Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Information Security

Adams.Nick Test 4 Part 2

advertisement 
IST 462
Test 4
Part 2
NAME ____Nick Adams_________________
True/False
Indicate whether the statement is true or false.
__T_
1. One of the most important assets any organization possesses is its data.
__T_
2. Determining vulnerabilities often depends upon the background and experience of the assessor.
_F__
3. Security weaknesses can always be entirely eliminated.
__T__ 4. Because port numbers are 32 bits in length they can have a decimal value from 0 to 65,535.
__T_
5. Most network mappers utilize the TCP/IP protocol Internet Control Message Protocol (ICMP).
_T__
6. A decentralized organizational structure for privilege management delegates the authority for assigning or
revoking privileges more closely to the geographic location or end user.
_T_
7. Permissions inheritance becomes less complicated with GPOs.
_T__
8. A baseline is a reference set of data against which operational data is compared.
_T__
9. Although hashing is considered a cryptographic algorithm, its function is not to create a ciphertext that can later
be decrypted by the receiving party.
_F__ 10. Hashing is the same as creating a checksum.
Multiple Choice
Identify the choice that best completes the statement or answers the question.
_C__ 11. In information security, a ____ is the likelihood that a threat agent will exploit a vulnerability.
a. hole
c. Risk
b. threat
d. Weakness
__C_ 12. Identifying vulnerabilities through a(n) ____ determines the current security weaknesses that could expose
assets to threats.
a. asset identification
c. vulnerability appraisal
b. threat identification
d. risk mitigation
__D_ 13. Most communication in TCP/IP involves the exchange of information between a program running on one
device (known as a ____) and the same or a corresponding process running on another device.
a. port
c. Scanner
b. socket
d. Process
__C_ 14. TCP/IP uses a numeric value as an identifier to applications and services on the systems. These are known as the
____.
a. process
c. port number
b. socket
d. Protocol
__B_ 15. ____ are typically used to determine the state of a port to know what applications are running and could be
exploited.
a. Network scanners
c. Port testers
b. Port scanners
d. Network testers
__B_ 16. ____ are software tools that can identify all the systems connected to a network.
a. Port scanners
c. ICMP mappers
b. Network mappers
d. ICMP scanners
__A_ 17. ____ provides support to IP in the form of ICMP messages that allow different types of communication to occur
between IP devices.
a. SNMP
c. HTTP
b. SMTP
d. ICMP
__D_ 18. ____ is a generic term that refers to a range of products that look for vulnerabilities in networks or systems.
a. Port scanner
c. Ping
b. Network mapper
d. Vulnerability scanner
__D_ 19. ____ is a method of evaluating the security of a computer system or network by simulating a malicious attack
instead of just scanning for vulnerabilities.
a. Vulnerability scanning
c. Port scanning
b. Network mapping
d. Penetration testing
__C_ 20. The ____ is typically defined as the person responsible for the information, who determines the level of security
needed for the data, and delegates security duties as required.
a. guardian
c. Owner
b. manager
d. Custodian
__D_ 21. The Windows file and folder ____ permission allows files or folders to be opened as read-only and to be copied.
a. Write
c. Modify
b. Read and Execute
d. Read
__D_ 22. ____ assigns a level of business importance, availability, sensitivity, security and regulation requirements to
data.
a. Usage auditing
c. Usage classification
b. Security auditing
d. Data classification
_C_
23. ____ is the process for generating, transmitting, storing, analyzing, and disposing of computer security log data.
a. Log management
c. Event management
b. Log auditing
d. Event auditing
__C_ 24. ____ servers are intermediate hosts through which Web sites are accessed.
a. NIDS
c. Proxy
b. Authentication
d. HIPS
__B_ 25. Logs based on ____ are the second common type of security-related operating system logs.
a. event records
c. event logs
b. system events
d. audit records
__C_ 26. ____ refers to a methodology for making changes and keeping track of those changes, often manually.
a. Event auditing
b. Event management
c. Change management
d. Log management
__A_ 27. ____ monitoring compares activities against a predefined signature.
a. Signature-based
c. Behavior-based
b. Anomaly-based
d. Time-based
__B_ 28. A ____ baseline is a reference set of data established to create the “norm” of performance for a system or
systems.
a. configuration
c. System
b. performance
d. monitoring
__A_ 29. Data that is in an unencrypted form is called ____ data.
a. plaintext
c. hidetext
b. caesartext
d. cleartext
__A_ 30. ____, also called a one-way hash, is a process for creating a unique “signature” for a set of data.
a. Digital signing
c. Hashing
b. Decrypting
d. Encrypting
__B_ 31. The simplest type of stream cipher is a ____ cipher. It simply substitutes one letter or character for another.
a. transposition
c. permutation
b. substitution
d. homoalphabetic
__A_ 32. A ____ substitution cipher maps a single plaintext character to multiple ciphertext characters.
a. polyalphabetic
c. homoalphabetic
b. monoalphabetic
d. random
__B_ 33. ____ was approved by the NIST in late 2000 as a replacement for DES.
a. AES
c. Twofish
b. 3DES
d. Blowfish
__C_ 34. ____ is a block cipher that processes blocks of 64 bits.
a. SHA-1
c. RC2
b. RC4
d. MD5
__D_ 35. The asymmetric algorithm ____ was published in 1977 and patented by MIT in 1983.
a. AES
c. SHA
b. Diffie-Hellman
d. RSA
__C_ 36. The strength of the ____ algorithm is that it allows two users to share a secret key securely over a public
network.
a. DES
c. Diffie-Hellman
b. RSA
d. AES
__D_ 37. Microsoft’s ____ is a cryptography system for Windows operating systems that use the Windows NTFS file
system.
a. GPG
c. PGP
b. AES
d. EFS
__B_ 38. Cryptography can also be applied to entire disks. This is known as ____ encryption.
a. symmetric
c. file system
b. whole disk
d. EFS
__C_ 39. To protect data stored on a hard drive, Microsoft Windows Vista includes ____ drive encryption.
a. IDEA
c. BitLocker
b. TPM
d. AES
__A_ 40. ____ is a hardware-enabled data encryption feature.
a. BitLocker
c. AES
b. EFS
d. DES
Related documents
Chapter 9 - 2profs.net
Chapter 9 - 2profs.net
Claire Addison - Foundation Scotland
Claire Addison - Foundation Scotland
KRRC MSPowerPoint Prop Template 2008
KRRC MSPowerPoint Prop Template 2008
Port, Donghai Bridge, Offshore Wind Farm
Port, Donghai Bridge, Offshore Wind Farm
Clinical Trial Protocol Outline
Clinical Trial Protocol Outline
Chapter 3
Chapter 3
Signature ID : 276
Signature ID : 276
Lecture 3: IPv4 cont'd, ICMP, and UDP
Lecture 3: IPv4 cont'd, ICMP, and UDP
Faculty of Computer Studies Information Technology and Computing
Faculty of Computer Studies Information Technology and Computing
Smurf Attack - University of Windsor
Smurf Attack - University of Windsor
Download
advertisement