front 1 Which of the following parameters make up a Risk Matrix? (Select all that apply.) Different motivation levels Different assets that could be attacked Different threat agents Different types of attacks | back 1 Different assets that could be attacked Different types of attacks |
front 2 A "back door" is an attack vector that lets the attacker take control of a computer through a network connection. | back 2 True |
front 3 Which of the following would describe a Threat Agent? Someone who has already attacked our assets Someone who is currently attacking our asset Someone who is motivated to attack our asset Someone who has the skills to attack our assets | back 3 Someone who is motivated to attack our asset |
front 4 Which would be the easiest method to restrict access to a system so that a small list of people can log on? Whitelist the names of the people you want in the system. Blacklist the names of the people you don't want in the system Greylist the people who could be a security risk to the system Any of these will work. | back 4 Whitelist the names of the people you want in the system. |
front 5 An asset is safer if we limit the number of people allowed inside its security boundary. This is called the Basic Principle of Least Privilege. | back 5 True |
front 6 A process is restricted to specific regions of RAM assigned to it. | back 6 True |
front 7 For the following scenario, what type(s) of attacks have occurred? (Select all that apply.) An IT worker goes to the HR manager's computer to do some routine maintenance and notices that the HR manager is still logged into the employee database. The IT worker browses around in the database and learns how much money other employees are getting paid. Masquerade Disclosure Denial of Service Subversion Forgery Physical Theft | back 7 Masquerade Disclosure |
front 8 Suppose you want to protect a file on a UNIX/Linux system using the basic file protections. The file is a text file that contains the rules for a new tabletop roleplaying game that will totally be better than Dungeons & Dragons. You and your team are working on the file together, and you would like for the general public to see rules as the team develops them but obviously you don't want them to change up the rules. What is the string of characters that would provide these protections? Write out the string without any spaces. | back 8 rwxrwxr-- |
front 9 For the following scenario, what type(s) of attacks have occurred? (Select all that apply.) The Stuxnet virus caused the nuclear enrichment machinery to run at full speed for too long as well as modifying the warning system so that it didn't sound any alarms. The result was heavy damage to the machinery. Masquerade Disclosure Denial of Service Subversion Forgery Physical Theft | back 9 Denial of Service |
front 10 Because of Kerckhoff's Principle, we should design our cybersecurity such that the system is secure even when potential attackers already know how the system works. | back 10 True |
front 11 A heavy steel computer case is an example of what type of security control? Mechanical Physical Cryptographic Functional Procedural | back 11 Physical |
front 12 What is an Attack Vector The trajectory of an ongoing attack A currently ongoing attack None of these A way to exploit a vulnerability | back 12 A way to exploit a vulnerability |
front 13 Writing your diary in a made-up language is an example of what type of security control? Logical Mechanical Physical Cryptographic Functional Procedural | back 13 Cryptographic |
front 14 Which of the following are program modes in a modern computer? (Select all that apply.) user mode print mode kernel mode superuser mode read-only mode dispatcher mode | back 14 user mode kernel mode |
front 15 Requiring all employees to change their passwords regularly is an example of what type of security control? Logical Mechanical Physical Cryptographic Functional Procedural | back 15 Procedural |
front 16 How can criminals hide data using partitions? If the criminal makes the computer complex enough, a forensic analyst won't understand what the criminal did. A hacker can inject a partition into a computer, and because partitions are opaque, the operating system does not know what data the hacker added to the computer. They can configure the partition to leave gaps that the file system can't directly access. None of these | back 16 They can configure the partition to leave gaps that the file system can't directly access. |
front 17 A program operating in kernel mode can access any part of RAM, even parts of other programs. | back 17 True |
front 18 What is a zero-day exploit? A system that has not yet been hacked An attack for which no patch yet exists An attack that is still being planned An attack that would not do significant damage | back 18 An attack for which no patch yet exists |
front 19 A "buffer overflow" is any attack vector that lets the attacker take control of a computer through a network connection. | back 19 False |
front 20 The following is an example of how a simple virus might take control of a system: At the beginning of the program code, the virus writes a jump point to the malicious code. Then, at the end of the virus code, it executes a jump back to the regular program. | back 20 True |
front 21 Making a file read-only is an example of what type of security control? Logical Mechanical Physical Cryptographic Functional Procedural | back 21 Logical |
front 22 When deleting a file in a FAT directory, which of the following happens? (Select all that apply.) Checks to make sure that all the clusters are sequential Deletes the data in the file clusters "Frees" all clusters in the file's cluster chain by setting them to the "empty" value. Marks the file's directory entry to "empty" | back 22 "Frees" all clusters in the file's cluster chain by setting them to the "empty" value. Marks the file's directory entry to "empty" |
