Test 2 - Quiz Review

Question 1

A ________ firewall handles all traditional firewall functions (SPI, ACLs, etc.) as well as additional security functions such as antivirus filtering, spam filtering, application proxy filtering, and so forth.

Answer 1

unified threat management

Question 2

What is the SPI firewall rule for packets that only have their TCP ACK bits set but no other flags set?

Answer 2

pass the packet if it is part of a previously approved connection

Question 3

Application proxy firewalls can always examine application layer content.

Answer 3

True

Question 4

________ drop packets.

Answer 4

IPSs

Question 5

A ________ port number designates a specific application running on a server.

Answer 5

well-known

Question 6

What is the SPI firewall rule for packets that do not attempt to open connections?

Answer 6

pass the packet if it is part of a previously approved connection

Question 7

The combination of high safety and low cost makes SPI firewalls extremely popular.

Answer 7

True

Question 8

What type of filtering do IDSs do?

Answer 8

Deep-packet inspection

Question 9

________ firewalls always examine application messages in depth.

Answer 9

Application proxy

Question 10

A ________ is a persistent conversation between different programs on different computers.

Answer 10

connection

Question 11

You can quickly assess the general security posture of your Windows Vista PC by using the status check in the Windows Security Center.

Answer 11

True

Question 12

After access is granted to a network, many NACs continue to monitor network PCs.

Answer 12

True

Question 13

Computer recover software reports its physical location to a recovery company that works with the local police to recover the notebook.

Answer 13

False

Question 14

UNIX offers more directory and file permissions than Windows.

Answer 14

False

Question 15

A(n) ________ is a security weakness that makes a program vulnerable to attack.

Answer 15

vulnerability

Question 16

The Local Users and Groups snap-in is available on the ________ MMC.

Answer 16

Computer Management

Question 17

A(n) ________ is a program that takes advantage of a(n) ________.

Answer 17

exploit, vulnerability

Question 18

To how many accounts and groups can different permissions be applied in Windows?

Answer 18

almost an unlimited number

Question 19

Assigning security measures to individuals within groups is cheaper than assigning security measures to groups.

Answer 19

False

Question 20

To get to the super user account in UNIX, the administrator can use the RunAs command.

Answer 20

False

Question 21

In Internet Explorer, the Security tab controls the website’s pop-up blocker.

Answer 21

False

Question 22

Operating system account passwords provide limited protection.

Answer 22

True (lack of granularity)

Question 23

Testers have permissions on the ________.

Answer 23

Testing server

Question 24

________ is a VoIP service that currently offers free calling among its customers over the Internet and reduced-cost calling to and from Public Switched Telephone Network customers.

Answer 24

Skype

Question 25

Java applets are large Java programs.

Answer 25

False

Question 26

Cookies can be used to track users at a website.

Answer 26

True

Question 27

In IM, all messages pass through a ________ server.

Answer 27

Relay

Question 28

The prevention of sensitive information from being sent out of a company is called ________.

Answer 28

Extrusion prevention

Question 29

In a(n) ________ attack, information that a user enters is sent back to the user in a webpage.

Answer 29

XSS

Question 30

Accepting cookies is necessary to use many websites.

Answer 30

True

Question 31

A system using an array of drives increases reliability.

Answer 31

True

Question 32

With image backup, even if the entire hard drive is lost, its content can be restored onto the same machine or a different machine.

Answer 32

True

Question 33

Typically, having enough shadow backup space for a few days is sufficient.

Answer 33

True

Question 34

Backing up data to a second hard drive on a computer is more expensive than backup onto to magnetic tape.

Answer 34

True

Question 35

Full backups are ________.

Answer 35

A. performed on all files and directories
B. slow
C. typically done weekly

Question 36

Mesh backup is where client PCs in an organization back up each other.

Answer 36

True

Question 37

Policies should not require that backup data be encrypted.

Answer 37

True

Question 38

Regarding retention policies, firms need to ________.

Answer 38

implement strong and clear backup policies. That’s it.

Question 39

Optical disks can safely hold data for decades.

Answer 39

False

Question 40

Properly hardened hosts and securely coded applications can help protect data while it is processed.

Answer 40

True

Question 41

Which of the following database events should be regularly audited?

Answer 41

A. warnings and exceptions
B. special access and logins
C. changes

Question 42

Changing the default listening port is an effective way of discouraging attackers from accessing the database.

Answer 42

True

Question 43

DDL triggers are used to ________.

Answer 43

Neither maliciously attack databases nor produce automatic responses if the data of the database has been altered

Question 44

DRM restricts what people can do with sensitive material.

Answer 44

True

Question 45

Databases are ________.

Answer 45

Both integrated collections of data and integrated collections of metadata

Question 46

Courts will often admit unreliable evidence if judges believe that juries can be trusted to evaluate it properly.

Answer 46

False

Question 47

If a defendant has already been prosecuted in a criminal trial, he or she cannot later be tried in a civil trial.

Answer 47

False

Question 48

Mens Rea usually is important in ________ trials.

Answer 48

Criminal

Question 49

Which of the following is not one of the three levels of U.S. federal courts?
  A. U.S. State Courts 	
  B. U.S. District Courts 	
  C. U.S. Circuit Courts of Appeal 	
  D. The U.S. Supreme Court

Answer 49

A. U.S. State Courts

Question 50

________ investigate(s) most violations of local and state computer laws.

Answer 50

Local police

Question 51

When a system runs out of storage space, ________.

Answer 51

the IDS will start a new log file

Question 52

With CDP, the backup site already has the proper equipment, and data and recovery is instantaneous.

Answer 52

True

Question 53

Total software reinstallation effectively addresses data loss.

Answer 53

False

Question 54

The business continuity team should be headed by ________.

Answer 54

A senior business manager.

Question 55

________ specify how a company will maintain or restore core business operations after disasters.

Answer 55

Business Continuity Plans

Question 56

How does the availability heuristic work?

Answer 56

The availability heuristic works by making people more prone to believing an event is more likely to happen if their memories of the class of event are easy to access. Memories of a class of event are easier to access the more vivid they are.

Question 57

The framing effect means that individual’s choices are affected by whether the a trade-off is presented as a loss or a gain.

Answer 57

True

Question 58

In prospect theory, how do people react to potential gains and losses?

Answer 58

In prospect theory, people are more likely to choose a certain gain over a theoretical greater one, and more likely to choose a theoretical greater loss over a certain one.