CCIS2400 _Security Essentials

1.The latest Federal Bureau of Investigation (FBI) annual Computer Crime and Security Survey estimated the total annual loss due to data theft to be more than _____.

$100 million

$170 million

$500 million

$1 billion

2._____ ensures that the information is correct and that no unauthorized person or malicious software program can or has altered that data.

Availability

Confidentiality

Integrity

Identity

3.The _____ attack doubled the number of infections every 37 minutes.

Nimda

Blaster

Code Red

Klez

4.What is another name for unsolicited e-mail messages?

spam

spawn

trash

scam

5.According to Ferris Research, unsolicited e-mail messages now account for _____ of the total number of daily e-mail messages sent in the United States.

15%

30%

45%

62%

6.In information security a loss can be _____.

theft of information

a delay in transmitting information that results in a financial penalty

the loss of good will or a reputation

all of the above

7.In a company of 500 employees, it is estimated that _____ employees are required to combat a virus attack.

2

5

7

10

8._____ ensures that only authorized parties can view information.

Security

Availability

Integrity

Confidentiality

9.Setting a firewall to filter a specific type of traffic, such as all inbound traffic, while a second firewall on the same system filters another traffic type, such as outbound traffic is an example of _____.

diversity

layering

limiting

simplifying

10.A human firewall tries to prevent security attacks from passing through him or her by _____.

keeping antivirus software updated

watching for suspicious activity

monitoring a computer for evidence of attack

all of the above

11._____ consists of the mechanisms for limiting access to resources based on users identities and their membership in various groups.

Multifactor authentication

Mutual authentication

Access control

Auditing

12.A key to unlock a door or a drivers license are methods of authentication by _____.

what you have

what you are

what you know

what you do

13.Which of the following operating system support the Kerberos authentication system?

Windows Server 2003

Apple Mac OS

Linux

all of the above

14.A _____ card is a plastic card with an embedded thin metal strip that emits a low-frequency short-wave radio signal.

smart

ID

biometric

proximity

15.Because there is no single point of failure, a _____ security approach provides the most comprehensive protection.

diversified

layered

limited

simple

16.A _____ is a common type of malware.

worm

logic bomb

virus

all of the above

17.One of the motivations for a cracker to attack network and computer systems is to _____.

improve security

harm systems

earn money

support ideology

18.One of the motivations for a hacker to attack network and computer systems is to _____.

harm systems

earn money

improve security

gain recognition

19.When you meet 23 people, what are the odds that someone will have the same birthday as you?

.27%

6.3%

50%

99%

20._____ involves digging through trash receptacles to find computer manuals, printouts, or password ***** that have been thrown away.

Dumpster diving

Phishing

Trash sifting

Garbage collecting

21.With TCP/IP hijacking, the attacker uses _____ spoofing to send information from the users computer to the attackers computer instead of to a valid computer.

IP

ARP

MAC

ICMP

22.A _____ attack takes advantage of any weakness in software to bypass security that requires a password.

weak key

software exploitation

dictionary

brute force

23._____ makes it possible for almost any application running on virtually any computer platform to obtain directory information, such as e-mail addresses and keys.

X.500

DAP

DCE

LDAP

24.Until the development of the World Wide Web and _____ the Internet was primarily used for transferring files from one device to another.

FTP

HTTP

HTML

NNTP

25.Secure Sockets Layer (SSL)/Transport Layer Security (TLS) operate at the _____ layer.

Transport

Session

Application

Network

26.A WAP cell phone runs a tiny browser program called a microbrowser that uses _____ instead of HTML.

WML

WHML

WTML

WTTP

27.The _____ standard defines a LAN that provides cable-free data access at a rate up to 2 Mbps for clients that are either mobile or in a fixed location.

802.6

802.11

802.11b

802.15

28._____ is an optional configuration for WLANs that encrypts packets during transmission to prevent attackers from viewing their contents.

WEP

WTLS

WOL

WSecure

29.Wi-Fi _____ Access is a secure WLAN solution crafted by the WECA in late 2002 as an interim solution until a permanent wireless security standard could be implemented.

Protected

Secured

Restricted

Controlled

30.The _____ service loads files to memory for later printing.

lpr

lpd

printmgr

spooler

31.A(n) _____ is a major new release of the software incorporating all previous updates along with new features.

Update rollout

Feature pack

Version

Update