front 23 Which of the following parameters make up an Attack Matrix? (Select all that apply.) Different motivation levels Different assets that could be attacked Different types of attacks Different threat agents | back 23 Different types of attacks Different threat agents |
front 24 Which of the following best describes the Basic Principle: Continous Improvement? Regulary reviewing and updating security measures based on new threats Installing an antivirus program on a computer Waiting for a breach before making changes Implementing a strong password policy | back 24 Regulary reviewing and updating security measures based on new threats |
front 25 What is the Window of Vulnerability? The period of time before a patch is created The period of time before a vulnerability is detected The period of time during which a system is unprotected from an exploit The period of time before a buffer is protected against buffer overflow attacks The period of time before the user decides to use a better operating system than anything made by Microsoft | back 25 The period of time during which a system is unprotected from an exploit |
front 26 What is an unbound buffer? An input that is too large to fit into memory A section of memory that gets overwritten by a hacker Memory that must be manually tested before data can be stored. An area of memory that holds data but the program doesn't check the data for length | back 26 An area of memory that holds data but the program doesn't check the data for length |
front 27 Originally, "Random Access" was a negative term that meant that the drive could only provide the data randomly because it often failed. The term later changed as drive technology improved. | back 27 False |
front 28 Which of the following is the best strategy for administrative access control? Each administrator will have an administrator over them that makes sure that the admin permissions aren't being misused. Give the administrator full admin access, but properly train them so that they won't misuse the account. Give the administrator a regular account for their regular duties and an admin account for tasks that require admin permissions. Set up the computer system/network once and then delete the admin access. Once the system is set up, the administrator only needs regular user access. | back 28 Give the administrator a regular account for their regular duties and an admin account for tasks that require admin permissions. |
front 29 Which of the following problems contributed to the Morris Worm's success? (Select all that apply.) The Finger program had an unbounded buffer. The Finger program contained email information of all the users. The Morris Worm caused the creation of a government agency dedicated to fighting viruses. The Morris Worm was the first virus, so nobody knew what to expect. The Finger program was designed to run as root. The Morris Worm was more than just a virus. It was a worm. | back 29 The Finger program had an unbounded buffer. The Finger program was designed to run as root. |
front 30 We refer to security breaches as "incidents" because we don't want the public to panic and/or we don't want to be sued for defamation. | back 30 False |
front 31 Which of the following must be true in order for the Chain of Control to be maintained? (Select all that apply.) Whenever software is started by other software, the user must be able to allow or deny the operation. Whenever the computer starts, it runs software the enforces our security requirements Software that is started by other software must either obey our security requirements or must be prevented from violating them. Only the operating system is allowed to have direct control over the hardware. | back 31 Whenever the computer starts, it runs software the enforces our security requirements Software that is started by other software must either obey our security requirements or must be prevented from violating them. |
front 32 What is an example of a malware attack vector where the malware exploits a vulnerability that can be reached via the network? Email infection Drive-by download Worm propagation Trojan infection | back 32 Worm propagation |
front 33 What does it mean when we say that evidence is "admissible"? It was collected by a designated officer of the law All of these It was directly related to a criminal case It does not violate the 4th Amendment It meets legal rules and standards for evidence | back 33 It meets legal rules and standards for evidence |
front 34 Which of the following are valid methods for resolving disputes in the United States? (Select all that appy.) Criminal complaint Mediation Private action Civil complaint | back 34 Criminal complaint Mediation Private action Civil complaint |
front 35 When you are presented with a running computer that needs forensic analysis, what is the first thing you should do? Turn off the computer Take pictures of all open programs, windows, and tabs None of these, something else. Make a copy of the hard drive | back 35 Take pictures of all open programs, windows, and tabs |
front 36 If we collect data from a hard drive to be used in court, we must first copy the drive and then calculate an integrity check value to guarantee that we didn't modify the drive in any way. Otherwise, the opposing lawyer could claim the data had been tampered with. | back 36 True |
front 37 Which of the following is NOT one of the security categories that we try to ensure? Availability Confidentiality Integrity All of these are security categories. | back 37 All of these are security categories. |
front 38 In the aftermath of a security incident in which Bob's actions led to a system breach, he would be held responsible if it were determined that he did exercise due diligence. | back 38 False |
front 39 Which of the following threats should we most prepare our defenses against? A threat with stealth motivation A threat with high motivation A threat with low motivation A threat with moderate motivation | back 39 A threat with moderate motivation |
front 40 Which of the following is NOT a security control category? Corrective Preventative Administrative Detective | back 40 Administrative |
front 41 The FAT contains an entry for each cluster on the drive. Each entry is a number that points to the next cluster in a program. | back 41 True |
front 42 What are the components of the Basic Principle: Least Privilege when dealing with an asset? (Select all that apply.) Prevent anyone from deleting the asset Prevent anyone from modifying the asset Limit the number of people who has acess to the asset Restrict what each person may do to the asset | back 42 Limit the number of people who has acess to the asset Restrict what each person may do to the asset |
front 43 Because of Kerckhoff's Principle, we should design our cybersecurity such that there is not a single point of failure but instead utilizes defense in depth. | back 43 False |
front 44 What is an example of a malware attack vector where the program appears benign and the user is tricked into executing it. Drive-by download Trojan infection Email infection Worm propagation | back 44 Trojan infection |
front 45 Which of the following is an example of subverting the Chain of Control? | back 45 Boot the computer from a USB drive that contains an OS controlled by the attacker. |
front 46 A padlock is an example of what type of security control? Logical Mechanical Physical Cryptographic Functional Procedural | back 46 Mechanical |
front 47 An example of Basic Principle: Defense in Depth is having a key that locks the outer door that also locks the office door and the safe. | back 47 False |
front 48 Suppose you want to protect a file on a UNIX/Linux system using the basic file protections. The file is a Word document and contains a list of all your passwords for various websites. As the owner of the file, you obviously want full access to the file. You want people in your group to access the file as well, but you don't want them to change anything. The rest of the world doesn't get any access. What is the string of characters that would provide these protections? Write out the string without any spaces. | back 48 rwxr-x--- |
front 49 Suppose you need to turn off a computer before you bring it to your office to perform forensic analysis. Should you unplug it or perform the proper shutdown routine? Proper shutdown because otherwise it could corrupt data. Unplug it because otherwise it could corrupt data. Unplug it because that will better preserve the current state of the hard drive. Proper shutdown because that will better preserve the current state of the hard drive. | back 49 Unplug it because that will better preserve the current state of the hard drive. |
front 50 For the following scenario, what type(s) of attacks have occurred? (Select all that apply.) A hacker modifies the computer so that the browser only plays a certain Rick Astley video over and over and won't do anything else. Masquerade Disclosure Denial of Service Subversion Forgery Physical Theft | back 50 Denial of Service Subversion |
front 51 Which of the following is an example of retrieving from offline? Trying different combinations of PIN numbers on a security door Using a keyboard logger to record password entries Watching over someone's shoulder as they type in their PIN Hacking the server and stealing the password file Putting bad passwords into someone's email login so many times that the account locks up | back 51 Hacking the server and stealing the password file |
front 52 Which of the following encryption building-blocks are used in the AES algorithm? (Select all that apply.) Shift Code Substitution Transmutation XOR Transposition | back 52 Shift Substitution XOR Transposition |
front 53 Suppose we XOR the bits of our message with the bits of our key. Then, we XOR the result with the bits of our original message. What is the result? Our original message The key A garbled mess The encrypted message | back 53 The key |
front 54 Hash algorithms can be used to generate the key stream when using a stream cipher. | back 54 True |
front 55 Random number generators found in programming languages are not actually random. They are actually pseudorandom. | back 55 True |
front 56 What term describes the process of associating an individual with an identiy inside a computer? Authentication Password Access Control Credential | back 56 Authentication |
front 57 Which authentication factors are involved in the following example? (Select all that apply.) To access your phone, you must draw a square on the screen. Something you see Something you know Something you hear Something you touch Something you have Something you are | back 57 Something you know |
front 58 In a man-in-the-middle attack, Oscar gives Alice his secret key SO but convinces her it is actually Bob's secret key SB. Then, whenever Alice sends Bob a message, Oscar can decrypt it with SO. | back 58 True |
front 59 What is an authentication token that transmits the same credential every time? Passive token Challenge-response token One-time password token Timed-response token Fixed-response token | back 59 Passive token |
front 60 When several people share the same key, they form a cryptogroup. | back 60 False |
front 61 Which of the following encryption building-blocks are used in the DES algorithm? (Select all that apply.) Shift Code Substitution Transmutation XOR Transposition | back 61 Shift Substitution XOR Transposition |
front 62 Attacking hashed passwords found in a password file is called an offline attack. | back 62 True |
front 63 Which authentication factors are involved in the following example? (Select all that apply.) To open the vault door, you speak your password into a microphone. Something you see Something you know Something you hear Something you touch Something you have Something you are | back 63 Something you know Something you are |
front 64 A great way to pick a password is to use the first character of each word in a phrase we will remember because the resulting password will be completely random. | back 64 False |
front 65 What is an authentication token that transits credentials that vary according to an unpredictable message from the computer? Passive token Challenge-response token One-time password token Timed-response token Fixed-response token | back 65 Challenge-response token |
front 66 Which of the following are situations that would indicate it was time to rekey? (Select all that apply.) If two years have passed without rekeying from some other issue Whenever a file encrypted with the key is modified When a person who knows the key leaves the group When a person joins the group Every six months Whenever the key is used When we suspect that the key has been compromised | back 66 If two years have passed without rekeying from some other issue When a person who knows the key leaves the group Every six months When we suspect that the key has been compromised |
front 67 A smart credit card (chip card) is an example of which type of token? Passive token Challenge-response token One-time password token Timed-response token Fixed-response token | back 67 Passive token |
front 68 What kind of encryption rearranges the text of the message? secret key cipher code transposition cipher substitution cipher | back 68 transposition cipher |
front 69 What kind of encryption replaces characters of the message with other characters? transposition cipher secret key cipher code substitution cipher | back 69 substitution cipher |
front 70 Which authentication factors are involved in the following example? (Select all that apply.) To access your email, you type in the number sent to your phone. Something you see Something you know Something you hear Something you touch Something you have Something you are | back 70 Something you have |
front 71 AES and DES are examples of what type of cipher? Block cipher Code cipher Stream cipher One-time pad | back 71 Block cipher |
front 72 Which of the following is an example of cloning or borrowing a credential? Using a keyboard logger to record password entries Watching over someone's shoulder as they type in their PIN Trying different combinations of PIN numbers on a security door Hacking the server and stealing the password file Putting bad passwords into someone's email login so many times that the account locks up | back 72 atching over someone's shoulder as they type in their PIN |
front 73 Which of the following are key to a good one-way hash function? (Select all that apply.) If we change one character in our password, the hash will be unpredictably different. If one password hashes to a particular value, no other password can hash to that value. If Oscar wants to attack our system, he can't figure out what hash algorithm we are using. If we add one or subtract character to our password, the hash will be unpredictably different. If Oscar finds a password, he can't figure out the hash of that password. If Oscar finds a hash value, he can't figure out a password that yields the same hash value. | back 73 If we change one character in our password, the hash will be unpredictably different. If we add one or subtract character to our password, the hash will be unpredictably different. If Oscar finds a hash value, he can't figure out a password that yields the same hash value. |
front 74 Suppose Alice wants to encrypt a message that only Bob can read. Which of the following scenarios describes this process using RSA? Alice encrypts the message using Alice's public key. Then, Bob can decrypt it using Bob's secret key. Alice encrypts the message using Bob's public key. Then, Bob can decrypt it using Alice's public key. Alice encrypts the message using Bob's public key. Then, Bob can decrypt it using Bob's secret key. Alice encrypts the message using Alice's secret key. Then, Bob can decrypt it using Bob's secret key. Alice encrypts the message using Alice's public key. Then, Bob can decrypt it using Bob's public key. | back 74 Alice encrypts the message using Bob's public key. Then, Bob can decrypt it using Bob's secret key. |
front 75 One way to increase the password search space is to require all passwords to contain at least one number and one special character. | back 75 False |
front 76 Which authentication factors are involved in the following example? (Select all that apply.) To access the computer, you type in a password and then type in a PIN number. Something you see Something you know Something you hear Something you touch Something you have Something you are | back 76 Something you know |
front 77 Which of the following are true statements about nonces? (Select all that apply.) The value is unlikely to repeat itself. A nonce is a random value. A nonce must be kept secret. An attacker can't choose the nonce's value. | back 77 An attacker can't choose the nonce's value. The value is unlikely to repeat itself. |
front 78 When properly used, it is mathematically impossible to crack a message encrypted by a one-time pad. | back 78 True |
front 79 Which of the following are key management problems? (Select all that apply.) Making sure everyone at the organization has the same key Choosing keys that attackers can't guess Handling keys so that attackers can't intercept them Sharing keys with exactly the right people and only the right people | back 79 Choosing keys that attackers can't guess Handling keys so that attackers can't intercept them Sharing keys with exactly the right people and only the right people |
front 80 Which of the following options is the best way to avoid reusing a keystream? Only encrypt things once These are all bad options. You shouldn't choose any of these. Generate the keystream using a different key for every encryption Combine the key with a nonce before generating the keystream | back 80 Combine the key with a nonce before generating the keystream |
