Midterm 1 Flashcards
External attacks are the only threats to database security. (T/F)
False
A virus that attaches to an executable program can do anything that the program is permitted to do. (T/F)
True
It is not possible to spread a virus via a USB stick. (T/F)
Fase
Many forms of infection can be blocked by denying normal users the right to modify programs on the system. (T/F)
True
A macro virus infects executes portions of code. (T/F)
False
In addition to propagating, a worn usually carries some form of payload. (T/F)
True
______is the process of performing authorized queries and reducing unauthorized information from the legitimate responses received.
A. Perturbation
B. Inference
C. Compromise
D. Partitioning
B. Inference.
_____ is a defence against SQL injections attacks.
A. Perturbation
B. Input validation
C. Anonymization
D. Partitioning
B. Input Validation
To defend against database inference attacks, we can apply ________
A. Perturbation
B. De-identification
C. Anonymization
D. All the above
D. All the above
_______ are used to send large volumes of unwanted email.
A. Rootkits
B. Spammer programs
C. Downloaders
D. Auto-rooter
B. Spammer programs
A ______ is code inserted into malware that lies dormant until a predefined condition, which triggers an unauthorized act, is met.
A. logic bomb
B. trapdoor
C. worm
D. Trojan horse
A. logic bomb
The ____ is what the virus does?
A. infection mechanism
B. trigger
C. logic bomb
D. payload
D. payload
_____ is the first function in the propagation phase for a network worm.
A. Propagating
B. Fingerprinting
C. Keylogging
D. Spear phishing
B. Fingerprint
_____ is malware that encrypts the user’s data and demands payment in order to access the key needed to recover the information.
is malware that encrypts the user?s data and demands payment in order to access the key needed to recover the information.
A. Trojan horse
B. Ransomware
C. Crimeware
D. Polymorphic
B. Ransomware
Each layer of code needs appropriate hardening measures in place to provide appropriate security services. (T/F)
True
It is possible for system to be compromised during the install process. (T/F)
True
The default configuration for many operating systems usually maximizes security. (T/F)
False
A malicious driver can potentially bypass many security controls to install malware. (T/F)
True
Performing regular backups of data on a system is critical control that assists with maintaining the integrity of the system and user data. (T/F)
True
Many users choose password that is too short or too easy to guess because it is hard for users to remember long random passwords. (T/F)
True
In a biometric scheme some physical characteristic of the individual is mapped into a digital representation. (T/F)
True
Users authentication is a procedure that allows communicating parties to verify that the contents of received message have not been altered and that the source is authentic. (T/F)
False
Which of the following need to be taken into consideration during the system security planning process?
A.) how users are authenticated
B.) the categories of users of the system
C.) what access the system has to information stored on other hosts
D.) All the above
D. all the above
The following steps should be used to secure an operating system:
A.) test the security of the basic operating system
B.) remove unnecessary services
C.) install and patch the operating system
D.) all of the above
D. all the above
_____ applications is a control that limits the programs that can execute on the system to just those in an explicit list.
White listing
The most important changes needed to improve system security are to _______
A.) disable remotely accessible services that are not required
B.) ensure that applications and services that are needed are appropriately configured
C.) disable services and applications that are not required
D.) all of the above
D. all of the above
Security concerns that result from the use of virtualized systems include ______.
A. guest OS isolation
B. guest OS monitoring by the hypervisor
C. virtualized environment security
D. all of the above
D. all of the above
Presenting or generating authentication information that corroborates the binding between the entity and the identifier is the _______.
A. identification step
B. authentication step
C. verification step
D. corroboration step
C. Verification step
Recognition by fingerprint, retina, and face are examples of _______.
A. face recognition
B. static biometrics
C. dynamic biometrics
D. token authentication
B. static biometrics
Voice pattern, handwriting characteristics, and typing rhythm are examples _______.
A. face recognition
B. static biometrics
C. dynamic biometrics
D. token authentication
C. dynamic biometrics
A _____ strategy is one in which the system periodically runs its own password cracker to find guessable passwords.
A. user education
B. reactive password checking
C. proactive password checking
D. computer-generated password
B. reactive password checking
Each individual who is to be included in the database of authorized users must first be ______ in the system.
A. verified
B. identified
C. authenticated
D. enrolled
D. enrolled
Which of the following is an example of multi-factor authentication:
A. Enter both a group password and a user password
B. Enter a pin number and put a finger on fingerprint reader
C. Use an authentication token (e.g., a smartcard)
D. All of the above
B. Enter a pin number and put a finger on fingerprint reader
Which of the following is a threat to or concern of biometric authentication:
A. Inherent imprecision (e.g., two people may have their fingerprints digitally interpreted as the same)
B. Impersonation (e.g., use a voice recording)
C. Coercion (e.g., force the user to put his finger on the fingerprint reader)
D. All of the above
D. All of the above
The principal objectives of computer security are to prevent unauthorized users from gaining access to resources, to prevent legitimate users from accessing resources in an unauthorized manner, and to enable legitimate users to access resources in an authorized manner. (T/F)
True
Security labels indicate which system entities are eligible to access certain resources. (T/F)
False
A user may belong to multiple groups. (T/F)
True
An access right describes the way in which a subject may access an object. (T/F)
True
Any program that is owned by, and SetUID to, the “superuser” potentially grants unrestricted access to the system to any user executing that program. (T/F)
True
“No write down” is also referred to as the *-property. (T/F)
True
A subject can exercise only accesses for which it has the necessary authorization and which satisfy the MAC rules. (T/F)
True
One way to secure against Trojan horse attacks is the use of a secure, trusted operating system. (T/F)
True
Multilevel security is of interest when there is a requirement to maintain a resource in which multiple levels of data sensitivity are defined. (T/F)
True
The Common Criteria for Information Technology and Security Evaluation are ISO standards for specifying security requirements and defining evaluation criteria. (T/F)
True
_____ implements a security policy that specifies who or what may have access to each specific system resource and the type of access that is permitted in each instance.
