CS 3113 - Final Review (Everything) questions
|/ |/ |/ |/ |/ |/
with answers
|/ |/
With the attention that computer security is receiving in the
|/ |/ |/ |/ |/ |/ |/ |/ |/
media today, as a result of the numerous security breaches we
|/ |/ |/ |/ |/ |/ |/ |/ |/ |/ |/
can read about, preventing, detecting, and prosecuting computer
|/ |/ |/ |/ |/ |/ |/ |/
crime has become easier. - CORRECT ANSWERS ✔✔False
|/ |/ |/ |/ |/ |/ |/ |/
An individual who blocks the traffic from an authorized user to a
|/ |/ |/ |/ |/ |/ |/ |/ |/ |/ |/
system they are authorized to access is conducting which of the
|/ |/ |/ |/ |/ |/ |/ |/ |/ |/ |/
following threat types? - CORRECT ANSWERS ✔✔Interruption
|/ |/ |/ |/ |/ |/ |/
An individual who simply "listens" to the traffic that is being sent
|/ |/ |/ |/ |/ |/ |/ |/ |/ |/ |/
by an authorized user between systems is an example of which
|/ |/ |/ |/ |/ |/ |/ |/ |/ |/ |/
of the following threat types? - CORRECT ANSWERS
|/ |/ |/ |/ |/ |/ |/ |/
✔✔Interception
|/
Which of the following is the name for a program that holds a
|/ |/ |/ |/ |/ |/ |/ |/ |/ |/ |/ |/
computer "hostage" while demanding a ransom? - CORRECT
|/ |/ |/ |/ |/ |/ |/ |/
ANSWERS ✔✔Ransomware
|/ |/
Which of the following describes the "CIA Triad"? - CORRECT
|/ |/ |/ |/ |/ |/ |/ |/ |/
ANSWERS ✔✔Confidentiality, integrity, Availability
|/ |/ |/ |/
Which level of threat includes disgruntled employees seeking to
|/ |/ |/ |/ |/ |/ |/ |/
harm your systems? - CORRECT ANSWERS ✔✔Unstructured
|/ |/ |/ |/ |/ |/ |/
Threats
|/
,Which of the following best describes the changes (if any) that
|/ |/ |/ |/ |/ |/ |/ |/ |/ |/
have occurred to the average intruder knowledge and the attack
|/ |/ |/ |/ |/ |/ |/ |/ |/ |/
sophistication over the last few decades? - CORRECT ANSWERS
|/ |/ |/ |/ |/ |/ |/ |/ |/
✔✔The average required intruder knowledge has decreased
|/ |/ |/ |/ |/ |/ |/
while the attack sophistication has increased.
|/ |/ |/ |/ |/ |/
What does the term "threat" refer to in computer security? -
|/ |/ |/ |/ |/ |/ |/ |/ |/ |/
CORRECT ANSWERS ✔✔Any potential threat that could cause an
|/ |/ |/ |/ |/ |/ |/ |/ |/
undesirable outcome - including natural disasters
|/ |/ |/ |/ |/ |/
Which of the following is the name for a program that appears to
|/ |/ |/ |/ |/ |/ |/ |/ |/ |/ |/ |/
do one thing (and may indeed do it) but that hides something
|/ |/ |/ |/ |/ |/ |/ |/ |/ |/ |/ |/
else? - CORRECT ANSWERS ✔✔Trojan Horse
|/ |/ |/ |/ |/ |/
Which of the following is the name for a program that reproduces
|/ |/ |/ |/ |/ |/ |/ |/ |/ |/ |/
by attaching copies of itself to other programs and which often
|/ |/ |/ |/ |/ |/ |/ |/ |/ |/ |/
carries a malicious "payload"? - CORRECT ANSWERS ✔✔Virus
|/ |/ |/ |/ |/ |/ |/ |/
Issues of proprietary software and trade secrets complicate the
|/ |/ |/ |/ |/ |/ |/ |/
application of the Open Design principle. In some cases
|/ |/ |/ |/ |/ |/ |/ |/ |/
companies may not want their designs made public, lest their
|/ |/ |/ |/ |/ |/ |/ |/ |/ |/
competitors use them. The principle then requires that the
|/ |/ |/ |/ |/ |/ |/ |/ |/
design and implementation be available to people barred from
|/ |/ |/ |/ |/ |/ |/ |/ |/
