exam 1 review

Question 1

Security mechanisms typically do not involve more than one particular algorithm or protocol (T/F)

Answer 1

false

Question 2

The first step in devising security services and mechanisms is to develop a security policy (T/F)

Answer 2

true

Question 3

To exploit any type of buffer overflow the attacker needs to identify a buffer overflow vulnerability in some program that can be triggered using externally sourced data under the attacker’s control (T/F)

Answer 3

true

Question 4

Shellcode is not specific to a particular processor architecture

Answer 4

false

Question 5

An attacker can generally determine in advance exactly where the targeted buffer will be located in the stack frame of the function in which it is defined.

Answer 5

false

Question 6

It is possible to write a compiler tool to check any C program and identify all possible buffer overflow bugs.

Answer 6

false

Question 7

The OpenSSL heartbleed vulnerability would have been prevented if OpenSSL had been implemented in Java (and the Java runtime environment works properly).

Answer 7

True

Question 8

ASLR (if implemented correctly) can prevent return‐to‐libc attacks

Answer 8

True

Question 9

_____ assures that individuals control or influence what information related to them may be collected and stored and by whom and to whom that information may be disclosed.

Answer 9

Privacy

Question 10

____ assures that a system performs its intended function in an unimpaired manner, free from deliberate or inadvertent unauthorized manipulation of the system.

Answer 10

System Integrity

Question 11

A loss of _______ is the unauthorized disclosure of information.

Answer 11

confidentiality

Question 12

A flaw or weakness in a system?s design, implementation, or operation and management that could be exploited to violate the system?s security policy is a(n) ______.

Answer 12

vulnerability

Question 13

An assault on system security that derives from an intelligent act that is a deliberate attempt to evade security services and violate the security policy of a system is a(n) _____.

Answer 13

attack

Question 14

A(n) ______ is an action, device, procedure, or technique that reduces a threat, a vulnerability, or an attack by eliminating or preventing it, by minimizing the harm it can cause, or by discovering and reporting it so that correct action can be taken.

Answer 14

countermeasure

Question 15

An example of ______ is an attempt by an unauthorized user to gain access to a system by posing as an authorized user.

Answer 15

masquerade

Question 16

The assurance that data received are exactly as sent by an authorized entity is _____.

Answer 16

data integrity

Question 17

A consequence of a buffer overflow error is _____.

Answer 17

(all of the above)

• corruption of data used by the program
• unexpected transfer of control in the program
• possible memory access violation

Question 18

The function of ______ was to transfer control to a user command‐line interpreter, which gave access to any program available on the system with the privileges of the attacked program.

Answer 18

shellcode

Question 19

______ is a form of buffer overflow attack.

Answer 19

(all of the above)

• Heap overflows
• Return to system call
• Replacement stack frame

Question 20

A buffer can be located ______.

Answer 20

(all of the above)

• in the heap
• on the stack
• in the data section of the process

Question 21

Each layer of code needs appropriate hardening measures in place to provide appropriate security services.

Answer 21

True

Question 22

It is possible for a system to be compromised during the installation process.

Answer 22

True

Question 23

The default configuration for many operating systems usually maximizes security.

Answer 23

False

Question 24

A malicious driver can potentially bypass many security controls to install malware.

Answer 24

True

Question 25

Performing regular backups of data on a system is a critical control that assists with maintaining the integrity of the system and user data.

Answer 25

True

Question 26

Many users choose a password that is too short or too easy to guess because it is hard for users to remember long and random passwords.

Answer 26

True

Question 27

User authentication is a procedure that allows communicating parties to verify that the contents of a received message have not been altered and that the source is authentic.

Answer 27

False

Question 28

In a biometric scheme some physical characteristic of the individual is mapped into a digital representation.

Answer 28

True

Question 29

Which of the following need to be taken into consideration during the system security planning process?

Answer 29

(all of the above) - how users are authenticated - the categories of users of the system - what access the system has to information stored on other hosts

Question 30

The following steps should be used to secure an operating system:

Answer 30

(all of the above) - test the security of the basic operating system - remove unnecessary services - install and patch the operating system

Question 31

_____ applications is a control that limits the programs that can execute on the system to just those in an explicit list.

Answer 31

White listing

Question 32

The most important changes needed to improve system security are to _____.

Answer 32

(all of the above) - disable remotely accessible services that are not required - ensure that applications and services that are needed are appropriately configured - disable services and applications that are not required

Question 33

Security concerns that result from the use of virtualized systems include ______.

Answer 33

(all of the above) - guest OS isolation - guest OS monitoring by the hypervisor - virtualized environment security

Question 34

Presenting or generating authentication information that corroborates the binding between the entity and the identifier is the _______.

