Identify the letter of the choice that best completes the statement or answers the question




НазваниеIdentify the letter of the choice that best completes the statement or answers the question
страница6/7
Дата конвертации30.10.2012
Размер0.79 Mb.
ТипДокументы
1   2   3   4   5   6   7

CCIS2400 (Security Essentials) Chapter 3 Study Guide


Multiple Choice

Identify the letter of the choice that best completes the statement or answers the question.


____ 1. What is the one key advantage of the bottom-up approach of securing information?

a.

The bottom-level employees have the technical expertise to understand what to do to secure information and how to do it.

b.

It has the backing to make the plan work.

c.

Resources such as funding, equipment, and personnel have the highest level of support.

d.

It carries the necessary authority to ensure that all employees follow its policies and procedures.



____ 2. What security position would you find at the middle level of an organizational structure?

a.

CEO

c.

Security technician

b.

CIO

d.

Security director



____ 3. The _____ is the top-level manager dedicated to overseeing the security plan and its implementation.

a.

chief information officer

c.

security director

b.

chief information security officer

d.

security administrator



____ 4. A human firewall tries to prevent security attacks from passing through him or her by _____.

a.

keeping antivirus software updated

b.

watching for suspicious activity

c.

monitoring a computer for evidence of attack

d.

all of the above



____ 5. Because there is no single point of failure, a _____ security approach provides the most comprehensive protection.

a.

diversified

c.

limited

b.

layered

d.

simple



____ 6. Setting a firewall to filter a specific type of traffic, such as all inbound traffic, while a second firewall on the same system filters another traffic type, such as outbound traffic is an example of _____.

a.

diversity

c.

limiting

b.

layering

d.

simplifying



____ 7. Making each password unrelated to the previous password provides an additional level of security through _____.

a.

simplicity

c.

obscurity

b.

diversity

d.

limiting



____ 8. _____ verifies that a trusted person who has been preapproved for access is actually the one who now demands that access.

a.

Security

c.

Identification

b.

Authentication

d.

Auditing



____ 9. Your mothers date of birth and a unique personal identification number (PIN) code provide authentication by _____.

a.

what you do

c.

what you are

b.

what you have

d.

what you know



____ 10. A key to unlock a door or a drivers license are methods of authentication by _____.

a.

what you have

c.

what you know

b.

what you are

d.

what you do



____ 11. Authentication by _____ is based on a person’s unique characteristics.

a.

who you are

c.

how you are

b.

what you are

d.

what you have



____ 12. Single sign-on systems that use ID management are based on one of _____ competing standards.

a.

two

c.

four

b.

three

d.

seven



____ 13. A _____ card is a plastic card with an embedded thin metal strip that emits a low-frequency short-wave radio signal.

a.

smart

c.

biometric

b.

ID

d.

proximity



____ 14. Which of the following operating system support the Kerberos authentication system?

a.

Windows Server 2003

c.

Linux

b.

Apple Mac OS

d.

all of the above



____ 15. Two-way authentication, can be used to combat identity attacks, such as _____.

a.

man-in-the-middle

c.

TCP/IP hijacking

b.

ARP spoofing

d.

mathematical attacks



____ 16. _____ consists of the mechanisms for limiting access to resources based on users identities and their membership in various groups.

a.

Multifactor authentication

c.

Access control

b.

Mutual authentication

d.

Auditing



____ 17. A security plan is initiated by a(n) ____________ would be defined as a bottom-up approach.

a.

chief information officer (CIO)

c.

chief security officer

b.

help desk technician

d.

financial officer



____ 18. The advantage of layering is ___________.

a.

there is no single point of failure

c.

it provides redundant services such as dual firewalls

b.

it is less expensive

d.

it does not require security personnel to implement



____ 19. Restricting users to the lowest level of permissions they need to do their jobs is called ____________.

a.

restrictive access listing (RAL)

c.

constraint leveling

b.

limiting

d.

concise security administration (CSA)



____ 20. Which of these is an example of security by obscurity?

a.

posting the comany’s security plan on website

c.

removing a logon window message that reveals the name of the operating system

b.

advertising for bids for a specific brand of firewall in the local newspaper

d.

requiring vendors to ship equipment that does no have a serial number


CCIS2400 (Security Essentials) Chapter 2 Study Guide


Multiple Choice

Identify the letter of the choice that best completes the statement or answers the question.


____ 1. One of the motivations for a hacker to attack network and computer systems is to _____.

a.

harm systems

c.

improve security

b.

earn money

d.

gain recognition



____ 2. One of the motivations for a cracker to attack network and computer systems is to _____.

a.

improve security

c.

earn money

b.

harm systems

d.

support ideology



____ 3. The _____ Supreme Court has ruled that hackers who simply probe computer networks linked to the Internet have not violated any laws.

a.

United States

c.

Swedish

b.

Canadian

d.

