True / False
1. The Domain Name Service is what translates human-readable domain names into IP
addresses that computers and routers understand.
True
2. The type of hacking that involves breaking into telephone systems is called sneaking.
False—This type of hacking is called phreaking.
3. The technique for breaching a system’s security by exploiting human nature rather than
technology is war-driving.
False—This describes social engineering.
4. Malware is a generic term for software that has a malicious purpose.
True
5. Software that lays dormant until some specific condition is met is a Trojan horse.
False—This describes a logic bomb. Usually the condition that is met is a date
and time.
6. Someone who breaks into a system legally to assess security deficiencies is a sneaker.
True—Companies may solicit the services of a sneaker to assess the company’s
vulnerabilities.
7. Auditing is the process to determine if a user’s credentials are authorized to access a
network resource.
False—This describes authentication. Auditing is the process to review logs,
records, and procedures.
8. Confidentiality, integrity, and availability are three pillars of the CIA triangle.
True
9. The Health Insurance Portability and Accountability Act of 1996 requires government
agencies to identify sensitive systems, conduct computer security training, and develop
computer security plans.
False—This describes the Computer Security Act of 1987.
10The SANS Institute website is a vast repository of security-related documentation.
True
Multiple Choice
1. In which type of hacking does the user block access from legitimate users without
actually accessing the attacked system?
a. Denial of service
SCHOLARVAULT
, b. Web #nhattack
c. Session #nhhijacking
d. None #nhof #nhthe #nhabove
Answer #nhA. #nhA #nhdenial-of-service #nhattack #nhis #nhprobably #nhthe #nhmost #nhcommon #nhattack #nhon
#nhthe #nhweb.
2. Your #nhcompany #nhis #nhinstituting #nha #nhnew #nhsecurity #nhawareness #nhprogram. #nhYou #nhare
#nhresponsible #nhfor #nheducating #nhend #nhusers #nhon #nha #nhvariety #nhof #nhthreats, #nhincluding #nhsocial
#nhengineering. #nhWhich #nhof #nhthe #nhfollowing #nhbest #nhdefines #nhsocial #nhengineering?
a. Illegal #nhcopying #nhof #nhsoftware
b. Gathering #nhinformation #nhfrom #nhdiscarded #nhmanuals #nhand #nhprintouts
c. Using #nhpeople #nhskills #nhto #nhobtain #nhproprietary #nhinformation
d. Destruction #nhor #nhalteration #nhof #nhdata
Answer #nhD. #nhSocial #nhEngineering #nhis #nhbasically #nhusing #nhpeople #nhskills #nhto #nhgather
#nhinformation
3. Which #nhtype #nhof #nhhacking #nhoccurs #nhwhen #nhthe #nhattacker #nhmonitors #nhan
#nhauthenticated #nhsession #nhbetween #nhthe #nhclient #nhand #nhthe #nhserver #nhand #nhtakes #nhover
#nhthat #nhsession?
a. Denial #nhof #nhservice
b. Web #nhattack
c. Session #nhhijacking
d. None #nhof #nhthe #nhabove
Answer #nhC.
4. Someone #nhwho #nhfinds #nha #nhflaw #nhin #nha #nhsystem #nhand #nhreports #nhthat #nhflaw #nhto
#nhthe #nhvendor #nhof #nhthe #nhsystem #nhis #nha #nh .
a. White #nhhat #nhhacker
b. Black #nhhat #nhhacker
c. Gray #nhhat #nhhacker
d. Red #nhhat #nhhacker
Answer #nhA. #nhWhite #nhhat #nhhackers #nhare #nhoften #nhhired #nhby #nhcompanies #nhto #nhdo #nhpenetration
#nhtests.
5. Someone #nhwho #nhgains #nhaccess #nhto #nha #nhsystem #nhand #nhcauses #nhharm #nhis #nha #nh ?
a. White #nhhat #nhhacker
b. Black #nhhat #nhhacker
c. Grey #nhhat #nhhacker
d. Red #nhhat #nhhacker
Answer #nhB. # n h A #nhblack #nhhat #nhhacker #nhmight #nhsteal #nhdata, #nherase #nhfiles, #nhor #nhdeface
#nhwebsites.
