Question 1

This is an attack on a computer system that takes advantage of a particular vulnerability that the system offers to intruders.

Accepted Answer

A) Port scan 
B) Denial of service 
C) Exploit 
D) Logic bomb 
A) Port scan 
B) Denial of service 
C) Exploit 
D) Logic bomb C

Question 2

This is the encryption algorithm that will begin to supplant the Data Encryption Standard (DES) - and later Triple DES - over the next few years as the new standard encryption algorithm.

Accepted Answer

A) Rijndael 
B) Kerberos 
C) Blowfish 
D) IPsec 
A) Rijndael 
B) Kerberos 
C) Blowfish 
D) IPsec A

Question 3

The developers of an operating system or vendor application might issue this to prevent intruders from taking advantage of a weakness in their programming.

Accepted Answer

A) Cookie 
B) Key fob 
C) Watermark 
D) Patch 
A) Cookie 
B) Key fob 
C) Watermark 
D) Patch D

Question 4

Developed by Philip R. Zimmermann, this is the most widely used privacy-ensuring program by individuals and is also used by many corporations.

Accepted Answer

A) DS 
B) OCSP 
C) Secure HTTP 
D) Pretty Good Privacy 
A) DS 
B) OCSP 
C) Secure HTTP 
D) Pretty Good Privacy

Question 5

What "layer" of an e-mail message should you consider when evaluating e-mail security?

Accepted Answer

A) TCP/IP 
B) SMTP 
C) Body 
D) All of the above 
A) TCP/IP 
B) SMTP 
C) Body 
D) All of the above

Question 6

In password protection, this is a random string of data used to modify a password hash.

Accepted Answer

A) Sheepdip 
B) Salt 
C) Bypass 
D) Dongle 
A) Sheepdip 
B) Salt 
C) Bypass 
D) Dongle

Question 7

This is the forging of an e-mail header so that the message appears to have originated from someone or somewhere other than the actual source.

Accepted Answer

A) Foot printing 
B) Non repudiation 
C) E-mail spoofing 
D) Finger 
A) Foot printing 
B) Non repudiation 
C) E-mail spoofing 
D) Finger

Question 8

This is a mode of operation for a block cipher, with the characteristic that each possible block of plaintext has a defined corresponding cipher text value and vice versa.

Accepted Answer

A) Foot printing 
B) Hash function 
C) Watermark 
D) Electronic Code Book 
A) Foot printing 
B) Hash function 
C) Watermark 
D) Electronic Code Book

Question 9

This type of attack may cause additional damage by sending data containing codes designed to trigger specific actions - for example, changing data or disclosing confidential information.

Accepted Answer

A) Buffer overflow 
B) Block cipher 
C) War dialing 
D) Distributed denial-of-service attack 
A) Buffer overflow 
B) Block cipher 
C) War dialing 
D) Distributed denial-of-service attack

Question 10

This is a compromised Web site that is being used as an attack launch point in a denialof-service attack.

Accepted Answer

A) Bastion host 
B) Packet monkey 
C) Dongle 
D) Zombie 
A) Bastion host 
B) Packet monkey 
C) Dongle 
D) Zombie

Question 11

This is a type of network security attack in which the intruder takes control of a communication between two entities and masquerades as one of them.

Accepted Answer

A) Hijacking 
B) Identity theft 
C) Smurf attack 
D) Tunneling 
A) Hijacking 
B) Identity theft 
C) Smurf attack 
D) Tunneling

Question 12

This is the modification of personal information on a Web user's computer to gain unauthorized information with which to obtain access to the user's existing accounts.

Accepted Answer

A) Identity theft 
B) Cookie poisoning 
C) Shoulder surfing 
D) Relative identifier 
A) Identity theft 
B) Cookie poisoning 
C) Shoulder surfing 
D) Relative identifier

Question 13

This was commonly used in cryptography during World War II.

Accepted Answer

A) Tunneling 
B) Personalization 
C) Van Eck phreaking 
D) One-time pad 
A) Tunneling 
B) Personalization 
C) Van Eck phreaking 
D) One-time pad

Question 14

Today, many Internet businesses and users take advantage of cryptography based on this approach.

Accepted Answer

A) Public key infrastructure 
B) Output feedback 
C) Encrypting File System 
D) Single sign on 
A) Public key infrastructure 
B) Output feedback 
C) Encrypting File System 
D) Single sign on

Question 15

This is a program in which harmful code is contained inside apparently harmless programming or data.

Accepted Answer

A) Snort 
B) Honeypot 
C) Blue bomb 
D) Trojan horse 
A) Snort 
B) Honeypot 
C) Blue bomb 
D) Trojan horse

Question 16

An intruder might install this on a networked computer to collect user ids and passwords from other machines on the network.

Accepted Answer

A) Passphrase 
B) Root kit 
C) Ownership tag 
D) Token 
A) Passphrase 
B) Root kit 
C) Ownership tag 
D) Token

Question 17

This electronic "credit card" establishes a user's credentials when doing business or other transactions on the Web and is issued by a certification authority.

