CCIS2400 _Security Essentials_ by zhouwenjuan


									CCIS2400 (Security Essentials) Chapter 13 Study Guide

Multiple Choice
Identify the letter of the choice that best completes the statement or answers the question.

____    1. Digital evidence can be retrieved from which of the following devices?
           a. pagers                                         d. PDA’s
           b. cell phones                                    e. all of the above
           c. digital cameras
____    2. Today, _____ of corporate records are stored in digital format.
           a. 40%                                            c. 70%
           b. 60%                                            d. 90%
____    3. The _____ is an example of metadata.
           a. file name                                      c. file content
           b. file type                                      d. both a and b
____    4. If a hacker wants to scramble a message so that it cannot be viewed, what type of technology would they use?
           a. cryptography                                   c. forensics
           b. steganography                                  d. haliography
____    5. The _____ act of 2002 mandates that federal agencies must establish incidence response capabilities consistent
           with the guidelines and standards established by the National Institute of Standards and Technology (NIST).
           a. Sarbox                                         c. GLBA
           b. HIPAA                                          d. FISMA
____    6. ____ is/are not recorded in a file on the hard drive or an image backup and would be considered to be volatile
           a. Program executables                            c. User files
           b. Logon sessions                                 d. The directory structure
____    7. ____ can cause problems for mirror image software.
           a. Incompatible operating systems                 c. Bad sectors on a hard drive
           b. Antivirus applications                         d. Formatted hard drives
____    8. _____ page files are of interest to a computer forensics specialist because they normally store large amounts of
           information for long periods of time.
           a. Temporary                                      c. Sequential
           b. Historical                                     d. Permanent
____    9. Windows stores files on a hard drive or floppy disk in 512-byte blocks called _____.
           a. clusters                                       c. cylinders
           b. frames                                         d. sectors
____   10. After a computer crime has occurred, Jason’s forensic team take custody of computers, peripherals, and media
           that have been used to commit the crime. Which step has the forensic team executed?
           a. Securing the crime scene                       c. Establishing the chain of custody
           b. Preserving the data                            d. Examining for evidence
____ 11. In 2003, a _____ vulnerability was exposed by the Sasser worm.
         a. Internet Explorer                             c. Windows networking
         b. Microsoft Outlook                             d. SQL server
____ 12. Isolation tools can be used to inspect systems for _____.
         a. active firewalls                              c. the latest antivirus signatures
         b. secure configuration settings                 d. all of the above
____ 13. The Trusted Platform Model uses a(n) _____ to provide a higher level of security in computer hardware.
         a. cryptographic coprocessor                     c. cryptographic microprocessor
         b. secure RAM subsystem                          d. encrypted disk subsystem
____ 14. An average users networked computer makes less than _____ network connections per second.
         a. 2                                             c. 10
         b. 5                                             d. 50
____ 15. A(n) _____ is an essential tool on all networks and is often used to provide the first layer of defense.
         a. router                                        c. firewall
         b. proxy server                                  d. intrusion detection system
____ 16. _____ is included as part of advanced forensic examinations.
         a. Analyzing Web-related e-mail                  c. Data recovery from encrypted files
         b. Managing personnel                            d. Network protocol functions
____ 17. Which of these is NOT a reason that computer forensics is important?
         a. Large amount of digital evidence              c. Higher level of computer skills by
         b. Increased scrutiny by legal profession        d. High turnover in IT staffing
____ 18. Which of these is NOT a challenge facing computer forensic investigators?
         a. Low cost of evidence                          c. Distribution of evidence
         b. Volume of electronic evidence                 d. Dynamic content of electronic evidence
____ 19. _______________ contains information about files, but can result in false leads.
         a. Metadata                                      c. Macrodata
         b. Microdata                                     d. Sumdata
____ 20. _______________ attempts to hide the existence of data.
         a. Cryptography                                  c. Steganography
         b. Decryption                                    d. HDR
____ 21. The first step a forensics-response team performs is to ________________________.
         a. Secure the crime scene                        c. Use the OS to copy the drive to a CD
         b. Make a bitmap image of the hard drive         d. Move the computer to a secure location

CCIS2400 (Security Essentials) Chapter 12 Study Guide

Multiple Choice
Identify the letter of the choice that best completes the statement or answers the question.

____    1. The _____ Act protects information financial institutions collect about customers.
           a. The Health Insurance Portability and Accountability
           b. Gramm-Leach-Bliley
           c. Sarbanes-Oxley
           d. Federal Security
____    2. Identity management can be used for _____.
           a. users                                       d. both a and b
            b. computers that share data                   e. a, b, and c
            c. cellular phones
____   3.   XYZ Corp is implementing an identity management system.which requires strong passwords. The password
            _____ would qualify for use at XYZ Corp.
            a. telephoto                                   c. HG*f675&5WScrd
            b. a87$sa                                      d. HowaRdstREeT
____   4.   The centralized approach to managing responsibility _____ than the decentralized approach.
            a. increases costs more                        c. is more flexible
            b. takes longer to make changes                d. is more accepted
____   5.   Privileges can be assigned by the _____.
            a. location of the user                        c. time the user is logged on
            b. role the user assumes                       d. actions the user performs
____   6.   What is the name of the Windows account that provides the highest level of privileges?
            a. supervisor                                  c. administrator
            b. admin                                       d. superuser
____   7.   Linux uses the range _____ for UID numbers.
            a. 0-99                                        c. 0-32065
            b. 0-4096                                      d. 0-65535
____   8.   The _____ model of access control poses risks that incorrect permissions may be granted to a subject who should
            not have them.
            a. Discretionary Access Control                c. Role Based Access Control
            b. Mandatory Access Control                    d. User Based Access Control
____   9.   David Brown, the network administrator is concerned that several of the user accounts for employees in the
            marketing department have been set up incorrectly and have unrestricted access to all employee financial records
            on the accounting server. What type of audit should he perform to determine if his suspicions are correct?
            a. user                                        c. escalation
            b. privilege                                   d. security
____ 10.    Without proper _____, a future change may negate or diminish a previous change or open a security vulnerability.
            a. structure                                   c. documentation
            b. auditing                                    d. procedure
____ 11. On a Change Request Form, the _____ is a table of predefined categories that reflects the probability of failure
         and the ease of change reversal.
         a. Risk category                                  c. Failure category
         b. Impact category                                d. Change component
____ 12. The Management checklist on the change request is a list of indicators showing that conditions normally required
         for change approval such as a _____ plan, have been met.
         a. test                                           d. both a and b
         b. backout                                        e. a, b, and c
         c. training
____ 13. What are the two major types of security changes that need to be properly documented?
         a. changes in user privileges, classification
         b. system architecture, classification
         c. system architecture, changes in security personnel
         d. changes in user privileges, changes in security personnel
____ 14. _____-based DRM is proprietary and cannot be easily transferred between applications.
         a. Server                                         c. File
         b. Application                                    d. Media
____ 15. Shayla a professional photographer wants to use digital rights management to protect her digital photographs on
         her web site. What type of DRM could she use to trace illegal copies of her pictures?
         a. Activation codes                               c. Physical copy protection
         b. Software keys                                  d. Digital watermarks
____ 16. The _____ generation is self-reliant, distrustful of institutions and adaptive to technology.
         a. baby boomer                                    c. generation X
         b. traditionalist                                 d. millennial
____ 17. Which of these is NOT a problem associated with users identifying and authenticating themselves using multiple
         a. Regulatory legislation                         c. E-commerce bottlenecks
         b. Weak password creation                         d. Underworked support-staff
____ 18. ________________ allows a user’s singly-authenticated ID to be shared across multiple networks.
         a. Identity management                            c. Privilege management
         b. Password Sharing Protocol (PSP)                d. Change management
____ 19. Which of these is NOT a a key element of identity management?
         a. Single sign-on                                 c. Password resets
         b. Password synchronization                       d. RC4 hashing
____ 20. Privilege management organizational structures can be _____________________.
         a. Centralized or de-centralized                  c. Internet-based or client-based
         b. Corporate or private                           d. Secure or not secure

