Q&A Hero

Design

Q: Debit card is secure because it requires two credentials for authentication. This is also called ________. A) the supplicant's authentication B) the verifier's authentication C) two-factor authentication D) none of the above
Q: The digital certificate provides the ________. A) private key of the supplicant B) private key of the true party C) public key of the supplicant D) none of the above
Q: In digital certificate authentication, the verifier uses ________. A) the supplicant's public key B) the true party's public key C) both A and B D) neither A nor B
Q: In digital certificate authentication, the verifier gets the key it needs directly from the ________. A) supplicant B) verifier C) true party D) certificate authority
Q: In digital certificate authentication, the supplicant encrypts the challenge message with ________. A) the supplicant's private key B) the verifier's private key C) the true party's private key D) none of the above
Q: Which of the following can be done today without the target's knowledge? A) iris scanning B) face recognition C) both A and B D) neither A nor B
Q: Iris scanning is attractive because of its ________. A) low cost B) precision C) both A and B D) neither A nor B
Q: Which of the following is a form of biometrics? A) reusable passwords B) digital certificate authentication C) facial recognition D) all of the above
Q: The password "R7%t&" can be defeated by a ________. A) dictionary attack B) hybrid mode dictionary attack C) brute-force attack D) All of the above could defeat the password equally quickly.
Q: The password "NeVEr" can be defeated by a ________. A) dictionary attack B) hybrid dictionary attack C) brute-force attack D) none of the above
Q: To defeat brute-force attacks, a password must be ________. A) long B) complex C) both A and B D) neither A nor B
Q: The password "velociraptor" can be defeated most quickly by a ________. A) dictionary attack B) reverse engineering attack C) brute-force attack D) None of the above because it is more than 8 characters long.
Q: A password-cracking attack that tries all combinations of keyboard characters is called a ________. A) dictionary attack B) hybrid mode dictionary attack C) brute-force attack D) comprehensive keyboard attack
Q: Prepare2 can be cracked most quickly by a(n) ________. A) authentication attack B) brute-force attack C) dictionary attack D) hybrid dictionary attack
Q: A user picks the password "tiger." This is likely to be cracked quickly by a(n) ________. A) attack on an application running as root B) brute-force attack C) dictionary attack D) reverse engineering attack
Q: Passwords are widely used because they ________. A) are demanded by users B) offer strong authentication C) are the only authentication techniques known by most security professionals D) are inexpensive to use
Q: Authentication should generally be ________. A) as strong as possible B) appropriate for a specific resource C) the same for all resources, for consistency D) all of the above
Q: ________ is the general name for proofs of identity in authentication. A) Credentials B) Authorizations C) Certificates D) Signatures
Q: In authentication, the ________ is the party trying to prove his or her identity. A) supplicant B) verifier C) true party D) all of the above
Q: Requiring someone to use a resource to prove his or her identity is ________. A) confidentiality B) authentication C) authorization D) both B and C
Q: Using SSL/TLS for Web applications is attractive because SSL/TLS ________. A) is essentially free to use B) offers the strongest possible cryptographic protections C) both A and B D) neither A nor B
Q: SSL/TLS is used for ________. A) Web applications B) any application C) both A and B D) neither A nor B
Q: The messages of VPNs ________. A) share the same transmission lines B) are encrypted C) both A and B D) neither A nor B
Q: Electronic signatures also provide ________ in addition to authentication. A) message integrity B) message encryption C) both A and B D) neither A nor B
Q: Electronic signatures provide message-by-message ________. A) authentication B) confidentiality C) both A and B D) neither A nor B
Q: In symmetric key encryption, a key must be ________ bits long, or longer, to be considered strong. (Choose the choice closest to the correct answer.) A) 36 B) 56 C) 64 D) 128
Q: In two-way dialogues using symmetric key encryption, how many keys are used for encryption and decryption? A) 1 B) 2 C) 4 D) none of the above
Q: Using encryption, you make it impossible for attackers to read your messages even if they intercept them. This is ________. A) authentication B) confidentiality C) both A and B D) neither A nor B
Q: A specific encryption method is called a ________. A) code B) schema C) key method D) cipher
Q: What type of attacker can do the most damage? A) criminal attackers B) hackers driven by curiosity C) employees and ex-employees D) national governments
Q: Who are the most dangerous types of employees? A) financial employees B) manufacturing employees C) IT security employees D) former employees
Q: What type of attacker are most of attackers today? A) disgruntled employees and ex-employees B) career criminals C) hackers motivated by a sense of power D) cyberterrorists
Q: Advanced persistent threats are ________. A) inexpensive for the attacker B) extremely dangerous for the victim C) both A and B D) neither A nor B
Q: Which of the following can be upgraded after it is installed on a victim computer? (Choose the most specific answer.) A) Trojan horses B) bots C) viruses D) worms
Q: In distributed DoS attacks, the attacker sends messages directly to ________. A) bots B) the intended victim of the DoS attack C) a command and control server D) DOS servers
Q: Attack programs that can be remotely controlled by an attacker are ________. A) bots B) DoS programs C) exploits D) sock puppets
Q: DoS attacks attempt to ________. A) hack a computer B) reduce the availability of a computer C) steal information from a computer D) delete files on a computer
Q: Methods that hackers use to break into computers are ________. A) cracks B) magics C) exploits D) compromises
Q: You discover that you can get into other e-mail accounts after you have logged in under your account. You spend just a few minutes looking at another user's mail. Is that hacking? A) Yes B) No C) We cannot say from the information given.
Q: If you see a username and password on a Post-It note that anyone can see on a monitor, is it hacking if you use this information to log in? A) Yes B) No C) We cannot say from the information given.