Accepted Answer

A) Private key 
B) Digital certificate 
C) Smart card 
D) Ownership tag 
A) Private key 
B) Digital certificate 
C) Smart card 
D) Ownership tag

Question 18

This is the inclusion of a secret message in otherwise unencrypted text or images.

Accepted Answer

A) Masquerade 
B) Steganography 
C) Spoof 
D) Eye-in-hand system 
A) Masquerade 
B) Steganography 
C) Spoof 
D) Eye-in-hand system

Question 19

This type of intrusion relies on the intruder's ability to trick people into breaking normal security procedures.

Accepted Answer

A) Shoulder surfing 
B) Hijacking 
C) Brain fingerprinting 
D) Social engineering 
A) Shoulder surfing 
B) Hijacking 
C) Brain fingerprinting 
D) Social engineering

Question 20

This is the name for the issuer of a PKI certificate.

Accepted Answer

A) Man in the middle 
B) Certificate authority 
C) Resource Access Control Facility 
D) Script kiddy 
A) Man in the middle 
B) Certificate authority 
C) Resource Access Control Facility 
D) Script kiddy

This is an attack on a computer system that takes advantage of a particular vulnerability that the system offers to intruders.

This is the encryption algorithm that will begin to supplant the Data Encryption Standard (DES) - and later Triple DES - over the next few years as the new standard encryption algorithm.

The developers of an operating system or vendor application might issue this to prevent intruders from taking advantage of a weakness in their programming.

Developed by Philip R. Zimmermann, this is the most widely used privacy-ensuring program by individuals and is also used by many corporations.

What "layer" of an e-mail message should you consider when evaluating e-mail security?

In password protection, this is a random string of data used to modify a password hash.

This is the forging of an e-mail header so that the message appears to have originated from someone or somewhere other than the actual source.

This is a mode of operation for a block cipher, with the characteristic that each possible block of plaintext has a defined corresponding cipher text value and vice versa.

This type of attack may cause additional damage by sending data containing codes designed to trigger specific actions - for example, changing data or disclosing confidential information.

This is a compromised Web site that is being used as an attack launch point in a denialof-service attack.

This is a type of network security attack in which the intruder takes control of a communication between two entities and masquerades as one of them.

This is the modification of personal information on a Web user's computer to gain unauthorized information with which to obtain access to the user's existing accounts.

This was commonly used in cryptography during World War II.

Today, many Internet businesses and users take advantage of cryptography based on this approach.

This is a program in which harmful code is contained inside apparently harmless programming or data.

An intruder might install this on a networked computer to collect user ids and passwords from other machines on the network.

This electronic "credit card" establishes a user's credentials when doing business or other transactions on the Web and is issued by a certification authority.

This is the inclusion of a secret message in otherwise unencrypted text or images.

This type of intrusion relies on the intruder's ability to trick people into breaking normal security procedures.

This is the name for the issuer of a PKI certificate.

Cybersecurity and Technology

Filters

Exam 2: Cybersecurity and Cryptography

This is an attack on a computer system that takes advantage of a particular vulnerability that the system offers to intruders.

This is the encryption algorithm that will begin to supplant the Data Encryption Standard (DES) - and later Triple DES - over the next few years as the new standard encryption algorithm.

The developers of an operating system or vendor application might issue this to prevent intruders from taking advantage of a weakness in their programming.

Developed by Philip R. Zimmermann, this is the most widely used privacy-ensuring program by individuals and is also used by many corporations.

What "layer" of an e-mail message should you consider when evaluating e-mail security?

In password protection, this is a random string of data used to modify a password hash.

This is the forging of an e-mail header so that the message appears to have originated from someone or somewhere other than the actual source.

This is a mode of operation for a block cipher, with the characteristic that each possible block of plaintext has a defined corresponding cipher text value and vice versa.

This type of attack may cause additional damage by sending data containing codes designed to trigger specific actions - for example, changing data or disclosing confidential information.

This is a compromised Web site that is being used as an attack launch point in a denialof-service attack.

This is a type of network security attack in which the intruder takes control of a communication between two entities and masquerades as one of them.

This is the modification of personal information on a Web user's computer to gain unauthorized information with which to obtain access to the user's existing accounts.

This was commonly used in cryptography during World War II.

Today, many Internet businesses and users take advantage of cryptography based on this approach.

This is a program in which harmful code is contained inside apparently harmless programming or data.

An intruder might install this on a networked computer to collect user ids and passwords from other machines on the network.

This electronic "credit card" establishes a user's credentials when doing business or other transactions on the Web and is issued by a certification authority.

This is the inclusion of a secret message in otherwise unencrypted text or images.

This type of intrusion relies on the intruder's ability to trick people into breaking normal security procedures.

This is the name for the issuer of a PKI certificate.

Cybersecurity and Technology

Filters