1. No cybercriminal databases exist that can point investigators to likely suspects.
2. Complying with regulations and contractual obligations is a benefit of security awareness, training, and education programs.
3. Deleting the browsing history and cookies in a computer system can be the way to completely delete the recently visited sites.
4. A malicious driver can potentially bypass many security controls to install malware
5. A stack overflow can result in some form of denial-of-service attack on a system
MULTIPLE CHOICES QUESTIONS
6. Broad categories of payloads that malware may carry include which of the following:
A. Corruption of system or data files
B. Theft of service in order to make the system a zombie agent of attack as part of a botnet
C. Theft of information from the system, especially of logins, passwords or other personal details by keylogging or spyware programs;
D. All of the above
7. The _______ category is a transitional stage between awareness and training.
A. roles and responsibilities relative to IT systems
B. security basics and literacy
C. education and experience
D. security awareness
8. What is both a benefit and a potentially harmful implication of multilayer protocols?
C. hash integrity checking
D. logical addressing
9. The World Wide Web (WWW) can be protected against the risk of eavesdropping in an economical and convenient manner through the use of which of the following?
A. link and document encryption
B. Secure Socket layer and secure HTTP
C. Link encryption and secure socket layer
D. Document encryption and secure HTTP
10. An effective way to run a World Wide Web (WWW) service is not by.
A. Disabling automatic directory listings
B. Placing the standard WWW computer outside the firewall in the DMZ
C. Implementing encryption
D. Relying on third-party providers
11. Methods to avoid SQL injection include which of the following?
A. Providing functions to escape special characters
B. Techniques for the automatic detection of database language in legacy code.
C. Techniques for the automatic detection of SQL language in legacy code.
D. All of the above
12. __________ is when the data in the SDB can be modified so as to produce statistics that cannot be used to infer values for individual records. resource.
A. Data perturbation
B. Database access control
C. Inference channeling
D. Output perturbation
13. With __________ the records in the database are clustered into a number of mutually exclusive groups and the user may only query the statistical properties of each group as a whole.
D. query restriction
14. __________ applications is a control that limits the programs that can execute on the system to just those in an explicit list..
B. white listing
15. Matthew recently authored an innovative algorithm for solving a mathematical problem that he would like to share with the world. However, prior to publishing the software code in a technical journal, he would like to obtain some sort of intellectual property protection. Which type of protection is best suited to his needs?
D. trade secrete
16. Richard received an encrypted message sent to him by Sue. Which key should he use to decrypt the message?
A. Richard’s public key
B. Richard’s private key
C. Sue’s public key
D. Sue’s private key
17. Which of the following malicious code objects might be inserted in an application by a disgruntled software developer with the purpose of destroying system data after the developer’s account has been deleted (e.g. following his/her termination)
C. Trojan horse
D. Logic bomb
FILL-IN THE BLANK QUESTION
18. The information transfer path by which unauthorized data is obtained is referred to as an ___________ channel
19. ________ is a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources that can be rapidly provisioned and released with minimal management effort or service provider interaction.
20. Gust OSs are managed by a ______, or VMM, that coordinates access between each of the guests and the actual physical hardware resources..
SHORT ANSWER QUESTION
21. How can a web site distinguish between lack of capacity and a denial-of-service attack? For example, web sites often experience a tremendous increase in volume of traffic right after an advertisement with the site’s URL is shown on television during the broadcast of a popular sporting event. That spike in usage is the result of normal access that happens to occur at the same time. How can a site determine that high traffic is reasonable?
22. What are some of the individual rights associated with information privacy? Do expectations of privacy change depending on the individual’s environment? If so, how?
23. Why is a firewall a good place to implement a VPN? Why not implement it at the actual server(s) being accessed?
24. Assume you operate an Apache-based Linux Web server that hosts your company’s e-commerce site. Assume further that there is a worm called “WorminatorX,” which exploits a (fictional) buffer overflow bug in the Apache Web server package that can result in a remote root compromise. Construct a simple threat model that describes the risk this represents: assets, vulnerability, attack-vector, attacker(s), likelihood of occurrence, likely impact, and plausible mitigations
25. Consider a popular DRM system like Apple’s FairPlay, used in to protect audio tracks purchased from the iTunes music store. If a person purchased a track from the iTunes store by an artist managed by a record company such as EMI, identify which company or person fulfils each of the DRM component roles shown in Figure 19.3 of Stallings & Brown.