Chapter 5 CGS 3300 test bank

Unlock all answers in this set

Unlock answers
question
1. Phishing is different from pharming as phishing usually involves hijacking an official Web site address by hacking a Domain Name System server.
answer
False: Feedback: The difference between phishing and pharming is that pharmers usually hijack an official Web site address by hacking a Domain Name System server, then alter the legitimate Web site IP address so that users who enter the correct Web address are directed to the pharmers's fraudulent Web site.
question
2. Spoofing is sending fraudulent e-mails that seem to come from legitimate sources, such as a bank or university.
answer
False: Feedback: Phishing is sending fraudulent e-mails that seem to come from legitimate sources, such as a bank or university. Spoofing is an attempt to gain access to a network by posing as an authorized user in order to find sensitive information, such as passwords and credit card information.
question
3. Keystroke loggers can be used for malicious purposes, such as collecting the credit card numbers that users enter while shopping online.
answer
True: Feedback: Keystroke loggers can be used for malicious purposes, such as collecting the credit card numbers that users enter while shopping online.
question
4. Confidentiality, integrity, and availability are collectively referred to as the CIA triangle.
answer
True: Feedback: There are three important aspects of computer and network security: confidentiality, integrity, and availability, collectively referred to as the CIA triangle.
question
5. Part of ensuring integrity is identifying authorized users and granting them access privileges.
answer
True: Feedback: Part of ensuring integrity is identifying authorized users and granting them access privileges.
question
6. Level 1 security protects the back-end systems to ensure confidentiality, accuracy, and integrity of data.
answer
False: Feedback: Level 2 security protects the back-end systems to ensure confidentiality, accuracy, and integrity of data. Level 1 security protects front-end servers.
question
7. If a drive in a redundant array of independent disks (RAID) system fails, data stored on it can be reconstructed from data stored on the remaining drives.
answer
True: Feedback: If a drive in a redundant array of independent disks (RAID) system fails, data stored on it can be reconstructed from data stored on the remaining drives. RAID systems vary in cost, performance, and reliability.
question
8. When using mirror disks, if one of the two disks containing the same data fails, the other disk also fails.
answer
False: Feedback: When using mirror disks, if one of the two disks containing the same data fails, the other is available, allowing operations to continue.9. Social engineering is an example of an unintentional security threat.
question
9. Social engineering is an example of an unintentional security threat.
answer
False: Feedback: Social engineering is an example of an intentional security threat.
question
10. When a program containing a virus is used, the virus attaches itself to other files, and the cycle continues.
answer
True: Feedback: When a program or operating system containing a virus is used, the virus attaches itself to other files, and the cycle continues.
question
11. Viruses can only be transmitted through sharing of infected files directly from one computer to another.
answer
False: Feedback: Viruses can be transmitted through a network or through e-mail attachments.
question
12. Trojan programs replicate themselves as viruses and worms do.
answer
False: Feedback: Trojan programs can erase data and wreak havoc on computers and networks, but they do not replicate themselves, as viruses and worms do.
question
13. A distributed denial-of-service (DDoS) attack involves hundreds of computers working together to bombard a Web site with thousands of requests for information in a short period.
answer
True: Feedback: A distributed denial-of-service (DDoS) attack occurs when hundreds or thousands of computers work together to bombard a Web site with thousands of requests for information in a short period, causing it to grind to a halt.
question
14. Social engineering is an attack that takes advantage of the backdoors in security systems.
answer
False: Feedback: In the context of security, social engineering means using \"people skills\"—such as being a good listener and assuming a friendly, unthreatening air—to trick others into revealing private information. This is an attack that takes advantage of the human element of security systems.
question
15. In the context of security, social engineering protects the integrity of information resources.
answer
False: Feedback: Social engineers use the private information they have gathered to break into servers and networks and steal data, thus compromising the integrity of information resources.
question
16. Hand geometry is an example of a biometric security measure.
answer
True: Feedback: Hand geometry is an example of a biometric security measure.