6. A #nhblack #nhhat #nhhacker #nhis #nhalso #nhcalled #nha #nh
a. Thief
b. Cracker
c. Sneaker
SCHOLARVAULT
,d. None #nhof #nhthe #nhabove
SCHOLARVAULT
, Answer #nhB.
7. Someone #nhwho #nhcalls #nhhimself #nha #nhhacker #nhbut #nhlacks #nhthe #nhexpertise #nhis #nha #nh .
a. Script #nhkiddy
b. Sneaker
c. White #nhhat #nhhacker
d. Black #nhhat #nhhacker
Answer #nhA. # n h There #nhare #nhmany #nhInternet #nhtools #nhthat #nhcan #nhbe #nhused #nhto #nhperform
#nhhacking #nhtasks, #nhand #nhusers #nhof #nhthese #nhtools #nhwho #nhdon’t #nhunderstand #nhthe #nhtarget
#nhsystem #nhare #nhscript #nhkiddies.
8. Someone #nhwho #nhlegally #nhbreaks #nhinto #nha #nhsystem #nhto #nhassess #nhsecurity #nhdeficiencies #nhis #nha
.
a. Script #nhkiddy
b. Penetration #nhtester
c. White #nhhat #nhhacker
d. Black #nhhat #nhhacker
Answer #nhB. #nhAnyone #nhhired #nhto #nhassess #nhthe #nhvulnerabilities #nhof #nha #nhsystem #nhshould #nhbe
#nhboth #nhtechnically #nhproficient #nhand #nhethical.
9. A(n) #nh is #nha #nhbasic #nhsecurity #nhdevice #nhthat #nhfilters #nhtraffic #nhand #nhis #nha
#nhbarrier #nhbetween #nha #nhnetwork #nhand #nhthe #nhoutside #nhworld #nhor #nhbetween #nha #nhsystem
#nhand #nhother #nhsystems.
a. Firewall
b. Proxy #nhserver
c. Intrusion #nhdetection #nhsystem
d. Network #nhMonitor
Answer #nhA. #nhA #nhfirewall #nhcan #nhbe #nha #nhserver, #nha #nhrouter, #nhor #nhsoftware #nhrunning #nhon #nha
#nhmachine.
10. A(n) #nhhides #nhthe #nhinternal #nhnetwork’s #nhIP #nhaddress #nhand #nhpresents #nha #nhsingle #nhIP
#nhaddress #nhto #nhthe #nhoutside #nhworld.
a. Firewall
b. Proxy #nhserver
c. Intrusion #nhdetection #nhsystem
d. Network #nhMonitor
Answer #nhB.
11. Which #nhone #nhof #nhthese #nhis #nhNOT #nhone #nhthe #nhthree #nhpillars #nhof #nhsecurity #nhin #nhthe #nhCIA
#nhtriangle?
a. Confidentiality
b. Integrity
c. Availability
d. Authentication
SCHOLARVAULT
1. The Domain Name Service is what translates human-readable domain names into IP
addresses that computers and routers understand.
True
2. The type of hacking that involves breaking into telephone systems is called sneaking.
False—This type of hacking is called phreaking.
3. The technique for breaching a system’s security by exploiting human nature rather than
technology is war-driving.
False—This describes social engineering.
4. Malware is a generic term for software that has a malicious purpose.
True
5. Software that lays dormant until some specific condition is met is a Trojan horse.
False—This describes a logic bomb. Usually the condition that is met is a date
and time.
6. Someone who breaks into a system legally to assess security deficiencies is a sneaker.
True—Companies may solicit the services of a sneaker to assess the company’s
vulnerabilities.
7. Auditing is the process to determine if a user’s credentials are authorized to access a
network resource.
False—This describes authentication. Auditing is the process to review logs,
records, and procedures.
8. Confidentiality, integrity, and availability are three pillars of the CIA triangle.
True
9. The Health Insurance Portability and Accountability Act of 1996 requires government
agencies to identify sensitive systems, conduct computer security training, and develop
computer security plans.
False—This describes the Computer Security Act of 1987.
10The SANS Institute website is a vast repository of security-related documentation.