CCIS2400 (Security Essentials) Chapter 10 Study Guide

Multiple Choice
Identify the letter of the choice that best completes the statement or answers the question.

____    1. Daniel, the network administrator of Global Corporation, wants to apply access control privileges to all users on
           his network. He should use _____ Access Control to do this.
           a. Mandatory                                   c. Secure
           b. Position Based                              d. Entry Level
____    2. George wants to implement biometric security devices in the corporate office. He wants to use the most common
           technology in the industry so that he will be able to get the most support. Which type of scanner should he
           a. iris                                           c. hand
           b. retina                                         d. fingerprint
____    3. The 802.11b signal is rated to reach as far as _____ feet.
           a. 125                                            c. 515
           b. 375                                            d. 650
____    4. Most radio frequency WLANs are limited to _____ milliwatts or less.
           a. 30                                             c. 100
           b. 70                                             d. 250
____    5. _____ occurs when a strong signal on one wire of a network cable is picked up by an adjacent wire.
           a. Radio frequency interference                   c. Attenuation
           b. Electromagnetic interference                   d. Near end crosstalk
____    6. _____ cages are often used for testing in electronic labs where stray EMI fields must be kept out.
           a. Faraday                                        c. Einstein
           b. Newton                                         d. Thompson
____    7. In early summer, a fire occurred in the electrical room of one of XYZ Corporation’s newly constructed satellite
           offices. Investigators determined that the source of the fire was faulty electrical wiring. What class of fire was
           a. Class A                                        c. Class C
           b. Class B                                        d. Class D
____    8. Typical fuel sources for a Class B fire are _____.
           a. wood, paper, and textiles                      c. live or energized electric wires
           b. magnesium, titanium, and potassium             d. oil, solvents, paints, and grease
____    9. A _____ clean agent system should be used in areas of high voltage and electronics.
           a. dry pipe                                       c. high pressure carbon dioxide
           b. dry chemical                                   d. FE-13
____   10. Which of the following functions can be performed by a UPS?
           a. It can prevent any new users from logging on
           b. It can disconnect users and shut down the server
           c. It can serve as a surge protector
           d. both a and b
           e. a, b, and c
____ 11. Val decides to implement RAID on her database server. She only has two hard disks available and wants to
         ensure that she has data redundancy. What level of RAID should she implement?
         a. 0                                             c. 2
         b. 1                                             d. 5
____ 12. RAID _____ can improve the performance of a server by independently reading data from the different drives,
         which makes it the most efficient of any RAID technology.
         a. 1                                             c. 3
         b. 2                                             d. 5
____ 13. The primary utility that a business continuity plan should address is _____ service.
         a. phone                                         c. electrical
         b. water                                         d. gas
____ 14. RAID _____ is configured as a level 0 striped array, but each segment is a RAID 3 array.
         a. 10                                            c. 74
         b. 53                                            d. 100
____ 15. In a _____ backup, the archive bit is cleared.
         a. full                                          d. both a and b
         b. incremental                                   e. both b and c
         c. differential
____ 16. Rennie has just completed writing the purpose and scope unit of his disaster recovery plan. Which of the
         following topics should he have included?
         a. Systems and operations
         b. General procedures
         c. Types of computer service disruptions
         d. Use of alternate sites
____ 17. Which of these is a goal of physical security>
         a. Preventing unauthorized users from            c. Creating a disaster recovery plan
             vandalizing equipment
         b. Using a redundant-array of ISA drives         d. Configuring packet filters
____ 18. Which of these is NOT a context in which access-control is used?
         a. Developing an infrastructure for fire         c. Configuring an OS to enforce controls
         b. Developing rules on a network device to d. Restricting a user to accessing on the
             permit or deny packets                            essential resources necessary for his/her
____ 19. Which of these should NOT be removed or disabled in a file server?
         a. RAID                                          c. Parallel ports
         b. USB ports                                     d. Floppy drives
____ 20. A(n) _______________ lock is the least secure type of door lock.
         a. Preset                                        c. Cipher
         b. Deadbolt                                      d. Fob
____ 21. Which of these does NOT need to be addressed when hardening the physical security of a building?
         a. Exposed door hinges                           c. Suspended ceilings
         b. HVAC ductwork                                 d. Shag carpeting

CCIS2400 (Security Essentials) Chapter 11 Study Guide

Multiple Choice
Identify the letter of the choice that best completes the statement or answers the question.

