Question 1

Which of the following is a limitation of packet-filtering firewalls?

Accepted Answer

A)  They do not protect against brute-force attacks. 
B)  They consider only the source of data packets, not the attached data. 
C)  It does not police inbound traffic, only outbound traffic. 
D)  They are not scalable to large businesses. 
A)  They do not protect against brute-force attacks. 
B)  They consider only the source of data packets, not the attached data. 
C)  It does not police inbound traffic, only outbound traffic. 
D)  They are not scalable to large businesses.

Question 2

Which of the following is not true of a capability?

Accepted Answer

A)  A capability can be created or discarded at will by the holder of the capability. 
B)  It is often implemented as a unique object identifier. 
C)  It is a pointer or token that grants privileges to the subject that possesses it. 
D)  Systems that employ capabilities can suffer from the lost object problem. 
A)  A capability can be created or discarded at will by the holder of the capability. 
B)  It is often implemented as a unique object identifier. 
C)  It is a pointer or token that grants privileges to the subject that possesses it. 
D)  Systems that employ capabilities can suffer from the lost object problem.

Question 3

A resident virus is a virus that ________.

Accepted Answer

A)  infects a system and spreads over a network to other systems. 
B)  infects the boot sector of a computer's hard disk. 
C)  enters a system hidden within a legitimate application. 
D)  that operates until the computer is powered down. 
A)  infects a system and spreads over a network to other systems. 
B)  infects the boot sector of a computer's hard disk. 
C)  enters a system hidden within a legitimate application. 
D)  that operates until the computer is powered down.

Question 4

________ is not required for secure transactions.

Accepted Answer

A)  Authorization 
B)  Authentication 
C)  Digital signatures 
D)  Privacy 
A)  Authorization 
B)  Authentication 
C)  Digital signatures 
D)  Privacy

Question 5

A substitution cipher ________.

Accepted Answer

A)  changes the order of the letters in the message 
B)  changes a message such that every occurrence of a particular letter is replaced by a different letter 
C)  uses a secret key to encrypt the bits of a message. 
D)  none of the above 
A)  changes the order of the letters in the message 
B)  changes a message such that every occurrence of a particular letter is replaced by a different letter 
C)  uses a secret key to encrypt the bits of a message. 
D)  none of the above

Question 6

How is authentication in Kerberos handled?

Accepted Answer

A)  With a key distribution center (KD
C) . 
B)  With a two-factor authentication service. 
C)  With an authentication server and a ticket granting service (TGS). 
D)  all of the above 
A)  With a key distribution center (KD
C) . 
B)  With a two-factor authentication service. 
C)  With an authentication server and a ticket granting service (TGS). 
D)  all of the above

Question 7

Access rights define how various ________ can access various ________.

Accepted Answer

A)  subjects, objects 
B)  processes, resources 
C)  users, software 
D)  all of the above 
A)  subjects, objects 
B)  processes, resources 
C)  users, software 
D)  all of the above

Question 8

The Secure Sockets Layer does not ________.

Accepted Answer

A)  require client authentication 
B)  secure communication between two computers on the Internet 
C)  determine whether packets have been maliciously altered during transmission. 
D)  implement public-key cryptography using the RSA algorithm 
A)  require client authentication 
B)  secure communication between two computers on the Internet 
C)  determine whether packets have been maliciously altered during transmission. 
D)  implement public-key cryptography using the RSA algorithm

Question 9

A common software exploitation is a ________.

Accepted Answer

A)  buffer overflow attack 
B)  denial-of-service attack 
C)  cryptanalytic attack 
D)  brute-force attack 
A)  buffer overflow attack 
B)  denial-of-service attack 
C)  cryptanalytic attack 
D)  brute-force attack

Question 10

Trojan horse viruses are difficult to detect because ________.

Accepted Answer

A)  they hide within the system until a certain time or condition is met 
B)  they allow a malicious user access to the system 
C)  they do not require any user action to be activated 
D)  they appear to be legitimate programs 
A)  they hide within the system until a certain time or condition is met 
B)  they allow a malicious user access to the system 
C)  they do not require any user action to be activated 
D)  they appear to be legitimate programs

Question 11

Which of the following is not true of PGP?

Accepted Answer

A)  It is a public-key encryption system that encrypts e-mail and files. 
B)  It can provide digital signatures. 
C)  It is based on a "web of trust." 
D)  It authenticates all users of PGP to all other users. 
A)  It is a public-key encryption system that encrypts e-mail and files. 
B)  It can provide digital signatures. 
C)  It is based on a "web of trust." 
D)  It authenticates all users of PGP to all other users.

Question 12

Cryptography is important because it ________.

Accepted Answer

A)  protects system components from malicious users 
B)  encodes and decodes messages so that it can be interpreted only by the intended recipients 
C)  restricts the capabilities of untrusted users of a system 
D)  protects a network from intruders 
A)  protects system components from malicious users 
B)  encodes and decodes messages so that it can be interpreted only by the intended recipients 
C)  restricts the capabilities of untrusted users of a system 
D)  protects a network from intruders

Question 13

According to the text, approximately how many attacks on corporate networks are internal?

Accepted Answer

A)  0% 
B)  25% 
C)  50% 
D)  75% 
A)  0% 
B)  25% 
C)  50% 
D)  75%

Question 14

Each cell in an access control matrix represents ________.

