Computer Security 4,5,10 – Flashcards
Unlock all answers in this set
Unlock answersquestion
Most portable devices, and some computer monitors, have a special steel bracket security slot built into the case, which can be used in conjunction with a:
answer
cable lock
question
An independently rotating large cup affixed to the top of a fence prevents the hands of intruders from gripping the top of a fence to climb over it. What is the name for this technology?
answer
roller barrier
question
Anti-virus products typically utilize what type of virus scanning analysis??
answer
static analysis
question
A spiked collar that extends horizontally for up to 3 feet from the pole is an example of what kind of technology?
answer
anti climb
question
Proximity readers utilize a special type of tag that can be affixed to the inside of an ID badge. What is the name for this type of tag?
answer
Radio Frequency Identification tag (RFID)
question
Describe a mantrap.
answer
a mantrap monitors and controls interlocking doors to a small room. When in operation, only one door is able to be open at anytime. They are used at high-security areas where only authorized persons are allowed to enter, such as sensitive data processing rooms, cash handling areas, and research laboratories.
question
How does an RFID tag embedded into an ID badge function without a power supply?
answer
a tiny electrical current induced in the antenna by the incoming signal from the transceiver provides enough power for the tag to send a response.
question
What is the name for a standard or checklist against which systems can be evaluated and audited for their level of security (security posture)?
answer
baseline
question
What type of video surveillance is typically used by banks, casinos, airports, and military installations, and commonly employs guards who actively monitor the surveillance?
answer
CCTV
question
What is the name for a cumulative package of all patches and hotfixes as well as additional features up to a given point?
answer
service pack
question
Which of the following is not one of the types of settings that would be included in a Microsoft Windows security template?
answer
Resolution settings
question
A(n) ____________________ is a record or list of individuals who have permission to enter a secure area, the time that they entered, and the time they left the area.
answer
access list
question
How does DLP index matching work?
answer
Documents that have been identified as needing protection, such as the program source code for a new software application, are analyzed by the DLP system and complex computations are conducted based on the analysis. Thereafter, if even a small part of that document is leaked, the DLP system can recognize the snippet as being from a protected document.
question
?What type of filtering utilizes a an analysis of the content of spam messages in comparison to neutral / non-spam messages in order to make intelligent decisions as to what should be considered spam?
answer
?Bayesian filtering
question
How can an area be made secure from a non-secured area via two interlocking doors to a small room?
answer
using a mantrap
question
Cipher locks are sometimes combined with what type of sensor, which uses infrared beams that are aimed across a doorway?
answer
tailgate sensors
question
Subtypes of security controls, classified as deterrent, preventive, detective, compensation, or corrective.?
answer
activity phase controls
question
?A paper or electronic record of individuals who have permission to enter a secure area, the time that they entered, and the time they left the area
answer
access list
question
Spam filtering software that analyzes every word in an email and determines how frequently a word occurs in order to determine if it is spam.?
answer
bayesian filtering
question
?A software testing technique that deliberately provides invalid, unexpected, or random data as inputs to a computer program.
answer
FUZZ testing
question
?An attack that uses the user's web browser settings to impersonate the user
answer
cross-site request forgery (XSRF)
question
?An operating system for Google Android smartphones and other devices.
answer
android
question
?A nonrelational database that is better tuned for accessing large data sets.
answer
noSQL
question
?Large-scale, industrial control systems.
answer
supervisory control and data acquisition (SCADA)
question
A structure designed to block the passage of traffic?
answer
barricade
question
A mobile operating system for Apple iPhones?
answer
iOS
question
What are the five steps that can be used to ensure the security of an OS??
answer
1. Develop the security policy 2. Perform host software baselining 3. Configure operating system security setting 4. Deploy and manage security settings 5. Implement patch management
question
Most DLP systems make use of what method of security analysis below?
answer
content inspection
question
How does an RFID tag embedded into an ID badge function without a power supply??
answer
a tiny electrical current induced in the antenna by the incoming signal from the transceiver provides enough power for the tag to send a response.
question
What type of device, sometimes called a packet filter, is designed to prevent malicious network packets from entering or leaving computers or networks?
answer
firewall
question
A _____________ is a document or series of documents that clearly defines the defense mechanisms an organization will employ in order to keep information secure.?
answer
security policy
question
What are the three states of data that DLP typically examines?
answer
1. Data in-use 2. Data in-transit 3. Data at-rest
question
What can be a time consuming drawback to the use of traditional ID badges? How can this issue be avoided?
