COP4360_Final Review_True/False Flashcards

1
Q

T or F

It is not possible to spread a virus via an USB stick.

A

False

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

T or F

Malicious software aims to trick users into revealing sensitive personal data.

A

False

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

T or F

Many forms of infection can be blocked by denying normal users the right to modify programs on the system

A

True

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

T or F

In addition to propagating, a worm usually carries some form of payload.

A

true

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

T or F

Flooding attacks take a variety of forms based on which network protocol is being used to implement the attack.

A

True

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

SYN-ACK and ACK packets are transported using IP, which is an unreliable network protocol.

A

True

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

A cyberslam is an application attack that consumes significant resources, limiting the server’s ability to respond to valid requests from other users.

A

true

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

The SYN spoofing attack targets the table of TCP connections on the server.

A

True

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Given sufficiently privileged access to the network handling code on a computer system, it is difficult to create packets with a forged source address.

A

false

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

A DoS attack targeting application resources typically aims to overload or crash its network handling software.

A

false

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

The attacker needs access to a high-volume network connection for a SYN spoof attack.

A

false

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Intrusion detection is based on the assumption that the behavior of the intruder differs from that of a legitimate user in ways that can be quantified.

A

true

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

The IDS component responsible for collecting data is the user interface.

A

false

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Activists are either individuals or members of an organized crime group with a goal of financial reward.

A

false

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

The primary purpose of an IDS is to detect intrusions, log suspicious events, and send alerts.

A

true

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Intruders typically use steps from a common attack methodology

A

true

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

An intruder can also be referred to as a hacker or cracker

A

true

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

Those who hack into computers do so for the thrill of it or for status.

A

true

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

Signature-based approaches attempt to define normal, or expected, behavior, whereas anomaly approaches attempt to define proper behavior.

A

false

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

Running a packet sniffer on a workstation to capture usernames and passwords is an example of intrusion.

A

True

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

A firewall can serve as the platform for IPSec.

A

True

22
Q

The firewall can protect against attacks that bypass the firewall.

A

False

23
Q

A traditional packet filter makes filtering decisions on an individual packet basis and does not take into consideration any higher layer context.

A

True

24
Q

The firewall may be a single computer system or a set of two or more systems that cooperate to perform the firewall function.

A

True

25
Q

A DMZ is one of the internal firewalls protecting the bulk of the enterprise network

A

false

26
Q

One disadvantage of a packet filtering firewall is its simplicity

A

false

27
Q

A prime disadvantage of an application-level gateway is the additional processing overhead on each connection.

A

True

28
Q

The primary role of the personal firewall is to deny unauthorized remote access to the computer.

A

True

29
Q

A packet filtering firewall is typically configured to filter packets going in both directions.

A

True

30
Q

Detecting and reacting to incidents is not a function of IT security management.

A

False

31
Q

IT security management has evolved considerably over the last few decades due to the rise in risks to networked systems

A

True

32
Q

Organizational security objectives identify what IT security outcomes should be achieved.

A

True

33
Q

IT security management consists of first determining a clear view of an
organization’s IT security objectives and general risk profile.

A

True

34
Q

Once the IT management process is in place and working the process never needs to be repeated.

A

False

35
Q

IT security needs to be a key part of an organization’s overall management plan.

A

True

36
Q

Water damage protection is included in security controls

A

true

37
Q

To ensure that a suitable level of security is maintained, management must follow up the implementation with an evaluation of the effectiveness of the security controls

A

True

38
Q

Management controls refer to issues that management needs to address

A

false

39
Q

Detection and recovery controls provide a means to restore lost computing resources.

A

True

40
Q

Operational controls range from simple to complex measures that work together to secure critical and sensitive data, information, and IT systems functions.

A

false

41
Q

Complying with regulations and contractual obligations is a benefit of security awareness, training, and education programs.

A

true

42
Q

Security awareness, training, and education programs may be needed to comply with regulations and contractual obligations

A

true

43
Q

To emphasize the importance of security awareness, an organization should have a security awareness policy document that is provided to all employees.

A

true

44
Q

Awareness only communicates information security policies and procedures that need to be followed and does not provide the foundation for any sanctions or disciplinary actions imposed for noncompliance.

A

False

45
Q

The education and experience learning level provides the foundation for subsequent training by providing a universal baseline of key security terms and concepts.

A

False

46
Q

Employee behavior is not a critical concern in ensuring the security of computer systems

A

false

47
Q

Employees cannot be expected to follow policies and procedures of which they are unaware.

A

True

48
Q

Security basics and literacy is required for those employees, including contractor employees, who are involved in any way with IT systems.

A

true

49
Q

Awareness is used to explain the rules of behavior for using an agency’s information systems and information and establishes a level of expectation on the acceptable use of the information and information systems

A

true

50
Q

Programmers, developers, and system maintainers require less advanced security training than other employees.

A

false