____    1. A _____ policy is a critical element in information security.
           a. asset                                         c. risk
           b. security                                      d. threat
____    2. XYZ Corp recently released a new version of their Web-based inventory management software. Unfortunately a
           bug in their code was discovered that would allow an attacker to take full control of the host Web server. In
           information security this is considered to be a(n) _____.
           a. flaw                                          c. vulnerability
           b. exploit                                       d. weakness
____    3. In information security, sending a worm to an unprotected computer is an example of a(n) _____.
           a. exploit                                       c. threat agent
           b. vulnerability                                 d. threat
____    4. _____ assets include buildings, automobiles, and other noncomputer equipment.
           a. hardware                                      c. physical
           b. fixed                                         d. structured
____    5. A server _____ is a group of networked servers housed in one location.
           a. cluster                                       c. warehouse
           b. datacenter                                    d. farm
____    6. When a spy steals a production schedule it is an example of _____.
           a. sabotage or vandalism                         c. espionage
           b. extortion                                     d. theft
____    7. When a program does not function under new version of operating system it is categorized as a _____.
           a. software failure                              c. compromise of intellectual property
           b. technical obsolescence                        d. utility interruption
____    8. Reg was recently hired as a security consultant for XYZ Corp. He wants to compare the company’s assets against
           a database of known vulnerabilities and produce a discovery report that exposes a vulnerability and assesses its
           severity. He needs to use a vulnerability _____ to do this job.
           a. monitor                                       c. scanner
           b. tracker                                       d. sniffer
____    9. The theft of a mouse on a client computer would rank as a _____ vulnerability.
           a. small impact                                  c. catastrophic
           b. significant                                   d. no impact
____   10. The theft of the latest product research and development data could be considered as a _____ vulnerability.
           a. small impact                                  c. significant
           b. major                                         d. catastrophic
____ 11. If Amanda purchases additional car insurance to let the insurance company absorb the loss and pay her if her car
         stereo is stolen, she has _____ the risk.
         a. accepted                                       c. transferred
         b. diminished                                     d. eliminated
____ 12. _____ are typically concerned about cost of security protection for attacks that may not materialize
         a. Users                                          c. Systems support personnel
         b. Management personnel                           d. All of the above
____ 13. The model of _____ is mostly found in high-level security government organizations.
         a. trusting everyone all of the time
         b. trusting no one at any time
         c. trusting some people some of the time
         d. trusting most people most of the time
____ 14. There are certain things that a security policy should do and certain things a security policy must do. Which of
         the following answers properly complete the following sentence? A security policy should _____.
         a. state reasons why the policy is necessary
         b. outline how violations will be handled
         c. balance protection with productivity
         d. both a and b
         e. a, b, and c
____ 15. The policy design team should have a _____ as a member.
         a. senior level administrator                     d. both a and b
         b. member of the legal staff                      e. a, b, and c
         c. representative from the user community
____ 16. The following statement is an example of _____ in a security policy: “Operators should not be able to make
         changes to production applications or system software libraries, and database changes should be administered by
         database administration personnel only.”
         a. due care                                       c. need to know
         b. separation of duties                           d. acceptable use
____ 17. A(n) _______________ is a weakness that allows a threat agent to bypass security.
         a. Vulnerability                                  c. Rist
         b. Exploit                                        d. Mitigation
____ 18. The _______________ defines the overall process involved with the developing a security policy.
         a. Security policy cycle                          c. Monitoring scope
         b. Risk identification cycle                      d. Evaluation cycle
____ 19. Which of these is NOT a step of risk identification?
         a. Inventory the assets                           c. Determine what threates exist against the
         b. Decide what to do about the risks              d. Write the security policy
____ 20. Which of these is NOT an asset?
         a. Data                                           c. Software
         b. Buildings                                      d. Loans
____ 21. Which of these is NOT an attribute that should be compiled for all hardware when performing an asset
         a. The name of the equipment                      c. MAC and IP addresses
         b. The manufacturer’s serial number               d. Cost

CCIS2400 (Security Essentials) Chapter 9 Study Guide
Multiple Choice
Identify the letter of the choice that best completes the statement or answers the question.

____    1. If Bob is using symmetric key encryption and wants to securely communicate with 20 other users, how many
           secret keys must he keep and manage?
           a. 1                                              c. 10
           b. 5                                              d. 20
____    2. Asymmetric algorithms can greatly improve cryptography _____.
           a. security                                       c. flexibility
           b. convenience                                    d. all of the above
____    3. When using digital signatures, what key does the receiver use to decrypt the digital signature?
           a. the sender’s private key                       c. the receiver’s private key
           b. the sender’s public key                        d. the receiver’s public key
____    4. What is the simplest method for a CA to identify the owner of a public key listed in a digital certificate?
           a. a visit to the CA office                       c. e-mail address
           b. fingerprint                                    d. home address
____    5. Garret wants to check the certificate status for users on his network. Where should he access this information?
           a. Certificate Directory                          c. Certificate Repository
           b. Restricted Certificate List                    d. Certificate Revocation List
____    6. The _____ PKCS standard outlines the syntax of a request format for a certificate request.
           a. PKCS #2                                        c. PKCS #8
           b. PKCS #4                                        d. PKCS #10
____    7. Alice is concerned that her company’s employees are being victimized by man-in-the-middle attacks. What
           should she implement on the network to ensure that this won’t happen?
           a. digital signatures                             c. digital certificates
           b. asymmetric cryptography                        d. symmetric cryptography
____    8. Currently, PKCS is composed of _____ standards
           a. 10                                             c. 14
           b. 12                                             d. 15
____    9. Windows Server 2003 supports PKCS #_____.
           a. 3                                              c. 10
           b. 7                                              d. 15
____   10. In the _____ trust model, the primary or root certificate authority issues and signs the certificates for CAs below
           a. hierarchical                                   c. third-party
           b. single-point                                   d. web of trust
____ 11. Server certificates can be issued from a _____ server to ensure a secure transmission.
         a. Web                                             c. mail
         b. FTP                                             d. all of the above
____ 12. David is notified that one of the senior employees at XYZ Corporation is taking a leave of absence for six months.
         What status should he set on this user’s certificate?
         a. revoked                                         c. expired
         b. suspended                                       d. destroyed
____ 13. In key _____, the private key is actually split, and each half is encrypted.
         a. expiration                                      c. escrow
         b. recovery                                        d. renewal
____ 14. By default, most keys in a PKI system expire after _____ months of use.
         a. two                                             c. four
         b. three                                           d. six
____ 15. The M-of-N control technique is used for _____ of certificates.
         a. revocation                                      c. suspension
         b. recovery                                        d. destruction
____ 16. The _____ key handling procedure makes keys vulnerable to theft or misuse.
         a. expiration                                      c. suspension
         b. renewal                                         d. recovery
____ 17. ____________ cryptography uses one key to both encrypt and decrypt.
         a. symmetric                                       c. PIK
         b. asymmetric                                      d. DKH
____ 18. The primary weakness of symmetric cryptography is _________________________.
         a. key management                                  c. CPU speed
         b. RAM requirements                                d. HDD space
____ 19. A ____________ is a shorter version of the message itself that is created by the contents of the message and the
         sender’s private key.
         a. hash algorithm                                  c. digital certificate
         b. certificate authority                           d. digital signature
____ 20. Revoked digital certificates are listed in a(n) _____________________.
         a. CRL                                             c. 509.X
         b. CARA                                            d. PKCF
____ 21. A subordinate certification authority server is known as a ____________ server.
         a. RA                                              c. CES
         b. CA Proxy                                        d. DCA-DAP