Answer 34

verification step

Question 35

Recognition by fingerprint, retina, and face are examples of _______.

Answer 35

static biometrics

Question 36

Voice pattern, handwriting characteristics, and typing rhythm are examples _______.

Answer 36

dynamic biometrics

Question 37

A _____ strategy is one in which the system periodically runs its own password cracker to find guessable passwords.

Answer 37

reactive password checking

Question 38

Each individual who is to be included in the database of authorized users must first be ______ in the system.

Answer 38

enrolled

Question 39

Which of the following is an example of multi-factor authentication:

Answer 39

(all of the above) - Enter both a group password and a user password - Enter a pin number and put a finger on fingerprint reader - Use an authentication token (e.g., a smartcard) Incorrect

Question 40

Which of the following is a threat to or concern of biometric authentication:

Answer 40

(all of the above) - Inherent imprecision (e.g., two people may have their fingerprints digitally interpreted as the same) - Impersonation (e.g., use a voice recording) - Coercion (e.g., force the user to put his finger on the fingerprint reader)

Question 41

The principal objectives of computer security are to prevent unauthorized users from gaining access to resources, to prevent legitimate users from accessing resources in an unauthorized manner, and to enable legitimate users to access resources in an authorized manner.

Answer 41

True

Question 42

Security labels indicate which system entities are eligible to access certain resources.

Answer 42

False

Question 43

A user may belong to multiple groups.

Answer 43

True

Question 44

An access right describes the way in which a subject may access an object.

Answer 44

True

Question 45

Any program that is owned by, and SetUID to, the superuser potentially grants unrestricted access to the system to any user executing that program.

Answer 45

True

Question 46

No write down is also referred to as the *-property.

Answer 46

True

Question 47

A subject can exercise only accesses for which it has the necessary authorization and which satisfy the MAC rules.

Answer 47

True

Question 48

One way to secure against Trojan horse attacks is the use of a secure, trusted operating system.

Answer 48

True

Question 49

Multilevel security is of interest when there is a requirement to maintain a resource in which multiple levels of data sensitivity are defined.

Answer 49

True

Question 50

The Common Criteria for Information Technology and Security Evaluation are ISO standards for specifying security requirements and defining evaluation criteria.

Answer 50

True

Question 51

_____ implements a security policy that specifies who or what may have access to each specific system resource and the type of access that is permitted in each instance.

Answer 51

Access control

Question 52

_____ is the granting of a right or permission to a system entity to access a system resource.

Answer 52

Authorization

Question 53

______ controls access based on comparing security labels with security clearances.

Answer 53

MAC

Question 54

A(n) ______ is a named job function within the organization that controls this computer system.

Answer 54

role

Question 55

_____ provide a means of adapting RBAC to the specifics of administrative and security policies in an organization.

Answer 55

Constraints

Question 56

A multilevel secure system for confidentiality must enforce:

Answer 56

(all of the above) - no read up - ss-property - no write down

Question 57

The ______ Model was developed for commercial applications in which conflicts of interest can arise.

Answer 57

Chinese Wall

Question 58

______ data are data that may be derived from corporate data but that cannot be used to discover the corporation's identity.

Answer 58

Sanitized

Question 59

The _____ is a hardware module that is at the heart of a hardware/software approach to trusted computing.

Answer 59

TPM

Question 60

_____ is a process that ensures a system is developed and operated as intended by the system?s security policy.

Answer 60

Assurance

Question 61

External attacks are the only threats to database security. T/F

Answer 61

False

Question 62

A virus that attaches to an executable program can do anything that the program is permitted to do. T/F

Answer 62

True

Question 63

It is not possible to spread a virus via an USB stick. T/F

Answer 63

False

Question 64

A macro virus infects executable portions of code. T/F

Answer 64

False

Question 65

In addition to propagating, a worm usually carries some form of payload.

Answer 65

True

Question 66

_______ is the process of performing authorized queries and deducing unauthorized information from the legitimate responses received.

Answer 66

Inference

Question 67

______ is a defense against SQL Injection attacks.

Answer 67

Input validation

Question 68

To defense against database inference attacks, we can apply _______.

Answer 68

(All the above) - Perturbation - De-identification - Anonymization

Question 69

_______ are used to send large volumes of unwanted e-mail.

Answer 69

Spammer program

Question 70

A _______ is code inserted into malware that lies dormant until a predefined condition, which triggers an unauthorized act, is met.

Answer 70

logic bomb

Question 71

The _______ is what the virus does.

Answer 71

payload

Question 72

______ is the first function in the propagation phase for a network worm.

Answer 72

Fingerprinting

Question 73

_______ is malware that encrypts the user's data and demands payment in order to access the key needed to recover the information.

Answer 73

Ransomware