1. This technology is used to measure and analyze human body characteristics for authentication purposes.

A. Footprinting

B. Biometrics

C. JBOD

D. Anthropomorphism

Correct : B. Biometrics

2. __________ is an electronic or paper log used to track computer activity.

A. Traceroute

B. Cookie

C. Weblog

D. Audit trail

Correct : D. Audit trail

3. This is a series of messages sent by someone attempting to break into a computer to learn which computer network services the computer provides.

A. Bit robbing

B. Web services description language (WSDL)

C. Jabber

D. Port scan

Correct : D. Port scan

4. This is the name for a group of programmers who are hired to expose errors or security holes in new software or to find out why a computer network's security is being broken.

A. ERM group

B. Computer emergency response tea

C. Tiger team

D. Silicone cockroach

Correct : C. Tiger team

5. This is a mechanism for ensuring that only authorized users can copy or use specific software applications.

A. Authorized program analysis report

B. Private key

C. Service level agreement

D. Dongle

Correct : D. Dongle

6. At which two traffic layers do most commercial IDSes generate signatures?

A. Application layer

B. Network layer

C. Session layer

D. Transport layer

Correct : B. Network layer

7. This is a Peripheral Component Interconnect (PCI) card that offloads SSL processing to speed up secure transactions on e-commerce Web sites.

A. PCMCIA card

B. Smart card

C. Server accelerator card

D. Network interface card

Correct : C. Server accelerator card

8. ___________is a form of eavesdropping used to pick up telecommunication signals by monitoring the electromagnetic fields produced by the signals.

A. Reverse engineering

B. Magneto resistive head technology

C. Van Eck phreaking

D. Electronic data processing (EDP)

Correct : C. Van Eck phreaking

9. This enables users of a basically unsecure public network such as the Internet to securely and privately exchange data and money through the use of a public and a private cryptographic key pair that is obtained and shared through a trusted authority.

A. Security Identifier (SID)

B. Public key infrastructure (PKI)

C. Internet Assigned Numbers Authority (IANA)

D. Private Branch Exchange (PBX)

Correct : B. Public key infrastructure (PKI)

10. This is an assault on the integrity of a security system in which the attacker substitutes a section of cipher text (encrypted text) with a different section that looks like (but is not the same as) the one removed.

A. Trojan horse

B. Hashing

C. Switching fabric

D. Cut and paste attack

Correct : D. Cut and paste attack

11. Which of the following is an advantage of anomaly detection?

A. Rules are easy to define.

B. Custom protocols can be easily analyzed.

C. The engine can scale as the rule set grows.

D. Malicious activity that falls within normal usage patterns is detected.

Correct : C. The engine can scale as the rule set grows.

12. A false positive can be defined as…

A. An alert that indicates nefarious activity on a system that, upon further inspection, turns out to represent legitimate network traffic or behavior.

B. An alert that indicates nefarious activity on a system that is not running on the network.

C. The lack of an alert for nefarious activity.

D. Both a. and b.

Correct : D. Both a. and b.

13. This is an encryption/decryption key known only to the party or parties that exchange secret messages.

A. E-signature

B. Digital certificate

C. Private key

D. Security token

Correct : C. Private key

14. What is the purpose of a shadow honeypot?

A. To flag attacks against known vulnerabilities

B. To help reduce false positives in a signature-based IDS.

C. To randomly check suspicious traffic identified by an anomaly detection system.

D. To enhance the accuracy of a traditional honeypot.

Correct : C. To randomly check suspicious traffic identified by an anomaly detection system.

15. This is is the hiding of a secret message within an ordinary message and the extraction of it at its destination.

A. Secret key algorithm

B. Message queuing

C. Spyware

D. Steganography

Correct : D. Steganography

16. An IDS follows a two-step process consisting of a passive component and an active component. Which of the following is part of the active component?

A. Inspection of password files to detect inadvisable passwords

B. Mechanisms put in place to reenact known methods of attack and record system responses

C. Inspection of system to detect policy violations

D. Inspection of configuration files to detect inadvisable settings

Correct : B. Mechanisms put in place to reenact known methods of attack and record system responses

17. When discussing IDS/IPS, what is a signature?

A. An electronic signature used to authenticate the identity of a user on the network

B. Attack-definition file

C. It refers to "normal," baseline network behavior

D. None of the above

Correct : B. Attack-definition file

18. "Semantics-aware" signatures automatically generated by Nemean are based on traffic at which two layers?

A. Application layer

B. Network layer

C. Session layer

D. Both a and c

Correct : D. Both a and c

19. In what type of attack does an intruder manipulate a URL in such a way that the Web server executes or reveals the contents of a file anywhere on the server, including those lying outside the document root directory?

A. Cross-site scripting

B. Command injection

C. SQL injection

D. Path traversal attacks

Correct : D. Path traversal attacks

20. Which of the following is true of improper error handling?

A. Attackers can use error messages to extract specific information from a system.

B. Attackers can use unexpected errors to knock an application off line, creating a denial-of- service attack.

C. Unexpected errors can provide an attacker with a buffer or stack overflow condition that sets the stage for an arbitrary code execution.