CCIS2400 (Security Essentials) Chapter 8 Study Guide

Multiple Choice
Identify the letter of the choice that best completes the statement or answers the question.

____    1. _____ is the science of transforming information so that it is secure while it is being transmitted or stored.
           a. Steganography                               c. Encryption
           b. Cryptography                                d. Ciphering
____    2. The process of encrypting and decrypting information is based on a mathematical procedure called a(n) _____.
           a. cipher                                      c. algorithm
           b. key                                         d. hash
____    3. When only trusted users are provided with a cipher and a key to decrypt ciphertext _____ is achieved.
           a. confidentiality                              c. integrity
           b. authentication                               d. access control
____    4. _____ restricts availability to information.
           a. Confidentiality                              c. Nonrepudiation
           b. Integrity                                    d. Access control
____    5. The TCP/IP protocol Simple Network Management Protocol (SNMP) version 2 uses the _____ hash algorithm.
           a. MD4                                          c. SHA
           b. MD5                                          d. DES
____    6. Symmetric encryption is also called _____ key cryptography.
           a. private                                      c. unique
           b. public                                       d. session
____    7. A _____ substitution cipher maps a single plaintext character to multiple ciphertext characters.
           a. monoalphabetic                               c. homoalphabetic
           b. Single Column                                d. Double Columnar
____    8. DES encrypts 64-bit plaintext by executing the algorithm _____ times.
           a. 4                                            c. 12
           b. 8                                            d. 16
____    9. How many key sizes does RC6 have?
           a. 1                                            c. 3
           b. 2                                            d. 4
____   10. A _____ key is used in public key cryptography.
           a. public                                       c. secret
           b. private                                      d. both a and b
____ 11. The maximum length of a key in most versions of asymmetric algorithms is 16,638 bits, or _____ characters.
         a. 1280                                         c. 2080
         b. 1536                                         d. 3624
____ 12. The _____ asymmetric algorithm is slower than all other algorithms.
         a. RSA                                          c. Elliptic curve cryptography
         b. Diffie-Hellman                               d. DES
____ 13. A _____ is an encrypted hash of a message that is transmitted along with the message.
         a. message digest                               c. cipher
         b. digital signature                            d. hash algorithm
____ 14. Confidentiality can be implemented through _____.
         a. Symmetric cryptography and asymmetric cryptography
         b. Asymmetric cryptography and hashing
         c. Hashing and digital signatures
         d. Symmetric cryptography and hashing
____ 15. EFS uses asymmetric cryptography and a per-_____ encryption key to encrypt and decrypt data.
         a. user                                         c. volume
         b. folder                                       d. file
____ 16. What is the name of the Windows 2003 Server command liine utility that can be used to encrypt and decrypt
         a. EFS.exe                                      c. Crypto.exe
         b. Cipher.exe                                   d. Secure.exe
____ 17. Which of these is NOT a protection provided by cryptography?
         a. confidentiality                              c. integrity
         b. speed                                        d. authentication
____ 18. A(n) _______________ is never intended to be decrypted but is only used for comparison purposes.
         a. hash                                         c. algorithm
         b. key                                          d. PAM
____ 19. Which of this is NOT an example of how hashing is used?
         a. bank ATM machine                             c. determining the integrity of a message
         b. authenticating UNIX/Linux passwords          d. encrypting/decrypting e-mail
____ 20. Which of these is NOT a characteristic of a secure hash?
         a. collisions should be rare                    c. the results of a hash function should not be
         b. a message cannot be produced from a          d. the hash should always be the same fixed
              predefined hash                                size
____ 21. The data added to a scetion of text when using the MD algorithm is called _____________.
         a. filler                                       c. padding
         b. extender                                     d. byte code

CCIS2400 (Security Essentials) Chapter 7 Study Guide

Multiple Choice
Identify the letter of the choice that best completes the statement or answers the question.