disclosing it outside of the company. - CORRECT ANSWERS
|/ |/ |/ |/ |/ |/ |/ |/ |/
✔✔True
|/
Which disclosure paradigm has as its assumptions that 1) an
|/ |/ |/ |/ |/ |/ |/ |/ |/
attacker will learn little or nothing from disclosure; 2) Disclosure
|/ |/ |/ |/ |/ |/ |/ |/ |/ |/
will prompt designers to improve the design of defenses, and 3)
|/ |/ |/ |/ |/ |/ |/ |/ |/ |/ |/
,|/ Disclosure will prompt other defenders to take action? - |/ |/ |/ |/ |/ |/ |/ |/
|/ CORRECT ANSWERS ✔✔Open Source |/ |/ |/
What is the name of the method of communication between two
|/ |/ |/ |/ |/ |/ |/ |/ |/ |/
computers (arbitrarily named here client and server) in which
|/ |/ |/ |/ |/ |/ |/ |/ |/
information is encoded, and possibly encrypted, into a sequence
|/ |/ |/ |/ |/ |/ |/ |/ |/
of port numbers? Initially, the server presents no open ports to
|/ |/ |/ |/ |/ |/ |/ |/ |/ |/ |/
the public and is monitoring all connection attempts. The client
|/ |/ |/ |/ |/ |/ |/ |/ |/ |/
initiates connection attempts to the server by sending SYN
|/ |/ |/ |/ |/ |/ |/ |/ |/
packets to the ports specified in a special sequence. The server
|/ |/ |/ |/ |/ |/ |/ |/ |/ |/ |/
offers no response to the client during this phase, as it "silently"
|/ |/ |/ |/ |/ |/ |/ |/ |/ |/ |/ |/
processes the port sequence. When the server decodes a valid
|/ |/ |/ |/ |/ |/ |/ |/ |/ |/
sequence it triggers a server-side process and response. -
|/ |/ |/ |/ |/ |/ |/ |/ |/
CORRECT ANSWERS ✔✔Port Knocking
|/ |/ |/ |/
What is the name given to a form of host-to-host communication
|/ |/ |/ |/ |/ |/ |/ |/ |/ |/
in which information flows across closed ports. Information may
|/ |/ |/ |/ |/ |/ |/ |/ |/
be encoded into a port sequence or a packet-payload. In general,
|/ |/ |/ |/ |/ |/ |/ |/ |/ |/ |/
data are transmitted to closed ports and received by a
|/ |/ |/ |/ |/ |/ |/ |/ |/ |/
monitoring daemon which intercepts the information without
|/ |/ |/ |/ |/ |/ |/
sending a receipt to the sender. - CORRECT ANSWERS ✔✔Port
|/ |/ |/ |/ |/ |/ |/ |/ |/ |/
Knocking
|/
Can all issues with complexity be avoided through the use of one
|/ |/ |/ |/ |/ |/ |/ |/ |/ |/ |/
of the secure design principles identified in class? - CORRECT
|/ |/ |/ |/ |/ |/ |/ |/ |/ |/
ANSWERS ✔✔No
|/ |/
The number of bugs introduced by a bug fix release may actually
|/ |/ |/ |/ |/ |/ |/ |/ |/ |/ |/
exceed the number of bugs fixed by that release. - CORRECT
|/ |/ |/ |/ |/ |/ |/ |/ |/ |/ |/
ANSWERS ✔✔True
|/ |/
, In cyber security, one of the best ways to protect a computer or
|/ |/ |/ |/ |/ |/ |/ |/ |/ |/ |/ |/
network is with a strategy called defense in depth. This strategy
|/ |/ |/ |/ |/ |/ |/ |/ |/ |/ |/
means that there are multiple defenses put in place. If one fails,
|/ |/ |/ |/ |/ |/ |/ |/ |/ |/ |/ |/
it is likely another will catch the problem. Which method of
|/ |/ |/ |/ |/ |/ |/ |/ |/ |/ |/
reducing complexity is this concept most closely aligned with? -
|/ |/ |/ |/ |/ |/ |/ |/ |/ |/
CORRECT ANSWERS ✔✔Layering
|/ |/ |/
When viewing a Drone Pilot app, the screen will show "flight
|/ |/ |/ |/ |/ |/ |/ |/ |/ |/
instruments" that indicate how fast the drone is flying and how
|/ |/ |/ |/ |/ |/ |/ |/ |/ |/ |/
