TEST BANK
TEST BANK
,Network Security Essentials Applications and Standards, 5th Edition, by William
Stallings
CHAPTER 1: INTRODUCTION
TRUE OR FALSE
T F 1. With the introduction of the computer the need for automated
tools for protecting files and other information stored on the
computer became evident.
T F 2. There is a natural tendency on the part of users and system
managers to perceive little benefit from security investment until a
security failure occurs.
T F 3. There are clear boundaries between network security and internet
security.
T F 4. The CIA triad embodies the fundamental security objectives for
both data and for information and computing services.
T F 5. In developing a particular security mechanism or algorithm one
must always consider potential attacks on those security features.
T F 6. A loss of confidentiality is the unauthorized modification or
destruction of information.
T F 7. Patient allergy information is an example of an asset with a
moderate requirement for integrity.
T F 8. The more critical a component or service, the higher the level of
availability required.
T F 9. Data origin authentication provides protection against the
duplication or modification of data units.
T F 10. The emphasis in dealing with passive attacks is on prevention
rather than detection.
T F 11. Data integrity is the protection of data from unauthorized
disclosure.
T F 12. Information access threats exploit service flaws in computers to
inhibit use by legitimate users.
,Network Security Essentials Applications and Standards, 5th Edition, by William
Stallings
T F 13. Viruses and worms are two examples of software attacks.
T F 14. A connection-oriented integrity service deals with individual
messages without regard to any larger context and generally
provides protection against message modification only.
T F 15. Pervasive security mechanisms are not specific to any particular
OSI security service or protocol layer.
MULTIPLE CHOICE
1. _________ security consists of measures to deter, prevent, detect, and correct
security violations that involve the transmission of information.
A. Computer B. Internet
C. Intranet D. Network
2. Verifying that users are who they say they are and that each input arriving at
the system came from a trusted source.
A. authenticity B. accountability
C. integrity D. confidentiality
3. __________ assures that systems work promptly and service is not denied to
authorized users.
A. Integrity B. Availability
C. System integrity D. Data confidentiality
4. __________ assures that a system performs its intended function in an
unimpaired manner, free from deliberate or inadvertent unauthorized
manipulation of the system.
A. Data confidentiality B. Availability
C. System integrity D. Privacy
, Network Security Essentials Applications and Standards, 5th Edition, by William
Stallings
5. The security goal that generates the requirement for actions of an entity to be
traced uniquely to that entity is _________ .
A. accountability B. authenticity
C. privacy D. integrity
6. __________ attacks attempt to alter system resources or affect their operation.
A. Active B. Release of message content
C. Passive D. Traffic analysis
7. A __________ takes place when one entity pretends to be a different entity.
A. passive attack B. masquerade
C. modification of message D. replay
8. X.800 defines _________ as a service that is provided by a protocol layer of
communicating open systems and that ensures adequate security of the
systems or of data transfers.
A. replay B. integrity
C. authenticity D. security service
9. _________ is a professional membership society with worldwide organizational
and individual membership that provides leadership in addressing issues
that confront the future of the Internet and is the organization home for the
groups responsible for Internet infrastructure standards, including the IETF
and the IAB.
A. ITU-T B. ISO
C. FIPS D. ISOC
TEST BANK
,Network Security Essentials Applications and Standards, 5th Edition, by William
Stallings
CHAPTER 1: INTRODUCTION
TRUE OR FALSE
T F 1. With the introduction of the computer the need for automated
tools for protecting files and other information stored on the
computer became evident.
T F 2. There is a natural tendency on the part of users and system
managers to perceive little benefit from security investment until a
security failure occurs.
T F 3. There are clear boundaries between network security and internet
security.
T F 4. The CIA triad embodies the fundamental security objectives for
both data and for information and computing services.
T F 5. In developing a particular security mechanism or algorithm one
must always consider potential attacks on those security features.
T F 6. A loss of confidentiality is the unauthorized modification or
destruction of information.
T F 7. Patient allergy information is an example of an asset with a
moderate requirement for integrity.
T F 8. The more critical a component or service, the higher the level of
availability required.
T F 9. Data origin authentication provides protection against the
duplication or modification of data units.
T F 10. The emphasis in dealing with passive attacks is on prevention
rather than detection.
T F 11. Data integrity is the protection of data from unauthorized
disclosure.
T F 12. Information access threats exploit service flaws in computers to
inhibit use by legitimate users.
,Network Security Essentials Applications and Standards, 5th Edition, by William
Stallings
T F 13. Viruses and worms are two examples of software attacks.
T F 14. A connection-oriented integrity service deals with individual
messages without regard to any larger context and generally
provides protection against message modification only.
T F 15. Pervasive security mechanisms are not specific to any particular
OSI security service or protocol layer.
MULTIPLE CHOICE
1. _________ security consists of measures to deter, prevent, detect, and correct
security violations that involve the transmission of information.
A. Computer B. Internet
C. Intranet D. Network
2. Verifying that users are who they say they are and that each input arriving at
the system came from a trusted source.
A. authenticity B. accountability
C. integrity D. confidentiality
3. __________ assures that systems work promptly and service is not denied to
authorized users.
A. Integrity B. Availability
C. System integrity D. Data confidentiality
4. __________ assures that a system performs its intended function in an
unimpaired manner, free from deliberate or inadvertent unauthorized
manipulation of the system.
A. Data confidentiality B. Availability
C. System integrity D. Privacy
, Network Security Essentials Applications and Standards, 5th Edition, by William
Stallings
5. The security goal that generates the requirement for actions of an entity to be
traced uniquely to that entity is _________ .
A. accountability B. authenticity
C. privacy D. integrity
6. __________ attacks attempt to alter system resources or affect their operation.
A. Active B. Release of message content
C. Passive D. Traffic analysis
7. A __________ takes place when one entity pretends to be a different entity.
A. passive attack B. masquerade
C. modification of message D. replay
8. X.800 defines _________ as a service that is provided by a protocol layer of
communicating open systems and that ensures adequate security of the
systems or of data transfers.
A. replay B. integrity
C. authenticity D. security service
9. _________ is a professional membership society with worldwide organizational
and individual membership that provides leadership in addressing issues
that confront the future of the Internet and is the organization home for the
groups responsible for Internet infrastructure standards, including the IETF
and the IAB.
A. ITU-T B. ISO
C. FIPS D. ISOC