answer
When you are trying to verify hundreds or thousands of users at a time, swiping or scanning ID badges can result in a bottleneck. To avoid this we use RFID tags so when the user walks through a turnstile with a badge, it can be read by an RFID proximity reader.
question
Explain how tailgate sensors work.
answer
tailgate sensors are used with cipher locks. They use multiple infrared beams that are aimed across a doorway and positioned so that as a person walks through a doorway, some beams are activated; other beams are then activated a fraction of a second later. The beams are monitored and can determine which the direction the person is walking along with how many people are walking through.
question
What is the maximum effective range of a typical passive RFID tag?
answer
19
question
Keyed entry locks are much more difficult to defeat than deadbolt locks.
answer
false
question
DLP agent sensors are installed on each host device, and monitor for actions such as printing, copying to a USB flash drive, and burning to a CD or DVD.
answer
true
question
Instead of using a key or entering a code to open a door, a user can use an object, such as an ID badge, to identify themselves in order to gain access to a secure area. What term describes this type of object?
answer
physical token
question
Securing the host involves protecting the physical device itself, securing the operating system software on the system, using security-based software applications, and monitoring logs.
answer
true
question
What is the best way to prevent data input by a user from having potentially malicious effects on software??
answer
...
question
Select the tool below that consists of a system of security tools that is used to recognize and identify data that is critical to an organization and ensure that it is protected:
answer
data loss prevention
question
Combination padlocks consist of buttons that must be pushed in the proper sequence in order to be unlocked.
answer
false
question
What is the difference between deterrent controls and preventive controls??
answer
deterrent controls attempt to discourage security violations before they occur. preventive controls attempts to prevent the threat from coming into contact with the vulnerability.
question
A system such as a printer, smart TV, or HVAC controller, typically uses an operating system on what is called a:
answer
embedded system
question
Describe how a DLP can be configured.
answer
A DLP can be configured to look for specific data (such as Social Security and credit card numbers), lines of computer software source code, words in a sequence (to prevent a report from leaving the network), maximum file sizes, and file types.
question
Instead of trying to make a match, modern AV techniques are beginning to use a type of detection that attempts to identify the characteristics of a virus. What is the name for this technique?
answer
heuristic detection
question
How can cable conduits that run between two secure areas be protected?
answer
It can be protected using a protected distribution system.
question
DLP agent sensors are unable to read inside compressed files and binary files.?
answer
false
question
A(n) ____________________ is a method used by operating systems to store, retrieve, and organize files.
answer
file system
question
On what principle did Julius Caesar's cyptographic messages function?
answer
Each alphabetic letter was shifted three places down in the alphabet
question
In cryptography, which of the five basic protections ensures that the information is correct and no unauthorized person or malicious software has altered that data?
answer
Integrity
question
Discuss how cryptography can help ensure the availability of the data.
answer
Instead of storing an important file on a hard drive that is locked in a safe to prevent unauthorized access, an encrypted file can be immediately available from a central file server to authorized individuals who have been given the key.
question
Describe hard disk drive encryption.
answer
Self-encrypting hard disk drives (HDDs) can protect all files stored on them. When the computer or other device with a self-encrypting HDD is initially powered up, the drive and the host device perform an authentication process. If the authentication process fails, the drive can be configured to simply deny any access to the drive or even perform a "cryptographic erase" on specified blocks of data (a cryptographic erase deletes the decryption keys so that all data is permanently encrypted and unreadable). This also makes it impossible to install the drive on another computer to read its contents.
question
A block cipher works on a single character at a time, and is faster than a stream cipher.
answer
false
question
Which of the following is not one of the functions of a digital signature?
answer
protect the public key
question
?A symmetric cipher that was approved by the NIST in late 2000 as a replacement for DES
answer
Advanced Encryption Standard (AES)
question
?An algorithm that uses elliptic curves instead of prime numbers to compute keys
answer
Elliptic Curve Cryptograhy (ECC)
question
An asymmetric encryption key that does not have to be protected.?
answer
public key
question
?A symmetric block cipher that uses a 56-bit key and encrypts data in 64-bit blocks
answer
Data Encryption Standard (DES)
question
A temporary key that is used only once before it is discarded.?
answer
ephemeral key
question
?An asymmetric encryption key that does have to be protected.
answer
private key
question
A cipher that manipulates an entire block of plaintext at one time.?
answer
block cipher
question
A key exchange that requires all parties to agree upon a large prime number and related integer so that the same key can be separately created.?
