantitative analysis is based on Annualized Loss Expectancy (ALE) formulas F. Qualitative analysis is based on Annualized Loss Expectancy (ALE) formulas A - ANSWER Which of the concepts best describes Availability in relation to computer resources? A. Users can gain access to any resource upon request (assuming they have proper permissions) B. Users can make authorized changes to data C. Users can be assured that the data content has not been altered D. None of the concepts describes Availability properly E - ANSWER Which form of media is handled at the Physical Layer (Layer 1) of the OSI Reference Model? A. MAC B. L2TP C. SSL D. HTTP E. Ethernet E - ANSWER Instructions or code that executes on an end user's machine from a web browser is known as __________ code. A. Active X B. JavaScript C. Malware D. Windows Scripting E. Mobile B - ANSWER Is the person who is attempting to log on really who they say they are? What form of access control does this questions stem from? A. Authorization B. Authentication C. Kerberos D. Mandatory Access Control A,B,C - ANSWER Information Security policies should be __________________? (Choose all that apply) A. Written down B. ClearlyCommunicated to all system users
C. Audited and revised periodically D. None of the choices listed are correct A - ANSWER Which layer of the OSI model handles encryption? A. Presentation Layer - L B. Application Layer - L C. Session Layer - L D. Data Link Layer - L A - ANSWER EDI (Electronic Data Interchange) differs from e-Commerce in that ___________________. A. EDI involves only computer to computer transactions B. E-Commerce involves only computer to computer transactions C. EDI allows companies to take credit cards directly to consumers via the web D. None of the items listed accurately reflect the differences between EDI and e- Commerce Macro - ANSWER A type of virus that resides in a Word or Excel document is called a ___________ virus? C - ANSWER Vulnerability x Threat = RISK is an example of the _______________. A. Disaster Recovery Equation B. Threat Assessment C. Risk Equation D. Calculation of Annual Loss Expectancy B - ANSWER Only law enforcement personnel are qualified to do computer forensic investigations. A. True B. False A,B,C - ANSWER Countermeasures have three main objectives, what are they? (Choose all that apply) A. Prevent B. Recover C. Detect D. Trace E. Retaliate ISO - ANSWER ___________________ is responsible for creating security policies and for communicating those policies to system users.
D - ANSWER An intrusion detection system is an example of what type of countermeasure? A. Preventative B. Corrective C. Subjective D. Detective E. Postulative A - ANSWER So far, no one has been able to crack the IDEA algorithm with Brute Force. A. True B. False Confidentiality - ANSWER ______________ relates to the concept of protecting data from unauthorized users. B - ANSWER Which auditing practice relates to the controlling of hardware, software, firmware, and documentation to insure it has not been improperly modified? A. System Control B. Configuration Control C. Consequence Assessment D. Certification / Accreditation A - ANSWER MD5 is a ___________ algorithm A. One way hash B. 3DES C. 192 bit D. PKI A,B - ANSWER Which of the following is an example of One-Time Password technology? (Choose all that apply) A. S/Key B. OPIE C. LC D. MD C - ANSWER How often should virus definition downloads and system virus scans be completed?
A. Daily B. Monthly C. Weekly D. Yearly B - ANSWER S/MIME was developed for the protection of what communication mechanism(s)? A. Telephones B. Email C. Wireless devices D. Firewalls B - ANSWER Unclassified, Private, Confidential, Secret, Top Secret, and Internal Use Only are levels of
A. Security Classification B. Data Classification C. Object Classification D. Change Control Classification C - ANSWER Contracting with an insurance company to cover losses due to information security breaches is known as risk __________. A. Avoidance B. Reduction C. Assignment D. Acceptance C - ANSWER ______________ is a Unix security scanning tool developed at Texas A&M university. A. COPS B. SATAN C. TIGER D. AGGIE E. SNIFFER Environmental - ANSWER Security incidents fall into a number of categories such as accidental, deliberate, and ____________. A - ANSWER Decentralized access control allows ______________________.