Norwegian



____ 4. Maria is a customer service representative who receives a telephone call from someone claiming to be a client asking for their password. This person has a thick accent that makes his speech hard to understand. Instead of asking the caller to continue repeating himself, Maria provides him with the password. This type of attack is known as a _____ attack.

a.

Birthday

c.

Password Guessing

b.

Social Engineering

d.

Masquerading



____ 5. _____ involves digging through trash receptacles to find computer manuals, printouts, or password lists that have been thrown away.

a.

Dumpster diving

c.

Trash sifting

b.

Phishing

d.

Garbage collecting



____ 6. Which of the following would be an example of a weak password?

a.

Unstoppable

d.

&uytK%wJGhh

b.

brutus

e.

both a and b

c.

un42n8@ne



____ 7. In a _____ attack, an attacker attempts to create every possible password combination by systematically changing one character at a time in a hypothetical password, and then using each newly generated password to access the system.

a.

dictionary

c.

brute force

b.

software exploitation

d.

hashing



____ 8. A _____ attack takes advantage of any weakness in software to bypass security that requires a password.

a.

weak key

c.

dictionary

b.

software exploitation

d.

brute force



____ 9. What does the Greek word crypto mean?

a.

writing

c.

hidden

b.

secure

d.

secret



____ 10. What number did Caesar use for a key when he was devising his simple substitution method of cryptography?

a.

1

c.

5

b.

3

d.

18



____ 11. When you meet 23 people, what are the odds that someone will have the same birthday as you?

a.

.27%

c.

50%

b.

6.3%

d.

99%



____ 12. A _____ attack makes it seem that two computers are communicating with each other, when actually they are sending and receiving data with a computer between them.

a.

man-in-the-middle

c.

TCP/IP hijacking

b.

replay

d.

spoofing



____ 13. With TCP/IP hijacking, the attacker uses _____ spoofing to send information from the users computer to the attackers computer instead of to a valid computer.

a.

IP

c.

MAC

b.

ARP

d.

ICMP



____ 14. A _____ is a common type of malware.

a.

worm

c.

virus

b.

logic bomb

d.

all of the above



____ 15. Microsoft claims that fewer than _____ percent of all users have up-to-date antivirus software installed.

a.

15

c.

60

b.

30

d.

80



____ 16. A _____ is a computer program that lies dormant until it is triggered by a specific event, such as a certain date being reached on the system calendar or a persons rank in an organization dropping below a specified level.

a.

logic bomb

c.

worm

b.

Trojan horse

d.

virus



____ 17. Attackers known as ____________ like to think of themselves as an elite group who are performing a valuable service by identifying security weaknesses.

a.

crackers

c.

hackers

b.

script kiddies

d.

cyberterrorists



____ 18. A ____________ possesses advanced computer skills and attackes computers with a malicious intent.

a.

script kiddie

c.

cracker

b.

hacker

d.

worm zombie



____ 19. The motivation for a computer spy is ______________.

a.

financial

c.

ideological

b.

egotism

d.

social



____ 20. One reason employees are so successful at attacking their company’s computers is ____________.

a.

they have superior networking skills

c.

a company’s information security is often focused on keeping out intruders

b.

employees already have access to all company information

d.

employees have unlimited access to company computers

1   2   3   4   5   6   7

Похожие:

Identify the letter of the choice that best completes the statement or answers the question iconSection 1 Analytic Question Answers

Identify the letter of the choice that best completes the statement or answers the question iconWritten Answers to questions not answered at Mayor’s Question Time on

Identify the letter of the choice that best completes the statement or answers the question iconWritten Answers arising from the Plenary Assembly Question and Answer Session with Transport for London

Identify the letter of the choice that best completes the statement or answers the question iconNo fee of any kind may be charged for the material; all copied material must clearly identify its source and contain the statement on copyright shown below

Identify the letter of the choice that best completes the statement or answers the question iconFinancial statements Income statement Balance sheet Statement of cash flows Statement of changes in equity Notes to and forming part of the financial report

Identify the letter of the choice that best completes the statement or answers the question iconAppendix 1 London Assembly (Mayor’s Question Time) 12 December 2007 Transcript – Question and Answer Session

Identify the letter of the choice that best completes the statement or answers the question iconPhil265/Rels265 Final Exam 31 Multiple choice or True-False worth 1 mark each 3 Short Answer Questions from choice of 5 worth 3 marks each (paragraph or two in length) Introduction to Philosophy

Identify the letter of the choice that best completes the statement or answers the question iconThe Very Handy Manual: How to Catch and Identify Bees

Identify the letter of the choice that best completes the statement or answers the question icon20 Answers

Identify the letter of the choice that best completes the statement or answers the question iconLetter from the President


Разместите кнопку на своём сайте:
lib.convdocs.org


База данных защищена авторским правом ©lib.convdocs.org 2012
обратиться к администрации
lib.convdocs.org
Главная страница