answer
Diffie-Hellman (DH)
question
?An algorithm that takes one character and replaces it with one character.
answer
stream cipher
question
Data that has been encrypted.?
answer
ciphertext
question
Select below the standard that is based on the Rijndael algorithm, and was approved by NIST in late 2000 as a replacement for DES: AES 3DES RSA Twofish
answer
AES
question
What is the name of the open source asymmetric cryptography system that runs on Windows, UNIX, and Linux systems, and is compatible with PGP?
answer
GPG
question
The simplest type of stream cipher, one in which one letter or character is exchanged for another, is known as what?
answer
substitution
question
A key that is generated by a symmetric cryptographic algorithm is said to be a:
answer
private key
question
Explain hashing
answer
Hashing is used primarily to determine the integrity of a message or contents of a file.
question
What cryptographic method, first proposed in the mid-1980s, makes use of sloping curves instead of large prime numbers?
answer
ECC
question
In information technology, ____________________ is the process of proving that a user performed an action, such as sending an e-mail message or a specific document.
answer
non-repudiation
question
A hash algorithm is designed to create a hash that represents the contents of a set of data that can later be decrypted.
answer
false
question
A ________________ involves combining plaintext with a random key to create ciphertext that cannot be broken mathematically.?
answer
one-time pad (OTP)
question
Cryptography that attempts to use the microscopic behaviors of objects to develop and share keys while also detecting eavesdropping is known as what type of cryptography?
answer
quantum cryptography
question
Describe how a block cipher works.
answer
A block cipher manipulates an entire block of plaintext at one time. The plaintext message is divided into separate blocks of 8 to 16 bytes, and then each block is encrypted independently. For additional security, the blocks can be randomized.
question
Select below the hashing algorithm that takes plaintext of any length and generates a digest 128 bits in length: RSA SHA1 MD5 MD2
answer
MD2
question
Describe how Message Digest2 (MD2) works.
answer
It takes plaintext of any length and creates a digest 128 bits in length. MD2 divides the plaintext into multiple 128-bit sections. If the message is less than 128 bits extra padding is added.
question
Discuss how HMAC works.
answer
HMAC is a has based message authentication code in which a has function is applied to both the key and the message. HMAC is widely used by Internet security protocols to verify the integrity of transmitted data during secure communications.
question
Which type of cryptographic algorithm takes an input string of any length, and returns a string of any requested variable length?
answer
sponge
question
The Data Encryption Standard is a ______________ cipher.
answer
block
question
The NTRUEncrypt cryptographic algorithm makes use of which of the following cryptographic techniques?
answer
lattice-based
question
The SHA-1 hashing algorithm creates a digest that is how many bits in length?
answer
160 bits
question
What is the name of the cryptographic hash function that has international recognition and has been adopted by standards organizations such as the ISO, that creates a digest of 512 bits and will not be subject to patents?
answer
whirlpool
question
A Hardware Security Module (HSM) is essentially a chip on the motherboard of the computer that provides cryptographic services.
answer
false
question
Steganography hides the existence of data within images by dividing and hiding portions of a file within the image.
answer
true
question
What type of cryptography uses two keys instead of just one, generating both a private and a public key?
answer
asymmetric
question
Describe the RIPEMD hash
answer
The primary design feature of RIPEMD is two different and independent parallel chains of computation, the results of which are then combined at the end of the process.
question
List and describe the characteristics a hashing algorithm must have to be considered secure.
answer
fixed size: A digest of a short set of data should produce the same size as a digest of a long set of data. unique: Two different sets of data cannot produce the same digest, which is know as a collision. Changing a single letter in one data set should produce an entirely different digest. original: It should be impossible to produce a data set that has a desired or predefined hash. secure: The resulting hash cannot be reversed in order to determine the original plaintext.
question
The original cryptographic algorithms for encrypting and decrypting documents are ____________________ cryptographic algorithms.
answer
symmetric
question
What is the block cipher algorithm that operates on 64-bit blocks and can have a key length from 32 to 448 bits known as?
answer
blowfish
question
After the DES cipher was broken and no longer considered secure, what encryption algorithm was made as its successor?
answer
3DES
question
?What is the difference between a feature phone and a smartphone?
answer
a feature phone is a basic cell phone that only has a camera, mp3 player, and has the ability to send and receive SMS messages. a smart phone has all the tools that a feature phone has but also includes an operating system that allows it to run apps and access the Internet.
question
?How can encryption be used on Apple iOS and Google Android mobile operating systems?
