Question 1
The ____ algorithm was the first public key encryption algorithm developed (in 1977) and published for commercial use.Selected Answer: 
RSACorrect Answer: RSAQuestion 2
____ controls are management and lower-level planning functions that deal with issues such as disaster recovery and incident response planning, personnel security, physical security, and the protection of production inputs and outputs.Selected Answer: OperationalCorrect Answer: OperationalQuestion 3
Best practices in firewall rule set configuration state that the firewall device is never accessible directly from the public network for configuration or management purposes.Selected Answer: TrueCorrect Answer: TrueQuestion 4
Intrusion detection consists of procedures and systems that identify system intrusions and take automatic corrective action when an intrusion is detected.Selected Answer: FalseCorrect Answer: FalseQuestion 5
Cryptography is the art and science of hiding information inside other, seemingly ordinary messages or documents.Selected Answer: FalseCorrect Answer: FalseQuestion 6
____ testing is a straightforward testing technique that looks for vulnerabilities in a program or protocol by feeding random input to the program or a network running the protocol.Selected Answer: FuzzCorrect Answer: FuzzQuestion 7
The Advanced Encryption Standard (AES) is an example of an asymmetric encryption system.Selected Answer: FalseCorrect Answer: FalseQuestion 8
Activities that scan network locales for active systems and then identify the network services offered by the host systems is known as ____.Selected Answer: fingerprintingCorrect Answer: fingerprintingQuestion 9
Nonrepudiation means that customers or partners can be held accountable for transactions, such as online purchases, which they cannot later deny.Selected Answer: TrueCorrect Answer: TrueQuestion 10
The Vigenere cipher is an example of a polyalphabetic substitution cipher.Selected Answer: TrueCorrect Answer: TrueQuestion 11
____ firewalls examine every incoming packet header and can selectively filter packets based on header information such as destination address, source address, packet type, and other key information.Selected Answer: Packet-filteringCorrect Answer: Packet-filteringQuestion 12
Compared to symmetric encryption, asymmetric encryption is generally not as efficient in terms of CPU computations.Selected Answer: TrueCorrect Answer: TrueQuestion 13
The dominant architecture used to secure network access today is the ____ firewall.Selected Answer: screened subnetCorrect Answer: screened subnetQuestion 14
____ inspection firewalls keep track of each network connection between internal and external systems.Selected Answer: StatefulCorrect Answer: StatefulQuestion 15
The crossover error rate is the level at which the number of false rejections equals the false acceptances.Selected Answer: TrueCorrect Answer: TrueQuestion 16
____ is an integrated system of software, encryption methodologies, protocols, legal agreements, and third-party services that enables users to communicate securely.Selected Answer: PKICorrect Answer: PKIQuestion 17
A recent attack method called sunshine cracking uses a database of precomputed hashes from sequentially calculated passwords. The sunshine cracker simply looks up the hashed password and reads out the text version of the password, no brute force required.Selected Answer: FalseCorrect Answer: FalseQuestion 18
____ is a hybrid cryptosystem originally designed in 1991 by Phil Zimmermann.Selected Answer: PGPCorrect Answer: PGPQuestion 19
The application firewall runs special software that acts as a proxy for a service request.Selected Answer: TrueCorrect Answer: TrueQuestion 20
Wired Equivalent Privacy (WEP) was an early attempt to provide security with the 802.11 wireless network protocol but is now considered too cryptographically weak to provide any meaningful protection from eavesdropping.Selected Answer: TrueCorrect Answer: TrueQuestion 21
____ controls set the direction and scope of the security process, and provide detailed instructions for its conduct, as well as addressing the design and implementation of the security planning process.Selected Answer: ManagerialCorrect Answer: ManagerialQuestion 22
A warm site provides many of the same services and options of a hot site, though typically without configured applications.Selected Answer: TrueCorrect Answer: TrueQuestion 23
____ is the information used in conjunction with an algorithm to create the ciphertext from the plaintext or derive the plaintext from the ciphertext.Selected Answer: KeyCorrect Answer: KeyQuestion 24
____ are encrypted messages that can be mathematically proven to be authentic.Selected Answer: Digital signaturesCorrect Answer: Digital signaturesQuestion 25
____ controls are the tactical implementations of security in the organization and include logical access controls, such as authentication, authorization, and cryptography.Selected Answer: TechnicalCorrect Answer: TechnicalQuestion 26
Host-based IDSs are usually installed on the machines they protect to monitor the status of various files stored on those machines.Selected Answer: TrueCorrect Answer: TrueQuestion 27
Hash algorithms are publicly known functions that create a value by converting variable-length messages into a single fixed-length value.Selected Answer: TrueCorrect Answer: True
Tuesday, January 14, 2014
CIS 481-20: INTRO TO INFORM SECURITY EXAM 2
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment