lOMoARcPSD|11824774

Quiz-4 - QUIZ

Philosophy of Science (San José State University)

Studocu is not sponsored or endorsed by any college or university

 lOMoARcPSD|11824774

Business Data Networks and Security, 11e

(Panko) Chapter 4: Network Security

1) The Target attackers probably first broke into Target using the credentials of a(n) .
A) low-level Target employee
B) Target IT employee
C) Target security employee
D) employee in a firm outside Target

2) How did the Target attackers obtain the stolen information?

A) Directly from the POS terminals
B) From the vendor service server
C) From the POS software download server
D) none of the above.

3) The Target attackers sold stolen card information to .

A) crimeware shops
B) card shops
C) card counterfeiters
D) all of the above

4) Which of the following probably suffered the most financial damage from the Target breach?
A) Target
B) banks
C) consumers
D) retailers

5) Which of the following were able to recoup most of the money they lost from Target?
A) credit card companies
B) retailers
C) both A and B
D) neither A nor B

6) For consumers who suffered credit card fraud because of the Target breach and acted
quickly, which of the following is true?
A) They received no compensation.
B) They received compensation from Target.
C) The credit card companies did not charge them for fraudulent purchasers.
D) The United States Treasury compensated them from an insurance fund.

7) In thinking, the opponent is primarily an intelligent attacker.

A) networking
B) security
C) both A and B
D) neither A nor B
 lOMoARcPSD|11824774

8) The general term for evil software is .

A) virus
B) worm
C) malware
D) all of the above

9) is the most frequent type of company attack.

A) DoS
B) Hacking
C) Ransomware
D) Malware

10) is the general name for a security flaw in a program.

A) A virus
B) Malware
C) A security fault
D) A vulnerability

11) is a flaw in a program that permits a specific attack or set of attacks.

A) Malware
B) A security error
C) A vulnerability
D) A security fault

12) Users typically can eliminate a vulnerability in one of their programs by .

A) installing a patch
B) using an antivirus program
C) both A and B
D) neither A nor B

13) Vulnerability-based attacks that occur before a patch is available are called
attacks.
A) indefensible
B) stealth
C) malware
D) zero-day

14) What kind of attack is most likely to succeed against a system with no
technological vulnerabilities?
A) malware
B) social engineering
C) both A and B
D) neither A nor B

15) A spear phishing attack is usually aimed at .

 lOMoARcPSD|11824774

A) an individual
B) a group
C) everyone
D) all of the above

16) are full programs.

A) Viruses
B) Worms
C) both A and B
D) neither A nor B

17) Which of the following attach themselves to other programs?

A) viruses
B) worms
C) both A and B
D) neither A nor B

18) Viruses and worms propagate through .

A) social engineering
B) exploiting vulnerabilities
C) both A and B
D) neither A nor B

19) Which of the following sometimes uses direct propagation between computers?
A) viruses
B) worms
C) Trojan horses
D) downloaders

20) Which of the following can spread very rapidly?

A) directly-propagating viruses
B) directly-propagating worms
C) both A and B
D) neither A nor B

21) Malware programs that masquerade as system files are called .

A) viruses
B) scripts
C) root malware
D) Trojan horses

22) Trojan horses can spread by .

A) e-mailing themselves to victim computers
B) directly propagating to victim computers
C) both A and B
D) neither A nor B
 lOMoARcPSD|11824774

23) Pieces of code that are executed after the virus or worm has spread are called .
A) vulnerabilities
B) exploits
C) compromises
D) payloads

24) In a attack, the attacker encrypts some or all of the victim's hard drive.
A) virus
B) DoS
C) ransom
D) lock

25) is the general name for malware on a user's PC that collects sensitive information
and sends this information to an attacker.
A) A keystroke logger
B) Anti-privacy software
C) Spyware
D) Data mining software
Answer: C

26) is a program that can capture passwords as you enter them.

