- •15. Which type of encryption occurs between original source and final destination?
- •Verses 26 for a monoalphabetic
- •45. What key length does aes not support?
- •Internet Security
- •56. The Caesar Cipher is an example of what kind of cipher?
- •Violates computer security for little reason beyond maliciousness or for personal gain
- •78. Which of the following is a disadvantage of asymmetric cryptology?
- •83. Which of the following is a disadvantage of asymmetric cryptology?
- •89. Which of the following allows attackers to break passwords?
- •90. What is Denial of Service in Threat Modeling?
- •116. Centralized access control provides remote users with all of the following properties except
- •117. What are three principals of identification and authentication?
- •120. Which of the following is a knowledge-based authentication mechanism?
- •135. Exploits known flaws in network systems
- •Vigenere cipher
- •Vulnerability
- •192. Which term relates specifically to the art and science of code breaking?
- •194. Which of the following is a disadvantage of asymmetric cryptology?
- •Is a system in which a private key generated randomly is used only once to encrypt a message that is then decrypted by the receiver using a matching one-time pad and key.
Vigenere cipher
143. Which of the following attacks is said to have arisen because the C programming language supplied the framework and poor programming practices supplied the vulnerability?
Buffer overflow
144. Which attack uses a multitude of compromised systems to send a flood of incoming messages to the target system to shut it down?
Buffer overflow
Or None The Above
145. Tries every possible key on a piece of ciphertext until an intelligible trans lation into plaintext is obtained
Brute-force attack:
146. Which authentication mechanism is the easiest to deploy and the easiest to break?
shared secrets (passwords and PINs)
147. Which of the following publishes internal IDs to the outside world or external business partner IDs internally, or both?
border directory
148. Which of the following controls might force a person in operations into collusion with personnel assigned organizationally within a different function for the sole purpose of gaining access to data he is not authorized to access?
Limiting the local access of operations personnel
149.
the plaintext elements are rearranged
Transposition
150. This electronic "credit card" establishes a user's credentials when doing business or other transactions on the Web and is issued by a certification authority
digital certificate
151. Temporary key
152. This is an encryption/decryption key known only to the party or parties that exchange secret messages
private key
153. an opponent unable to decipher the ciphertext or figure out the key .
Strong algorithm
154.
sender and receiver must haveobtained copies of the secret key in a secure fas hion and must keep the key secure.
Shared secret key
155. This is the inclusion of a secret message in otherwise unencrypted text or images
steganography
156. This is a trial and error method used to decode encrypted data through exhaustive effort rather than employing intellectual strategies
brute force cracking
157. When an email appears to come from an address other than the true source of the email it is called:
Fishing
158. What type of software should you run to check your email for malicious code?
Antivirus
159. What action is equally or more important than running antivirus software when it comes to protecting your system?
change password
160. With _____ email it is possible to get infected just by viewing an infected email on an unpatched system
HTML-based.
161. Recent major viruses and worms have exploited vulnerabilities for which _____ were available for months
Patches
162. An Application-Level Gateway is a type of?
of firewall
163. What is conventional encryption?
A form of cryptosystem in which encryption and
decryption are performed using the same key
164. Which firewall does not keep a history of outgoing connections?
Packet-filtering
165. It is important that you keep your antivirus software ______
All of the Above
166. Malicious code that comes disguised as a legitimate program file is called a _____
TROJAN
167. Preventing the denialof previous commitments or actions.
Non-repudiation:
168. acknowledgement that services have been provided.
Confirmation
169. The term _____ is used to describe a secret or undocumented means of getting into a computer system.
Backdoor
170. A well designed and configured ______ is like having a single point of entry into your building with a security guard at the door allowing only authorized personnel into the building. F
FIREWALL
171. In an IDS ______ detection relies on comparison of traffic to a database of known attack methods.
Signature-Based
172. Firewalls on home DSL / Cable routers tend to use port-blocking or _____
Packet-Filtering.
173. ______ is a device or application used to inspect all network traffic and alert the user or administrator when there has been unauthorized attempts or access.
IDS
174. Which OSI layer handles encryption?
Presentation Layer, Layer 6 of the OSI Model
175. In an IDS ______ detection compares current network traffic to a known-good baseline to look for anything out of the ordinary.
Anomaly based
176. A ________ may be exploited through a virus or worm