high it is off the ground. Which method is this an example of? -
|/ |/ |/ |/ |/ |/ |/ |/ |/ |/ |/ |/ |/ |/
CORRECT ANSWERS ✔✔Abstraction
|/ |/ |/
While a password should be long and complex so that it will be
|/ |/ |/ |/ |/ |/ |/ |/ |/ |/ |/ |/
difficult to break, the password should be easy for you to
|/ |/ |/ |/ |/ |/ |/ |/ |/ |/ |/
remember. One way to do this is to take the first letter of each
|/ |/ |/ |/ |/ |/ |/ |/ |/ |/ |/ |/ |/ |/
word from a song that you know. Which design principle is this
|/ |/ |/ |/ |/ |/ |/ |/ |/ |/ |/ |/
most closely aligned with? - CORRECT ANSWERS ✔✔Simplicity
|/ |/ |/ |/ |/ |/ |/ |/
Which of the following was described as one of the main
|/ |/ |/ |/ |/ |/ |/ |/ |/ |/
drawback to the waterfall software development model? -
|/ |/ |/ |/ |/ |/ |/ |/
CORRECT ANSWERS ✔✔The Waterfall model does not easily
|/ |/ |/ |/ |/ |/ |/ |/
accommodate change after the process is underway. One phase
|/ |/ |/ |/ |/ |/ |/ |/ |/
has to be completed before moving onto the next phase.
|/ |/ |/ |/ |/ |/ |/ |/ |/ |/
Which of the following are advantages of an iterative design
|/ |/ |/ |/ |/ |/ |/ |/ |/
process? - CORRECT ANSWERS ✔✔B,C,D, but not A
|/ |/ |/ |/ |/ |/ |/ |/
A....It results in the fastest development of software; it is the
|/ |/ |/ |/ |/ |/ |/ |/ |/ |/
quickest design process.
|/ |/ |/
|/ |/ |/ |/ |/ |/
with answers
|/ |/
With the attention that computer security is receiving in the
|/ |/ |/ |/ |/ |/ |/ |/ |/
media today, as a result of the numerous security breaches we
|/ |/ |/ |/ |/ |/ |/ |/ |/ |/ |/
can read about, preventing, detecting, and prosecuting computer
|/ |/ |/ |/ |/ |/ |/ |/
crime has become easier. - CORRECT ANSWERS ✔✔False
|/ |/ |/ |/ |/ |/ |/ |/
An individual who blocks the traffic from an authorized user to a
|/ |/ |/ |/ |/ |/ |/ |/ |/ |/ |/
system they are authorized to access is conducting which of the
|/ |/ |/ |/ |/ |/ |/ |/ |/ |/ |/
following threat types? - CORRECT ANSWERS ✔✔Interruption
|/ |/ |/ |/ |/ |/ |/
An individual who simply "listens" to the traffic that is being sent
|/ |/ |/ |/ |/ |/ |/ |/ |/ |/ |/
by an authorized user between systems is an example of which
|/ |/ |/ |/ |/ |/ |/ |/ |/ |/ |/
of the following threat types? - CORRECT ANSWERS
|/ |/ |/ |/ |/ |/ |/ |/
✔✔Interception
|/
Which of the following is the name for a program that holds a
|/ |/ |/ |/ |/ |/ |/ |/ |/ |/ |/ |/
computer "hostage" while demanding a ransom? - CORRECT
|/ |/ |/ |/ |/ |/ |/ |/
ANSWERS ✔✔Ransomware
|/ |/
Which of the following describes the "CIA Triad"? - CORRECT
|/ |/ |/ |/ |/ |/ |/ |/ |/
ANSWERS ✔✔Confidentiality, integrity, Availability
|/ |/ |/ |/
Which level of threat includes disgruntled employees seeking to
|/ |/ |/ |/ |/ |/ |/ |/
harm your systems? - CORRECT ANSWERS ✔✔Unstructured
|/ |/ |/ |/ |/ |/ |/
Threats
|/
,Which of the following best describes the changes (if any) that
|/ |/ |/ |/ |/ |/ |/ |/ |/ |/
have occurred to the average intruder knowledge and the attack
|/ |/ |/ |/ |/ |/ |/ |/ |/ |/
sophistication over the last few decades? - CORRECT ANSWERS
|/ |/ |/ |/ |/ |/ |/ |/ |/
✔✔The average required intruder knowledge has decreased
|/ |/ |/ |/ |/ |/ |/
while the attack sophistication has increased.
