Solutions Manual For Introduction to Computer Networks and
Cybersecurity 1st Edition By Chwan-Hwa (John) Wu; J. David
Irwin 9781138071896 ALL Chapters .
A malicious worm program is characterized by the following fundamental attribute:
1 point
Local installation with expert system administration
Multi-stage provisioning based on simple tools
Auto-propagation without human intervention
Simpler design than a Trojan horse program - ANSWER: C
Embedding a trap door into a login program results in which of the following:
1 point
A compliant version of the code with respect to some process frameworks
An improved version of the login program with enhanced secret access
A login program that requires encryption support
A Trojan horse
A trap door program with the potential to lock out authorized users - ANSWER: D
Learning the incredibly easy, but devastatingly effective techniques for hacking an
old soda machine is instructive, because it exemplifies which of the following
properties of cyber security?
1 point
Security fixes might be simple and effective
No system can ever be secure
Simple attacks might prompt complex redesigns
Security physical systems are simpler than you would think - ANSWER: C
Which of the following statements is true?
1 point
Dirty compilers are always written from clean code.
Dirty code is sometimes produced by clean compilers.
Dirty code is always produced by dirty developers.
Dirty compilers never produce clean code.
Clean code has no real difference from dirty code. - ANSWER: B
Cyber adversary motivation does not include which of the following:
1 point
Curiosity
Money
Politics
Fame
None of the above - ANSWER: E
Question 6
,Remote exploitation of an unaltered vehicle by hackers is enabled by which of the
following design decisions:
1 point
Being careless about the so-called "on-board bus architecture"
Not enforcing separation between on-board entertainment and safety systems
Using older, unsafe programming languages
All of above - ANSWER: D
Which of the following is a reasonable conclusion that one might draw by studying
Unix kernel attacks such as the old IFS exploit?
1 point
Open source code cannot help in the design of an attack
Seeing open source code might help one design an attack.
Set-uid-to-root should be used more extensively in OS design
The object code for an OS runtime system cannot be understood
Setting variables by users of an OS should be encouraged - ANSWER: B
The root cause of some discovered cyber security vulnerability might reasonably be
which of the following:
1 point
The developers didn't invest enough money during development
The designers had too much technical training
The government regulators were smarter than the developers expected
It was hidden and therefore acceptable to leave in place - ANSWER: A
Question 9
Buffer overflow attacks might best be avoided by which of the following preventive
approaches:
1 point
Picking better variable names
Using languages with strong type enforcement
Improving in-line comments
Replacing call-by-value with call-by-name
None of the above - ANSWER: B
The integrity threat can be exemplified by which of the following scenarios:
1 point
Every customer record is stolen by hackers
Every customer record is exposed by nation states
Customer records were hidden, but one might have been slightly garbled
The entire company database was posted to the Internet
None of the above - ANSWER: C
Hackers might produce an availability threat in which of the following scenarios?
1 point
A hacker causes a tiny delay in some system
A hacker causes no delay, but lies about it
,The entire company sees Spam in its in-box.
Money is stolen from the corporate bank account.
None of the above - ANSWER: A
The difference between a hurricane knocking out a data center and a malicious
hacker knocking out the same data center is the following:
1 point
One involves multiple vulnerabilities and the other is a weakness.
One is a vulnerability and the other is not.
One is an attack and the other is not.
There is no appreciable difference. Both result in a lost center.
One involves a single vulnerability and the other involves an attack. - ANSWER: C
Question 3
Which of the following statements is false?
1 point
You can build a finite list of assets
You cannot build a complete list of vulnerabilities
You can identify a finite list of threat types
You cannot build a complete list of attacks
None of the above are false. - ANSWER: E
Program testing is an ineffective means for detecting the absence of Trojan horses
for which of the following reasons?
1 point
Testing takes too long for most people's liking
Testers cannot draw conclusions about every possible use case
Testing costs more than verification
Trojan horses have no signature
Trusting a test is a bad idea from a security perspective - ANSWER: B
Pre-attack indicators are like post-attack indicators in which of the following ways:
1 point
Both will always prevent attacks
Both are really a waste of time for most tools
IP source shuns work about 50% of the time for both methods.
