infosec omtentamen

Question 1

? is the ability of a system to confirm that a sender cannot convincingly deny having sent something

Answer 1

Acountability

Question 2

The risk that remains uncovered by security controls is called

Answer 2

Residual risk

Question 3

In access control a ? could be described as a single or multi use ticket to access an objective or service

Answer 3

capability

Question 4

? overflows often come from innocent programmer oversights or failures to documment and check for excessive data

Answer 4

buffer

Question 5

? day attack: Active malware exploiting a product vulnerability for which the manufacturer has no countermeasure available.

Answer 5

zero

Question 6

? can be used to detect altered content on a web site or in a file.

Answer 6

integrity checksums

Question 7

complete the sentence:

(proxy,stateless, circuit, stateful) inspection firewalls judge according to information from multiple packets

Answer 7

Stateless inspection firewalls judge according to information from multiple packets

Question 8

complete the sentence
The (echo-chargen. echo, teardrop. chargen, spoofing) attack involves sending IP fragments with overlapping, oversized payloads to the target machine.

Answer 8

Teardrop

Question 9

. Which of the following properties are not related to the preservation of the integrity of an object?

Capacity
accuracy
unmodified
internal consistency

Answer 9

Capacity

Question 10

In operating systems, (hypervisors, sandboxes, firewalls, honeypots,) can be used to lure an attacker into an enviroment that can be controlled and monitored.

Answer 10

honeypots

Question 11

It is essential to conceal passwords when stored on a system. One way of concealing is by using(codes, hash, pepper, salt) which is user-specific component joined with the password. Such a practise help inhibit (guessing, dumpster diving, social engineering, rainbow table) attacks

Answer 11

Salt Rainbow table

Question 12

Integrity is a security aspect that sometimes is more important that confidentiality. What tools derived from cryptography can detect changes in data? 
Error correction codes
All of them
Hash codes
Error detection codes

Answer 12

All of them

Question 13

Pfleeger, Pfleeger and Margulies (2015) describe a number of types of malicious code. Match the type of malicious code with the corresponding description

Codew or entire computer under control of a (usually remote) program.

Code that causes malicious behavior and propagates copies of itself to other programs

Code that triggers action when a predetermined condition occurs

Dropper
Scareware
Worm
Logic bomb
Virus
zombie
trapdor

Answer 13

1. Zombie
2. virus
3. Logic bomb

Question 14

Unfair use of a copyrighted item is called (piracy, privacy, lending, fair use)

Answer 14

Piracy

Question 15

What word would best describe how an intrusion detection system operates?
Proactive
Reactive
inductive
reductive

Answer 15

Reactive

Intrusion detection and prevention are two broad terms describing application security practises used to mitigate attacks and block new threats.

The first is a reactive measure that identifies and mitigates ongoing attacks using an intrusion detection system

Question 16

What is the benefits of using a viritual private network
Increased lag
Increased confidentiality
Increased availablity
Decreased lag

Answer 16

increased confidentiality

Question 17

Which alternative would provide the best countermeassure against an on-line attack (active authentication) against a username and a password?
The use of a long password
The use of a firewall
To use the Diffie-hellman password exchange
To use a strict limit on login failures

Answer 17

To use a strict limit on login failures

Question 18

Which of the following sentences describe the term asset best from an information security perspective?
Anything that an organization buys
Anything that is situated within an organization’s premises
anything that has a value to the organization
Anything that an organization sells

Answer 18

Anything that has a value to the organization

Question 19

If integrity is preserved we may mean that the item is :

Answer 19

1. unmodified
2. accurate
3. usable

Question 20

Name three examples that could mean a failure of confidentiality

Answer 20

unauthorized person accesses data
unauthorized system or service accesses data
unauthorized person learns the existence of a piece of data

Question 21

Availability

give three examples of service/ information that shows that availability is preserved

Answer 21

It is presented in a usable form
it has enough capacity to meet the services needs
the service is completed in a acceptable period of time

Question 22

CIA triad

Explain confidentiality

Answer 22

The ability of a system to ensure than an asset is viewed only by authorized parties

Question 23

CIA TRIAD

Explain intergrity

Answer 23

the ability of a system to ensure that an asset is modified only by authorized parties

Question 24

CIA TRIAD

explain availability

Answer 24

the ability of a system to ensure that any authorized parties can use an asset

Question 25

What does Risk mean

Answer 25

the possibility for harm to occur is called risk

Question 26

what do you call the risk that remains uncovered by controlls?

Answer 26

residual risk

Question 27

What is a buffer overflow attack?

Answer 27

the most common DoS attack. The concept is to send more traffic to a network address than the programmers have built the system to handle.

Question 28

what is a ICMP flood?

Answer 28

leverages misconfigured network devices by sending spoofed packets that ping every computer on the targeted network

Question 29

what is a SYN flood?

Answer 29

Sends a request to connect to a server but never completes the handshake

Question 30

A business continuity plan documents how a buisness will continue to function during or after a computer security incident.
what are the steps that are preformed in a business continuity plan?

Answer 30

assess the business impact of a crisis
develop a stratergy to control the impact
develop and implement a plan for the strategy

Question 31

explain role based access control

Answer 31

role based access controll are based on a subjects role not their identity. subjects rights can change depending on their current role

Question 32

explain, what is:
a virus
a trojan horse
a worm

Answer 32

a virus is a code that causes malicous behavior and propagates copies of itself to other programs

a trojan horse is code that contains unexpected, undocumented, additional functionality

a worm is a code that propagates copies of itself through a network: impact is usually degraded preformance

Question 33

Explain what is:
A rabbit
a logic bomb
a time bomb

Answer 33

rabbit is a code that replicates itself without limit to exhaust recources
a logic bomb is code that triggers action when predetermined conditions occurs
a time bomb is code that triggers action when a predetermined time occurs

Question 34

what is:
a dropper
spyware
bot

Answer 34

Dropper is tranfer agent code only to drop other malicous code, such as virus or trojan horse

spyware, program that intercepts and covertly communicates data on the user or the users activity

bot, semi-autonomous agent, under control of a usually remote controller or herder, not necessarily malicious

Question 35

what is:
A zombie
a browser hijacker
rootkit

Answer 35

a zombie is code or entire computer under control of usually remote program
browser hijacker is code that changes broswer settings disalows access to certain sites, or redirects browser to others
rootkit is code installed in root or most privileged section of operating system, hard to detect

Question 36

what is:
trapdoor or backdoor
tool or toolkit
scareware

Answer 36

Code feature that allows unnauthorized access to a machine or program bypasses normal access control and authentication
tool or toolkit is program containing a set of test for vulnerabilities not dangerous itself but each successful test identifies a vulnerable host that can be attacked

scareware. not code, false warning of malicous code attack