A. File owners to determine access rights B. Help Desk personnel to determine access rights C. IT personnel to determine access rights D. Security Officers to determine access rights E. Security Officers to delegate authority to other users Data Hiding - ANSWER Intentionally embedding secret data into a picture or some form of media is known as Steganographyor data ___________. F - ANSWER From a security standpoint, the product development life cycle consists of which of the following? A. Code Review B. Certification C. Accreditation D. Functional Design Review E. System Test Review F. All of the items listed B - ANSWER Only key members of the staff need to be educated in disaster recovery procedures. A. True B. False B - ANSWER A virus is considered to be "in the ______ " if it has been reported as replicating and causing harm to computers. A. Zoo B. Wild C. Cage D. Jungle E. Fire A - ANSWER ____________ is used in mission critical systems and applications to lock down information based on sensitivity levels (Confidential, Top Secret, etc.. A. MAC - Mandatory Access Control B. DAC - Discretionary Access Control C. SAC - Strategic Access Control D. LAC - Limited Access Control
E - ANSWER ___________________ viruses change the code order of the strain each time they replicate to another machine. A. Malicious B. Zenomorphic C. Worm D. Super E. Polymorphic D - ANSWER Which major vendor adopted TACACS into its product line as a form of AAA architecture? A. Microsoft B. Dell C. Sun D. Cisco E. All of the above A,B,C - ANSWER Name three types of firewalls __________, _______________, and
(Choose three) A. Packet Filtering B. Application Proxy C. Stateful Inspection D. Microsoft Proxy E. SonicWall F. Raptor Firewall D - ANSWER This free (for personal use) program is used to encrypt and decrypt emails. A. SHA- 1 B. MD C. DES D. PGP E. 3DES F. None of the above B - ANSWER __________ attacks capitalize on programming errors and can allow the originator to gain additional privileges on a machine. A. SYN Flood B. Buffer Overflow
C. Denial of Service D. Coordinated E. Distributed Denial of Service C D - ANSWER A good password policy uses which of the following guidelines? (Choose all that apply) A. Passwords should contain some form of your name oruserid B. Passwords should always use words that can be found in a dictionary C. Passwords should be audited on a regular basis D. Passwords should never be shared or written down B - ANSWER What is the main goal of a risk management program? A. To develop a disaster recovery plan B. To help managers find the correct cost balance between risks and countermeasures C. To evaluate appropriate risk mitigation scenarios D. To calculate ALE formulas E. None of the above B - ANSWER The __________ is the most dangerous part of a virus program. A. Code B. Payload C. Strain D. Trojan E. None of the above B - ANSWER A one way hash converts a string of random length into a _______________ encrypted string. A. 192 bit B. fixed length C. random length D. 56 bit E. SHA F. MD C - ANSWER Although it is considered a low tech attack ____________ is still a very effective way of gaining unauthorized access to network systems. A. Sniffing B. Eavesdropping C. Social Engineering D. Shoulder Surfing
E. None of the items are correct B - ANSWER Diffie Hellman, RSA, and ___________ are all examples of Public Key cryptography? A. SSL - Secure Sockets Layer B. DSS - Digital Signature Standard C. Blowfish D. AES - Advanced Encryption Standard B - ANSWER ___________, generally considered "need to know" access is given based on permissions granted to the user. A. MAC - Mandatory Access Control B. DAC - Discretionary Access Control C. SAC - Strategic Access Control D. LAC - Limited Access Control B C D - ANSWER What are the main goals of an information security program? (Choose all that apply) A. Complete Security B. Confidentiality C. Availability D. Integrity of data E. Ease of Use B - ANSWER The ability to adjust access control to the exact amount of permission necessary is called ______________. A. Detection B. Granularity C. Separation of Duties D. Concept of Least Privilege C - ANSWER Which one of these formulas is used in Quantitative risk analysis? A. SLO - Single Loss Occurrence B. ARE - Annual Rate of Exposure C. SLE - Single Loss Expectancy D. ALO - Annual Loss Occurrence Answer: C A - ANSWER Integrity = ______________