question
17. After examining an incoming packet, a firewall cannot reject that packet.
answer
False: Feedback: Information being transmitted is stored in what's called a packet, and after examining a packet, a firewall can reject the incoming packet.
question
18. Application-filtering firewalls are less expensive than packet-filtering firewalls.
answer
False: Feedback: Application-filtering firewalls are generally more secure and flexible than packet-filtering firewalls, but they are also more expensive.
question
19. A proxy server is often used to help protect the network against unauthorized access from outside the network by hiding the network addresses of internal systems.
answer
True: Feedback: A proxy server is often used to help protect the network against unauthorized access from outside the network by hiding the network addresses of internal systems.
question
20. An intrusion detection system (IDS) can protect networks against both external and internal access.
answer
True: Feedback: An intrusion detection system (IDS) can protect against both external and internal access.
question
21. An intrusion detection system (IDS) cannot prevent denial-of-service (DoS) attacks.
answer
False: Feedback: An intrusion detection system (IDS) can prevent denial-of-service (DoS) attacks. It monitors network traffic and uses the \"prevent, detect, and react\" approach to security.
question
22. Corner bolts are an expensive way to secure a computer to a desktop or a counter.
answer
False: Feedback: Corner bolts are an inexpensive way to secure a computer to a desktop or counter. These often have locks as an additional protection against theft.
question
23. Terminal resource security is a software feature that erases the screen and signs the user off automatically after a specified length of inactivity.
answer
True: Feedback: Terminal resource security is a software feature that erases the screen and signs the user off automatically after a specified length of inactivity.
question
24. An ideal password should be eight characters or longer.
answer
True: Feedback: To increase the effectiveness of passwords, they should be made eight characters or longer.
question
25. The cost of setting up a virtual private network (VPN) is usually high.
answer
False: Feedback: The cost of setting up a virtual private network (VPN) is usually low, but transmission speeds can be slow, and lack of standardization can be a problem.
question
26. Data encryption transforms data into a scrambled form called ciphertext.
answer
True: Feedback: Data encryption transforms data, called plaintext or cleartext, into a scrambled form called ciphertext that cannot be read by others.
question
27. The main advantage of asymmetric encryption is that it is faster and requires only a small amount of processing power.
answer
False: Feedback: The main drawback of asymmetric encryption is that it is slower and requires a large amount of processing power.
question
28. Symmetric encryption is also called public key encryption.
answer
False: Feedback: Asymmetric encryption is also called public key encryption. Symmetric encryption is also called secret key encryption.
question
29. In symmetric encryption, the same key is used to encrypt and decrypt a message.
answer
True: Feedback: In symmetric encryption, the same key is used to encrypt and decrypt a message. The sender and receiver must agree on the key and keep it secret.
question
30. Backup facilities should never be shared in an attempt to reduce costs.
answer
False: Feedback: Backup facilities can be shared to reduce costs.
question
1. _____ can interfere with users' control of their computers, through such methods as installing additional software and redirecting Web browsers. a. Kernels c. Cookies b. Spyware d. Log files
answer
B: Feedback: Spyware can interfere with users' control of their computers, through such methods as installing additional software and redirecting Web browsers.
question
2. _____ is the process of capturing and recording network traffic. a. Sniffing c. Spoofing b. Phishing d. Pharming
answer
A: Feedback: Sniffing is capturing and recording network traffic. Although it can be done for legitimate reasons, such as monitoring network performance, hackers often use it to intercept information.
question
3. Similar to phishing, _____ is directing Internet users to fraudulent Web sites with the intention of stealing their personal information, such as Social Security numbers, passwords, bank account numbers, and credit card numbers. a. sniffing c. pharming b. spoofing d. cybersquatting
answer
C: Feedback: Pharming is similar to phishing in that Internet users are directed to fraudulent Web sites with the intention of stealing their personal information, such as Social Security numbers, passwords, bank account numbers, and credit card numbers.
