Chapter 7 ( Lecture 6) Flashcards

1
Q
  1. How does a worm travel from system to system?
A
  1. Worms travel from system to system under their own power by exploiting flaws in networking software.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q
  1. Describe three benefits of using applets instead of server-side code for web applications.
A
  1. The processing burden is shifted from the server to the client, allowing the web server to handle a greater number of simultaneous requests. The client uses local resources to process the data, usually resulting in a quicker response. The privacy of client data is protected because information does not need to be transmitted to the web server.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q
  1. What are the three requirements for an operational reference monitor in a secure computing system?
A
  1. It must be tamperproof, it must always be invoked, and it must be small enough to be subject to analysis and tests, the completeness of which can be assured.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q
  1. What operating systems are capable of processing ActiveX controls posted on a website?
A
  1. Microsoft Windows platforms only.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q
  1. What type of key is selected by the database developer to uniquely identify data within a relational database table?
A
  1. Primary key.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q
  1. What database security technique appears to permit the insertion of multiple rows sharing the same uniquely identifying information?
A
  1. Polyinstantiation.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q
  1. Explain the difference between static and dynamic analysis of application code.
A
  1. Static analysis performs assessment of the code itself, analyzing the sequence of instructions for security flaws. Dynamic analysis tests the code in a live production environment, searching for runtime flaws.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q
  1. How far backward does the waterfall model allow developers to travel when a development flaw is discovered?
A
  1. One phase.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q
  1. Which one of the following malicious code objects might be inserted in an application by a disgruntled software developer with the purpose of destroying system data after the developer’s account has been deleted (presumably following their termination)?

A. Virus

B. Worm

C. Trojan horse

D. Logic bomb

A

D. Logic bombs are malicious code objects programmed to lie dormant until certain logical conditions, such as a certain date, time, system event, or other criteria, are met. At that time, they spring into action, triggering their payload.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q
  1. What term is used to describe code objects that act on behalf of a user and operate in an unattended manner?

A. Agent

B. Worm

C. Applet

D. Browser

A

A. Intelligent agents, also called bots, are code objects programmed to perform certain operations on behalf of a user in their absence.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q
  1. What portion of the change management process allows developers to prioritize tasks?

A. Release control

B. Configuration control

C. Request control

D. Change audit

A

C. The request control provides users with a framework to request changes and developers with the opportunity to prioritize those requests.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q
  1. Which of the following characteristics can be used to differentiate worms from viruses?

A. Worms infect a system by overwriting data on storage devices.

B. Worms always spread from system to system without user intervention.

C. Worms always carry a malicious payload that impacts infected systems.

D. All of the above.

A

B. The major difference between viruses and worms is that worms are self-replicating, whereas viruses require user intervention to spread from system to system. Both viruses and worms are capable of carrying malicious payloads.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q
  1. What programming language(s) can be used to develop ActiveX controls for use on an Internet site?

A. Visual Basic

B. C

C. Java

D. All of the above

A

D. Microsoft’s ActiveX technology supports a number of programming languages, including Visual Basic, C, C++, and Java. On the other hand, only the Java language can be used to write Java applets.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q
  1. What form of access control is concerned primarily with the data stored by a field?

A. Content-dependent

B. Context-dependent

C. Semantic integrity mechanisms

D. Perturbation

A

A. Content-dependent access control is focused on the internal data of each field.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q
  1. Which one of the following key types is used to enforce referential integrity between database tables?

A. Candidate key

B. Primary key

C. Foreign key

D. Super key

A

C. Foreign keys are used to enforce referential integrity constraints between tables that participate in a relationship.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q
  1. Richard believes that a database user is misusing his privileges to gain information about the company’s overall business trends by issuing queries that combine data from a large number of records. What process is the database user taking advantage of?

