CISA Refresher 2 Flashcards
A validity chekc would be the most useful for the verification of passwords because it would verify that the required format has been used
TRUE
a certificate always includes
public key, expiration date and owner’s information
SSL provides end point authentication and communication privacy over internet using cryptography
TRUE
HTTPS uses prublic key certificates to verify the iddentity of end points
TRUE
SSL uses a hyprid of hesed, private and public key cryptographic processes to secure transactions over the inernet through a PKI
TRUE
The SSL handshake protocol is based on the application layer but provides for the security of the communication sessions too
TRUE
IP network layer packet security protocol establishes VPN via transport and tunnel mode encryption methods
TRUE
In establishing IPSec sessions in either mode
security associations are established
SA ( Security assosications)
define which security parameters should be applied between the communicating parties as encryption algorithms, Key , initialization vectors, life span of key etc
SSH is useful in securing telnet and FTP services, and it implemented as the application layer, as opposed to operating at network layer
TRUE
Secure multipurpose internet Mail Extensions (S/MIME)
A standard secure e-mail protocol that authenticates the identity of the sender and receiver
Secure electronic Transaction (SET)
is a protocol developed jointly by VISA and master card to secure payment transactions among all parties involved in credit card transactions on behalf of cardholders and merchants
SET is an application oriented protocal
TRUE
Worm
Variant of a virus frequently encountered, which unlike a virus, does not physically attach itself to another program. To propogate itself to host system. A work typically exploits security weaknesses in the operating systems configurations
Following are hardware tactics that can reduce the risk of infection
Use boot virus protection ( built in firmware based virus protections ), Use remote booting ( eg diskless workstations), Use hardware based password, Use write protected tabs on disc, Ensure that insecure protocols are blocked by firewall from external segment and internet
Antivirus softwars
are both preventive and detective tool
Scanners
Looks for sequence of bits called signatures that are typical of virus program
Two type scanners
Virus masked or signature based, Heuristic scanners
Heuristic scanners tend to generate a high level of false positive errors
TRUE
Heuristic scanners
analyse the code and decides on the basis of stastical probability whether it could contain malicous code
Active monitor
Interpret DOS andread onlymemory BIOS calls looking for virus like actions
Active monitors can be problematic because
they cannot distinguish between a user request and a program or virus request
Cyclic redundancy check
Compute a binary number on a known virus free program that is then stored in a database file. The number is called CRC
CRC check can be done only after infection is occured
TRUE
