COP4360_Final Review_True/False

Question 1

T or F

It is not possible to spread a virus via an USB stick.

Answer 1

False

Question 2

T or F

Malicious software aims to trick users into revealing sensitive personal data.

Answer 2

False

Question 3

T or F

Many forms of infection can be blocked by denying normal users the right to modify programs on the system

Answer 3

True

Question 4

T or F

In addition to propagating, a worm usually carries some form of payload.

Answer 4

true

Question 5

T or F

Flooding attacks take a variety of forms based on which network protocol is being used to implement the attack.

Answer 5

True

Question 6

SYN-ACK and ACK packets are transported using IP, which is an unreliable network protocol.

Answer 6

True

Question 7

A cyberslam is an application attack that consumes significant resources, limiting the server’s ability to respond to valid requests from other users.

Answer 7

true

Question 8

The SYN spoofing attack targets the table of TCP connections on the server.

Answer 8

True

Question 9

Given sufficiently privileged access to the network handling code on a computer system, it is difficult to create packets with a forged source address.

Answer 9

false

Question 10

A DoS attack targeting application resources typically aims to overload or crash its network handling software.

Answer 10

false

Question 11

The attacker needs access to a high-volume network connection for a SYN spoof attack.

Answer 11

false

Question 12

Intrusion detection is based on the assumption that the behavior of the intruder differs from that of a legitimate user in ways that can be quantified.

Answer 12

true

Question 13

The IDS component responsible for collecting data is the user interface.

Answer 13

false

Question 14

Activists are either individuals or members of an organized crime group with a goal of financial reward.

Answer 14

false

Question 15

The primary purpose of an IDS is to detect intrusions, log suspicious events, and send alerts.

Answer 15

true

Question 16

Intruders typically use steps from a common attack methodology

Answer 16

true

Question 17

An intruder can also be referred to as a hacker or cracker

Answer 17

true

Question 18

Those who hack into computers do so for the thrill of it or for status.

Answer 18

true

Question 19

Signature-based approaches attempt to define normal, or expected, behavior, whereas anomaly approaches attempt to define proper behavior.

Answer 19

false

Question 20

Running a packet sniffer on a workstation to capture usernames and passwords is an example of intrusion.

Answer 20

True

Question 21

A firewall can serve as the platform for IPSec.

Answer 21

True

Question 22

The firewall can protect against attacks that bypass the firewall.

Answer 22

False

Question 23

A traditional packet filter makes filtering decisions on an individual packet basis and does not take into consideration any higher layer context.

Answer 23

True

Question 24

The firewall may be a single computer system or a set of two or more systems that cooperate to perform the firewall function.

Answer 24

True

Question 25

A DMZ is one of the internal firewalls protecting the bulk of the enterprise network

Answer 25

false

Question 26

One disadvantage of a packet filtering firewall is its simplicity

Answer 26

false

Question 27

A prime disadvantage of an application-level gateway is the additional processing overhead on each connection.

Answer 27

True

Question 28

The primary role of the personal firewall is to deny unauthorized remote access to the computer.

Answer 28

True

Question 29

A packet filtering firewall is typically configured to filter packets going in both directions.

Answer 29

True

Question 30

Detecting and reacting to incidents is not a function of IT security management.

Answer 30

False

Question 31

IT security management has evolved considerably over the last few decades due to the rise in risks to networked systems

Answer 31

True

Question 32

Organizational security objectives identify what IT security outcomes should be achieved.

Answer 32

True

Question 33

IT security management consists of first determining a clear view of an organization’s IT security objectives and general risk profile.

Answer 33

True

Question 34

Once the IT management process is in place and working the process never needs to be repeated.

Answer 34

False

Question 35

IT security needs to be a key part of an organization’s overall management plan.

Answer 35

True

Question 36

Water damage protection is included in security controls

Answer 36

true

Question 37

To ensure that a suitable level of security is maintained, management must follow up the implementation with an evaluation of the effectiveness of the security controls

Answer 37

True

Question 38

Management controls refer to issues that management needs to address

Answer 38

false

Question 39

Detection and recovery controls provide a means to restore lost computing resources.

Answer 39

True

Question 40

Operational controls range from simple to complex measures that work together to secure critical and sensitive data, information, and IT systems functions.

Answer 40

false

Question 41

Complying with regulations and contractual obligations is a benefit of security awareness, training, and education programs.

Answer 41

true

Question 42

Security awareness, training, and education programs may be needed to comply with regulations and contractual obligations

Answer 42

true

Question 43

To emphasize the importance of security awareness, an organization should have a security awareness policy document that is provided to all employees.

Answer 43

true

Question 44

Awareness only communicates information security policies and procedures that need to be followed and does not provide the foundation for any sanctions or disciplinary actions imposed for noncompliance.

Answer 44

False

Question 45

The education and experience learning level provides the foundation for subsequent training by providing a universal baseline of key security terms and concepts.

Answer 45

False

Question 46

Employee behavior is not a critical concern in ensuring the security of computer systems

Answer 46

false

Question 47

Employees cannot be expected to follow policies and procedures of which they are unaware.

Answer 47

True

Question 48

Security basics and literacy is required for those employees, including contractor employees, who are involved in any way with IT systems.

Answer 48

true

Question 49

Awareness is used to explain the rules of behavior for using an agency’s information systems and information and establishes a level of expectation on the acceptable use of the information and information systems

Answer 49

true

Question 50

Programmers, developers, and system maintainers require less advanced security training than other employees.

Answer 50

false