front 81 Which of the following is an example of sniffing the credential? Watching over someone's shoulder as they type in their PIN Using a keyboard logger to record password entries Putting bad passwords into someone's email login so many times that the account locks up Trying different combinations of PIN numbers on a security door Hacking the server and stealing the password file | back 81 Using a keyboard logger to record password entries |
front 82 Suppose Oscar retrieves the user account file that contains a list of all users and their hashed passwords. How can Oscar gain access to the computer? Locate the user on the list with the highest clearance. The hash value for that user can be typed into the login screen as the password since the login screen was going to hash the password anyways. Locate the user on the list with the highest clearance. Guess that user's login credentials. If that user's account becomes locked, find the next highest clearance and proceed to guess that user's credentials. Run every possible password through the hash algorithm, and see it matches any user's hash on the list. If one is found, log in with that user's name and the generated password. Oscar cannot gain access to this computer with only this file. Oscar does not know what password rules are in place. The user's may have been instructed to include numbers or special characters in their passwords, and Oscar would not know this information. | back 82 Run every possible password through the hash algorithm, and see it matches any user's hash on the list. If one is found, log in with that user's name and the generated password. |
front 83 Suppose Oscar discovered that 1 in 10 people at a particular company
use their favorite Taco Bell menu item as their password. If there are
50 items on the Taco Bell menu, how many password attempts will Oscar
expect to try before he is likely to find a match? Impossible to know | back 83 25 |
front 84 Public key encryption works because of a trapdoor function. What is the trapdoor function in RSA that keeps Oscar from figuring out Alice's secret key? Oscar knows the value N, but it is almost impossible for him to figure out what two prime numbers created N. An exponent raised to another exponent is the same as the multiplying the exponents. Thus (Xa)b = (Xb)a = Xab. Oscar knows Alice's public key PA but doesn't know what equation was used to calculate the inverse, SA. You can easily calculate the hash, but it is almost impossible to figure out what message generated the hash. | back 84 Oscar knows the value N, but it is almost impossible for him to figure out what two prime numbers created N. |
front 85 Which of the following does password hashing protect against? (Select all that apply.) Tricking a system administrator into looking up and divulging someone's password Randomly trying passwords until the correct one is found Stealing the authentication database and looking at everyone's passwords Corrupting a database so that it becomes unreadable | back 85 Tricking a system administrator into looking up and divulging someone's password Stealing the authentication database and looking at everyone's passwords |
front 86 Another name for public-key cryptography is Asymmetric Cryptography. | back 86 True |
front 87 Why is it bad to reuse a keystream? Two files encrypted with the same keystream can be XOR'd together to cancel the encryption. It isn't bad to reuse a key stream. It is only bad to reuse a key. It is only a problem with image files where Oscar can see two images overlayed. Oscar can append the reused keystreams and use that to decrypt files. | back 87 Two files encrypted with the same keystream can be XOR'd together to cancel the encryption. |
front 88 Which authentication factors are involved in the following example? (Select all that apply.) To draw money from an ATM, you insert your card and type your PIN. Something you see Something you know Something you hear Something you touch Something you have Something you are | back 88 Something you know Something you have |
front 89 Which of the following is an example of a trial-and-error attack? Trying different combinations of PIN numbers on a security door Watching over someone's shoulder as they type in their PIN Putting bad passwords into someone's email login so many times that the account locks up Using a keyboard logger to record password entries Hacking the server and stealing the password file | back 89 Trying different combinations of PIN numbers on a security door |
front 90 Which of the following is an example of denial of service? Hacking the server and stealing the password file Putting bad passwords into someone's email login so many times that the account locks up Trying different combinations of PIN numbers on a security door Watching over someone's shoulder as they type in their PIN Using a keyboard logger to record password entries | back 90 Putting bad passwords into someone's email login so many times that the account locks up |
front 91 What term describes checking a user's access rights and granting access to resources? Password Authentication Access Control Credential | back 91 Access Control |
front 92 What is an authentication token that transits different credentials based on an internal clock or counter? Passive token Challenge-response token One-time password token Timed-response token Fixed-response token | back 92 One-time password token |
front 93 Two-factor authentication is effective because an attacker must use two separate attack vectors, one for each factor. This provides Defense in Depth. | back 93 True |
front 94 Which of the following is an example of two-factor authentication? You swipe your ID card and then unlock a padlock with a key. You type in a password and then enter the name of your favorite pet. All of these are two-factor authentication. You type in a password and then enter the code sent to your phone. | back 94 You type in a password and then enter the code sent to your phone. |
