1. A packet monkey is an unskilled programmer who spreads viruses and other malicious scripts to
exploit computer weaknesses.
ANS: F PTS: 1 REF: 3
2. A worm creates files that copy themselves repeatedly and consume disk space.
ANS: T PTS: 1 REF: 5
3. Physical security protects a system from theft, fire, or environmental disaster.
ANS: T PTS: 1 REF: 12
4. Reviewing log files is a time-consuming task and therefore should only be done when an attack on the
network has occurred.
ANS: F PTS: 1 REF: 17
5. With discretionary access control, network users can share information with other users, making it
more risky than MAC.
ANS: T PTS: 1 REF: 19
MULTIPLE CHOICE
1. A hactivist can best be described as which of the following?
a. an unskilled programmer that spreads c. use DoS attacks on Web sites with which
malicious scripts they disagree
b. consider themselves seekers of knowledge d. deface Web sites by leaving messages for
their friends to read
ANS: C PTS: 1 REF: 3
2. Malware that creates networks of infected computers that can be controlled from a central station is
referred to as which of the following?
a. botnet c. logic bomb
b. Trojan d. packet monkey
ANS: A PTS: 1 REF: 5
3. What is a program that appears to do something useful but is actually malware?
a. virus c. Trojan
b. logic bomb d. back door
ANS: C PTS: 1 REF: 5
4. Which of the following is a type of script that automates repetitive tasks in an application such as a
word processor but can also be programmed to be a virus?
a. worm c. back door
, b. macro d. Trojan
ANS: B PTS: 1 REF: 6
5. Which term is best described as an attack that relies on the gullibility of people?
a. malicious code c. back door
b. script kiddie d. social engineering
ANS: D PTS: 1 REF: 6
6. Which type of attack works by an attacker operating between two computers in a network and
impersonating one computer to intercept communications?
a. malicious port scanning c. denial of service
b. man-in-the-middle d. remote procedure call
ANS: B PTS: 1 REF: 7
7. Which type of attack causes the operating system to crash because it is unable to handle arbitrary data
sent to a port?
a. RPC attacks c. malicious port scanning
b. ICMP message abuse d. SYN flood
ANS: A PTS: 1 REF: 7
8. What can an attacker use a port scanner to test for on a target computer?
a. invalid IP addresses c. open sockets
b. SYN flags d. ping floods
ANS: C PTS: 1 REF: 8
9. What is a VPN typically used for?
a. secure remote access c. block open ports
b. detection of security threats d. filter harmful scripts
ANS: A PTS: 1 REF: 10
10. Why might you want your security system to provide nonrepudiation?
a. to prevent a user from capturing packets c. to trace the origin of a worm spread
and viewing sensitive information through email
b. to prevent an unauthorized user from d. so a user can’t deny sending or receiving a
logging into the system communication
ANS: D PTS: 1 REF: 11
11. Which of the following is NOT one of the three primary goals of information security?
a. confidentiality c. impartiality
b. integrity d. availability
ANS: C PTS: 1 REF: 11
12. Defense in depth can best be described as which of the following?
a. a firewall that protects the network and the c. antivirus software and firewalls
servers
b. a layered approach to security d. authentication and encryption
ANS: B PTS: 1 REF: 12
, 13. Which security layer verifies the identity of a user, service, or computer?
a. authentication c. physical security
b. repudiation d. authorization
ANS: A PTS: 1 REF: 12
14. In which form of authentication does the authenticating device generate a random code and send it to
the user who wants to be authenticated?
a. basic c. biometrics
b. challenge/response d. signature
ANS: B PTS: 1 REF: 13
15. What is the name of a storage area where viruses are placed by antivirus software so they cannot
replicate or do harm to other files?
a. firewall c. quarantine
b. recycle bin d. demilitarized zone
ANS: C PTS: 1 REF: 13
16. Which of the following is NOT information that a packet filter uses to determine whether to block a
packet?
a. checksum c. IP address
b. port d. protocol
ANS: A PTS: 1 REF: 13
17. Which type of firewall policy calls for a firewall to deny all traffic by default?
a. permissive policy c. restrictive policy
b. perimeter policy d. demilitarized policy
ANS: C PTS: 1 REF: 14
18. Which security tool works by recognizing signs of a possible attack and sending notification to an
administrator?
a. DiD c. VPN
b. DMZ d. IDPS
ANS: D PTS: 1 REF: 15-16
19. What tool do you use to secure remote access by users who utilize the Internet?
a. VPN c. DMZ
b. IDS d. DiD
ANS: A PTS: 1 REF: 16-17
20. With which access control method do system administrators establish what information users can
share?
a. discretionary access control c. administrative access control
b. mandatory access control d. role-based access control
ANS: B PTS: 1 REF: 19
COMPLETION
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller ExamsExpert. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $32.45. You're not tied to anything after your purchase.