Date07.12.2018Size127.34 Kb.

You are watching: Two watchdog organizations that investigate allegations of software abuse are siia and nsa.

Navigate this page:
Chapter 02: The need for SecurityTRUE/FALSE 1. Information security’s main mission is come ensure the systems and their materials retain your confidentiality at all costs.

ANS: F PTS: 1

2. Info security safeguards the technology assets in usage at the organization.

ANS: T PTS: 1

3. A firewall is a mechanism that keeps particular kinds the network web traffic out of a private network.

ANS: T PTS: 1

4. An plot of theft perform by a hacker falls into the classification of “theft,” but is additionally often add by defacement action to delay discovery and also thus may additionally be inserted within the classification of “forces of nature.”

ANS: F PTS: 1

5. Two watchdog organizations that investigate allegations of software application abuse: SIIA and also NSA.

ANS: F PTS: 1

ANS: T PTS: 1

7. A worm calls for that an additional program is running prior to it can start functioning.

ANS: F PTS: 1

8. A worm deserve to deposit copies of chin onto all net servers the the infected system can reach, so that individuals who subsequently visit those sites come to be infected.

ANS: T PTS: 1

9. Attacks conducted by scripts are usually unpredictable.

ANS: F PTS: 1

10. Skilled hackers are incredibly talented people who normally devote several time and energy to attempting come break right into other people’s info systems.

ANS: T PTS: 1

ANS: T PTS: 1

12. Pressures of nature, force majeure, or action of God can current some of the many dangerous threats, due to the fact that they are usually happen with very little warning and are past the regulate of people.

ANS: T PTS: 1

13. Much human being error or failure can be prevented with training and ongoing awareness activities.

ANS: T PTS: 1

14. Contrasted to net site defacement, vandalism within a network is much less malicious in intent and more public.

ANS: F PTS: 1

15. With electronic information is stolen, the crime is easily apparent.

ANS: F PTS: 1

16. Organizations can use dictionary to disallow passwords during the reset process and for this reason guard versus easy-to-guess passwords.

ANS: T PTS: 1

17. DoS strikes cannot be launched against routers.

ANS: F PTS: 1

18. A mail bomb is a kind of DoS.

ANS: T PTS: 1

19. A sniffer program shows all the data going by on a network segment including passwords, the data within files—such together word-processing documents—and screens full of perceptible data indigenous applications.

ANS: T PTS: 1

20. A timing attack involves the interception of cryptographic elements to determine keys and encryption algorithms.

ANS: T PTS: 1

MODIFIED TRUE/FALSE
1. Pundit property is defined as “the ownership of ideas and control over the tangible or virtual depiction of those ideas.” _________________________

ANS: T PTS: 1

2. The macro virus infects the vital operating system files located in a computer’s boot sector. _________________________

ANS: F, boot

PTS: 1 3. When a(n) earlier door has actually infected a computer, it have the right to redistribute itself to every e-mail addresses uncovered on the infected system. _________________________

ANS: F

virus

worm

PTS: 1 4. A(n) polymorphic danger is one that over time alters the way it appears to antivirus software program programs, making the undetectable by techniques that look for preconfigured signatures. _________________________

ANS: T PTS: 1 -50

5. As soon as voltage levels surge (experience a temporary increase), the extra voltage deserve to severely damages or destroy equipment. _________________________

ANS: F, spike

PTS: 1 6. The shoulder looking technique is offered in windy or semipublic settings when individuals gather info they are not authorized to have actually by feather over an additional individual’s shoulder or the town hall the details from a distance. _________________________

ANS: F, surfing

PTS: 1 7. Hackers are “people that use and also create computer software to gain accessibility to details illegally.” _________________________

ANS: T PTS: 1

8. Packet kiddies use automated exploits to connect in distributed denial-of-service attacks. _________________________

ANS: F, monkeys

PTS: 1 9. The term phreaker is now commonly associated with an individual that cracks or gets rid of software protection that is draft to protect against unauthorized duplication. _________________________

ANS: F, cracker

PTS: 1 10. Cyberterrorists hack solution to command terrorist activities via network or net pathways. _________________________

ANS: T PTS: 1

11. The malicious code attack includes the execution the viruses, worms, Trojan horses, and energetic Web scripts with the intent to destroy or steal information. _________________________

ANS: T PTS: 1

12. The applications of computing and also network resources to try every possible combination of options of a password is called a brute cracked attack. _________________________

ANS: F, force

PTS: 1 13. One form of e-mail attack that is also a DoS is called a letter spoof, in i beg your pardon an attacker routes big quantities the e-mail to the target. _________________________

ANS: F, bomb

PTS: 1 14. Sniffers often work ~ above TCP/IP networks, where they’re sometimes dubbed packet sniffers. _________________________

ANS: T PTS: 1

15. A(n) cookie can permit an attacker to collect details on just how to access password-protected sites. _________________________

ANS: T PTS: 1

MULTIPLE CHOICE
1. Which of the following features does info security do for one organization? a.
Protecting the organization’s capability to function.
b. enabling the safe procedure of applications applied on the organization IT systems.
c. Protecting the data the organization collects and uses.
d. every one of the above.

ANS: D PTS: 1

2. ____ is an integrated system that software, encryption methodologies, and legal agreements that deserve to be supplied to assistance the whole information facilities of an organization.
a. SSL c. PKC
b. PKI d. SIS

ANS: B PTS: 1

3. ____ are software application programs that hide their true nature, and reveal your designed actions only as soon as activated.
a. Viruses c. Spam
b. Worms d. Trojan horses

ANS: D PTS: 1

4. Which of the following is an instance of a Trojan horse program?
a. Netsky c. Klez
b. MyDoom d. Happy99.exe

ANS: D PTS: 1

5. Together frustrating as viruses and also worms are, perhaps more time and money is invested on resolving virus ____.
a. false alarms c. hoaxes
b. power faults d. urban legends

ANS: C PTS: 1

6. Web hosting services are commonly arranged with an commitment providing minimum organization levels recognized as a(n) ____.
a. SSL c. MSL
b. SLA d. MIN

ANS: B PTS: 1

7. Finish loss of power for a moment is recognized as a ____.
a. sag c. brownout
b. fault d. blackout

ANS: B PTS: 1

8. Acts of ____ deserve to lead to unauthorized real or digital actions that permit information gatherers to enter premises or systems they have not been authorized come enter.
a. bypass c. trespass
b. nature d. security

ANS: C PTS: 1

9. There are usually two skill levels amongst hackers: expert and also ____.
a. novice c. packet monkey
b. journeyman d. professional

ANS: A PTS: 1

10. One kind of digital vandalism is ____ operations, i beg your pardon interfere through or disrupt systems to protest the operations, policies, or actions of an organization or federal government agency.
a. hacktivist c. hackcyber
b. phvist d. cyberhack

ANS: A PTS: 1

11. According to mark Pollitt, ____ is the premeditated, politically motivated attacks versus information, computer systems, computer system programs, and data which an outcome in violence versus noncombatant targets by subnational teams or clandestine agents.
a. infoterrorism c. hacking
b. cyberterrorism d. cracking

ANS: B PTS: 1

12. ____ is any an innovation that aids in gathering information around a human or organization without your knowledge.
a. A bot c. Trojan
b. Spyware d. Worm

ANS: B PTS: 1

13. The ____ data file contains the hashed representation of the user’s password.
a. SLA c. FBI
b. SNMP d. SAM

ANS: D PTS: 1

14. In a ____ attack, the attacker sends a big number of link or info requests to a target.
a. denial-of-service c. virus
b. distributed denial-of-service d. spam

ANS: A PTS: 1

15. A ____ is an strike in i m sorry a coordinated stream of requests is launched against a target from many locations at the very same time.
a. denial-of-service c. virus
b. dispersed denial-of-service d. spam

ANS: B PTS: 1

16. ____ are equipments that space directed remotely (usually by a sent command) through the attacker to get involved in one attack.
a. Drones c. Zombies
b. Helpers d. Servants

ANS: C PTS: 1

17. In the popular ____ attack, one attacker monitors (or sniffs) packets native the network, modifies them, and also inserts them earlier into the network.
a. zombie-in-the-middle c. server-in-the-middle
b. sniff-in-the-middle d. man-in-the-middle

ANS: D PTS: 1

18. The ____ hijacking attack uses IP spoofing to allow an attacker to impersonate one more entity ~ above the network.
a. WWW c. FTP
b. TCP d. HTTP

ANS: B PTS: 1

19. “4-1-9” fraud is an instance of a ____ attack.
a. society engineering c. worm
b. virus d. spam

ANS: A PTS: 1

20. Microsoft recognized that if you form a res:// URL (a Microsoft-devised kind of URL) which is much longer than ____ characters in Internet explorer 4.0, the browser will crash.
a. 64 c. 256
b. 128 d. 512

ANS: C PTS: 1

COMPLETION 1. A(n) ____________________ is an object, person, or other entity the represents an ongoing danger to an asset.

