CMSC 426(Complete solutions)

A _ is a collection of bots capable of acting in a coordinated manner correct answers botnet A(n) _ is inserted into a network segment so that the traffic that it is monitoring must pass through the sensor correct answers inline sensor The _ _ form of database attack injects code into user log...

Which of the following encryption functions has perfect secrecy? a) XOR cipher b) RC4 stream cipher c) 3DES block cipher d) One-time pad correct answers d) One-time pad Which of the following describes the security of Diffie Hellman Key Exchange? a) An attacker would need to factor one of Al...

CIANA correct answers Confidentiality Integrity Availability Non-repudiation Authentication Confidentiality correct answers Data is not available to unauthorized persons/systems Users have control over their information and who sees it Integrity correct answers Accuracy and completeness o...

What are the three security objectives? correct answers The CIA triad What does CIA stand for? correct answers Confidentiality, Integrity, Availability What is Confidentiality in the CIA triad concerned with? correct answers data is not available to unauthorized persons/systems, users have con...

What is the CIA triad? correct answers C- Confidentiality I- Integrity A- Availability What is confidentiality correct answers information should stay private what is integrity correct answers information should not be improperly modified or destroyed what is availability correct answers ...

enterprise information security policy (EISP) correct answers The high-level information security policy that sets the strategic direction, scope, and tone for all of an organization's security efforts. What are the different management functions with respect to information security? correct ans...

Malware stands for correct answers malicious software Malware Definition correct answers a program that is inserted into a system, usually covertly, with the intent of compromising the confidentiality, integrity, or availability of the victim's data, applications, or operating system or otherwis...

black box correct answers A model for penetration testing in which management doesn't divulge to IT security personnel that testing will be conducted or give the testing team a description of the network topology Certified Information Systems Security Professional (CISSP) correct answers non ven...

Enumeration correct answers the process of extracting the following information from a network resources or shares on the network network topology Usernames or groups assigned to network Information about users and recent logon times Domain Controller correct answers A Windows server that ...