front 95 In biometric credentials, what do we call the fraction of readings that should match an existing credential but do not match it? True acceptance rate False acceptance rate False rejection rate True rejection rate | back 95 False rejection rate |
front 96 Who can be a Certificate Authority? Any internationally recognized Internet authority Literally anyone with a public/private key combo Anyone who gets the proper CA license Large organizations | back 96 Literally anyone with a public/private key combo |
front 97 Suppose Alice wants to sign a message so that Bob knows that she sent it. Which of the following scenarios describes this process using RSA? Alice encrypts the message using Alice's secret key. She then sends the original message along with the encrypted message. Bob can decrypt it using Alice's public key and compare the two messages to see if they match. Alice encrypts the message using Alice's secret key. She then sends the original message along with the encrypted message. Bob can decrypt it using Bob's secret key and compare the two messages to see if they match. Alice encrypts the message using Alice's public key. She then sends the original message along with the encrypted message. Bob can decrypt it using Bob's secret key and compare the two messages to see if they match. Alice encrypts the message using Bob's public key. She then sends the original message along with the encrypted message. Bob can decrypt it using Bob's secret key and compare the two messages to see if they match. | back 97 Alice encrypts the message using Alice's secret key. She then sends the original message along with the encrypted message. Bob can decrypt it using Alice's public key and compare the two messages to see if they match. |
front 98 You should not use SMS to send one-time passwords because the password is sent in plaintext. | back 98 True |
front 99 Suppose there are 200 billion potential password combinations, and we
are attempting trial-and-error guessing. How many passwords should we
expect to guess before it we likely discover a match? 50 billion That is impossible to know. 200 billion 190 billion 100 billion | back 99 100 billion |
front 100 Nonces are used in challenge-response authentication to generate the challenge. | back 100 True |
front 101 Key management comes down to two problems: 1. Ensure that the right people have the right crypto keys 2. Prevent the wrong people from uncovering any crypto keys | back 101 True |
front 102 Suppose I have a web server. What is the best defense against a Ping Flood attack? Block all incoming traffic from addresses you don't recognize. Spoof the attacker's IP address Use a firewall to block all incoming Ping messages. Quickly discard half-open connections. | back 102 Use a firewall to block all incoming Ping messages. |
front 103 Cookies are controversial because they allow an outside computer to place potentially malicious code onto your device. | back 103 False |
front 104 How is "end-to-end" encryption different from other types of network encryption? The users initiate the encrypting and decrypting themselves. It is the only type of network transmission where the message stays encrypted from start to finish. It is the only style of encryption where there is no specified encryption algorithm. It is the only style of encryption where there are multiple acceptable encryption algorithms. | back 104 The users initiate the encrypting and decrypting themselves. |
front 105 Suppose a scammer creates a fake web store and uses a misleading domain name, like "anazom.com" instead of "amazon.com". Would this trigger any browser warnings when the site is visited? If yes, what warning? Yes, "Expired certificate" warning No Yes, "Domain names don't match" warning Yes, "Misleading domain name" warning Yes, "Misleading syntax" warning Yes, "Tricked CA" warning Yes, "Bogus Certificate Authority" warning | back 105 No |
front 106 Suppose we go to a website and get the warning message "Revoked certificate." Which of the following would be the most appropriate assumption? This could be a legitimate website, but it is very difficult to verify. This is definitely NOT a scam. It is always just a bookkeeping error. It is possible that this is a scam, but it is probably ok. This is definitely a scam. | back 106 This is definitely a scam. |
front 107 How do we build a dual firewall topology? Place the two firewalls side-by-side. Place computers that need to be accessed from outside the network behind one firewall, and place all other computers behind the other firewall. Place one firewall behind the other. Place computers that need to be accessed from outside the network on the outside of those firewalls, and place all other computers behind the inner firewall. Place one firewall behind the other. Place computers that need to accessed from outside the network between the two firewalls, and place all other computers behind the inner firewall. Place one firewall behind the other. Place computers that need to be accessed from outside the network on the outside of those firewalls, and place all other computers between the firewalls. | back 107 Place one firewall behind the other. Place computers that need to accessed from outside the network between the two firewalls, and place all other computers behind the inner firewall. |
front 108 Internet email standards must define two things: 1. Formatting, or the layout of the email message 2. Protocols, or how clients and servers interact to deliver and retrieve mail | back 108 True |
front 109 Suppose we have a server that users outside our network will need to access. We can protect our vulnerable network computers by placing the server outside our outermost router to prevent risky traffic from getting inside our network. | back 109 False |
front 110 Suppose we try to log into a server and no database is ever checked. What type of authentication was performed? Indirect (service-based) Indirect (Ticket-based) Offline Local Direct Indirect (redirected) | back 110 Offline |