answer
You can enable full device encryption which will apply protection to all data stored on the device. Another option is to separate personal and corporate data into containers and encrypt only the sensitive data.
question
?Which of the following selections is not one of the features provided by a typical MDM?
answer
track stolen devices
question
The Apple _____________ operating system, developed by Apple for their mobile devices, is a closed and proprietary architecture.
answer
iOS
question
A _____________ is a matrix or two-dimensional barcode first designed for the automotive industry in Japan.?
answer
quick response (QR) code
question
Mobile devices such as laptops are stolen on average once every 20 seconds.?
answer
false
question
List at least three things that can be done in order to reduce the risk of theft or loss of a mobile device.
answer
1. keep the mobile device out of sight when traveling in a high-risk area. 2. Avoid becoming distracted by what is on the device. Always maintain an awareness of your surroundings. 3. When holding a device, use both hands to make it more difficult for a thief to snatch.
question
What type of management system below can help facilitate asset tracking?
answer
?Mobile Device Management (MDM)
question
What PC Card type is typically used for memory??
answer
Type l
question
Mobile devices use _____________ for storage, which is a nonvolatile solid state electronic storage that can be electrically erased and reused.?
answer
flash memory
question
The CardBus is a 64-bit bus in the PC card form factor.
answer
false
question
_____________ are portable computing devices that are generally larger than smartphones and smaller than notebooks, and are focused on ease of use.?
answer
tablets
question
?What PIN is considered to be the most commonly used PIN?
answer
1234
question
Describe a subnotebook computer.
answer
Sometimes called an ultrabook (Intel/Windows) or air (Apple). These devices are even smaller than standard notebooks and use low-power processors and solid state drives (SSDs). They generally have a high-definition multimedia interface (HDMI) port along with a limited number of SB hardware ports.
question
?How can an administrator manage applications on mobile devices using a technique called "app wrapping?"
answer
Mobile Application Management
question
What SD card family can be used to transmit pictures over a wireless network to a laptop hard drive or wireless printer??
answer
?Secure Digital Input Output (SDIO)
question
?What term below describes a hand-held mobile device that was intended to replace paper systems, and typically included an appointment calendar, an address book, a "to-do" list, a calculator, and the ability to record limited notes? Notebook ?Netbook Web-based ?Personal digital assistant (PDA)
answer
?Personal digital assistant (PDA)
question
A QR code can't contain which of the following items directly? A URL A phone number An e-mail address A video
answer
A video
question
?How might an attacker misuse a QR code?
answer
An attacker can create an advertisement that shows a legitimate site, like a bank or a big company like Walmart, but they include a QR code that directs the user to a malicious site.
question
How does BYOD increase employee performance?
answer
Employees are more likely to be productive while traveling or working away from the office if they re comfortable with their device.
question
?An ultrabook is an example of what type of a portable computer?
answer
subnotebook
question
?Describe a netbook computer.
answer
A netbook computer was a small, inexpensive, and lightweight portable computer. In order to be affordable, netbooks used low-powered processors, featured small screens and keyboards, omitted optical storage, and could not be upgraded.
question
Simply using a mobile device in a public area can be considered a risk.
answer
true
question
What are the two options for using encryption with mobile devices??
answer
1. Full device encryption 2. Separating data into containers and encrypting the sensitive data
question
?Select below the item that is not considered to be a basic characteristic of mobile devices:
answer
?Removable media storage
question
A QR code can store website URLs, plain text, phone numbers, e-mail addresses, or virtually any alphanumeric data up to 4296 characters.
answer
true
question
What are the three sizes of SD cards available, and how are they typically used??
answer
1. Full SD: are commonly used in personal computers, video cameras, digital cameras, and other large consumer electronic devices 2. Mini & Micro SD: are commonly used in smaller electronic devices like smartphones and tablets
question
Describe some of the risks associated with BYOD
answer
1. Users may erase the installed built-in limitations on their smartphone to provide additional functionality. 2. Personal mobile devices are often shared among family members and friends, subjecting sensitive corporate data installed on a user's device to outsiders. 3. There may be difficulties in securing the personal smartphone from an employee who was fired so that any corporate data on it can be erased.
question
?What mobile operating system below requires all applications to be reviewed and approved before they can be made available on the public store front?
answer
iOS
question
?What can be enabled to prevent a mobile device from being used until a user enters the correct passcode, such as a pin or password?
answer
enable a lock screen
question
Mobile Device Management systems that allow users to store usernames and passwords within a device are said to be using:
answer
credential management
