Chapter 1 Flashcards
Combo: Quiz 1 plus Book End of Chapter Questions
One of the challenges in combating cyberterrorism is that many of the prime targets are not owned and managed by the federal government.
(T/F)
True
Define Script kiddies
Individuals who want to attack computers yet they lack the knowledge of computers and networks needed to do so.
Smart phones give the owner of the device the ability to download security updates.
(T/F)
False
To mitigate risk is the attempt to address risk by making the risk less serious.
(T/F)
True
Describe the security principle of simplicity.
As much as possible, a secure system should be simple for those on the inside to understand and use.
To date, the single most expensive malicious attack occurred in 2000, which cost an estimated $8.7 billion. What was the name of this attack?
Love bug
The CompTIA Security+ certification is a vendor-neutral credential.
(T/F)
True
What are the measures for achieving availability?
redundancy, fault tolerance, patching
Proxies are “devices” that are strictly software-only.
(T/F)
Falase
A proxy server is a device which can be either software or hardware based. It intercepts messages entering and leaving the network, and makes outgoing requests on behalf of users. Its primary function is enhancing web surfing performance.
A rootkit can hide its presence, but not the presence of other malware.
(T/F)
False
d. MisconfigurationsIan recently earned his security certification and has been offered a promotion to a position that requires him to analyze and design security solutions as well as identifying users’ needs. Which of these generally recognized security positions has Ian been offered?
a. Security administrator
b. Security technician
c. Security officer
d. Security manager
a. Security administrator
Alyona has been asked by her supervisor to give a presentation regarding reasons why security attacks continue to be successful. She has decided to focus on the issue of widespread vulnerabilities. Which of the following would Alyona NOT include in her presentation?
a. Large number of vulnerabilities
b. End-of-life systems
c. Lack of vendor support
d. Misconfigurations
d. Misconfigurations
Tatyana is discussing with her supervisor potential reasons why a recent attack was successful against one of their systems. Which of the following configuration issues would NOT covered?
a. Default configurations
b. Weak configurations
c. Vulnerable business processes
d. Misconfigurations
c. Vulnerable business processes
What is a race condition?
a. When a vulnerability is discovered and there is a race to see if it can be patched before it is exploited by attackers.
b. When two concurrent threads of execution access a shared resource simultaneously, resulting in unintended consequences.
c. When an attack finishes its operation before antivirus can complete its work.
d. When a software update is distributed prior to a vulnerability being discovered.
b. When two concurrent threads of execution access a shared resource simultaneously, resulting in unintended consequences.
Which the following is NOT a reason why it is difficult to defend against today’s attackers?
a. Delay in security updating
b. Greater sophistication of defense tools
c. Increased speed of attacks
d. Simplicity of attack tools
b. Greater sophistication of defense tools