A) A keystroke logger
B) Data mining software
C) both A and B
D) neither A nor B

27) In which type of attack does the attacker gather extensive sensitive personal
information about its victim?
A) identity theft
B) credit card number theft
C) both A and B
D) neither A nor B

28) Which is more harmful to the victim?

A) identity theft
B) credit card number theft
C) both A and B are about equally harmful

29) Hacking is defined as using a computer resource without authorization or in excess of

authorization.
Answer: FALSE

30) Which of the following meets the definition of hacking?

A) to intentionally use a computer resource without authorization
 lOMoARcPSD|11824774

B) to intentionally use a computer on which you have an account but use it for
unauthorized purposes
C) both A and B
D) neither A nor B

31) If you see a username and password on a Post-It note that anyone can see on a monitor, is
it hacking if you use this information to log in?
A) yes
B) no
C) We cannot say from the information given.

32) You accidentally discover that you can get into other e-mail accounts after you have
logged in under your account and only spend a few minutes looking at another user's mail. Is
that hacking?
A) yes
B) no
C) We cannot say from the information given.

33) You click on a link expecting to go to a legitimate website but are directed to a website
that contains information you are not authorized to see. You exit without looking around. is
that hacking?
A) yes
B) no
C) We cannot say from the information given.

34) You are concerned with the security of a site you use and run a vulnerability test against
it. The test reveals a security threat. Is this hacking?
A) yes
B) no
C) We cannot say from the information given.

35) DoS attacks attempt to .

A) hack a computer
B) reduce the availability of a computer
C) steal information from a computer
D) delete files on a computer

36) In a DDoS attack, a sends messages directly to the victim.

A) botmaster
B) bot
C) command and control server
D) all of the above

37) Attack programs that can be remotely controlled by an attacker are .

A) bots
B) sock puppets
 lOMoARcPSD|11824774

C) both A and B
D) neither A nor B

38) In distributed DoS attacks, the attacker sends messages directly to .

A) bots
B) the intended victim of the DoS attack
C) a DOS server
D) none of the above

39) Which of the following can be upgraded after it is installed on a victim computer (choose
the most specific answer)?
A) Trojan horses
B) bots
C) viruses
D) worms

40) Advanced persistent threats are .

A) inexpensive for the attacker
B) extremely dangerous for the victim
C) both A and B
D) neither A nor B

41) attacks typically extend over a period of cis.

A) DDoS
B) Malware
C) APT
D) Spear phishing

42) Who mounts APTs today?

A) national governments
B) cybercriminals
C) both A and B
D) neither A nor B

43) What type of attacker are most attackers today?

A) disgruntled employees and ex-employees
B) career criminals
C) hackers motivated by a sense of power
D) cyberterrorists

44) attackers are often well-funded.

A) Disgruntled employee
B) Cybercriminal
C) both A and B
 lOMoARcPSD|11824774

D) neither A nor B

45) Employees often attack .

A) for revenge
B) for money
C) both A and B
D) neither A nor B

46) Why are employees especially dangerous?

A) They are technically sophisticated.
B) They are trusted.
C) both A and B
D) neither A nor B

47) Who are the most dangerous types of employees?

A) financial employees
B) manufacturing employees
C) IT security employees
D) former employees

48) In general, what should an employer do whenever an employee leaves the firm?
A) Their accounts should be disabled instantly
B) They should be given no prior notice that they are being released
C) both A and B
D) neither A nor B

49) In terms of security thinking, "insiders" include .

A) employees
B) many contractors working for the company
C) both A and B

50) Cyberwar attacks are made by .

A) major cybercriminal gangs
B) national governments
C) both A and B
D) neither A nor B

51) In general, what type of attackers do the most damage?

A) criminal attackers
B) hackers driven by curiosity
C) employees and ex-employees
D) national governments

52) Using encryption, you make it impossible for attackers to read your messages even if
they intercept them. This is .
 lOMoARcPSD|11824774

A) authentication
B) confidentiality
C) both A and B
D) neither A nor B

53) A specific encryption method is called a .

A) code
B) schema
C) key method
D) cipher

54) In encryption, what must be kept secret?