____    1. Until the development of the World Wide Web and _____ the Internet was primarily used for transferring files
           from one device to another.
           a. FTP                                      c. HTML
            b. HTTP                                           d. NNTP
____   2.   Jasson wants to ensure that all files being accessed from his FTP site are encrypted during transmission. What
            should he use to provide this level of security?
            a. SSL                                            c. DES
            b. FTPS                                           d. TLS
____   3.   The main reason that tunneling is used today is to _____.
            a. allow networks based on different protocols to communicate
            b. provide high speed connections
            c. provide security
            d. reduce the number of protocols needed to communicate
____   4.   Which of the following attributes can be locked down by remote access policies?
            a. Called-Station-ID                              d. Both a and b
            b. Caller-Station-ID                              e. a, b, and c
            c. Client-IP-Address
____   5.   George works for an ISP and needs to configure an NAS to support PPTP. What port does he need to open
            tunneling to function properly?
            a. 423                                            c. 1701
            b. 1024                                           d. 1723
____   6.   In the 802.1x protocol, the authentication server is typically a _____ server.
            a. RADIUS                                         c. SSH
            b. TACACS                                         d. NAS
____   7.   Secure Sockets Layer (SSL)/Transport Layer Security (TLS) operate at the _____ layer.
            a. Transport                                      c. Application
            b. Session                                        d. Network
____   8.   IPSec _____ mode encrypts only the data portion (payload) of each packet, yet leaves the header unencrypted.
            a. tunnel                                         c. transport
            b. secure                                         d. standard
____   9.   An endpoint can be software on a local computer, a dedicated hardware device such as a VPN _____ which
            aggregates hundreds or thousands of multiple connections together, or even a firewall.
            a. demultiplexor                                  c. multiplexor
            b. concentrator                                   d. sequencer
____ 10.    _____ makes it possible for almost any application running on virtually any computer platform to obtain directory
            information, such as e-mail addresses and keys.
            a. X.500                                          c. DCE
            b. DAP                                            d. LDAP
____ 11. A WAP cell phone runs a tiny browser program called a microbrowser that uses _____ instead of HTML.
         a. WML                                           c. WTML
         b. WHML                                          d. WTTP
____ 12. The _____ standard defines a LAN that provides cable-free data access at a rate up to 2 Mbps for clients that are
         either mobile or in a fixed location.
         a. 802.6                                         c. 802.11b
         b. 802.11                                        d. 802.15
____ 13. A security vulnerability of SSID _____ is that it also provides the SSID to unauthorized users who pick up the
         a. broadcasting                                  c. beaconing
         b. relaying                                      d. flooding
____ 14. _____ is an optional configuration for WLANs that encrypts packets during transmission to prevent attackers
         from viewing their contents.
         a. WEP                                           c. WOL
         b. WTLS                                          d. WSecure
____ 15. A serious vulnerability in WEP is that the _____ is not properly implemented.
         a. interrupt vector                              c. encryption
         b. CRC                                           d. initialization vector
____ 16. Wi-Fi _____ Access is a secure WLAN solution crafted by the WECA in late 2002 as an interim solution until a
         permanent wireless security standard could be implemented.
         a. Protected                                     c. Restricted
         b. Secured                                       d. Controlled
____ 17. Which of these cannot be used to access files on an FTP server?
         a. web browser                                   c. command line
         b. FTP client                                    d. LPTP server
____ 18. Another name for anonymous FTP is __________________ FTP.
         a. blind                                         c. freenet
         b. free-user                                     d. unannounced
____ 19. The most widely-deployed tunneling protocol is __________________.
         a. L2TP                                          c. PPP
         b. RADIUS                                        d. PPTP
____ 20. Which of these is NOT an authentication technology?
         a. IEEE 802.11b                                  c. TACACS+
         b. RADIUS                                        d. IEEE 802.1x

CCIS2400 (Security Essentials) Chapter 6 Study Guide

Multiple Choice
Identify the letter of the choice that best completes the statement or answers the question.

____    1. Why is software so prone to attack?
           a. because of the number of tasks that software must perform
           b. extensibility
           c. connectivity
           d. all of the above
____    2. Developer Ray Tomlinson sent the first e-mail message in _____.
           a. 1967                                        c. 1974
            b. 1971                                         d. 1980
____   3.   According to Jupiter Research, currently, the average user in an organization receives 81 e-mails and sends _____
            e-mail messages daily.
            a. 15                                           c. 30
            b. 20                                           d. 81
____   4.   After _____ days, most sendmail configurations stop attempting to send a message that is having problems
            reaching its destination.
            a. 3                                            c. 5
            b. 4                                            d. 6
____   5.   What is the most current version of Internet Mail Access Protocol?
            a. IMAP1                                        c. IMAP3
            b. IMAP2                                        d. IMAP4
____   6.   The typical process for converting nontext documents into a text format is for three bytes from the binary file to
            be extracted and converted to _____ text characters.
            a. two                                          c. twelve
            b. four                                         d. sixteen
____   7.   The _____ worm, used a known security hole in Microsoft Outlook and Internet Explorer to insert a script file
            into the Windows operating system.
            a. VBS.BubbleBoy                                c. W32.Klez
            b. Nimda                                        d. Code Red
____   8.   A file with the _____ extension is a Microsoft Access project.
            a. .bat                                         c. .usf
            b. .mde                                         d. .ade
____   9.   Based on the CAN-SPAM law, which of the following types of e-mail is legal?
            a. Sending e-mail to addresses that have been harvested from Web sites or randomly
            b. Sending sexually oriented e-mail without an identifying subject line
            c. Unsolicited commercial e-mail that contains accurate contact information for the sender
            d. Fraudulent or deceptive subject lines, headers, or e-mail addresses
____ 10.    Adrian, the network administrator for M-Tel wants to ensure that all e-mail sent within his organization are
            protected as they are being transported. What encryption schemes can he use to do this?
            a. PGP                                          d. both a and b
            b. S/MIME                                       e. a, b, and c
            c. Kerberos
____ 11. What S/MIME feature uses digital signatures to determine whether a message was altered after it was sent?
         a. Interoperability                             c. Tamper detection
         b. Message privacy                              d. Seamless integration
____ 12. PGP uses a _____ to encrypt the private key on the local computer.
         a. random hash                                  c. password
         b. passphrase                                   d. session key
____ 13. _____ are often examined by law enforcement personnel when they are attempting to identify the Web sites that a
         criminal suspect has been viewing.
         a. Scripts                                      c. Cookies
         b. Java applets                                 d. Log files
____ 14. CGI security can be enhanced by _____.
         a. properly configuring CGI
         b. disabling any CGI scripts or programs that are unnecessary
         c. checking program code that uses CGI for any vulnerabilities
         d. all of the above
____ 15. _____ is a protocol that guarantees privacy and data integrity between applications communicating over the
         a. SSL                                          c. TLS
         b. PCT                                          d. HTTPS
____ 16. HTTPS uses port _____ instead of port 80, as with HTTP.
         a. 23                                           c. 110
         b. 25                                           d. 443
____ 17. Which of these is NOT a reason that software is susceptible to attack?
         a. cot                                          c. extensibility
         b. length & complexity                          d. connectivity
____ 18. Which protocol handles outgoing e-mail?
         a. SMTP                                         c. IMAP
         b. POP                                          d. S/MIME
____ 19. Which of these attacks cannot be launched using e-mail?
         a. man-in-the-middle                            c. worm
         b. virus                                        d. trojan horse
____ 20. Which of these protocol cannot be used to concrypt Internet traffic?
         a. SSL                                          c. FORTEZZA
         b. PCT                                          d. CGI

CCIS2400 (Security Essentials) Chapter 5 Study Guide

Multiple Choice
Identify the letter of the choice that best completes the statement or answers the question.