Accepted Answer

A)  whether a resource can be accessed by any user 
B)  the actions that a subject can perform on an object 
C)  whether a user belongs to a particular group 
D)  whether a group has access to a resource 
A)  whether a resource can be accessed by any user 
B)  the actions that a subject can perform on an object 
C)  whether a user belongs to a particular group 
D)  whether a group has access to a resource

Question 15

A distributed denial-of-service attack is ________.

Accepted Answer

A)  an attack in which requests are sent from multiple sources to overload a system. 
B)  an attack on a distributed system that overloads its network communications. 
C)  a means to counteract the security provided by a firewall. 
D)  none of the above 
A)  an attack in which requests are sent from multiple sources to overload a system. 
B)  an attack on a distributed system that overloads its network communications. 
C)  a means to counteract the security provided by a firewall. 
D)  none of the above

Question 16

The primary appeal of a role-based access control model is that ________.

Accepted Answer

A)  it allows users to belong to multiple roles 
B)  it assigns relationships between subjects and objects that are not limited to classes such as owners and groups 
C)  administrators only need to define specifics roles and assign users to those roles rather than defining specific privileges for each user 
D)  none of the above 
A)  it allows users to belong to multiple roles 
B)  it assigns relationships between subjects and objects that are not limited to classes such as owners and groups 
C)  administrators only need to define specifics roles and assign users to those roles rather than defining specific privileges for each user 
D)  none of the above

Question 17

A user can be identified by ________.

Accepted Answer

A)  user knowledge, such as passwords, PINs and lock combinations 
B)  ownership of an item, such as badges, keys and smart cards 
C)  a unique characteristic such as a fingerprint 
D)  all of the above 
A)  user knowledge, such as passwords, PINs and lock combinations 
B)  ownership of an item, such as badges, keys and smart cards 
C)  a unique characteristic such as a fingerprint 
D)  all of the above

Question 18

Which of the following is a problem for implementing wireless security?

Accepted Answer

A)  Unstable connections can cause a secure connection to fail, requiring it to be reinitiated. 
B)  Low bandwidth and processing power limit the ability to implement complex security mechanisms. 
C)  Accessing transmitted data does not require physically tapping into a wire. 
D)  all of the above 
A)  Unstable connections can cause a secure connection to fail, requiring it to be reinitiated. 
B)  Low bandwidth and processing power limit the ability to implement complex security mechanisms. 
C)  Accessing transmitted data does not require physically tapping into a wire. 
D)  all of the above

Question 19

________ is the most common key-agreement protocol.

Accepted Answer

A)  Secret key 
B)  Digital envelope 
C)  Session key 
D)  Triple DES 
A)  Secret key 
B)  Digital envelope 
C)  Session key 
D)  Triple DES

Question 20

A biometric is a(n) ________.

Accepted Answer

A)  unique personal characteristic 
B)  a program that validates a user's identification. 
C)  an encrypted password. 
D)  a card containing a microprocessor used to perform authenticiation. 
A)  unique personal characteristic 
B)  a program that validates a user's identification. 
C)  an encrypted password. 
D)  a card containing a microprocessor used to perform authenticiation.

Exam 19: Security Threats and Solutions in Cryptography and Access Control

Which of the following is a limitation of packet-filtering firewalls?

Which of the following is not true of a capability?

A resident virus is a virus that ________.

________ is not required for secure transactions.

A substitution cipher ________.

How is authentication in Kerberos handled?

Access rights define how various ________ can access various ________.

The Secure Sockets Layer does not ________.

A common software exploitation is a ________.

Trojan horse viruses are difficult to detect because ________.

Which of the following is not true of PGP?

Cryptography is important because it ________.

According to the text, approximately how many attacks on corporate networks are internal?

Each cell in an access control matrix represents ________.

A distributed denial-of-service attack is ________.

The primary appeal of a role-based access control model is that ________.

A user can be identified by ________.

Which of the following is a problem for implementing wireless security?

________ is the most common key-agreement protocol.

A biometric is a(n) ________.

Exploring Operating Systems and Distributed Computing: a Comprehensive Overview

Understanding Computer Systems and Programming Concepts

Understanding Processes and Threads in Operating Systems

Exploring Semaphores and Multithreading in Operating Systems

Exploring Thread Synchronization and Mutual Exclusion in Java

Concurrency and Deadlock in Database Systems: Exploring Monitor Implementation and Thread Synchronization in Java

Operating System Scheduling and Deadlock Prevention: a Comprehensive Guide

Understanding Processor Scheduling and Memory Management in Operating Systems

Memory Management in Operating Systems: Segmentation, Paging, and Strategies for Efficiency

Memory Management and Address Translation in Operating Systems

Memory Management and Page Replacement Strategies in Operating Systems

Disk Storage and Raid Technology

Understanding File Systems and Database Systems: a Comprehensive Overview

Exploring Performance Evaluation and Benchmarking in Computer Systems

Understanding Multiprocessor Organizations and System Performance

Understanding the Layers of the TCP/IP Protocol Stack

Understanding Distributed Systems and Operating Systems

Exploring Distributed File Systems and Grid Computing With NFS, AFS, Coda, and JXTA

Exploring the Linux Operating Systems Features and Functionality

In-Depth Analysis of Windows XP

Filters

Access rights define how various can access various .