A) the cipher
B) the key
C) both A and B
D) neither A nor B

55) In most encryption, keys must be at least long to be considered safe.

A) 128 bits
B) 128 bytes
C) 1,280 bits
D) 1,280 bytes

56) Electronic signatures provide message-by-message .

A) authentication
B) confidentiality
C) both A and B
D) neither A nor B
 lOMoARcPSD|11824774

57) Electronic signatures also provide in addition to authentication.

A) message integrity
B) message encryption
C) both A and B
D) neither A nor B

58) Secured packets typically receive .

A) confidentiality
B) authentication
C) message integrity
D) all of the above

59) The messages of VPNs .

A) share the same transmission lines used by other VPNs
B) are encrypted
C) both A and B
D) neither A nor B

60) SSL/TLS is used for .

A) Web applications
B) almost all applications
C) both A and B
D) neither A nor B
 lOMoARcPSD|11824774

61) Using SSL/TLS for Web applications is attractive because SSL/TLS .

A) is essentially free to use
B) offers the strongest possible cryptographic protections
C) both A and B
D) neither A nor B

62) Requiring someone prove his or her identity is .

A) confidentiality
B) authentication
C) authorization
D) both B and C

63) In authentication, the is the party trying to prove his or her identity.
A) supplicant
B) verifier
C) true party
D) all of the above

64) In authentication, are the general name for proofs of identity.

A) credentials
B) authorizations
C) digital certificates
D) all of the above

65) The supplicant claims to be .

A) the true party
B) an impostor
C) either A or B
D) neither A nor B

66) The supplicant is .

A) the true party
B) an impostor
C) either A or B
D) neither A nor B

67) Authentication should generally be .

A) as strong as possible
B) appropriate for a specific resource
C) the same for all resources
D) different for every different resource
 lOMoARcPSD|11824774

68) Traditionally, we have told users that passwords .

A) should have a mix of characters (uppercase and lowercase letters, digits, other
keyboard characters)
B) should be easy to remember
C) both A and B
D) neither A nor B

69) For reusable passwords, NIST now recommends .

A) that passwords be easy to remember
B) that passwords should be changed monthly
C) both A and B
D) neither A nor B

70) For reusable passwords, NIST now recommends .

A) that passwords be easy to remember
B) that passwords be long phrases instead of being about 8-12 characters long
C) both A and B
D) neither A nor B

71) NIST guidelines for reusable passwords permit .

A) entirely lower-case passwords
B) the use of the same password at different sites
C) both A and B
D) neither A nor B

72) For sensitive assets, reusable passwords .

A) should be especially long
B) should contain a truly complex mixture of characters
C) should be difficult to remember
D) should not be used

73) Biometrics, and other new authentication methods, are being created with the goal of
getting rid of reusable passwords.
Answer: TRUE

74) Using bodily measurements for authentication is .

A) illegal
B) biometrics
C) mandatory for good security
D) all of the above

75) Fingerprint recognition is generally acceptable for .

A) laptops
B) corporate databases
C) resources involving private information about customers
 lOMoARcPSD|11824774

D) all of the above

76) Iris scanning is attractive because of its .

A) low cost
B) precision
C) both A and B
D) neither A nor B

77) Facial recognition is controversial because .

A) it can be fooled very easily
B) it can be used surreptitiously
C) both A and B
D) neither A nor B

78) In digital certificate authentication, the supplicant encrypts the challenge message with
.
A) the supplicant's private key
B) the verifier's private key
C) the true party's private key
D) none of the above

79) In digital certificate authentication, the verifier decrypts the challenge message with
.
A) the supplicant's private key
B) the true party's private key
C) the supplicant's public key
D) the true party's public key

80) In digital certificate authentication, the verifier gets the key it needs directly from the
.
A) supplicant
B) verifier
C) true party
D) certificate authority

81) The digital certificate provides the .

A) private key of the supplicant
B) private key of the true party
C) public key of the supplicant
D) none of the above

82) Which form of authentication depends on the supplicant proving that she knows
something only the true party should know?
A) reusable password authentication
 lOMoARcPSD|11824774

B) iris scanning
C) both A and B
D) neither A nor B

83) Digital certificate authentication fails if the supplicant .