____    1. _____ cables have typically been used in cable plants.
           a. fiber-optic                                 c. twisted-pair
           b. coaxial                                     d. all of the above
____    2. Category _____ cable was the first cable designed for data use.
           a. 1                                           c. 4
           b. 3                                           d. 5
____    3. _____ fiber-optic cables are often used for long-distance telephone service, where the light can be transmitted up
           to 50 miles before it must be repeated.
           a. Single-mode                                    c. Transmission-mode
           b. Multimode                                      d. Dual-mode
____    4. What is the typical size of fiber-optic cable used for LANs?
           a. 50/125                                         c. 100/140
           b. 62.5/125                                       d. 82.5/150
____    5. PC Cards Type II Memory Card are typically used in _____.
           a. Portable printers                              c. Solid-state notebook hard drives
           b. Digital cameras                                d. Video games
____    6. A _____ is responsible for holding the files and managing the processes that provide resources to network users.
           a. workstation                                    c. terminal
           b. server                                         d. storage area network
____    7. A _____ is a common attack used against a router.
           a. DoS                                            d. both a and b
           b. man-in-the-middle                              e. a, b, and c
           c. hijacking
____    8. More attackers gain access to the internal cable plant through _____ than any other method.
           a. impersonation attacks                          c. Denial of Service attacks
           b. social engineering                             d. forced entry
____    9. In a _____ attack against a PBX an attacker observes information about calls instead of the contents of the
           a. traffic analysis                               c. disclosure of information
           b. denial of service                              d. data modification
____   10. In a _____ attack against a PBX an attacker breaks into the PBX system to make free long-distance telephone
           a. data modification                              c. theft of service
           b. disclosure of information                      d. traffic analysis
____ 11. _____ packet filtering permits or denies each packet based strictly on the rule base.
         a. Rule-based                                   c. Stateful
         b. Dynamic                                      d. Stateless
____ 12. A _____ IDS sends information about what happened, but does not take action.
         a. passive                                      c. host-based
         b. static                                       d. network-based
____ 13. In computer networking, _____ refers to the physical layout of the network devices, how they are interconnected,
         and how they communicate.
         a. architecture                                 c. structure
         b. topology                                     d. protocol
____ 14. What is the beginning address of a private Class C network?
         a.                                   c.
         b.                                    d.
____ 15. _____ is typically used today on home routers that allow multiple users to share one IP address received from an
         Internet service provider (ISP).
         a. SAT                                          c. DAT
         b. NAT                                          d. PAT
____ 16. A _____ allows scattered users to be logically grouped together, even though they may be attached to different
         a. VLAN                                         c. NAT
         b. MAN                                          d. DMZ
____ 17. Floppy disks are known as ____________ media
         a. magnetic                                     c. flash
         b. optical                                      d. electronic
____ 18. ____________ contains a dedicated controller chip.
         a. Compact-Flash                                c. A USB memory sick
         b. Smart-Media                                  d. RAM BIOS
____ 19. A(n) ____________ receives a packet from one network device and sends to to all devices on the network.
         a. hub                                          c. router
         b. switch                                       d. IDS
____ 20. Which of these is NOT a component of physical security?
         a. door locks                                   c. alarm systems
         b. antivirus software                           d. lighting

CCIS2400 (Security Essentials) Chapter 4 Study Guide

Multiple Choice
Identify the letter of the choice that best completes the statement or answers the question.

____    1. Early programs, that performed functions such as displaying an instant calculator, or address book, and were
           activated by pressing a hot key, were called _____.
           a. ESLs                                         c. SUVs
           b. TSRs                                         d. TSBs
____    2. In Linux, one service that depends on another service to function properly is sometimes called a _____.
           a. dependency                                   c. child
           b. parent                                       d. peer
____    3. When a service is set to _____ mode, it allows Windows to start a service when it is needed.
            a. automatic                                     c. standard
            b. disabled                                      d. manual
____   4.   When a service is set to _____ mode it starts every time that the computer is turned on.
            a. automatic                                     c. resume
            b. launch                                        d. recovery
____   5.   Port _____ is used by the Telnet application.
            a. 20                                            c. 23
            b. 21                                            d. 25
____   6.   What is the name of the service that enables computers to automatically download and install critical Windows
            a. Wuauserv                                      c. Wsupdate
            b. MSDTC                                         d. ERSvc
____   7.   The _____ service loads files to memory for later printing.
            a. lpr                                           c. printmgr
            b. lpd                                           d. spooler
____   8.   A(n) _____ is a major new release of the software incorporating all previous updates along with new features.
            a. Update rollout                                c. Version
            b. Feature pack                                  d. Update
____   9.   A(n) _____ is a release of a product that adds functionality but does not address security issues.
            a. Update                                        c. Update rollout
            b. Feature pack                                  d. Service pack
____ 10.    The Windows _____ privilege allows users to create new files and subfolders within the folder, change folder
            attributes, and view folder ownership and permissions.
            a. read                                          c. read and execute
            b. write                                         d. modify
____ 11. The Windows _____ privilege allows users to move through folders to reach other files and folders (even if the
         user does not have permission for those folders).
         a. list folder contents                          c. full control
         b. modify                                        d. read and execute
____ 12. The ____ security template applies the default settings to the hard drive on which Microsoft Windows XP was
         originally installed.
         a. Rootsec.inf                                   c. Securews.inf
         b. Compatws.inf                                  d. Hisecws.inf
____ 13. The _____ security template sets permissions for the local users group so that legacy programs are more likely to
         a. Rootsec.inf                                   c. Securews.inf
         b. Compatws.inf                                  d. Hisecws.inf
____ 14. John Rankin, the network administrator for XYZ Corporation, wants to manually change the registry on his
         Windows Server 2003 server, what program will allow him to do this task?
         a. regutil                                       c. regedt32
         b. regedit32                                     d. regeditor
____ 15. E-mail servers should be protected against _____.
         a. viruses                                       d. both a and b
         b. worms                                         e. a, b, and c
         c. Trojan horses
____ 16. The _____ is a part of the operating system that facilitates communication among the computers hardware,
         operating system, applications, and peripheral devices such as hard disks, printers, and video adapters.
         a. RAM                                           c. BIOS
         b. CMOS                                          d. POST
____ 17. You can start to build defenses for your information systems by creating security ____________.
         a. foundations                                   c. pillars
         b. baselines                                     d. planes
____ 18. In MS Windows, a program running in the background (such as svchost.exe) is called a ____________.
         a. process                                       c. display service
         b. service                                       d. parent service
____ 19. A non-security advantagle of disabling a service/process is that ____________________.
         a. ROM is preserved                              c. communication with firmware is enhanced
         b. the OS can perform fewer functions            d. it frees up RAM
____ 20. A(n) ____________ identifies what program/service on the receiving computer is being accessed.
         a. process                                       c. UPD designator
         b. port number                                   d. service-initiated socket (SIS)