question
4. _____ is a computer crime that involves destroying or disrupting computer services. a. Sabotage c. Libel b. Slander d. Keystroke logging
answer
A: Feedback: Sabotage is a computer crime that involves destroying or disrupting computer services. Computer criminals change, delete, hide, or use computer files for personal gain.
question
5. In the context of computer and network security, _____ means that a system must not allow the disclosing of information by anyone who is not authorized to access it.
answer
B: Feedback: Confidentiality means that a system must not allow the disclosing of information by anyone who is not authorized to access it.
question
6. In the context of computer and network security, _____ refers to the accuracy of information resources within an organization. a. validity c. integrity b. confidentiality d. availability
answer
C: Feedback: Integrity refers to the accuracy of information resources within an organization. In other words, the security system must not allow data to be corrupted or allow unauthorized changes to a corporate database.
question
7. In the context of computer and network security, _____ means that computers and networks are operating and authorized users can access the information they need. a. validity c. integrity b. confidentiality d. availability
answer
D: Feedback: Availability means that computers and networks are operating and authorized users can access the information they need. It also means a quick recovery in the event of a system failure or disaster.
question
8. A level 1 security system is used to protect _____ against unauthorized access. a. users' work stations c. internal database servers b. corporate networks d. front-end servers
answer
D: Feedback: In level 1 security, front-end servers, those available to both internal and external users, must be protected against unauthorized access. Typically, these systems are e-mail and Web servers.
question
9. A level 2 security system protects _____. a. back-end systems c. Web servers b. corporate networks d. e-mail servers
answer
A: Feedback: In level 2 security, back-end systems (such as users' workstations and internal database servers) must be protected to ensure confidentiality, accuracy, and integrity of data.
question
10. A level 3 security system focuses on protecting _____. a. back-end systems c. users' work stations b. corporate networks d. front-end servers
answer
B: Feedback: In level 3 security, the corporate network must be protected against intrusion, denial-of-service attacks, and unauthorized access.
question
11. Which of the following is considered an intentional security threat? a. Floods c. Backdoors b. A user's accidental deletion of data d. Power outages
answer
C: Feedback: Backdoors are considered an intentional security threat.
question
12. A (n) _____ travels from computer to computer in a network, but it does not usually erase data. a. Trojan program c. applet b. worm d. backdoor
answer
B: Feedback: A worm travels from computer to computer in a network, but it does not usually erase data.
question
13. A logic bomb is a type of _____. a. Trojan program c. blended threat b. worm d. backdoor
answer
A: Feedback: A logic bomb is a type of Trojan program used to release a virus, worm, or other destructive code.
question
14. A _____ is a programming routine built into a system by its designer or programmer. a. logic bomb c. virus b. worm d. backdoor
answer
A: Feedback: A backdoor (also called a trapdoor) is a programming routine built into a system by its designer or programmer. This routine enables the designer or programmer to bypass system security and sneak back into the system later to access programs or files.
question
15. A _____ attack floods a network or server with service requests to prevent legitimate users' access to the system. a. social engineering c. backdoor b. denial-of-service d. phishing
answer
B: Feedback: A denial-of-service (DoS) attack floods a network or server with service requests to prevent legitimate users' access to the system.
question
17. _____ take advantage of the human element of security systems. a. Denial-of-service attacks c. Blended threats b. Trojan programs d. Social engineering attacks
answer
D: Feedback: In the context of security, social engineering means using \"people skills\"—such as being a good listener and assuming a friendly, unthreatening air—to trick others into revealing private information. Social engineering attacks take advantage of the human element of security systems.
question
18. _____ use a physiological element to enhance security measures. a. Modems c. Intrusion detection systems b. Firewalls d. Biometric security measures
answer
D: Feedback: Biometric security measures use a physiological element that is unique to a person and cannot be stolen, lost, copied, or passed on to others.
