Final Exam Paper
1. The principal goal of the information security program should be to ______.
Answer: ensure that systems and their contents remain the same.
2. Information security has more to do with _____ than with _____
Answer: management, technology
3. True or False: Many organizations find that their most valuable asset is their data.
Answer: True
4. True or False: A computer worm consists of segments of code that perform malicious actions.
Answer: True
5. ____ are hackers of limited skill who use expertly written software to attack a system
Answer: Unskilled Hackers
6. ____ occurs when an attacker or trusted insider steals information from a computer system and demands compensation for its return or for an agreement not to disclose …show more content…
it.
a. Information extortion
b. Technological extortion
c.
Insider trading
d. Information hording
Answer: A
7. ____ hack systems to conduct terrorist activities via network or Internet pathways.
a. Cyberhackers
b. Electronic terrorists
c. Cyberterrorists
d. Electronic hackers
Answer: C
8. True or False: Cyberterrorism has thus far been largely limited to acts such as the defacement of NATO Web pages during the war in Kosovo.
Answer: True
9. ______ is the illegal taking of another’s property, which can be physical, electronic, or intellectual.
Answer: Deliberate acts of theft
10. A(n) attack is an act that exploits a(n) ______.
Answer: Vulnerability in a controlled system
11. True or False: Warnings of attacks that are not valid are usually called hoaxes.
Answer: True
12. Using a known or previously installed access mechanism is called using a _____.
a. hidden bomb
b. vector
c. spoof
d. back door
Answer: D
13. When a program tries using all commonly used passwords, this is known as a(n) ______.
Answer: Dictionary attack
14. True or False: When a program tries to reverse-calculate passwords, this is known as a brute force spoof.
Answer: Password crack
15. Another name for TCP hijacking is _____.
a. man-in-the-middle
b. mail bombing
c.
spoofing
d. denial of service
Answer: A
16. Unsolicited commercial e-mail is also called _____.
Answer: Spam
17. ____ is “the redirection of legitimate Web traffic to an illegitimate site for the purpose of obtaining private information.”
Answer: Pharming
18. A ____ is an application error that occurs when more data is sent to a program buffer than it is designed to handle.
a. buffer underrun
b. buffer overrun
c. heap overflow
d. heap attack
Answer: Buffer overrun
19. ____ occurs when developers fail to properly validate user input before using it to query a relational database.
Answer: SQL Injection
20. True or False: The Domain Name System (DNS) is a function of the World Wide Web that converts a URL (Uniform Resource Locator) like www.course.com into the IP address of the Web server host.
Answer: True
21. True or False: HTTP is a stateful protocol where the computer programs on either end of the communication channel cannot rely on a guaranteed delivery of any message.
Answer: True
Answer: ensure that systems and their contents remain the same.
2. Information security has more to do with _____ than with _____
Answer: management, technology
3. True or False: Many organizations find that their most valuable asset is their data.
Answer: True
4. True or False: A computer worm consists of segments of code that perform malicious actions.
Answer: True
5. ____ are hackers of limited skill who use expertly written software to attack a system
Answer: Unskilled Hackers
6. ____ occurs when an attacker or trusted insider steals information from a computer system and demands compensation for its return or for an agreement not to disclose …show more content…
it.
a. Information extortion
b. Technological extortion
c.
Insider trading
d. Information hording
Answer: A
7. ____ hack systems to conduct terrorist activities via network or Internet pathways.
a. Cyberhackers
b. Electronic terrorists
c. Cyberterrorists
d. Electronic hackers
Answer: C
8. True or False: Cyberterrorism has thus far been largely limited to acts such as the defacement of NATO Web pages during the war in Kosovo.
Answer: True
9. ______ is the illegal taking of another’s property, which can be physical, electronic, or intellectual.
Answer: Deliberate acts of theft
10. A(n) attack is an act that exploits a(n) ______.
Answer: Vulnerability in a controlled system
11. True or False: Warnings of attacks that are not valid are usually called hoaxes.
Answer: True
12. Using a known or previously installed access mechanism is called using a _____.
a. hidden bomb
b. vector
c. spoof
d. back door
Answer: D
13. When a program tries using all commonly used passwords, this is known as a(n) ______.
Answer: Dictionary attack
14. True or False: When a program tries to reverse-calculate passwords, this is known as a brute force spoof.
Answer: Password crack
15. Another name for TCP hijacking is _____.
a. man-in-the-middle
b. mail bombing
c.
spoofing
d. denial of service
Answer: A
16. Unsolicited commercial e-mail is also called _____.
Answer: Spam
17. ____ is “the redirection of legitimate Web traffic to an illegitimate site for the purpose of obtaining private information.”
Answer: Pharming
18. A ____ is an application error that occurs when more data is sent to a program buffer than it is designed to handle.
a. buffer underrun
b. buffer overrun
c. heap overflow
d. heap attack
Answer: Buffer overrun
19. ____ occurs when developers fail to properly validate user input before using it to query a relational database.
Answer: SQL Injection
20. True or False: The Domain Name System (DNS) is a function of the World Wide Web that converts a URL (Uniform Resource Locator) like www.course.com into the IP address of the Web server host.
Answer: True
21. True or False: HTTP is a stateful protocol where the computer programs on either end of the communication channel cannot rely on a guaranteed delivery of any message.
Answer: True