Neither can possibly prevent an attack.
Both are more effective in the presence of external threat intelligence - ANSWER: E
Question 6
DMARC is a standard that enforces which of the following IT infrastructure bindings:
1 point
Connects email content with checksums
Connects source and destination ports
Connects email source with email server IP address
Connects email destinations with cryptographically checked ports
None of the above - ANSWER: C
, Question 7
Fraud fits poorly into the CIA model for which of the following reasons:
1 point
Integrity has many fraud attributes
Fraud fits into existing categories, but only after some adjustment
Fraud is a unique scenario that does not easily fit into existing categories
Fraud and disclosure are mostly related - ANSWER: C
Question 8
Which of the following is an advantage of more reactive cyber defense (versus
proactive defense)?
1 point
Less false positives
Less false negatives
Fewer vendor options
More vendor options
Fewer firewall rules at the perimeter gateway - ANSWER: A
Question 9
Brute force attacks are good for which of the following scenarios?
1 point
Lots of attack choices, but most will not work
Fewer attack choices, and most will work
Large attack domain size that can be enumerated and traversed with automation
Small number of attacks, where each is complex
None of the above - ANSWER: C
Which of the following statements is not true?
1 point
Ciphertext-only is less secure than breaking encrypted text directly
Codebook is easier for bad guys to break than known plaintext
Known-plaintext hints cannot be controlled by the eavesdropper
Chosen-plaintext is more secure than codebook
None of these statements are true. - ANSWER: B
If the probability of some attack increases while the consequences of that same
attack decrease, a security engineer can quantitatively calculate the effects on
overall risk as follows:
1 point
Just calculate two different risk values and take the average.
By calculating risk using a common scale, simple arithmetic can be used.
Risk increases, because probability is a more intense factor.
Risk decreases, because probability is a less intense factor.
The engineer probably cannot make a reliable calculation. - ANSWER: E
Cybersecurity 1st Edition By Chwan-Hwa (John) Wu; J. David
Irwin 9781138071896 ALL Chapters .
A malicious worm program is characterized by the following fundamental attribute:
1 point
Local installation with expert system administration
Multi-stage provisioning based on simple tools
Auto-propagation without human intervention
Simpler design than a Trojan horse program - ANSWER: C
Embedding a trap door into a login program results in which of the following:
1 point
A compliant version of the code with respect to some process frameworks
An improved version of the login program with enhanced secret access
A login program that requires encryption support
A Trojan horse
A trap door program with the potential to lock out authorized users - ANSWER: D
Learning the incredibly easy, but devastatingly effective techniques for hacking an
old soda machine is instructive, because it exemplifies which of the following
properties of cyber security?
1 point
Security fixes might be simple and effective
No system can ever be secure
Simple attacks might prompt complex redesigns
Security physical systems are simpler than you would think - ANSWER: C
Which of the following statements is true?
1 point
Dirty compilers are always written from clean code.
Dirty code is sometimes produced by clean compilers.
Dirty code is always produced by dirty developers.
Dirty compilers never produce clean code.
Clean code has no real difference from dirty code. - ANSWER: B
Cyber adversary motivation does not include which of the following:
1 point
Curiosity
Money
Politics
Fame
None of the above - ANSWER: E
Question 6
,Remote exploitation of an unaltered vehicle by hackers is enabled by which of the
following design decisions:
1 point
Being careless about the so-called "on-board bus architecture"
Not enforcing separation between on-board entertainment and safety systems
Using older, unsafe programming languages
All of above - ANSWER: D
Which of the following is a reasonable conclusion that one might draw by studying
Unix kernel attacks such as the old IFS exploit?
1 point
Open source code cannot help in the design of an attack
Seeing open source code might help one design an attack.