A. Inference

B. Contamination

C. Polyinstantiation

D. Aggregation

A

D. In this case, the process the database user is taking advantage of is aggregation. Aggregation attacks involve the use of specialized database functions to combine information from a large number of database records to reveal information that may be more sensitive than the information in individual records would reveal.

17
Q
  1. What database technique can be used to prevent unauthorized users from determining classified information by noticing the absence of information normally available to them?

A. Inference

B. Manipulation

C. Polyinstantiation

D. Aggregation

A

C. Polyinstantiation allows the insertion of multiple records that appear to have the same primary key values into a database at different classification levels.

18
Q
  1. Which one of the following terms cannot be used to describe the main RAM of a typical computer system?

A. Volatile

B. Sequential access

C. Real memory

D. Primary memory

A

B. Random access memory (RAM) allows for the direct addressing of any point within the resource. A sequential access storage medium, such as a magnetic tape, requires scanning through the entire media from the beginning to reach a specific address.

19
Q
  1. What type of information is used to form the basis of an expert system’s decision-making process?

A. A series of weighted layered computations

B. Combined input from a number of human experts, weighted according to past performance

C. A series of “if/then” rules codified in a knowledge base

D. A biological decision-making process that simulates the reasoning process used by the human mind

A

C. Expert systems utilize a knowledge base consisting of a series of “if/then” statements to form decisions based upon the previous experience of human experts.

20
Q
  1. Which one of the following intrusion detection systems makes use of an expert system to detect anomalous user activity?

A. PIX

B. ID10T

C. AAFID

D. NIDES

A

D. The Next-Generation Intrusion Detection Expert System (NIDES) is an expert-system-based intrusion detection system. PIX is a firewall, and ID10T and AAFID are intrusion detection systems that do not utilize expert systems.

21
Q
  1. Which of the following acts as a proxy between two different systems to support interaction and simplify the work of programmers?

A. SDLC

B. ODBC

C. DSS

D. Abstraction

A

B. ODBC acts as a proxy between applications and the backend DBMS.

22
Q
  1. In what type of software testing does the tester have access to the underlying source code?

A. Static testing

B. Dynamic testing

C. Cross-site scripting testing

D. Black box testing

A

A. In order to conduct a static test, the tester must have access to the underlying source code.

23
Q
  1. In systems utilizing a ring protection scheme, at what level does the security kernel reside?

A. Level 0

B. Level 1

C. Level 2

D. Level 3

A

A. The security kernel and reference monitor reside at Level 0 in the ring protection scheme, where they have unrestricted access to all system resources.

24
Q
  1. Which database security risk occurs when data from a higher classification level is mixed with data from a lower classification level?

A. Aggregation

B. Inference

C. Contamination

D. Polyinstantiation

A

C. Contamination is the mixing of data from a higher classification level and/or need-to-know requirement with data from a lower classification level and/or need-to-know requirement.

25
Q
  1. What database security technology involves creating two or more rows with seemingly identical primary keys that contain different data for users with different security clearances?

A. Polyinstantiation

B. Cell suppression

C. Aggregation

D. Views

A

A. Database developers use polyinstantiation, the creation of multiple records that seem to have the same primary key, to protect against inference attacks.

26
Q
  1. Which one of the following is not part of the change management process?

A. Request control

B. Release control

C. Configuration audit

D. Change control

A

C. Configuration audit is part of the configuration management process rather than the change control process.

27
Q
  1. What transaction management principle ensures that two transactions do not interfere with each other as they operate on the same data?

A. Atomicity

B. Consistency

C. Isolation

D. Durability

A

C. The isolation principle states that two transactions operating on the same data must be temporarily separated from each other such that one does not interfere with the other.

28
Q
  1. Tom built a database table consisting of the names, telephone numbers, and customer IDs for his business. The table contains information on 30 customers. What is the degree of this table?

A. Two

B. Three

C. Thirty

D. Undefined

A

B. The cardinality of a table refers to the number of rows in the table while the degree of a table is the number of columns.