Exam 15: Computer Security Techniques

An effective IDS can serve as a deterrent, thus acting to prevent intrusions.

The key ingredients of an access matrix are __________ , objects, and access rights.

An antiworm approach that blocks outgoing traffic when a threshold is exceeded is referred to as _________ .

The two broad categories of approaches to dealing with buffer overflow attacks are run-time defenses and __________ .

_________ define the type and contents of a security descriptor.

Once a worm is resident on a machine, antivirus software cannot be used to detect it.

Anomaly approaches attempt to define proper behavior.

Passwords serve to authenticate the ID of the individual logging on to the system.

A user only needs a password in order to log on to a UNIX system.

With a _________ protocol, the user authenticates himself or herself to the token and then the token authenticates the user to the computer.

DAC is a concept that evolved out of requirements for military information security.

__________ aim to prevent or detect buffer overflows by instrumenting programs when they are compiled.

Rootkits are easy to detect and neutralize.

The primary purpose of a(n) _________ is to detect intrusions, log suspicious events, and send alerts.

The two types of audit records that may be used in an IDS are detection specific audit records and _________ .

Memory cards can store and process data.

The __________ determines whether the user is authorized to gain access to a system and the privileges accorded to the user.

Virtually all multiuser systems, network-based servers, Web-based e-commerce sites, and other similar services require that a user provide not only a name or identifier (ID) but also a _________ .

An important feature of Windows security is that applications can make use of the Windows security framework for user-defined objects.

__________ is based on pattern recognition.