A. Audit control
B. Resource control
C. System control
D. Access control
D. Access Control
_____ is the granting of a right or permission to a system entity to access a system resource.
A. Authorization
B. Authentication
C. Control
D. Monitoring
A. Authorization
______ controls access based on comparing security labels with security clearances.
A. MAC
B. DAC
C. RBAC
D. MBAC
A. MAC
A(n) ______ is a named job function within the organization that controls this computer system.
A. user
B. role
C. permission
D. session
B. role
_____ provide a means of adapting RBAC to the specifics of administrative and security policies in an organization.
A. Constraints
B. Mutually Exclusive Roles
C. Cardinality
D. Prerequisites
A. Constraints
A multilevel secure system for confidentiality must enforce:
A. no read up
B. ss-property
C. no write down
D. all of the above
D. All of the above
The ______ Model was developed for commercial applications in which conflicts of interest can arise.
A. Biba
B. Clark-Wilson Integrity
C. Bell-Lapadula
D. Chinese Wall
D. Chinese Wall
______ data are data that may be derived from corporate data but that cannot be used to discover the corporation’s identity.
A. Reference
B. Trust
C. Sanitized
D. MAC
C. Sanitized
The _____ is a hardware module that is at the heart of a hardware/software approach to trusted computing.
A. BLP
B. TC
C. CC
D. TPM
D. TPM
_____ is a process that ensures a system is developed and operated as intended by the system’s security policy.
A. Trust
B. Assurance
C. Evaluation
D. Functionality
B. Assurance
Security mechanisms typically do not involve more than one particular algorithm or protocol. (T/F)
False
The first step in devising security services and mechanisms is to develop a security policy. (T/F)
True
To exploit any type of buffer overflow the attacker needs to identify a buffer overflow vulnerability in some program that can be triggered using externally sourced data under the attacker’s control. (T/F)
True
Shellcode is not specific to a particular processor architecture. (T/F)
False
An attacker can generally determine in advance exactly where the targeted buffer will be located in the stack frame of the function in which it is defined.
False
It is possible to write a compiler tool to check any C program and identify all possible buffer overflow bugs. (T/F)
False
The OpenSSL heartbleed vulnerability would have been prevented if OpenSSL had been implemented in Java (and the Java runtime environment works properly). (T/F)
True
ASLR (if implemented correctly) can prevent return-to-libc attacks. (T/F)
True
_____ assures that individuals control or influence what information related to them may be collected and stored and by whom and to whom that information may be disclosed.
A. Availability
B. Privacy
C. System Integrity
D. Data Integrity
B. Privacy
____ assures that a system performs its intended function in an unimpaired manner, free from deliberate or inadvertent unauthorized manipulation of the system.
A. System Integrity
B. Availability
C. Data Integrity
D. Confidentiality
A. System Integrity
A loss of _______ is the unauthorized disclosure of information.
A. confidentiality
B. authenticity
C. integrity
D. availability
A. Confidentiality
A flaw or weakness in a system’s design, implementation, or operation and management that could be exploited to violate the system’s security policy is a(n) ______.
A. countermeasure
B. adversary
C. vulnerability
D. risk
C. vulnerability
An assault on system security that derives from an intelligent act that is a deliberate attempt to evade security services and violate the security policy of a system is a(n) _____.
A. risk
B. attack
C. asset
D. vulnerability
B. attack
A(n) ______ is an action, device, procedure, or technique that reduces a threat, a vulnerability, or an attack by eliminating or preventing it, by minimizing the harm it can cause, or by discovering and reporting it so that correct action can be taken.
A. attack
B. adversary
C. countermeasure
D. protocol
C. countermeasure
An example of ______ is an attempt by an unauthorized user to gain access to a system by posing as an authorized user.
A. masquerade
B. repudiation
C. interception
D. inference
A. masquerade
The assurance that data received are exactly as sent by an authorized entity is _____.
A. authentication
B. access control
C. data confidentiality
D. data integrity
D. data Integrity
A consequence of a buffer overflow error is _____.
A. corruption of data used by the program
B. unexpected transfer of control in the program
C. possible memory access violation
D. all of the above
D. all of the above
The function of ______ was to transfer control to a user command-line interpreter, which gave access to any program available on the system with the privileges of the attacked program
A. shellcode
B. stacking
C. no-execute
D. memory management
A. shellcode
______ is a form of buffer overflow attack.
A. Heap overflows
B. Return to system call
C. Replacement stack frame
D. All of the above
D. All of the above
A buffer can be located ______.
A. in the heap
B. on the stack
C. in the data section of the process
D. all of the above
D. all of the above.