question
19. Which of the following is a biometric security measure? a. Electronic trackers c. Firewalls b. Passwords d. Signature analysis
answer
D: Feedback: Signature analysis is a biometric security measure. It involves checking the user's signature as well as deviations in pen pressure, speed, and length of time used to sign the name.
question
20. Which of the following is a nonbiometric security measure?
answer
C: Feedback: The three main nonbiometric security measures are callback modems, firewalls, and intrusion
question
21. A _____ is the software that acts as an intermediary between two systems. a. database c. proxy server b. backdoor d. Trojan program
answer
C: Feedback: A proxy server is the software that acts as an intermediary between two systems—between network users and the Internet, for example.
question
22. _____ are usually placed in front of a firewall and can identify attack signatures and trace patterns. a. Intrusion detection systems c. Physical security measures b. Proxy servers d. Biometric security measures
answer
A: Feedback: An intrusion detection system (IDS) can protect against both external and internal access. It is usually placed in front of a firewall and can identify attack signatures, trace patterns, generate alarms for the network administrator, and cause routers to terminate connections with suspicious sources.
question
23. _____ security measures primarily control access to computers and networks, and they include devices for securing computers and peripherals from theft. a. Nonbiometric c. Biometric b. Physiological d. Physical
answer
D: Feedback: Physical security measures primarily control access to computers and networks, and they include devices for securing computers and peripherals from theft.
question
24. Which of the following is a physical security measure? a. Fitting electronic trackers to a computer c. Filtering data packets using a firewall b. Restricting access through passwords d. Checking a user's signature
answer
A: Feedback: Electronic trackers are a physical security measure. These devices are secured to a computer at the power outlet. If the power cord is disconnected, a transmitter sends a message to an alarm that goes off or to a camera that records what happens.
question
25. Which of the following is a type of access control used to protect systems from unauthorized access? a. Steel encasements c. Firewalls b. Passwords d. Identification badges
answer
B: Feedback: The two widely used access controls are terminal resource security and passwords.
question
26. A(n) _____ is often used, so remote users have a secure connection to an organization's network. a. biometric security system c. virtual private network b. intrusion detection system d. terminal resource network
answer
C: Feedback: A virtual private network (VPN) provides a secure tunnel through the Internet for transmitting messages and data via a private network. It is often used so remote users have a secure connection to the organization's network.
question
27. Data sent through a virtual private network (VPN) can be encrypted using the _____ protocol. a. User Datagram c. Secured Sockets layer b. Transmission Control d. Layer Two Tunneling
answer
D: Feedback: Data is encrypted before it is sent through the virtual private network (VPN) with a protocol, such as Layer Two Tunneling Protocol (L2TP) or Internet Protocol Security (IPSec).
question
28. Which of the following forms of text used in an encryption algorithm is unreadable without a decryption key? a. Plaintext c. Codetext b. Cleartext d. Ciphertext
answer
D: Feedback: Data encryption transforms data, called plaintext or cleartext, into a scrambled form called ciphertext that cannot be read by others. The receiver then unscrambles the data by using a decryption key.
question
29. _____ is a commonly used encryption protocol that manages transmission security on the Internet. a. Applications Layer c. Transmission Control Protocol b. Secure Sockets Layer d. User Datagram Protocol
answer
B: Feedback: A commonly used encryption protocol is Secure Sockets layer (SSL), which manages transmission security on the Internet.
question
30. _____ ensures data security and integrity over public networks, such as the Internet. a. Transport Layer Security c. Transmission Control Protocol b. Terminal Resource Security d. User Datagram Protocol
answer
A: Feedback: Transport Layer Security (TLS) is a recent cryptographic protocol, which ensures data security and integrity over public networks, such as the Internet.
question
31. _____ encryption uses a public key known to everyone and a private key known only to the recipient. a. Symmetric c. Synchronous b. Asymmetric d. Asynchronous
answer
B: Feedback: Asymmetric encryption uses two keys: a public key known to everyone and a private or secret key known only to the recipient.
