ITN 262 MIDTERM EXAM QUESTIONS
AND ANSWERS ALL CORRECT
We have a drive that contains several old files and directories that we wish to delete.
We delete everything at once by doing a "quick format" of the drive. Which of the
following data areas on the drive will be affected? Select all that apply. - Answer- The
drive's root directory
The video stored on DVDs is encrypted. Where do we get the key to decrypt the DVD
when we play it? - Answer- The key is stored in the player.
Bob has bought a DVD and a DVD player. He owns both and has complete physical
access, inside and out, to the disk and player. Does Bob have unrestricted access to
everything the hardware and software contains? - Answer- No, because a security
boundary inside the DVD player protects its player key from physical access by Bob.
A security analyst is performing a security assessment. The analyst should not: -
Answer- take actions to mitigate a serious risk.
Which of the following are considered "objects" in an access matrix? - Answer- The file
containing the word processing program
A device driver buffer
Bob's word processing file
Which of the following are considered "subjects" in an access matrix? - Answer- User
"bob
A device driver while it is running.
The word processing program while it executes
How default settings (default permit or deny by default) affect an access matrix? -
Answer- If we implement default permit, the matrix must list all subject and object rights
to be complete.
If we implement deny by default, a smaller matrix can describe all access rights.
The main purpose of a software patch is to: - Answer- fix a bug in a program.
A zero-day exploit: - Answer- has no software patch
, A security database that contains entries for users and their access rights for a specific
file or folder is a(n): - Answer- access control list (ACL).
Bob and Alice are typical users who share a computer. Which of the following are true
of a file sharing policy? Assume no tailoring takes place. - Answer- Bob can create,
read, and modify his own files.
Bob can read Alice's files.
Which of the following yields a more specific set of attacks tied to our particular threat
agents? - Answer- Attack matrix
Which of the following produces a risk to an asset? - Answer- A threat agent and an
attack the agent can perform
Which of the following describes the effect of the Digital Millennium Copyright Act
(DMCA) on the investigation and publication of security flaws in commercial equipment?
- Answer- It restricts the publication of techniques to reverse-engineer copy protection
schemes.
Which of the following most often forbids people from performing trial-and-error attacks
on computer systems? - Answer- Acceptable use policies
Section 1.6.2 outlines a procedure for disclosing security vulnerabilities in a commercial
device or product. Assume that we have discovered a vulnerability in a commercial
product. The vendor has not acknowledged our initial vulnerability report or
communicated with us in any other way. They have not announced the vulnerability to
the public. We wish to warn the public of the vulnerability as soon as is ethically
defensible. Given the procedure in Section 1.6.2, which of the following is the best
course of action? - Answer- After 30 days, announce that the vulnerability exists, and
describe how to reduce a system's risk of attack through that vulnerability.
Given the vulnerability disclosure procedure in Section 1.6.2 and the story of Michael
Lynn's presentation of a Cisco router vulnerability at Black Hat 2005, which of the
following most accurately describes Lynn's action? - Answer- Lynn acted ethically
because the vulnerability had already been reported and patched, and he did not
describe how to exploit the vulnerability.
When disclosing a security vulnerability in a system or software, the manufacturer
should avoid: - Answer- including enough detail to allow an attacker to exploit the
vulnerability.
A risk assessment involves which of the following? - Answer- Identifying risks,
Prioritizing Risks
AND ANSWERS ALL CORRECT
We have a drive that contains several old files and directories that we wish to delete.
We delete everything at once by doing a "quick format" of the drive. Which of the
following data areas on the drive will be affected? Select all that apply. - Answer- The
drive's root directory
The video stored on DVDs is encrypted. Where do we get the key to decrypt the DVD
when we play it? - Answer- The key is stored in the player.
Bob has bought a DVD and a DVD player. He owns both and has complete physical
access, inside and out, to the disk and player. Does Bob have unrestricted access to
everything the hardware and software contains? - Answer- No, because a security
boundary inside the DVD player protects its player key from physical access by Bob.
A security analyst is performing a security assessment. The analyst should not: -
Answer- take actions to mitigate a serious risk.
Which of the following are considered "objects" in an access matrix? - Answer- The file
containing the word processing program
A device driver buffer
Bob's word processing file
Which of the following are considered "subjects" in an access matrix? - Answer- User
"bob
A device driver while it is running.
The word processing program while it executes
How default settings (default permit or deny by default) affect an access matrix? -
Answer- If we implement default permit, the matrix must list all subject and object rights
to be complete.
If we implement deny by default, a smaller matrix can describe all access rights.
The main purpose of a software patch is to: - Answer- fix a bug in a program.
A zero-day exploit: - Answer- has no software patch
, A security database that contains entries for users and their access rights for a specific
file or folder is a(n): - Answer- access control list (ACL).
Bob and Alice are typical users who share a computer. Which of the following are true
of a file sharing policy? Assume no tailoring takes place. - Answer- Bob can create,
read, and modify his own files.
Bob can read Alice's files.
Which of the following yields a more specific set of attacks tied to our particular threat
agents? - Answer- Attack matrix
Which of the following produces a risk to an asset? - Answer- A threat agent and an
attack the agent can perform
Which of the following describes the effect of the Digital Millennium Copyright Act
(DMCA) on the investigation and publication of security flaws in commercial equipment?
- Answer- It restricts the publication of techniques to reverse-engineer copy protection
schemes.
Which of the following most often forbids people from performing trial-and-error attacks
on computer systems? - Answer- Acceptable use policies
Section 1.6.2 outlines a procedure for disclosing security vulnerabilities in a commercial
device or product. Assume that we have discovered a vulnerability in a commercial
product. The vendor has not acknowledged our initial vulnerability report or
communicated with us in any other way. They have not announced the vulnerability to
the public. We wish to warn the public of the vulnerability as soon as is ethically
defensible. Given the procedure in Section 1.6.2, which of the following is the best
course of action? - Answer- After 30 days, announce that the vulnerability exists, and
describe how to reduce a system's risk of attack through that vulnerability.
Given the vulnerability disclosure procedure in Section 1.6.2 and the story of Michael
Lynn's presentation of a Cisco router vulnerability at Black Hat 2005, which of the
following most accurately describes Lynn's action? - Answer- Lynn acted ethically
because the vulnerability had already been reported and patched, and he did not
describe how to exploit the vulnerability.
When disclosing a security vulnerability in a system or software, the manufacturer
should avoid: - Answer- including enough detail to allow an attacker to exploit the
vulnerability.
A risk assessment involves which of the following? - Answer- Identifying risks,
Prioritizing Risks