front 111 There is one protocol for retrieving mail, but multiple protocols for sending it. | back 111 False |
front 112 An example of a network subversion attack would be rerouting traffic to a compromised network so that it can be more easily intercepted. | back 112 True |
front 113 Suppose an attacker's computer intercepts network data intended for someone else. What type of attack is this? Masquerade Disclosure Denial of Service Subversion Forgery Physical Theft | back 113 Disclosure |
front 114 Configuring a firewall so it blocks World of Warcraft data is an example of what security control? Logical Mechanical Physical Cryptographic Functional Procedural | back 114 Logical |
front 115 Why is it generally a bad idea to attempt a DOS attack against a DNS root server? Many DNS requests can be resolved by cached addresses stored at the local DNS server. DNS root servers have a lot of redundancy, so if one server is taken out, another server can do the job. DNS root servers are vital to Internet traffic and are well protected against attacks, so it would require an incredibly dedicated attack to take one out. All of these | back 115 All of these |
front 116 We only need to worry about our POP if we have computers in our network (such as servers) that people outside our network will need to access. | back 116 True |
front 117 Suppose we sit down at a computer and use a program to log into a server across campus. The server looks at its own files to determine if we should have access. What type of authentication was performed? Indirect (service-based) Indirect (Ticket-based) Offline Local Direct Indirect (redirected) | back 117 Direct |
front 118 Unplugging a computer from the network when it isn't in use is an example of which security control? Logical Mechanical Physical Cryptographic Functional Procedural | back 118 Procedural |
front 119 Which is harder to protect from physical theft: computer hardware or network hardware? Network hardware because computer hardware is typically harder to acess. Network hardware because it is typically worth more on the black market. Computer hardware because it is typically worth more on the black market. Computer hardware because network hardware is typically harder to access. | back 119 Computer hardware because network hardware is typically harder to access. |
front 120 Suppose we attempt to connect to the wi-fi network at UAFS, and the building's wi-fi antenna contacts a computer in the Gardner building and asks it if you should be given access. What type of authentication was performed? Indirect (service-based) Indirect (Ticket-based) Offline Local Direct Indirect (redirected) | back 120 Indirect (service-based) |
front 121 What does it mean when it is said that an encryption technique is "application transparent"? The network handles the encryption instead of the application. The application does not know that the encryption is happening. The application is able to see all the inner workings of the encryption. The encryption technique is not tied to one application and can be used with many different applications. | back 121 The application does not know that the encryption is happening. |
front 122 When performing Link Layer encryption, the data must be decrypted before it leaves the local network. | back 122 True |
front 123 Suppose we go to a website and get the warning message "Untrusted certificate authority." Which of the following would be the most appropriate assumption? It is possible that this is a scam, but it is probably ok. This could be a legitimate website, but it is very difficult to verify. This is definitely NOT a scam. It is always just a bookkeeping error. This is definitely a scam. | back 123 This could be a legitimate website, but it is very difficult to verify. |
front 124 Network cryptography can provide which of the following protections? (Select all that apply.) Confidentiality Authenticity Integrity Nonrepudiation | back 124 Confidentiality Authenticity Integrity Nonrepudiation |
front 125 Using 192-bit AES is an example of which security control? Logical Mechanical Physical Cryptographic Functional Procedural | back 125 Cryptographic |
front 126 Which of the following key distribution techniques are never recommended? (Select all that apply.) Key wrapping Diffie-Hellman Key distribution center Manual keying New keys encrypted with old Self-rekeying | back 126 New keys encrypted with old Manual keying |
front 127 When would Socket Layer encryption be appropriate? When the user needs to make the decision whether or not to encrypt the data. When the method of transmitting data within this network is easy to
intercept. When a user wants to obscure the type of data from being detected by a router/firewall. | back 127 When users need secure connections to a website. |
front 128 Which of the following would help protect against a command injection attack? Use a firewall that filters out command injection packets. Do not allow any access to the database when users request webpages. When creating the database, turn off the "Command Injection" option for each table you wish to protect. Strip out special characters from user input. | back 128 Strip out special characters from user input. |
front 129 If your firewall implements "Deny by Default", then your last two filters should block every incoming and outgoing packet. | back 129 False |
front 130 In the United States, spam email is not illegal, but the activities in the email might be. | back 130 True |
front 131 What is a limitation with session filtering? Only works with UDP traffic Only works with TCP traffic Only works with email traffic Only works with IP traffic | back 131 Only works with TCP traffic |
