2
Computer Security Fundamentals 3rd Ed - Ch 1 - 8 Quizzes
|| || || || || || || || || || ||
with accurate detailed solutions
|| || ||
Software that lays dormant until some specific condition is met is a Trojan horse.
|| || || || || || || || || || || || ||
A. True
||
B. False - ✔✔B. False
|| || || ||
Which one of these is NOT one the three pillars of security in the CIA triangle?
|| || || || || || || || || || || || || || ||
A. Authentication
||
B. Integrity
||
C. Confidentiality
||
D. Availability - ✔✔A. Authentication
|| || || ||
Confidentiality, integrity, and availability are three pillars of the CIA triangle.
|| || || || || || || || || ||
A. True
||
B. False - ✔✔A. True
|| || || ||
Auditing is the process to determine if a user's credentials are authorized to access a
|| || || || || || || || || || || || || || ||
network resource.
||
A. True
||
B. False - ✔✔B. False
|| || || ||
,2
(This describes authentication. Auditing is the process to review logs, records, and
|| || || || || || || || || || || ||
procedures.)
Someone who finds a flaw in a system and reports that flaw to the vendor of the system is
|| || || || || || || || || || || || || || || || || || ||
a __________.
||
A. Black Hat Hacker
|| || ||
B. Red Hat Hacker
|| || ||
C. White Hat Hacker
|| || ||
D. Grey Hat Hacker - ✔✔C. White Hat Hacker
|| || || || || || || ||
(White hat hackers are often hired by companies to do penetration tests.)
|| || || || || || || || || || ||
In which type of hacking does the user block access from legitimate users without actually
|| || || || || || || || || || || || || || ||
accessing the attacked system? || || ||
A. Session Hijacking
|| ||
B. Denial of Service
|| || ||
C. Web Attack
|| ||
D. None of the Above - ✔✔B. Denial of Service
|| || || || || || || || ||
(A denial-of-service attack is probably the most common attack on the web.)
|| || || || || || || || || || ||
Which of these was the first computer incident-response team?
|| || || || || || || ||
A. Microsoft Security Advisor
|| || ||
B. F-Secure
||
,2
C. Computer Emergency Response Team
|| || || ||
D. SANS Institute - ✔✔C. Computer Emergency Response Team
|| || || || || || || ||
Which of these is a repository for detailed information on virus outbreaks?
|| || || || || || || || || || ||
A. Computer Emergency Response Team
|| || || ||
B. F-Secure
||
C. SANS Institute
|| ||
D. Microsoft Security Advisor - ✔✔B. F-Secure
|| || || || || ||
(Information includes how a virus spreads, ways to recognize the virus, and, frequently,
|| || || || || || || || || || || || ||
specific tools for cleaning an infected system.)
|| || || || || ||
Your company is instituting a new security awareness program. You are responsible for
|| || || || || || || || || || || || ||
educating end users on a variety of threats, including social engineering. Which of the
|| || || || || || || || || || || || || ||
following best defines social engineering?
|| || || ||
A. Destruction or alteration of data
|| || || || ||
B. Using people skills to obtain proprietary information
|| || || || || || ||
C. Gathering information from discarded manuals and printouts
|| || || || || || ||
D. Illegal copying of software - ✔✔B. Using people skills to obtain proprietary information
|| || || || || || || || || || || || ||
Which of these is the process to determine if the credentials given by a user or another
|| || || || || || || || || || || || || || || || ||
system are authorized to access the network resource in question?
|| || || || || || || || ||
A. Integrity
||
B. Authentication
||
, 2
C. Confidentiality
||
D. Availability - ✔✔B. Authentication
|| || || ||
The technique for breaching a system's security by exploiting human nature rather than
|| || || || || || || || || || || || ||
technology is war-driving || ||
A. True
||
B. False - ✔✔B. False
|| || || ||
Someone who calls themself a hacker but lacks the expertise is a ________.
|| || || || || || || || || || || ||
A. White hat hacker
|| || ||
B. Black hat hacker
|| || ||
C. Script kiddy
|| ||
D. Sneaker - ✔✔C. Script kiddy
|| || || || ||
A(n) ______ is a basic security device that filters traffic and is a barrier between a network
|| || || || || || || || || || || || || || || || ||
and the outside world or between a system and other systems.
|| || || || || || || || || ||
A. Intrusion Detection System
|| || ||
B. Firewall
||
C. Network Monitor
|| ||
D. Proxy Server - ✔✔B. Firewall
|| || || || ||
Which of these is a repository of security-related documentation and also sponsors a
|| || || || || || || || || || || || ||
number of security research projects?
