Quiz 2

Question 1

True or False: You are able to access hardware directly from all applications on a computer.

Answer 1

False

Question 2

True or False: Granting full control to a Windows share to a user ensures that the user has access to the underlying files in the share.

Answer 2

False

Question 3

True or False: In an offline dictionary attack, the attacker gains access to a password file and compares these password hashes against hashes of commonly used passwords.

Answer 3

True

Question 4

True or False: An applicant applies to a registration authority (RA) to become a subscriber of a credential service provider (CSP).

Answer 4

True

Question 5

True or False: An assurance level of 2 means that the organization has a high confidence in the validity of the asserted identity and is appropriate to enable clients or employees to access restricted services of high but not the highest value.

Answer 5

False

Question 6

True or False: The salt value can prevent duplicate passwords from being visible in the password file.

Answer 6

True

Question 7

True or False: Biometrics prevent replay attacks.

Answer 7

False

Question 8

True or False: Compromise of OS means an attacker potentially has access to everything.

Answer 8

True

Question 9

True or False: A reactive password checking strategy is one in which the system periodically runs its own password cracker to find guessable passwords.

Answer 9

True

Question 10

What is required to trust an operating system or TCB?

a) Complete mediation
b) Tamper Proof
c) Correct
d) All of the above
e) None of the above

Answer 10

d) All of the above

Question 11

The Java Virtual Machine is an example of:

a) Native virtualization
b) Application virtualization
c) Host virtualization
d) All of the above
e) None of the Above

Answer 11

b) Application virtualization

Question 12

Security concerns that result from the use of virtualized systems include ______.

a) guest OS isolation
b) guest OS monitoring by the hypervisor
c) virtualized environment security
d) all of the above

Answer 12

d) all of the above

Question 13

A hypervisor accomplishes the following:

a) It coordinates guest OS access to memory and storage
b) It coordinates guest OS access to the CPU
c) It provides a similar hardware interface as that seen by an OS directly executing on the actual hardware.
d) All of the above
e) None of the Above

Answer 13

d) All of the above

Question 14

A _____________ occurs when an attacker targets a distinct account and submits password guesses until the correct password is discovered. The standard countermeasure is an account lockout mechanism, which locks out access to the account after a number of failed login attempts. Typical practice is no more than five access attempts.

a) Specific account attack
b) Popular Password Attack
c) Workstation hijacking
d) Offline dictionary attack
e) All of the above
f) None of the Above

Answer 14

a) Specific account attack

Question 15

What are some common issues with compiling a dictionary of bad passwords and then preventing a user from using a password in that list:

a) Space limitations – this dictionary could be quite large.
b) Time – it could take a long time to search all of the entries in this dictionary.
c) Security – This dictionary could easily be exploited to create a rainbow table.
d) All of the above
e) A and B
f) None of the Above

Answer 15

e) A and B

Question 16

What are the basic steps in the process of securing an operating system?

a) Install and patch the operating system.
b) Removing unnecessary services, applications.
c) Configuring resource controls.
d) All of the above
e) None of the Above

Answer 16

d) All of the above

Question 17

Which of the following are means of authenticating a user’s identity:

a) Something the individual knows
b) Something the individual possesses
c) Something the individual is
d) Something the individual does
e) All of the above
f) A and B
g) None of the Above

Answer 17

e) All of the above

Question 18

Which of these methods have been shown to allow hackers access to “secure” memory belonging to the OS?

a) Modification of firmware by Thunderstrike malware via malicious devices that connect via Mac’s Thunderbolt interface
b) Exploiting the ‘refresh’ mechanism of Dynamic RAM for privilege escalation
c) Exploiting OS buffer overflow vulnerabilities
d) All of the above
e) A and B

Answer 18

d) All of the above

Question 19

You just got a new job at Codecademy, users get access to a limited terminal shell environment that you host for them so that they can learn to code. They can write to files, change files, and host images and other content. Multiple users can have one of these environments on a single shared machine at any given time.

This is implemented using a customer facing process that you want to make sure is properly isolated from the rest of your system so that users can’t interfere with each other and only have access to their own file system environment for editing their code. Which of these tools would enable this?

a) Process priority values
b) Chroot jail
c) Tcpdump
d) Packet filter
e) None of the Above

Answer 19

b) Chroot jail

Question 20

True or False: Information on group membership is stored in the /etc/passwd file.

Answer 20

False