Q: Which of the following meets the definition of hacking ________. A) to intentionally use a computer resource without authorization B) to use a computer on which you have an account for unauthorized purposes C) both A and B D) neither A nor B
Q: Which of the following tends to be more damaging to the victim? A) credit card theft B) identity theft C) Both are about equally damaging to the victim. D) Neither is damaging to the victim.
Q: Credit card number thieves are called ________. (Pick the most precise answer.) A) numbers racketeers B) fraudsters C) identity thieves D) carders
Q: An attack aimed at a single person or a small group of individuals is a(n) ________ attack. (Choose the most specific answer.) A) phishing B) spear phishing C) highly targeted D) customized
Q: An attack in which an authentic-looking e-mail or website entices a user to enter his or her username, password, or other sensitive information is called ________. (Select the most specific answer.) A) phishing B) identity theft C) social engineering D) a spyware attack
Q: Tricking users into doing something against their security interests is ________. A) social engineering B) hacking C) both A and B D) neither A nor B
Q: Pieces of code that are executed after the virus or worm has spread are called ________. A) vulnerabilities B) exploits C) compromises D) payloads
Q: Unsolicited commercial e-mail is better known as ________. A) spam B) adware C) social engineering D) identity theft
Q: Small malware programs that download larger malware programs are called ________. A) downloaders B) scouts C) foothold programs D) stage-one programs
Q: A program that can capture passwords as you enter them is ________. A) a keystroke logger B) data mining software C) both A and B D) neither A nor B
Q: The general name for malware on a user's PC that collects sensitive information and sends this information to an attacker is ________. A) keystroke loggers B) anti-privacy software C) spyware D) data mining software
Q: Trojan horses can spread by ________. A) e-mailing themselves to victim computers B) directly propagating to victim computers C) both A and B D) neither A nor B
Q: Malware programs that masquerade as system files are called ________. A) viruses B) scripts C) payloads D) Trojan horses
Q: Mobile code is another name for ________. A) virus B) worm C) both A and B D) neither A nor B
Q: Which of the following can spread more rapidly? A) directly-propagating viruses B) directly-propagating worms C) Both of the above can spread with approximately equal speed.
Q: Which of the following sometimes uses direct propagation between computers? A) viruses B) worms C) Trojan horses D) downloaders
Q: Viruses most commonly spread from one computer to another ________. A) via e-mail B) by propagating directly by themselves C) through obfuscation D) all of the above
Q: Which of the following attach themselves to other programs? A) Viruses B) Worms C) both A and B D) neither A nor B
Q: ________ are full programs. A) Viruses B) Worms C) both A and B D) neither A nor B
Q: Vulnerability-based attacks that occur before a patch is available are called ________ attacks. A) preinstallation B) stealth C) malware D) zero-day
Q: Users typically can eliminate a vulnerability in one of their programs by ________. A) installing a patch B) doing a zero-day installation C) using an antivirus program D) all of the above
Q: A ________ is a flaw in a program that permits a specific attack or set of attacks against this problem. A) malware B) security error C) vulnerability D) security fault
Q: The general name for a security flaw in a program is a ________. A) virus B) malware C) security fault D) vulnerability
Q: The general name for evil software is ________. A) virus B) worm C) exploit D) malware
Q: Which of the following probably suffered the most financial damage from the Target breach? A) retailers other than Target B) banks C) consumers D) POS terminal vendors
Q: Which of the following probably suffered the most financial damage from the Target breach? A) Target B) banks C) consumers D) POS vendors
Q: The Target attackers sold their stolen card information to ________. A) crimeware shops B) card shops C) card counterfeiters D) Hallmark
Q: The Target attackers probably first broke into Target using the credentials of a(n) ________. A) low-level Target employee B) Target IT employee C) Target security employee D) employee in a firm outside Target
Q: Which layer process does NOT do any encapsulation when an application layer process transmits a message? A) physical B) data link C) Internet D) All layers do encapsulation.
Q: After the data link layer process does encapsulation, it passes the IP packet to the ________ layer process. A) physical B) internet C) transport D) none of the above
Q: After the Internet layer process does encapsulation, it passes the IP packet to the ________ layer process. A) transport B) data link C) physical D) none of the above
Q: ________ is placing a message in the data field of another message. A) Encoding B) Vertical communication C) Layering D) Encapsulation
Q: A codec ________. A) encodes voice sounds into digital signals for transmission B) encodes voice sounds into analog signals for transmission C) encrypts the signal D) converts binary voice signals into digital signals for transmission
Q: The electrical signal generated by a microphone is called a(n) ________ signal. A) binary B) digital C) analog D) Either A or B.
Q: The five senses can be represented with a ________-bit field. A) 2 B) 3 C) 4 D) 5
Q: To represent 65 alternatives, your alternatives field would have to be at least ________ bits long. A) 5 B) 6 C) 7 D) 8
Q: A 7-bit field can represent ________ alternatives or different combinations. A) 14 B) 49 C) 128 D) 256
Q: A 5-bit field can represent ________ alternatives or different combinations. A) 8 B) 16 C) 32 D) 64
Q: Convert decimal 8 to binary. A) 100 B) 1000 C) 10000 D) 111
Q: Convert a decimal number 15 to the binary number. A) It is a binary number. B) 1100 C) 1101 D) 1111
1 2 3 68

Subjects

Accounting Anthropology Archaeology Art History Banking Biology & Life Science Business Business Communication Business Development Business Ethics Business Law Chemistry Communication Computer Science Counseling Criminal Law Curriculum & Instruction Design Earth Science Economic Education Engineering Finance History & Theory Humanities Human Resource International Business Investments & Securities Journalism Law Management Marketing Medicine Medicine & Health Science Nursing Philosophy Physic Psychology Real Estate Science Social Science Sociology Special Education Speech Visual Arts