Set-uid-to-root should be used more extensively in OS design
The object code for an OS runtime system cannot be understood
Setting variables by users of an OS should be encouraged - ANSWER: B
The root cause of some discovered cyber security vulnerability might reasonably be
which of the following:
1 point
The developers didn't invest enough money during development
The designers had too much technical training
The government regulators were smarter than the developers expected
It was hidden and therefore acceptable to leave in place - ANSWER: A
Question 9
Buffer overflow attacks might best be avoided by which of the following preventive
approaches:
1 point
Picking better variable names
Using languages with strong type enforcement
Improving in-line comments
Replacing call-by-value with call-by-name
None of the above - ANSWER: B
The integrity threat can be exemplified by which of the following scenarios:
1 point
Every customer record is stolen by hackers
Every customer record is exposed by nation states
Customer records were hidden, but one might have been slightly garbled
The entire company database was posted to the Internet
None of the above - ANSWER: C
Hackers might produce an availability threat in which of the following scenarios?
1 point
A hacker causes a tiny delay in some system
A hacker causes no delay, but lies about it
,The entire company sees Spam in its in-box.
Money is stolen from the corporate bank account.
None of the above - ANSWER: A
The difference between a hurricane knocking out a data center and a malicious
hacker knocking out the same data center is the following:
1 point
One involves multiple vulnerabilities and the other is a weakness.
One is a vulnerability and the other is not.
One is an attack and the other is not.
There is no appreciable difference. Both result in a lost center.
One involves a single vulnerability and the other involves an attack. - ANSWER: C
Question 3
Which of the following statements is false?
1 point
You can build a finite list of assets
You cannot build a complete list of vulnerabilities
You can identify a finite list of threat types
You cannot build a complete list of attacks
None of the above are false. - ANSWER: E
Program testing is an ineffective means for detecting the absence of Trojan horses
for which of the following reasons?
1 point
Testing takes too long for most people's liking
Testers cannot draw conclusions about every possible use case
Testing costs more than verification
Trojan horses have no signature
Trusting a test is a bad idea from a security perspective - ANSWER: B
Pre-attack indicators are like post-attack indicators in which of the following ways:
1 point
Both will always prevent attacks
Both are really a waste of time for most tools
IP source shuns work about 50% of the time for both methods.
Neither can possibly prevent an attack.
Both are more effective in the presence of external threat intelligence - ANSWER: E
Question 6
DMARC is a standard that enforces which of the following IT infrastructure bindings:
1 point
Connects email content with checksums
Connects source and destination ports
Connects email source with email server IP address
Connects email destinations with cryptographically checked ports
None of the above - ANSWER: C
, Question 7
Fraud fits poorly into the CIA model for which of the following reasons:
1 point
Integrity has many fraud attributes
Fraud fits into existing categories, but only after some adjustment
Fraud is a unique scenario that does not easily fit into existing categories
Fraud and disclosure are mostly related - ANSWER: C
Question 8
Which of the following is an advantage of more reactive cyber defense (versus
proactive defense)?
1 point
Less false positives
Less false negatives
Fewer vendor options
More vendor options
Fewer firewall rules at the perimeter gateway - ANSWER: A
Question 9
Brute force attacks are good for which of the following scenarios?
1 point
Lots of attack choices, but most will not work
Fewer attack choices, and most will work
Large attack domain size that can be enumerated and traversed with automation
Small number of attacks, where each is complex
None of the above - ANSWER: C
Which of the following statements is not true?
1 point
Ciphertext-only is less secure than breaking encrypted text directly
Codebook is easier for bad guys to break than known plaintext
Known-plaintext hints cannot be controlled by the eavesdropper
Chosen-plaintext is more secure than codebook
None of these statements are true. - ANSWER: B
If the probability of some attack increases while the consequences of that same
attack decrease, a security engineer can quantitatively calculate the effects on
overall risk as follows:
1 point
Just calculate two different risk values and take the average.
By calculating risk using a common scale, simple arithmetic can be used.
Risk increases, because probability is a more intense factor.
Risk decreases, because probability is a less intense factor.
The engineer probably cannot make a reliable calculation. - ANSWER: E