question
32. A(n) _____ encryption usually works better for public networks, such as the Internet. a. symmetric c. synchronous b. asymmetric d. asynchronous
answer
B: Feedback: Asymmetric encryption usually works better for public networks, such as the Internet. Each company conducting transactions or sending messages gets a private key and a public key; a company keeps its private key and publishes its public key for others to use.
question
33. In _____ encryption, the same key is used to encrypt and decrypt a message. a. symmetric c. synchronous b. asymmetric d. asynchronous
answer
A: Feedback: In symmetric encryption (also called secret key encryption), the same key is used to encrypt and decrypt a message.
question
34. The main function of Cyber Incident Response Capability (CIRT) is to: a. provide level 1 security. c. provide information on security incidents. b. restrict access controls to unauthorized personnel. d. create backdoors to bypass security protocols.
answer
C: Feedback: Cyber Incident Response Capability's (CIRC's) main function is to provide information on security incidents, including information systems' vulnerabilities, viruses, and malicious programs.
question
35. _____ outlines procedures for keeping an organization operational in the event of a natural disaster or a network attack or intrusion. a. Social engineering c. An intrusion detection system b. Business continuity planning d. Terminal resource security
answer
B: Feedback: To lessen the effects of a natural disaster or a network attack or intrusion, planning the recovery is important. This should include business continuity planning, which outlines procedures for keeping an organization operational.
question
36. A _____ plan lists the tasks that must be performed to restore damaged data and equipment. a. risk assessment c. disaster recovery b. systems engineering d. security compliance
answer
C: Feedback: A disaster recovery plan lists the tasks that must be performed to restore damaged data and equipment as well as steps to prepare for disaster.
question
1. _____ is software that secretly gathers information about users while they browse the Web.
answer
Spyware
question
2. _____ is a form of spyware that collects information about a user (without the user's consent) to determine which advertisements to display in the user's Web browser.
answer
Adware
question
3. _____ is sending fraudulent e-mails that seem to come from legitimate sources, such as a bank or university.
answer
Phishing
question
4. _____ is an attempt to gain access to a network by posing as an authorized user in order to find sensitive information, such as passwords and credit card information.
answer
Spoofing
question
5. _____ monitor and record the keys pressed on a keyboard and can be software or hardware devices.
answer
Keystroke loggers
question
6. _____ is the unauthorized use of computer data for personal gain, such as transferring money from another's account or charging purchases to someone else's account.
answer
Computer fraud
question
7. When planning a comprehensive security system, the first step is designing _____, which use a combination of hardware and software for improving reliability—a way of ensuring availability in case of a system failure.
answer
Fault-tolerant systems
question
8. A(n) _____ consists of self-propagating program code that is triggered by a specified time or event.
answer
Virus
question
9. _____ are independent programs that can spread themselves without having to be attached to a host program.
answer
Worms
question
10. A(n) _____ contains code intended to disrupt a computer, network, or Web site, and it is usually hidden inside a popular program.
answer
Trojan Program
question
11. A(n) _____ is a security threat that combines the characteristics of computer viruses, worms, and other malicious codes with vulnerabilities found on public and private networks.
answer
Blended Threat
question
12. In the context of security, _____ means using \"people skills\"—such as being a good listener and assuming a friendly, unthreatening air—to trick others into revealing private information.
answer
Social engineering
question
13. The _____ biometric security measure translates words into digital patterns, which are recorded and examined for tone and pitch.
answer
Voice Recognition
question
14. A(n) _____ is a combination of hardware and software that acts as a filter or barrier between a private network and external computers or networks.
answer
Firewall
question
15. _____ is a software feature that erases the screen and signs the user off automatically after a specified length of inactivity.
answer
Terminal resource security
question
1. What is the McCumber cube?
answer
Answer: The Committee on National Security Systems (CNSS) proposed a model called the \"McCumber cube.\" John McCumber created this framework for evaluating information security. Represented as a three-dimensional cube, it defines nine characteristics of information security, which are transaction, storage, processing, confidentiality, integrity, availability, human factors, policy and practices, and technology.