D. All of the above.

Correct : D. All of the above.

21. Which of the following is NOT recommended for securing Web applications against authenticated users?

A. Client-side data validation

B. Filtering data with a default deny regular expression

C. Running the application under least privileges necessary

D. Using parameterized queries to access a database

Correct : A. Client-side data validation

22. In which of the following exploits does an attacker insert malicious coding into a link that appears to be from a trustworthy source?

A. Cross-site scripting

B. Command injection

C. Path traversal attack

D. Buffer overflow

Correct : A. Cross-site scripting

23. In which of the following exploits does an attacker add SQL code to a Web form input box to gain access to resources or make changes to data?

A. Cross-site scripting

B. Command injection

C. SQL injection

D. Buffer overflow

Correct : C. SQL injection

24. Which of the following is characteristic of spyware?

A. Blocking access to antivirus and antispyware updates

B. Aggregating surfing habits across multiple users for advertising

C. Customizing search results based on an advertiser's needs

D. All of the above

Correct : B. Aggregating surfing habits across multiple users for advertising

25. One of the most obvious places to put an IDS sensor is near the firewall. Where exactly in relation to the firewall is the most productive placement?

A. Inside the firewall

B. Outside the firewall

C. Both

D. None

Correct : A. Inside the firewall

26. This was commonly used in cryptography during World War II.

A. Tunneling

B. Personalization

C. Van Eck phreaking

D. One-time pad

Correct : D. One-time pad

27. Today, many Internet businesses and users take advantage of cryptography based on this approach.

A. Public key infrastructure

B. Output feedback

C. Encrypting File System

D. Single sign on

Correct : A. Public key infrastructure

28. This is the name for the issuer of a PKI certificate.

A. Man in the middle

B. Certificate authority

C. Resource Access Control Facility

D. Script kiddy

Correct : B. Certificate authority

29. Developed by Philip R. Zimmermann, this is the most widely used privacy-ensuring program by individuals and is also used by many corporations.

A. DS

B. OCSP

C. Secure HTTP

D. Pretty Good Privacy

Correct : D. Pretty Good Privacy

30. This is the encryption algorithm that will begin to supplant the Data Encryption Standard (DES) - and later Triple DES - over the next few years as the new standard encryption algorithm.

A. Rijndael

B. Kerberos

C. Blowfish

D. IPsec

Correct : A. Rijndael

31. This is the inclusion of a secret message in otherwise unencrypted text or images.

A. Masquerade

B. Steganography

C. Spoof

D. Eye-in-hand system

Correct : B. Steganography

32. In password protection, this is a random string of data used to modify a password hash.

A. Sheepdip

B. Salt

C. Bypass

D. Dongle

Correct : B. Salt

33. This is a mode of operation for a block cipher, with the characteristic that each possible block of plaintext has a defined corresponding cipher text value and vice versa.

A. Foot printing

B. Hash function

C. Watermark

D. Electronic Code Book

Correct : D. Electronic Code Book

34. This is a trial and error method used to decode encrypted data through exhaustive effort rather than employing intellectual strategies.

A. Chaffing and winnowing

B. Cryptanalysis

C. Serendipity

D. Brute force cracking

Correct : D. Brute force cracking

35. An intruder might install this on a networked computer to collect user ids and passwords from other machines on the network.

A. Passphrase

B. Root kit

C. Ownership tag

D. Token

Correct : B. Root kit

36. This type of intrusion relies on the intruder's ability to trick people into breaking normal security procedures.

A. Shoulder surfing

B. Hijacking

C. Brain fingerprinting

D. Social engineering

Correct : D. Social engineering

37. The developers of an operating system or vendor application might issue this to prevent intruders from taking advantage of a weakness in their programming.

A. Cookie

B. Key fob

C. Watermark

D. Patch

Correct : D. Patch

38. This is an attack on a computer system that takes advantage of a particular vulnerability that the system offers to intruders.

A. Port scan

B. Denial of service

C. Exploit

D. Logic bomb

Correct : C. Exploit

39. This is a program in which harmful code is contained inside apparently harmless programming or data.

A. Snort

B. Honeypot

C. Blue bomb

D. Trojan horse

Correct : D. Trojan horse

40. This is the modification of personal information on a Web user's computer to gain unauthorized information with which to obtain access to the user's existing accounts.

A. Identity theft

B. Cookie poisoning

C. Shoulder surfing

D. Relative identifier

Correct : B. Cookie poisoning

41. This type of attack may cause additional damage by sending data containing codes designed to trigger specific actions - for example, changing data or disclosing confidential information.

A. Buffer overflow

B. Block cipher

C. War dialing

D. Distributed denial-of-service attack

Correct : A. Buffer overflow

42. This is the forging of an e-mail header so that the message appears to have originated from someone or somewhere other than the actual source.

A. Foot printing

B. Non repudiation

C. E-mail spoofing

D. Finger

Correct : C. E-mail spoofing

43. This is a type of network security attack in which the intruder takes control of a communication between two entities and masquerades as one of them.