A) is the true party
B) learns the true party's private key
C) learns the true party's public key
D) either B or C

84) A debit card is secure because it requires two credentials for authentication–the card itself
and a PIN. This is called .
A) segmentation
B) redundancy
C) two-factor authentication
D) none of the above

85) When a firewall identifies an attack packet, it .

A) discards the packet
B) copies information about the packet into a log file
C) both A and B
D) neither A nor B

86) A firewall will drop a packet if it .

A) is a definite attack packet
B) is a highly probable attack packet
C) both A and B
D) neither A nor B

87) Firewall log files should be read .

A) every month
B) every day
C) every week
D) usually only when a serious attack is suspected

88) Stateful packet inspection firewalls are attractive because of their .

A) low cost for a given traffic volume
B) ability to base rules on specific application programs
C) both A and B
D) neither A nor B

89) When a packet that is part of an ongoing connection arrives at a stateful inspection
firewall, the firewall usually .
A) drops the packet
B) drops the packet and notifies an administrator
C) passes the packet
 lOMoARcPSD|11824774

D) passes the packet, but notifies an administrator

90) When a packet that is not part of an ongoing connection and that does not attempt to open
a connection arrives at a stateful inspection firewall, the firewall .
A) drops the packet
B) passes the packet
C) opens a new connection
D) does not approve the connection

91) How will a stateful packet inspection (SPI) firewall handle a packet containing a
TCP segment that contains an acknowledgement?
A) process it through the Access Control List (ACL)
B) pass it if it is part of an approved connection
C) both A and B
D) neither A nor B

92) SPI firewalls are attractive because of their .

A) ability to do antivirus filtering
B) ability to filter complex application content
C) QoS guarantees
D) low cost

93) is the dominant firewall filtering method used on main border firewalls today.
A) ACL filtering
B) Application content filtering
C) Stateful packet inspection
D) NGFW

94) In SPI firewalls, ACLs are used for packets in the state.
A) connection-opening
B) ongoing communication
C) both A and B
D) neither A nor B

95) In an SPI firewall, all rules except the last will permit the connection. The last will
.
A) also permit the connection
B) deny the connection
C) either A or B
D) none of the above

96) SPI firewalls are being replaced in large part because they are limited in their ability to detect
.
A) NAT
B) piggybacking
C) port spoofing
 lOMoARcPSD|11824774

D) none of the above

97) Which type of firewall filtering collects streams of packets to analyze them as a group?
A) SPI
B) NGFW
C) both A and B
D) neither A nor B

98) Which type of firewall filtering looks at application-layer content?

A) stateful packet inspection
B) NGFW
C) both A and B
D) neither A nor B

99) NGFWs .
A) can implement different rules for different applications
B) base server decisions on port numbers
C) both A and B
D) neither A nor B

100) Which type of firewall is more expensive per packet handled?

A) SPI
B) NGFW
C) both A and B
D) neither A nor B

101) If a packet is highly suspicious but not a provable attack packet, an may drop it.
A) SPI firewall
B) IDS
C) NGFW
D) none of the above

102) Which of the following is the most frustrating to use?

A) IDSs
B) opaque filtering
C) SPI firewalls
D) NGFW firewalls

103) Compared to NGFWs, IDSs .

A) look for different threats
B) look for the same threats
C) look for the same threats but do so differently
D) none of the above
 lOMoARcPSD|11824774

104) look at , while mostly look at .

A) Antivirus programs; packets; firewalls; packets
B) Antivirus programs; files; firewalls; files
C) Antivirus programs; packets; firewalls; files
D) Antivirus programs; files; firewalls; packets

105) Antivirus programs are designed to detect .

A) viruses
B) worms
C) both A and B
D) neither A nor B

106) In antivirus filtering, the best ways to filter currently use .

A) application awareness
B) stateful inspection
C) signature detection
D) behavioral detection