CCIS2400 (Security Essentials) Chapter 3 Study Guide

Multiple Choice
Identify the letter of the choice that best completes the statement or answers the question.

____    1. What is the one key advantage of the bottom-up approach of securing information?
           a. The bottom-level employees have the technical expertise to understand what to do to
              secure information and how to do it.
           b. It has the backing to make the plan work.
           c. Resources such as funding, equipment, and personnel have the highest level of support.
            d. It carries the necessary authority to ensure that all employees follow its policies and
____   2.   What security position would you find at the middle level of an organizational structure?
            a. CEO                                               c. Security technician
            b. CIO                                               d. Security director
____   3.   The _____ is the top-level manager dedicated to overseeing the security plan and its implementation.
            a. chief information officer                         c. security director
            b. chief information security officer                d. security administrator
____   4.   A human firewall tries to prevent security attacks from passing through him or her by _____.
            a. keeping antivirus software updated
            b. watching for suspicious activity
            c. monitoring a computer for evidence of attack
            d. all of the above
____   5.   Because there is no single point of failure, a _____ security approach provides the most comprehensive
            a. diversified                                       c. limited
            b. layered                                           d. simple
____   6.   Setting a firewall to filter a specific type of traffic, such as all inbound traffic, while a second firewall on the same
            system filters another traffic type, such as outbound traffic is an example of _____.
            a. diversity                                         c. limiting
            b. layering                                          d. simplifying
____   7.   Making each password unrelated to the previous password provides an additional level of security through
            a. simplicity                                        c. obscurity
            b. diversity                                         d. limiting
____   8.   _____ verifies that a trusted person who has been preapproved for access is actually the one who now demands
            that access.
            a. Security                                          c. Identification
            b. Authentication                                    d. Auditing
____   9.   Your mothers date of birth and a unique personal identification number (PIN) code provide authentication by
            a. what you do                                       c. what you are
            b. what you have                                     d. what you know
____ 10.    A key to unlock a door or a drivers license are methods of authentication by _____.
            a. what you have                                     c. what you know
            b. what you are                                      d. what you do
____ 11. Authentication by _____ is based on a person’s unique characteristics.
         a. who you are                                    c. how you are
         b. what you are                                   d. what you have
____ 12. Single sign-on systems that use ID management are based on one of _____ competing standards.
         a. two                                            c. four
         b. three                                          d. seven
____ 13. A _____ card is a plastic card with an embedded thin metal strip that emits a low-frequency short-wave radio
         a. smart                                          c. biometric
         b. ID                                             d. proximity
____ 14. Which of the following operating system support the Kerberos authentication system?
         a. Windows Server 2003                            c. Linux
         b. Apple Mac OS                                   d. all of the above
____ 15. Two-way authentication, can be used to combat identity attacks, such as _____.
         a. man-in-the-middle                              c. TCP/IP hijacking
         b. ARP spoofing                                   d. mathematical attacks
____ 16. _____ consists of the mechanisms for limiting access to resources based on users identities and their membership
         in various groups.
         a. Multifactor authentication                     c. Access control
         b. Mutual authentication                          d. Auditing
____ 17. A security plan is initiated by a(n) ____________ would be defined as a bottom-up approach.
         a. chief information officer (CIO)                c. chief security officer
         b. help desk technician                           d. financial officer
____ 18. The advantage of layering is ___________.
         a. there is no single point of failure            c. it provides redundant services such as dual
         b. it is less expensive                           d. it does not require security personnel to
____ 19. Restricting users to the lowest level of permissions they need to do their jobs is called ____________.
         a. restrictive access listing (RAL)               c. constraint leveling
         b. limiting                                       d. concise security administration (CSA)
____ 20. Which of these is an example of security by obscurity?
         a. posting the comany’s security plan on          c. removing a logon window message that
             website                                           reveals the name of the operating system
         b. advertising for bids for a specific brand of d. requiring vendors to ship equipment that
             firewall in the local newspaper                   does no have a serial number

CCIS2400 (Security Essentials) Chapter 2 Study Guide

Multiple Choice
Identify the letter of the choice that best completes the statement or answers the question.

