Deck 5: Protecting Information Resources

A)Keystroke loggers
B)Spyware
C)Firmware
D)Script loggers

A)It is software that secretly gathers information about users while they browse the Web.
B)It is an attack that floods a server with service requests to prevent legitimate users' access to the system.
C)It is encryption security that manages transmission security on the Internet.
D)It is a programming routine built into a system by its designer to bypass system security and sneak back into the system later to access programs or files.

A)validity
B)confidentiality
C)integrity
D)availability

A)It involves monitoring and recording keystrokes.
B)It involves sending fraudulent e-mails that seem to come from legitimate sources.
C)It consists of self-propagating program code that is triggered by a specified time or event.
D)It prevents the disclosure of information to anyone who is not authorized to access it.

A)It is usually hidden inside a popular program,but it is not capable of replicating itself.
B)It floods a network or server with service requests to prevent legitimate users' access to the system.
C)It is an independent program that can spread itself without attaching itself to a host program.
D)It enables a system designer to bypass the security of a system and sneak back into the system later to access files.

A)a word is converted into a digital pattern.
B)keystrokes are monitored and recorded.
C)an illegitimate program poses as a legitimate one.
D)a firewall rejects the incoming data packets.

A)availability
B)confidentiality
C)integrity
D)validity

A)users' workstations
B)back-end systems
C)internal database servers
D)front-end servers

A)sniffing
B)screening
C)pharming
D)cybersquatting

A)validity
B)confidentiality
C)integrity
D)availability

A)the system's disk access is fast
B)system updates are recommended often
C)some programs suddenly increase in size
D)the available memory space remains constant

A)back-end server
B)corporate network
C)user's work station
D)front-end server

A)Keystroke logging
B)Dumpster diving
C)Bombing
D)Sabotage

A)reliability
B)confidentiality
C)integrity
D)availability

A)spoofing
B)phishing
C)baiting
D)pharming

A)back-end systems
B)external databases
C)private networks
D)front-end servers

A)in spear phishing,the attack is targeted toward a specific person or a group.
B)spear phishing involves monitoring and recording keystrokes.
C)in spear phishing,hackers capture and record network traffic.
D)spear phishing involves collecting sensitive information via phone calls.

A)sniffing
B)phishing
C)bombing
D)pharming

A)McCumber cube
B)Six Sigma model
C)Bohr model
D)SWOT analysis

A)It travels from computer to computer in a network,but it does not usually erase data.
B)It attaches itself to a host program to spread to other files in a computer.
C)It is a programming routine built into a system by its designer to bypass system security and sneak back into the system later to access data.
D)It floods a network or server with service requests to prevent legitimate users' access to the system.

A)integrity
B)confidentiality
C)validity
D)availability

A)disk mirroring
B)weblogging
C)voice recognition
D)social engineering

A)Nonbiometric security measures
B)Virtual security measures
C)Biometric security measures
D)Physical security measures

A)A physical security measure
B)A firewall security measure
C)An e-commerce security measure
D)A biometric security measure

A)Trojan programs
B)worms
C)viruses
D)McCumber cubes

A)Terminal resource security
B)A corner bolt
C)A callback modem
D)Signature analysis

A)blended threat
B)mirror disk
C)backdoor threat
D)firewall

A)biometric security
B)intrusion detection
C)virtual private
D)terminal resource 

A)They protect against external access,but they leave networks unprotected from internal intrusions.
B)They can identify attack signatures,trace patterns,and generate alarms for a network administrator.
C)They monitor network traffic and use the "prevent,detect,and react" approach to security.
D)They cause routers to terminate connections with suspicious sources.

A)Electronic trackers
B)Passwords
C)Firewalls
D)Identification badges

A)Electronic trackers
B)Retinal scanning
C)Callback modems
D)Signature analysis

A)A logic bomb
B)Dumpster diving
C)A blended threat
D)Shoulder surfing

A)Intrusion detection systems
B)Proxy servers
C)Identification badges
D)Virtual private networks

A)logic bomb
B)proxy server
C)firewall
D)backdoor

A)Hand geometry
B)Fingerprint recognition
C)Vein analysis
D)Palm prints

A)electronic trackers are attached to a computer at the power outlet
B)passwords are used to restrict access to computers
C)firewalls are used to filter data packets
D)a user's signature is verified before granting accessibility

A)latch
B)proxy server
C)backdoor
D)corner bolt

A)logic bomb
B)callback modem
C)proxy server
D)block multiplexer

A)Corner bolts
B)Identification badges
C)Callback modems
D)Electronic trackers

A)blended threat
B)denial-of-service attack
C)keystroke logging attack
D)backdoor threat

A)They are less secure than packet-filtering firewalls.
B)They filter viruses less effectively than packet-filtering firewalls.
C)They filter faster than packet-filtering firewalls.
D)They are more expensive than packet-filtering firewalls.

A)A public key infrastructure
B)Open key encryption
C)Secret key encryption
D)A private key infrastructure

A)risk assessment plan
B)systems engineering plan
C)disaster recovery plan
D)security compliance plan

A)It uses two different keys to encrypt and decrypt a message.
B)It requires more processing power than asymmetric encryption.
C)It is difficult to share a key over the Internet in symmetric encryption.
D)It is impossible to create digital signatures using symmetric encryption.

A)STOPzilla
B)AndroZip
C)Tumblr
D)Dogpile

A)Application Layer
B)Secure Sockets Layer
C)Transmission Control Protocol
D)User Datagram Protocol

A)Secure Sockets Layer
B)Transport Layer Security
C)User Datagram Protocol
D)Transmission Control Protocol

A)Plaintext
B)Cleartext
C)Teletext
D)Ciphertext

A)An access control system
B)Business continuity planning
C)An intrusion detection system
D)Terminal resource security

A)Firmware
B)Silverware
C)Freeware
D)Adware

A)database-resilient systems
B)vulnerability-evade systems
C)primary-defense systems
D)fault-tolerant systems

A)Phishing
B)Keystroke logging
C)Spoofing
D)Pharming

A)Transport Layer Security
B)Terminal Resource Security
C)Transmission Control Security
D)User Datagram Security

A)Symmetric encryption
B)Asymmetric encryption
C)Remote key encryption
D)Secret key encryption

A)User Datagram Protocol
B)Transmission Control Protocol
C)Internet Control Message Protocol
D)Layer Two Tunneling Protocol

A)a system quickly recovers in the event of a system failure or disaster.
B)the person using a credit card number is the card's legitimate owner.
C)the accuracy of information resources within an organization is maintained.
D)a system can easily be restored to operational status.

A)Computer fraud
B)Denial-of-service
C)Keystroke logging
D)Social engineering

A)provide level 1 security
B)restrict access controls to unauthorized personnel
C)provide information on security incidents
D)create backdoors to bypass security protocols

A)Symmetric encryption
B)Auto key generation
C)Public key cryptography
D)Message authentication

A)Keystroke loggers
B)Key chain planners
C)Key punchers
D)Key performers

A)It uses the same key to encrypt and decrypt a message.
B)It requires a large amount of processing power.
C)It can easily share a key over the Internet.
D)It needs the shared key to be a secret between the sender and the receiver.