1. __________ relies on lies and misrepresentation, which an attacker uses to trick an authorized user into providing information or access the attacker would not normally be entitled to.  Social engineering
2. A __________ is a software or hardware device that is used to observe traffic as it passes through a network on shared broadcast media.  network sniffer
3. A birthday attack is a type of logic bomb virus that releases its payload on some famous person’s birthday, such as Michelangelo.  False
4. a concept that complements the idea of various layers of security   Diversity of defense
5. A media access control address (MAC address) is a unique identifier assigned to a network interface controller (NIC) for use as a network address in communications within a network segment  MAC Address
6. A port number is a way to identify a specific computer to which an Internet or other network message is to be forwarded.  False
7. A protocol defines a number of agreed-upon parameters, such as the data compression method, the type of error checking to use, and mechanisms for systems to signal when they have finished either receiving or transmitting data.  True
8. A security professional must understand how the various TCP/IP protocols operate  True
9. another name for the boundary around a system where external inputs can interact with a system  attack surface
10. Another term for defense in depth is layered security.  True
11. are “dumb” devices that pass on anything received on one connection to all other connections  Hubs
12. are logical boundaries the surround specific levels of trust in a system  Trust boundaries
13. attempts to ensure that an individual is who they claim to be.  Authentication
14. Context-based signatures match a pattern of activity based on the other activity around it, such as a port scan  True
15. deals with the ability to verify that a message has been sent and received and that the sender can be identified and verified.  Nonrepudiation
16. deals with the generation and modification of data. Only authorized individuals should ever be able to create or change (or delete) information.  Integrity
17. Defense in depth   layered security
18. Deny access by default, and grant access only when explicit permission exists   Default deny
19. described as always using simple solutions when available
    Protection mechanism should be small and simple  Economy of mechanism
20. Encapsulation is the concept of separating items so that they cannot interfere with each other.  False
21. ensures that only those individuals who have the authority to view a piece of information may do so.  Confidentiality
22. ensures that people entering a vault have prior authorization  Access control
23. ensures that the data, or the system itself, is available for use when the authorized user wants it.  Availability
24. holds that the protection of an object should not rely upon secrecy of the protection mechanism itself   Open design
25.  Hostile activity that does not match an IDS signature and goes undetected is called a false positive.  False
26. Implicit deny applies to situations involving both authorization and access.  True
27. In a __________ attack, the attacker sends a spoofed packet to the broadcast address for a network, which distributes the packet to all systems on that network.  Smurf
28. In most security circles, security through obscurity is considered a good approach, especially if it is the only approach to security.  False
29. In the OSI reference model, the communications between a computing system are split into seven different abstraction layers:                Physical, Data Link, Network, Transport, Session, Presentation, and Application.
30. is a concept that when something fails, it should do so to a safe state   Fail-safe defaults
31. is a numerical label assigned to each device connected to a computer network that uses the ___ for communication  IP Address
32. is a principle that is characterized by the use of multiple, different defense mechanisms with a goal of improving the defensive response to an attack (2 factor authorization)  Defense in depth
33. is a router interface connected to the local network that sends packets out of the local network  GateWay
34. is a way to identify a specific process to which an Internet or other network message is to be forwarded when it arrives at a server. The range is from 0 to 65535  Port Number
35. is considered effective if the environment and protection mechanisms are confusing or thought to be not generally known  Security through obscurity
36. is having an understanding of how a party will react to a given stimulus   Trust
37. is the application of separation of privilege to the people side of the security function
    More than one people should be involved   Separation of duties
38. is when a higher-level protocol carries a lower level protocol the lower protocol is encapsulation in the data portion of the higher protocol   Encapsulation
39. Johnny receives a “new version” of the game Solitaire in an e-mail. After running the program, a backdoor is installed on his computer without his knowledge. What kind of an attack is this?  Trojan
40. Making data look like it has come from a different source is called __________.  Spoofing
41. means separating items so that they cannot interfere with each other  Isolation
42. Most networks are dominated by Ethernet and Internet Protocol  True
43.  Packet fragmentation is the splitting of a packet while in transit into two packets so that they can get past an MTU bottleneck.  True
44. Port Number for HTTP  80
45. Port Number for HTTPS  443
46. refers to the concept that each and every request should be verified   Complete mediation
47. refers to the users’ acceptance of security measures   Psychological acceptability
48. refers to whether a control can be verified to be functioning properly.   Auditability