____    1. One of the motivations for a hacker to attack network and computer systems is to _____.
           a. harm systems                                  c. improve security
           b. earn money                                    d. gain recognition
____    2. One of the motivations for a cracker to attack network and computer systems is to _____.
           a. improve security                              c. earn money
           b. harm systems                                  d. support ideology
____    3. The _____ Supreme Court has ruled that hackers who simply probe computer networks linked to the Internet have
           not violated any laws.
           a. United States                                  c. Swedish
           b. Canadian                                       d. Norwegian
____    4. Maria is a customer service representative who receives a telephone call from someone claiming to be a client
           asking for their password. This person has a thick accent that makes his speech hard to understand. Instead of
           asking the caller to continue repeating himself, Maria provides him with the password. This type of attack is
           known as a _____ attack.
           a. Birthday                                       c. Password Guessing
           b. Social Engineering                             d. Masquerading
____    5. _____ involves digging through trash receptacles to find computer manuals, printouts, or password lists that have
           been thrown away.
           a. Dumpster diving                                c. Trash sifting
           b. Phishing                                       d. Garbage collecting
____    6. Which of the following would be an example of a weak password?
           a. Unstoppable                                    d. &uytK%wJGhh
           b. brutus                                         e. both a and b
           c. un42n8@ne
____    7. In a _____ attack, an attacker attempts to create every possible password combination by systematically changing
           one character at a time in a hypothetical password, and then using each newly generated password to access the
           a. dictionary                                     c. brute force
           b. software exploitation                          d. hashing
____    8. A _____ attack takes advantage of any weakness in software to bypass security that requires a password.
           a. weak key                                       c. dictionary
           b. software exploitation                          d. brute force
____    9. What does the Greek word crypto mean?
           a. writing                                        c. hidden
           b. secure                                         d. secret
____   10. What number did Caesar use for a key when he was devising his simple substitution method of cryptography?
           a. 1                                              c. 5
           b. 3                                              d. 18
____ 11. When you meet 23 people, what are the odds that someone will have the same birthday as you?
         a. .27%                                         c. 50%
         b. 6.3%                                         d. 99%
____ 12. A _____ attack makes it seem that two computers are communicating with each other, when actually they are
         sending and receiving data with a computer between them.
         a. man-in-the-middle                            c. TCP/IP hijacking
         b. replay                                       d. spoofing
____ 13. With TCP/IP hijacking, the attacker uses _____ spoofing to send information from the users computer to the
         attackers computer instead of to a valid computer.
         a. IP                                           c. MAC
         b. ARP                                          d. ICMP
____ 14. A _____ is a common type of malware.
         a. worm                                         c. virus
         b. logic bomb                                   d. all of the above
____ 15. Microsoft claims that fewer than _____ percent of all users have up-to-date antivirus software installed.
         a. 15                                           c. 60
         b. 30                                           d. 80
____ 16. A _____ is a computer program that lies dormant until it is triggered by a specific event, such as a certain date
         being reached on the system calendar or a persons rank in an organization dropping below a specified level.
         a. logic bomb                                   c. worm
         b. Trojan horse                                 d. virus
____ 17. Attackers known as ____________ like to think of themselves as an elite group who are performing a valuable
         service by identifying security weaknesses.
         a. crackers                                     c. hackers
         b. script kiddies                               d. cyberterrorists
____ 18. A ____________ possesses advanced computer skills and attackes computers with a malicious intent.
         a. script kiddie                                c. cracker
         b. hacker                                       d. worm zombie
____ 19. The motivation for a computer spy is ______________.
         a. financial                                    c. ideological
         b. egotism                                      d. social
____ 20. One reason employees are so successful at attacking their company’s computers is ____________.
         a. they have superior networking skills         c. a company’s information security is often
                                                             focused on keeping out intruders
         b. employees already have access to all         d. employees have unlimited access to
             company information                             company computers

CCIS2400 (Security Essentials) Ch-1 Study Guide

Multiple Choice
Identify the letter of the choice that best completes the statement or answers the question.

____    1. The _____ attack unleashed 7,000 attacks per day as an e-mail distributed denial-of-service (DDoS) worm.
           a. Bugbear                                     c. Klez
           b. Yaha                                        d. Code Red
____    2. The _____ attack doubled the number of infections every 37 minutes.
           a. Nimda                                       c. Code Red
           b. Blaster                                     d. Klez
____    3. How many reported incidences of attacks were reported to CERT in 1988?
           a. 1                                               c. 252
           b. 6                                               d. 773
____    4. _____ ensures that the information is correct and that no unauthorized person or malicious software program can
           or has altered that data.
           a. Availability                                    c. Integrity
           b. Confidentiality                                 d. Identity
____    5. _____ ensures that only authorized parties can view information.
           a. Security                                        c. Integrity
           b. Availability                                    d. Confidentiality
____    6. The latest Federal Bureau of Investigation (FBI) annual Computer Crime and Security Survey estimated the total
           annual loss due to data theft to be more than _____.
           a. $100 million                                    c. $500 million
           b. $170 million                                    d. $1 billion
____    7. Under the _____ act, healthcare enterprises must guard protected health information and implement policies and
           procedures to safeguard it, whether it be in paper or electronic format.
           a. HIPAA                                           c. HCPA
           b. HLPDA                                           d. USHIPA
____    8. What is the maximum fine for those who wrongfully disclose individually identifiable health information with the
           intent to sell it?
           a. $100,000                                        c. $500,000
           b. $250,000                                        d. $1,000,000
____    9. The _____ act is designed to broaden the surveillance of law enforcement agencies so they can detect and
           suppress terrorism.
           a. Gramm-Leach-Bliley
           b. Sarbanes-Oxley
           c. California Database Security Breach
           d. USA PATRIOT
____   10. COPPA requires operators of online services or Web sites designed for children under the age of _____ to obtain
           parental consent prior to the collection, use, disclosure, or display of a child’s personal information.
           a. 8                                               c. 13
           b. 10                                              d. 16
____ 11. In a company of 500 employees, it is estimated that _____ employees are required to combat a virus attack.
         a. 2                                              c. 7
         b. 5                                              d. 10
____ 12. What is another name for unsolicited e-mail messages?
         a. spam                                           c. trash
         b. spawn                                          d. scam
____ 13. According to Ferris Research, unsolicited e-mail messages now account for _____ of the total number of daily e-
         mail messages sent in the United States.
         a. 15%                                            c. 45%
         b. 30%                                            d. 62%
____ 14. According to the Federal Trade Commission (FTC), at least _____ million Americans, or about 3.4% of the adult
         population, have been victims of identity theft.
         a. 2                                              c. 7
         b. 5                                              d. 10
____ 15. In information security a loss can be _____.
         a. theft of information
         b. a delay in transmitting information that results in a financial penalty
         c. the loss of good will or a reputation
         d. all of the above
____ 16. In information security, a threat agent can be defined as _____.
         a. a force of nature such as a tornado that could destroy computer equipment
         b. a virus that attacks a computer network
         c. an unsecured computer network
         d. both a and b
         e. a, b, and c
____ 17. Which of these factors does NOT illustrate why information security is becoming increasingly difficult?
         a. faster processors                              c. faster detection of weaknesses
         b. growing sophistication of attacks              d. distributed attacks
____ 18. A type of software that repairs security flaws in an application is called a(n) ____________.
         a. hot fix                                        c. repair
         b. repair                                         d. patch
____ 19. Which of these is NOT a characteristic of information?
         a. integrity                                      c. conformity
         b. confidentiality                                d. availability
____ 20. Which of these is NOT intended to protect information?
         a. people                                         c. equipment
         b. policies                                       d. confidentiality

To top