ISM 4220 Exam 3
Which of the following is not one of the major categories (or sub-categories) into which
network security threats can be placed?
controlled chaos
An example of _____ of data would be if a computer virus eliminated files on that
computer.
Destruction
Often, incidents of unauthorized access known as ___________, involve employees of
the organization, surprisingly enough.
Intrusion
A hacker gaining access to organizational data files and resources is an example of a(n)
____________ threat.
Intrusion
________ controls discover unwanted events.
Detective
A ___________ assigns levels of risk to various threats to network security by
comparing the nature of the threats to the controls designed to reduce them.
risk assessment
A(n) ____________, is an information system that is critical to the survival of an
organization.
mission critical application
The key principle in preventing disruption, destruction and disaster is ___________.
Redundancy
A (n) ______ is a special type of virus that spreads itself without human intervention.
Worm
Which of the following is not a type of intruder who attempts to gain intrusion to
computer networks?
Delphi team member
The three basic network access points into most organizational networks are from the
Internet, from LANs inside of the organization and ________________.
WLANs
, Which of the following are usually the first choice for eavesdropping?
wireless LANs
Which of the following is not a method for deterring outside intruders from gaining
access to the organization's office or network equipment facilities?
unlocked wiring closet for network devices
_______________ is an encryption standard that uses a total of 168 bits as the key.
triple DES
A __________ is a router or special purpose computer that examines packets flowing
into and out of a network and restricts access to the organization's network.
Firewall
IP spoofing means to:
fool the target computer and any intervening firewall into believing that messages from
the intruder's computer are actually coming from an authorized user inside the
organization's network
A(n) _______ is a screened subnet devoted solely to public access servers such as
Web servers and public DNS servers.
DMZ
Spyware, adware and DDOS agents are three types of:
Trojans
Encryption is the process of:
disguising information by the use of mathematical rules, known as algorithms
A brute force attack against an encryption system:
tries to gain access by trying every possible key
__________ provide authentication which can legally prove who sent a message over a
network.
digital signatures
IP Security Protocol:
sits between IP at the network layer and TCP/UDP at the transport layer
Which of the following is not true about one-time passwords?
They create a packet level firewall on the system.
A fundamental technique to determine if an intrusion is in progress in a stable network
is:
anomaly detection
Which of the following is not one of the major categories (or sub-categories) into which
network security threats can be placed?
controlled chaos
An example of _____ of data would be if a computer virus eliminated files on that
computer.
Destruction
Often, incidents of unauthorized access known as ___________, involve employees of
the organization, surprisingly enough.
Intrusion
A hacker gaining access to organizational data files and resources is an example of a(n)
____________ threat.
Intrusion
________ controls discover unwanted events.
Detective
A ___________ assigns levels of risk to various threats to network security by
comparing the nature of the threats to the controls designed to reduce them.
risk assessment
A(n) ____________, is an information system that is critical to the survival of an
organization.
mission critical application
The key principle in preventing disruption, destruction and disaster is ___________.
Redundancy
A (n) ______ is a special type of virus that spreads itself without human intervention.
Worm
Which of the following is not a type of intruder who attempts to gain intrusion to
computer networks?
Delphi team member
The three basic network access points into most organizational networks are from the
Internet, from LANs inside of the organization and ________________.
WLANs
, Which of the following are usually the first choice for eavesdropping?
wireless LANs
Which of the following is not a method for deterring outside intruders from gaining
access to the organization's office or network equipment facilities?
unlocked wiring closet for network devices
_______________ is an encryption standard that uses a total of 168 bits as the key.
triple DES
A __________ is a router or special purpose computer that examines packets flowing
into and out of a network and restricts access to the organization's network.
Firewall
IP spoofing means to:
fool the target computer and any intervening firewall into believing that messages from
the intruder's computer are actually coming from an authorized user inside the
organization's network
A(n) _______ is a screened subnet devoted solely to public access servers such as
Web servers and public DNS servers.
DMZ
Spyware, adware and DDOS agents are three types of:
Trojans
Encryption is the process of:
disguising information by the use of mathematical rules, known as algorithms
A brute force attack against an encryption system:
tries to gain access by trying every possible key
__________ provide authentication which can legally prove who sent a message over a
network.
digital signatures
IP Security Protocol:
sits between IP at the network layer and TCP/UDP at the transport layer
Which of the following is not true about one-time passwords?
They create a packet level firewall on the system.
A fundamental technique to determine if an intrusion is in progress in a stable network
is:
anomaly detection