49. RST gracefully terminates the connection and FIN abruptly tells the other side to stop communicating.  False
50. states that a protection mechanism should be constructed so that it uses more than one piece of information to make access decisions.  Separation of privilege
51. states that mechanisms used to access resources should be dedicated and not shared (VMs)  Least common mechanism
52. Subject (user, application, or process) should have only the necessary rights and privileges to perform its task with no additional permissions.   Least privilege
53. Switches are essentially small computers that perform a variety of intelligent tasks.  False
54. SYN flooding is an example of a _______  denial-of-service attack
55. TCP is a connectionless protocol.  False
56. The gateway address (or default gateway) is a switch interface connected to the local network that sends packets out of the local network.  False
57. The misuse detection IDS model is more difficult to implement than the anomaly detection model  false
58. The NIDS signature database is usually much larger than that of a host-based system   True
59. The ping of death is a type of man-in-the-middle attack    False
60. The term __________ refers to software that has been designed for some nefarious purpose.  Malware
61. Traffic that is encrypted will typically pass by an intrusion prevention system untouched.  True
62. UDP uses a three-way handshake to establish connections.  False
63. Using Transport Layer Security (TLS) is a guarantee of security.  False
64. What is a security issue with Common Gateway Interface (CGI)?  CGI scripts that are poorly written can cause unintended consequences at runtime.
65. What is an advantage of a host-based IDS?  It can reduce false-positive rates.
66. What is an advantage of a network-based IDS?  An IDS coverage requires fewer systems.
67. What is one difference between the misuse and anomaly IDS models?  Anomaly models require knowledge of normal activity, whereas misuse models do not.
68. What is one of the most fundamental principles in security?  Least privilege
69. What is the correct sequence of the three-way handshake?  SYN, SYN/ACK, ACK
70. What is the goal of TCP?   To send an unauthenticated, error-free stream of information between two computers.
71. What security design principle states that secrecy itself cannot be relied upon as a means of protection?  Open design
72. What term refers to a piece of code that sits dormant for a period of time until some event invokes its malicious payload?   Logic bomb
73. What type of software records and reports activities of the user (typically without their knowledge)?  Spyware
74. Which attack is the most common exploit used to hack into software?  Buffer overflow
75. Which attack works on both SSL and TLS by transparently converting the secure HTTPS connection into a plain HTTP connection, removing the transport layer encryption protections?  SSL stripping attack
76. Which component of an IDS examines the collected network traffic and compares it to known patterns of suspicious or malicious activity stored in the signature database?  Analysis engine
77. Which of the following is a valid IP address?  12.12.12.12
78. Which of the following is an example of a MAC address?  00:07:e9:c8:ff:00
79. Which protocol is used for the transfer of hyperlinked data over the Internet, from web servers to browsers?  HTTP
80. Which security concept uses the approach of protecting something by hiding it?  Security through obscurity
81. Which security principle is characterized by the use of multiple, different defense mechanisms with a goal of improving the defensive response to an attack?  Defense in depth
82. Which security principle is described as always using simple solutions when available?  Economy of mechanism
83. Which security principle refers to the concept that each and every request should be verified?  Complete mediation
84. Which security principle states that access should be based on more than one item?  Separation of privilege
85. Which security principle states that if you have not specifically been allowed access, then it should be denied?  Implicit deny
86. Which statement describes the main difference between TCP and UDP packets?  TCP packets are connection oriented, whereas UPD packets are connectionless.
87. Which statement describes the primary purpose of JavaScript?  The primary purpose of JavaScript is to enable features such as validation of forms before they are submitted to the server.
88. Which term defines a collection of predefined activity patterns that have already been identified and categorized—patterns that typically indicate suspicious or malicious activity?  Signature database
89. Which term is a means of signing an ActiveX control so that a user can judge trust based on the control’s creator?  Authenticode
90. Which term is used when separation of privilege is applied to people?  Separation of duties
91. Which term refers to a form of malware that is specifically designed to modify the operation of the operating system in some fashion to facilitate nonstandard functionality?  Rootkit
92. Which term refers to a repository of alarms that an IDS has recorded?   Alarm storage
93. Which term refers to making different layers of security dissimilar so that even if attackers know how to get through a system that comprises one layer, they may not know how to get through a different type of layer that employs a different system for security?  Diversity of defense
94. Which term refers to the invocation of conditions that fall outside the normal sequence of operation?  Exceptions
95. Which tool has been the de facto standard IDS engine since its creation in 1998?  Snort

Other Links:

Statistics Quiz

Networking Quiz

See other websites for quiz:

Check on QUIZLET

Check on CHEGG