A. Hijacking

B. Identity theft

C. Smurf attack

D. Tunneling

Correct : A. Hijacking

44. This is a compromised Web site that is being used as an attack launch point in a denialof-service attack.

A. Bastion host

B. Packet monkey

C. Dongle

D. Zombie

Correct : D. Zombie

45. This electronic "credit card" establishes a user's credentials when doing business or other transactions on the Web and is issued by a certification authority.

A. Private key

B. Digital certificate

C. Smart card

D. Ownership tag

Correct : B. Digital certificate

46. What "layer" of an e-mail message should you consider when evaluating e-mail security?

A. TCP/IP

B. SMTP

C. Body

D. All of the above

Correct : D. All of the above

Quiznetik

Information Security | Set 1

1. This technology is used to measure and analyze human body characteristics for authentication purposes.

2. __________ is an electronic or paper log used to track computer activity.

3. This is a series of messages sent by someone attempting to break into a computer to learn which computer network services the computer provides.

4. This is the name for a group of programmers who are hired to expose errors or security holes in new software or to find out why a computer network's security is being broken.

5. This is a mechanism for ensuring that only authorized users can copy or use specific software applications.

6. At which two traffic layers do most commercial IDSes generate signatures?

7. This is a Peripheral Component Interconnect (PCI) card that offloads SSL processing to speed up secure transactions on e-commerce Web sites.

8. ___________is a form of eavesdropping used to pick up telecommunication signals by monitoring the electromagnetic fields produced by the signals.

9. This enables users of a basically unsecure public network such as the Internet to securely and privately exchange data and money through the use of a public and a private cryptographic key pair that is obtained and shared through a trusted authority.

10. This is an assault on the integrity of a security system in which the attacker substitutes a section of cipher text (encrypted text) with a different section that looks like (but is not the same as) the one removed.

11. Which of the following is an advantage of anomaly detection?

12. A false positive can be defined as…

13. This is an encryption/decryption key known only to the party or parties that exchange secret messages.

14. What is the purpose of a shadow honeypot?

15. This is is the hiding of a secret message within an ordinary message and the extraction of it at its destination.

16. An IDS follows a two-step process consisting of a passive component and an active component. Which of the following is part of the active component?

17. When discussing IDS/IPS, what is a signature?

18. "Semantics-aware" signatures automatically generated by Nemean are based on traffic at which two layers?

19. In what type of attack does an intruder manipulate a URL in such a way that the Web server executes or reveals the contents of a file anywhere on the server, including those lying outside the document root directory?

20. Which of the following is true of improper error handling?

21. Which of the following is NOT recommended for securing Web applications against authenticated users?

22. In which of the following exploits does an attacker insert malicious coding into a link that appears to be from a trustworthy source?

23. In which of the following exploits does an attacker add SQL code to a Web form input box to gain access to resources or make changes to data?

24. Which of the following is characteristic of spyware?

25. One of the most obvious places to put an IDS sensor is near the firewall. Where exactly in relation to the firewall is the most productive placement?

26. This was commonly used in cryptography during World War II.

27. Today, many Internet businesses and users take advantage of cryptography based on this approach.

28. This is the name for the issuer of a PKI certificate.

29. Developed by Philip R. Zimmermann, this is the most widely used privacy-ensuring program by individuals and is also used by many corporations.

30. This is the encryption algorithm that will begin to supplant the Data Encryption Standard (DES) - and later Triple DES - over the next few years as the new standard encryption algorithm.

31. This is the inclusion of a secret message in otherwise unencrypted text or images.

32. In password protection, this is a random string of data used to modify a password hash.

33. This is a mode of operation for a block cipher, with the characteristic that each possible block of plaintext has a defined corresponding cipher text value and vice versa.

34. This is a trial and error method used to decode encrypted data through exhaustive effort rather than employing intellectual strategies.

35. An intruder might install this on a networked computer to collect user ids and passwords from other machines on the network.

36. This type of intrusion relies on the intruder's ability to trick people into breaking normal security procedures.

37. The developers of an operating system or vendor application might issue this to prevent intruders from taking advantage of a weakness in their programming.

38. This is an attack on a computer system that takes advantage of a particular vulnerability that the system offers to intruders.

39. This is a program in which harmful code is contained inside apparently harmless programming or data.

40. This is the modification of personal information on a Web user's computer to gain unauthorized information with which to obtain access to the user's existing accounts.

41. This type of attack may cause additional damage by sending data containing codes designed to trigger specific actions - for example, changing data or disclosing confidential information.

42. This is the forging of an e-mail header so that the message appears to have originated from someone or somewhere other than the actual source.

43. This is a type of network security attack in which the intruder takes control of a communication between two entities and masquerades as one of them.

44. This is a compromised Web site that is being used as an attack launch point in a denialof-service attack.

45. This electronic "credit card" establishes a user's credentials when doing business or other transactions on the Web and is issued by a certification authority.

46. What "layer" of an e-mail message should you consider when evaluating e-mail security?