|/ |/ |/ |/ |/ |/
What does the term "threat" refer to in computer security? -
|/ |/ |/ |/ |/ |/ |/ |/ |/ |/
CORRECT ANSWERS ✔✔Any potential threat that could cause an
|/ |/ |/ |/ |/ |/ |/ |/ |/
undesirable outcome - including natural disasters
|/ |/ |/ |/ |/ |/
Which of the following is the name for a program that appears to
|/ |/ |/ |/ |/ |/ |/ |/ |/ |/ |/ |/
do one thing (and may indeed do it) but that hides something
|/ |/ |/ |/ |/ |/ |/ |/ |/ |/ |/ |/
else? - CORRECT ANSWERS ✔✔Trojan Horse
|/ |/ |/ |/ |/ |/
Which of the following is the name for a program that reproduces
|/ |/ |/ |/ |/ |/ |/ |/ |/ |/ |/
by attaching copies of itself to other programs and which often
|/ |/ |/ |/ |/ |/ |/ |/ |/ |/ |/
carries a malicious "payload"? - CORRECT ANSWERS ✔✔Virus
|/ |/ |/ |/ |/ |/ |/ |/
Issues of proprietary software and trade secrets complicate the
|/ |/ |/ |/ |/ |/ |/ |/
application of the Open Design principle. In some cases
|/ |/ |/ |/ |/ |/ |/ |/ |/
companies may not want their designs made public, lest their
|/ |/ |/ |/ |/ |/ |/ |/ |/ |/
competitors use them. The principle then requires that the
|/ |/ |/ |/ |/ |/ |/ |/ |/
design and implementation be available to people barred from
|/ |/ |/ |/ |/ |/ |/ |/ |/
disclosing it outside of the company. - CORRECT ANSWERS
|/ |/ |/ |/ |/ |/ |/ |/ |/
✔✔True
|/
Which disclosure paradigm has as its assumptions that 1) an
|/ |/ |/ |/ |/ |/ |/ |/ |/
attacker will learn little or nothing from disclosure; 2) Disclosure
|/ |/ |/ |/ |/ |/ |/ |/ |/ |/
will prompt designers to improve the design of defenses, and 3)
|/ |/ |/ |/ |/ |/ |/ |/ |/ |/ |/
,|/ Disclosure will prompt other defenders to take action? - |/ |/ |/ |/ |/ |/ |/ |/
|/ CORRECT ANSWERS ✔✔Open Source |/ |/ |/
What is the name of the method of communication between two
|/ |/ |/ |/ |/ |/ |/ |/ |/ |/
computers (arbitrarily named here client and server) in which
|/ |/ |/ |/ |/ |/ |/ |/ |/
information is encoded, and possibly encrypted, into a sequence
|/ |/ |/ |/ |/ |/ |/ |/ |/
of port numbers? Initially, the server presents no open ports to
|/ |/ |/ |/ |/ |/ |/ |/ |/ |/ |/
the public and is monitoring all connection attempts. The client
|/ |/ |/ |/ |/ |/ |/ |/ |/ |/
initiates connection attempts to the server by sending SYN
|/ |/ |/ |/ |/ |/ |/ |/ |/
packets to the ports specified in a special sequence. The server
|/ |/ |/ |/ |/ |/ |/ |/ |/ |/ |/
offers no response to the client during this phase, as it "silently"
|/ |/ |/ |/ |/ |/ |/ |/ |/ |/ |/ |/
processes the port sequence. When the server decodes a valid
|/ |/ |/ |/ |/ |/ |/ |/ |/ |/
sequence it triggers a server-side process and response. -
|/ |/ |/ |/ |/ |/ |/ |/ |/
CORRECT ANSWERS ✔✔Port Knocking
|/ |/ |/ |/
What is the name given to a form of host-to-host communication
|/ |/ |/ |/ |/ |/ |/ |/ |/ |/
in which information flows across closed ports. Information may
