Mixed Deck 2 Flashcards

1
Q

Which of the following would assist most in HOST based intrusion detection?
a. audit trails
b. access control lists
c. security clearances
d. host based authentication

A

a. audit trails

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Controls to keep password sniffing attacks from compromising computer systems include which of the following.
a. static and recurring passwords
b. encryption and recurring passwords
c. one time passwords and encryption
d. static and one-time passwords

A

c. one time passwords and encryption

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Kerberos can prevent which of the following attacks.
a. tunneling attack
b. playback (replay) attack
c. destructive attack
d. process attack

A

b. playback attack

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

In discretionary access environments, which of the following entities is authorized to grant information access to other people?
a. manager
b. group leader
c. security manager
d. data owner

A

d. data owner

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What is the main concern with single sign-on.
a. maximum unauthorized access would be possible if a password is disclosed.
b. the security admin workload would increase.
c. the users password would be to hard to remember.
d. users access rights would be increased.

A

a. maximum unauthorized access

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

who developed one of the first mathematical models of a multi-level security computer system.
a. diffie and hellman
b. clark and wilson
c. bell and lapadula
d. gasser and lipner

A

c. bell and lapadula

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

which of the following attacks could capture network user passwords.
a. data diddling
b. sniffing
c. IP spoofing
d. smurfing

A

sniffing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

which of the following would constitute the best example of a password to use for access to a system by a network administrator.
holiday
Christmas12
Jenny
Gyn19Za!

A

the last one

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

the number of violations that will be accepted or forgiven before a violation record is produced is called which of the following?
a clipping level
b. acceptance level
c. forgiveness level
d. logging level

A

a. clipping level

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Guards are appropriate whenever the function required by the security program involves which of the following
a. use of the discriminating judgment
b. use of physical force
c. the operation of the access control device
d. the need to detect unauthorized access

A

a. use of discriminating judgment

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

what physical characteristic does a retinal scan biometric device measure

A

the pattern of blood vessels at the back of eye

How well did you know this?
1
Not at all
2
3
4
5
Perfectly