A. Data being delivered from the source to the intended receiver without being altered B. Protection of data from unauthorized users C. Data being kept correct and current D. Ability to access data when requested E. All answers are correct A - ANSWER A true network security audit does include an audit for modems? A. True B. False A B - ANSWER What is the main difference between a logic bomb and a stealth virus? (Choose all that apply) A. Stealth viruses supply AV engines with false information to avoid detection B. Stealth viruses live in memory while logic bombs are written to disk C. Stealth viruses "wake up" at a pre-specified time in the code, then execute payload D. Logic Bombs supply AV engines with false information to avoid detection D - ANSWER What is the minimum recommended length of a security policy? A. 200 pages B. 5 pages C. 1 page D. There is no minimum length - the policy length should support the business needs B - ANSWER There are ______ available service ports A. 65535 B. 65536 C. 1024 D. 1- 1024 E. Unlimited B - ANSWER Each of the following is a valid step in handling incidents except
A. Contain B. Prosecute C. Recover D. Review E. Identify F. Prepare
Certificate - ANSWER A ______________ is an electronically generated record that ties a user's ID to their public key. C - ANSWER Which of the following is NOT and encryption algorithm? A. DES B. 3DES C. SSL D. MD E. SHA- 1 B - ANSWER Which range defines "well known ports?" A. 0- 1024 B. 0- 1023 C. 1- 1024 D. 1024- 49151 B - ANSWER What does RADIUS stand for? A. Remote Access Dialup User Systems B. Remote Access Dial-in User Service C. Revoke Access Deny User Service D. Roaming Access Dial-in User System A - ANSWER In the past, many companies had been hesitant to report computer crimes. A. True B. False C - ANSWER If you the text listed below at the beginning or end of an email message, what would it be anindication of? mQGiBDfJY1ERBADd1lBX8WlbSHj2uDt6YbMVl4Da3O1yG0exQnEwU3sKQARzspNB zB2BF+ngFiy1+RSfDjfbpwz6vLHo6zQZkT2vKOfDu1e4/LqiuOLpd/6rOrmH/Mvk A. A virus B. A worm C. A PGP Signed message D. A software error A - ANSWER Although they are accused of being one in the same, hackers and crackers are two distinctly different groups with different goals pertaining to computers.
A. True B. False A C D - ANSWER Select three ways to deal with risk. A. Acceptance B. Avoid / Eliminate C. Transfer D. Mitigate E. Deny C - ANSWER Digital Certificates use which protocol? A. X.400 B. X.500 C. X.509 D. X.511 E. X.525 F. None of the above B - ANSWER A. L2TP B. LDAP C. L2F D. PPTP encrypting, depcrypting - ANSWER Public keys are used for ___________ messages and private keys are used for __________ messages. B - ANSWER In a Public Key Infrastructure (PKI), what is the role of a directory server? A. To issue certificates to users B. To make user certificates available to others C. Authorizes CA servers to issue certificates to users D. Is the root authority for thePKI D - ANSWER RSA has all of the following characteristics except? A. Can produce a digital signature B. Relies on large prime number factoring C. Uses third party key distribution centers D. Is based on a symmetric algorithm C - ANSWER What distinguishes a hacker / cracker from a phreak? A. Hackers and crackers specifically target telephone networks
B. Phreaks specifically target data networks C. Phreaks specifically target telephone networks D. Phreaks cause harm, hackers and crackers do not C - ANSWER Identifying specific attempts to penetrate systems is the function of the _______________. A. Firewall B. Router C. Intrusion Detection System D. Vulnerability Scanner E. CERT - Computer Emergency Response Team A – ANSWER