|| || || ||
Computer Security Fundamentals 3rd Ed - Ch 1 - 8 Quizzes
|| || || || || || || || || || ||
with accurate detailed solutions
|| || ||
Software that lays dormant until some specific condition is met is a Trojan horse.
|| || || || || || || || || || || || ||
A. True
||
B. False - ✔✔B. False
|| || || ||
Which one of these is NOT one the three pillars of security in the CIA triangle?
|| || || || || || || || || || || || || || ||
A. Authentication
||
B. Integrity
||
C. Confidentiality
||
D. Availability - ✔✔A. Authentication
|| || || ||
Confidentiality, integrity, and availability are three pillars of the CIA triangle.
|| || || || || || || || || ||
A. True
||
B. False - ✔✔A. True
|| || || ||
Auditing is the process to determine if a user's credentials are authorized to access a
|| || || || || || || || || || || || || || ||
network resource.
||
A. True
||
B. False - ✔✔B. False
|| || || ||
,2
(This describes authentication. Auditing is the process to review logs, records, and
|| || || || || || || || || || || ||
procedures.)
Someone who finds a flaw in a system and reports that flaw to the vendor of the system is
|| || || || || || || || || || || || || || || || || || ||
a __________.
||
A. Black Hat Hacker
|| || ||
B. Red Hat Hacker
|| || ||
C. White Hat Hacker
|| || ||
D. Grey Hat Hacker - ✔✔C. White Hat Hacker
|| || || || || || || ||
(White hat hackers are often hired by companies to do penetration tests.)
|| || || || || || || || || || ||
In which type of hacking does the user block access from legitimate users without actually
|| || || || || || || || || || || || || || ||
accessing the attacked system? || || ||
A. Session Hijacking
|| ||
B. Denial of Service
|| || ||
C. Web Attack
|| ||
D. None of the Above - ✔✔B. Denial of Service
|| || || || || || || || ||
(A denial-of-service attack is probably the most common attack on the web.)
|| || || || || || || || || || ||
Which of these was the first computer incident-response team?
|| || || || || || || ||
A. Microsoft Security Advisor
|| || ||
B. F-Secure
||
,2
C. Computer Emergency Response Team
|| || || ||
D. SANS Institute - ✔✔C. Computer Emergency Response Team
|| || || || || || || ||
Which of these is a repository for detailed information on virus outbreaks?
|| || || || || || || || || || ||
A. Computer Emergency Response Team
|| || || ||
B. F-Secure
||
C. SANS Institute
|| ||
D. Microsoft Security Advisor - ✔✔B. F-Secure
|| || || || || ||
(Information includes how a virus spreads, ways to recognize the virus, and, frequently,
|| || || || || || || || || || || || ||
specific tools for cleaning an infected system.)
|| || || || || ||
Your company is instituting a new security awareness program. You are responsible for
|| || || || || || || || || || || || ||
educating end users on a variety of threats, including social engineering. Which of the
|| || || || || || || || || || || || || ||
following best defines social engineering?
|| || || ||
A. Destruction or alteration of data
|| || || || ||
B. Using people skills to obtain proprietary information
|| || || || || || ||
C. Gathering information from discarded manuals and printouts
|| || || || || || ||
D. Illegal copying of software - ✔✔B. Using people skills to obtain proprietary information
|| || || || || || || || || || || || ||
Which of these is the process to determine if the credentials given by a user or another
|| || || || || || || || || || || || || || || || ||
system are authorized to access the network resource in question?
|| || || || || || || || ||
A. Integrity
||
B. Authentication
||
, 2
C. Confidentiality
||
D. Availability - ✔✔B. Authentication
|| || || ||
The technique for breaching a system's security by exploiting human nature rather than
|| || || || || || || || || || || || ||
technology is war-driving || ||
A. True
||
B. False - ✔✔B. False
|| || || ||
Someone who calls themself a hacker but lacks the expertise is a ________.
|| || || || || || || || || || || ||
A. White hat hacker
|| || ||
B. Black hat hacker
|| || ||
C. Script kiddy
|| ||
D. Sneaker - ✔✔C. Script kiddy
|| || || || ||
A(n) ______ is a basic security device that filters traffic and is a barrier between a network
|| || || || || || || || || || || || || || || || ||
and the outside world or between a system and other systems.
|| || || || || || || || || ||
A. Intrusion Detection System
|| || ||
B. Firewall
||
C. Network Monitor
|| ||
D. Proxy Server - ✔✔B. Firewall
|| || || || ||
Which of these is a repository of security-related documentation and also sponsors a
|| || || || || || || || || || || || ||
number of security research projects?
|| || || ||