front 132 Suppose we go to a website and get the warning message "Invalid digital signature." Which of the following would be the most appropriate assumption? This is definitely NOT a scam. It is always just a bookkeeping error. This could be a legitimate website, but it is very difficult to verify. This is definitely a scam. It is possible that this is a scam, but it is probably ok. | back 132 This is definitely a scam. |
front 133 Suppose I have the following firewall rules. We block access to doomscroll.com, but the boss demands that he have access to it. Where do we put the rule that allows him access? Between rules 2 and 3 Between rules 1 and 2 After rule 3 Before rule 1 | back 133 Before rule 1 |
front 134 Requiring employees to use strong passwords is an example of which security control? Logical Mechanical Physical Cryptographic Functional Procedural | back 134 Procedural |
front 135 What is the name given to a message that attempts to get a user to divulge sensitive information? scam phishing DOS spam | back 135 phishing |
front 136 IPSec leaves the link and transport headers in plaintext. | back 136 False |
front 137 When attackers exploit a network protocol, they are generally performing one of three attacks. Which of the following is NOT one of these attacks? Exploit one host's assets to attack a different victim host. Use up the victim host's resources directly. Masquerade as another host or user. Trick a user into divulging personal information. | back 137 Trick a user into divulging personal information. |
front 138 When would Link Layer encryption be appropriate? When users need secure connections to a website. When a user wants to obscure the type of data from being detected by a router/firewall. When the method of transmitting data within this network is easy to intercept. When the user needs to make the decision whether or not to encrypt the data. | back 138 When the method of transmitting data within this network is easy to intercept. |
front 139 With a Key Distribution Center, each user must keep a key for each other user, but the KDC handles the distribution of key updates. This makes the keys safe because it prevents users from making mistakes caused by manual re-keying. | back 139 False |
front 140 Which of the following statements are true regarding cache poisoning? (Select all that apply.) The results of the attack stick around for a couple of days. It can be part of an attack against DNS. The attacker pretends to be resolver and gives a false IP address. The effect lasts as long as the attacker continues to make the attack and ends as soon as the attack ends. The network packets used in the attack are directed towards the victim web servers. | back 140 The results of the attack stick around for a couple of days. It can be part of an attack against DNS. The attacker pretends to be resolver and gives a false IP address. |
front 141 Suppose we sit down at a computer and log directly into the computer in front of us. The computer looks at its own files to determine whether or not to give us access. What type of authentication was performed? Indirect (service-based) Indirect (Ticket-based) Offline Local Direct Indirect (redirected) | back 141 Local |
front 142 Suppose I have a web server. What is the best defense against a SYN Flood attack? Quickly discard half-open connections. Spoof the attacker's IP address. Block all incoming traffic from addresses you don't recognize. Use a firewall to block all incoming SYN messages. | back 142 Quickly discard half-open connections. |
front 143 Suppose we use a browser to visit a website to purchase a product. When we go to check out, we have to log into Paypal to authorize payment. What type of authentication was performed? Indirect (service-based) Indirect (Ticket-based) Offline Local Direct Indirect (redirected) | back 143 Indirect (redirected) |
front 144 Suppose Oscar eavesdrops on Bob's email and reads private information. This is considered a passive attack because Oscar didn't actually interfere with the communication. | back 144 True |
front 145 What is the most basic definition of Tunneling? Two endpoints use an existing protocol standard to carry different traffic. A host uses a VPN service to forward prohibited data to another host. A host uses a VPN to pretend to be a local host on another network. A host sends prohibited data to another host. | back 145 Two endpoints use an existing protocol standard to carry different traffic. |
front 146 The Smurf Attack is an example of which protocol attack strategy? Exploit one host's assets to attack a different victim host. Masquerade as another host or user. Use up the victim host's resources directly. None of these. | back 146 Exploit one host's assets to attack a different victim host. |
front 147 Suppose we go to a website and get the warning message "Expired certificate." Which of the following would be the most appropriate assumption? It is possible that this is a scam, but it is probably ok. This is definitely NOT a scam. It is always just a bookkeeping error. This is definitely a scam. This could be a legitimate website, but it is very difficult to verify. | back 147 It is possible that this is a scam, but it is probably ok. |
front 148 Essentially, what is a KDC? Public-key distribution Ticket-based authentication Public-key authentication Redirected authentication | back 148 Ticket-based authentication |
front 149 In a connection-based attack against email, what does the attacker try to accomplish? Sniff the contents of the account login attempt to learn the email login password Sniff the routing information to discover the path the email will take so that the email can be intercepted and possibly modified Perform a DOS attack to prevent the user's connection with the email server Sniff the contents of the email message to learn any confidential information contained in the email | back 149 Perform a DOS attack to prevent the user's connection with the email server |
front 150 Blocking traffic to and from NSFW websites is an example of which security control? Logical Mechanical Physical Cryptographic Functional Procedural | back 150 Logical |