|/ |/ |/ |/ |/ |/ |/ |/ |/
be encoded into a port sequence or a packet-payload. In general,
|/ |/ |/ |/ |/ |/ |/ |/ |/ |/ |/
data are transmitted to closed ports and received by a
|/ |/ |/ |/ |/ |/ |/ |/ |/ |/
monitoring daemon which intercepts the information without
|/ |/ |/ |/ |/ |/ |/
sending a receipt to the sender. - CORRECT ANSWERS ✔✔Port
|/ |/ |/ |/ |/ |/ |/ |/ |/ |/
Knocking
|/
Can all issues with complexity be avoided through the use of one
|/ |/ |/ |/ |/ |/ |/ |/ |/ |/ |/
of the secure design principles identified in class? - CORRECT
|/ |/ |/ |/ |/ |/ |/ |/ |/ |/
ANSWERS ✔✔No
|/ |/
The number of bugs introduced by a bug fix release may actually
|/ |/ |/ |/ |/ |/ |/ |/ |/ |/ |/
exceed the number of bugs fixed by that release. - CORRECT
|/ |/ |/ |/ |/ |/ |/ |/ |/ |/ |/
ANSWERS ✔✔True
|/ |/
, In cyber security, one of the best ways to protect a computer or
|/ |/ |/ |/ |/ |/ |/ |/ |/ |/ |/ |/
network is with a strategy called defense in depth. This strategy
|/ |/ |/ |/ |/ |/ |/ |/ |/ |/ |/
means that there are multiple defenses put in place. If one fails,
|/ |/ |/ |/ |/ |/ |/ |/ |/ |/ |/ |/
it is likely another will catch the problem. Which method of
|/ |/ |/ |/ |/ |/ |/ |/ |/ |/ |/
reducing complexity is this concept most closely aligned with? -
|/ |/ |/ |/ |/ |/ |/ |/ |/ |/
CORRECT ANSWERS ✔✔Layering
|/ |/ |/
When viewing a Drone Pilot app, the screen will show "flight
|/ |/ |/ |/ |/ |/ |/ |/ |/ |/
instruments" that indicate how fast the drone is flying and how
|/ |/ |/ |/ |/ |/ |/ |/ |/ |/ |/
high it is off the ground. Which method is this an example of? -
|/ |/ |/ |/ |/ |/ |/ |/ |/ |/ |/ |/ |/ |/
CORRECT ANSWERS ✔✔Abstraction
|/ |/ |/
While a password should be long and complex so that it will be
|/ |/ |/ |/ |/ |/ |/ |/ |/ |/ |/ |/
difficult to break, the password should be easy for you to
|/ |/ |/ |/ |/ |/ |/ |/ |/ |/ |/
remember. One way to do this is to take the first letter of each
|/ |/ |/ |/ |/ |/ |/ |/ |/ |/ |/ |/ |/ |/
word from a song that you know. Which design principle is this
|/ |/ |/ |/ |/ |/ |/ |/ |/ |/ |/ |/
most closely aligned with? - CORRECT ANSWERS ✔✔Simplicity
|/ |/ |/ |/ |/ |/ |/ |/
Which of the following was described as one of the main
|/ |/ |/ |/ |/ |/ |/ |/ |/ |/
drawback to the waterfall software development model? -
|/ |/ |/ |/ |/ |/ |/ |/
CORRECT ANSWERS ✔✔The Waterfall model does not easily
|/ |/ |/ |/ |/ |/ |/ |/
accommodate change after the process is underway. One phase
|/ |/ |/ |/ |/ |/ |/ |/ |/
has to be completed before moving onto the next phase.
|/ |/ |/ |/ |/ |/ |/ |/ |/ |/
Which of the following are advantages of an iterative design
|/ |/ |/ |/ |/ |/ |/ |/ |/
process? - CORRECT ANSWERS ✔✔B,C,D, but not A
|/ |/ |/ |/ |/ |/ |/ |/
A....It results in the fastest development of software; it is the
|/ |/ |/ |/ |/ |/ |/ |/ |/ |/
quickest design process.
|/ |/ |/