question
2. Explain the concept of mirror disks.
answer
Answer: Mirror disks are a fault-tolerant method that uses two disks containing the same data so that if one fails, the other is available, allowing operations to continue. Mirror disks are usually a less expensive, level-1 redundant array of independent disks (RAID) system and can be a suitable solution for small organizations.
question
3. List nine types of intentional computer and network threats.
answer
Answer: Intentional computer and network threats include: a. Viruses b. Worms c. Trojan programs d. Logic bombs e. Backdoors f. Blended threats (e.g., a worm launched by Trojan) g. Rootkits h. Denial-of-service attacks i. Social engineering
question
4. How does a worm disrupt computing services?
answer
Answer: A worm might corrupt data, but it usually replicates itself into a full-blown version that eats up computing resources, eventually bringing a computer or network to a halt.
question
5. Describe how blended threats work.
answer
Answer: Blended threats search for vulnerabilities in computer networks and then take advantage of these vulnerabilities by embedding malicious codes in the server's HTML files or by sending unauthorized e-mails from compromised servers with a worm attachment. They may launch a worm through a Trojan horse or launch a denial-of-service (DoS) attack at a targeted IP address. Their goal is not just to start and transmit an attack but to spread it.
question
6. What is shoulder surfing? Provide an example.
answer
Answer: Shoulder surfing—in other words, looking over someone's shoulder—is the easiest form of collecting information. Social engineers use this technique to observe an employee entering a password or a person entering a PIN at the cash register, for example.
question
7. Describe the process of vein analysis in biometric security measures.
answer
Answer: The vein analysis method analyzes the pattern of veins in the wrist and back of the hand without making any direct contact with the veins.
question
8. Explain the use of callback modems as a nonbiometric security measure.
answer
Answer: Callback modems verify whether a user's access is valid by logging the user off and then calling the user back at a predetermined number. They are useful in organizations with many employees who work off-site and who need to connect to the network from remote locations.
question
9. What are the actions that a firewall might take after examining a packet?
answer
Answer: After examining a packet, a firewall can take one of the following actions: a. Reject the incoming packet. b. Send a warning to the network administrator. c. Send a message to the packet's sender that the attempt failed. d. Allow the packet to enter (or leave) the private network.
question
10. How is a sender notified of packet delivery using a packet-filtering firewall?
answer
Answer: A packet-filtering firewall informs senders if packets are rejected but does nothing if packets are dropped; senders have to wait until their requests time out to learn that the packets they sent were not received.
question
11. What is an intrusion detection system (IDS)?
answer
Answer: An intrusion detection system (IDS) can protect against both external and internal access. It is usually placed in front of a firewall and can identify attack signatures, trace patterns, generate alarms for the network administrator, and cause routers to terminate connections with suspicious sources.
question
12. How are identification (ID) badges used as a physical security measure against thefts?
answer
Answer: ID badges are checked against a list of authorized personnel, which must be updated regularly to reflect changes in personnel.
question
13. What is the function of a virtual private network (VPN)?
answer
Answer: A VPN provides a secure \"tunnel\" through the Internet for transmitting messages and data via a private network. It is often used so remote users have a secure connection to the organization's network.
question
14. What is data encryption?
answer
Answer: Data encryption transforms data, called plaintext or cleartext, into a scrambled form called ciphertext that cannot be read by others. The rules for encryption, known as the encryption algorithm, determine how simple or complex the transformation process should be. The receiver then unscrambles the data by using a decryption key.
question
15. What are the functions of a computer emergency response team (CERT)?
answer
Answer: Currently, CERT focuses on security breaches and DoS attacks and offers guidelines on handling and preventing these incidents. CERT also conducts a public awareness campaign and researches Internet security vulnerabilities and ways to improve security systems.
Get an explanation on any task
Get unstuck with the help of our AI assistant in seconds
New