ANS: threat

PTS: 1 2. Duplication of software-based intellectual property is much more commonly well-known as software program ____________________.

ANS: piracy

PTS: 1 3. A computer system virus is composed of segments of code that do ____________________ actions.

ANS: malicious

PTS: 1 4. A(n) ____________________ is a malicious routine that replicates itself constantly, there is no requiring another program environment.

ANS: worm

PTS: 1 5. A virus or worm deserve to have a payload that installs a(n) ____________________ door or trap door component in a system, which permits the attacker to accessibility the mechanism at will v special privileges.

ANS: back

PTS: 1 6. A short-term low voltage is called a(n) ____________________.

ANS: sag

PTS: 1 7. Some info gathering methods are quite legal, because that example, making use of a Web internet browser to perform sector research. These legal methods are called, collectively, competitive ____________________.

ANS: intelligence

PTS: 1 8. When details gatherers employ techniques that cross the threshold of what is legal or ethical, they room conducting industrial ____________________.

ANS: espionage

PTS: 1 9. The expert hacker sometimes is referred to as ____________________ hacker.

ANS: elite

PTS: 1 10. Manuscript ____________________ room hackers of limited skill who use expertly written software program to assault a system.

ANS: kiddies

PTS: 1 11. A(n) ____________________ hacks the public telephone network to make totally free calls or disrupt services.

ANS: phreaker

PTS: 1 12. ESD means electrostatic ____________________.

ANS: discharge

PTS: 1 13. A(n) ____________________ is an act the takes benefit of a vulnerability to damage a managed system.

ANS: attack

PTS: 1 14. A(n) ____________________ is an identified weakness in a regulated system, wherein controls space not present or are no much longer effective.

ANS: vulnerability

PTS: 1 15. Attempting to reverse-calculate a password is called ____________________.

ANS: cracking

PTS: 1 16. ____________________ is a an approach used to gain unauthorized access to computers, wherein the intruder sends out messages through a source IP attend to that has actually been forged to indicate that the messages space coming indigenous a trusted host.

ANS: Spoofing

PTS: 1 17. ____________________ is unsolicited commercial e-mail.

ANS: Spam

PTS: 1 18. In the context of details security, ____________________ is the procedure of making use of social an abilities to convince world to reveal access credentials or other valuable information to the attacker.

ANS: society engineering

PTS: 1 19. The timing attack explores the contents of a web browser’s ____________________.

ANS: cache

PTS: 1 20. A(n) ____________________ is an application error the occurs when an ext data is sent to a regime buffer than it is designed come handle.

ANS:

buffer overrun

buffer overflow

PTS: 1 ESSAY 1. Perform at the very least six general categories that threat.

ANS:

Compromises to intellectual property

Software attacks

Deviations in high quality of service

Espionage or trespass

Forces that nature

Human error or failure

Information extortion

Missing, inadequate, or incomplete

Missing, inadequate, or incomplete controls

Sabotage or vandalism

TheftTechnical hardware failures or errors

Technical software program failures or errors

Technological obsolescence

PTS: 1 2. Define viruses and worms.

ANS:

A computer virus is composed of segment of code that perform malicious actions. This password behaves very much like a virus microorganism attacking animals and plants, making use of the cell’s own replication machine to propagate and also attack. The password attaches chin to the currently program and takes control of that program’s accessibility to the targeted computer. The virus-controlled target routine then carries out the virus’s plan, by replicating itself into added targeted systems.A worm is a malicious regime that replicates chin constantly, there is no requiring another program to administer a safe setting for replication. Worms can proceed replicating themselves until they fully fill accessible resources, such as memory, hard drive space, and also network bandwidth.

See more: Michael Johnson Trash Talking Justin Gaethje Vs Michael Johnson

PTS: 1 - 47

3. Explain the capability of a sniffer.

ANS:

A sniffer is a routine or an equipment that have the right to monitor data traveling over a network. Sniffers can be supplied both for legitimate network monitoring functions and for stealing information from a network. Unauthorized sniffers can be exceptionally dangerous come a network’s security, due to the fact that they room virtually difficult to detect and can be inserted nearly anywhere. This provides them a favorite weapon in the hacker’s arsenal. Sniffers frequently work top top TCP/IP networks, whereby they’re sometimes referred to as packet sniffers. Sniffers include risk come the network, since many systems and users send information on neighborhood networks in clean text. A sniffer program mirrors all the data going by, including passwords, the data within files and also screens full of sensitive data from applications.PTS: 1