True
Multiple Choice
1. In which type of hacking does the user block access from legitimate users without
actually accessing the attacked system?
a. Denial of service
SCHOLARVAULT
, b. Web #nhattack
c. Session #nhhijacking
d. None #nhof #nhthe #nhabove
Answer #nhA. #nhA #nhdenial-of-service #nhattack #nhis #nhprobably #nhthe #nhmost #nhcommon #nhattack #nhon
#nhthe #nhweb.
2. Your #nhcompany #nhis #nhinstituting #nha #nhnew #nhsecurity #nhawareness #nhprogram. #nhYou #nhare
#nhresponsible #nhfor #nheducating #nhend #nhusers #nhon #nha #nhvariety #nhof #nhthreats, #nhincluding #nhsocial
#nhengineering. #nhWhich #nhof #nhthe #nhfollowing #nhbest #nhdefines #nhsocial #nhengineering?
a. Illegal #nhcopying #nhof #nhsoftware
b. Gathering #nhinformation #nhfrom #nhdiscarded #nhmanuals #nhand #nhprintouts
c. Using #nhpeople #nhskills #nhto #nhobtain #nhproprietary #nhinformation
d. Destruction #nhor #nhalteration #nhof #nhdata
Answer #nhD. #nhSocial #nhEngineering #nhis #nhbasically #nhusing #nhpeople #nhskills #nhto #nhgather
#nhinformation
3. Which #nhtype #nhof #nhhacking #nhoccurs #nhwhen #nhthe #nhattacker #nhmonitors #nhan
#nhauthenticated #nhsession #nhbetween #nhthe #nhclient #nhand #nhthe #nhserver #nhand #nhtakes #nhover
#nhthat #nhsession?
a. Denial #nhof #nhservice
b. Web #nhattack
c. Session #nhhijacking
d. None #nhof #nhthe #nhabove
Answer #nhC.
4. Someone #nhwho #nhfinds #nha #nhflaw #nhin #nha #nhsystem #nhand #nhreports #nhthat #nhflaw #nhto
#nhthe #nhvendor #nhof #nhthe #nhsystem #nhis #nha #nh .
a. White #nhhat #nhhacker
b. Black #nhhat #nhhacker
c. Gray #nhhat #nhhacker
d. Red #nhhat #nhhacker
Answer #nhA. #nhWhite #nhhat #nhhackers #nhare #nhoften #nhhired #nhby #nhcompanies #nhto #nhdo #nhpenetration
#nhtests.
5. Someone #nhwho #nhgains #nhaccess #nhto #nha #nhsystem #nhand #nhcauses #nhharm #nhis #nha #nh ?
a. White #nhhat #nhhacker
b. Black #nhhat #nhhacker
c. Grey #nhhat #nhhacker
d. Red #nhhat #nhhacker
Answer #nhB. # n h A #nhblack #nhhat #nhhacker #nhmight #nhsteal #nhdata, #nherase #nhfiles, #nhor #nhdeface
#nhwebsites.
6. A #nhblack #nhhat #nhhacker #nhis #nhalso #nhcalled #nha #nh
a. Thief
b. Cracker
c. Sneaker
SCHOLARVAULT
,d. None #nhof #nhthe #nhabove
SCHOLARVAULT
, Answer #nhB.
7. Someone #nhwho #nhcalls #nhhimself #nha #nhhacker #nhbut #nhlacks #nhthe #nhexpertise #nhis #nha #nh .
a. Script #nhkiddy
b. Sneaker
c. White #nhhat #nhhacker
d. Black #nhhat #nhhacker
Answer #nhA. # n h There #nhare #nhmany #nhInternet #nhtools #nhthat #nhcan #nhbe #nhused #nhto #nhperform
#nhhacking #nhtasks, #nhand #nhusers #nhof #nhthese #nhtools #nhwho #nhdon’t #nhunderstand #nhthe #nhtarget
#nhsystem #nhare #nhscript #nhkiddies.
8. Someone #nhwho #nhlegally #nhbreaks #nhinto #nha #nhsystem #nhto #nhassess #nhsecurity #nhdeficiencies #nhis #nha
.
a. Script #nhkiddy
b. Penetration #nhtester
c. White #nhhat #nhhacker
d. Black #nhhat #nhhacker
Answer #nhB. #nhAnyone #nhhired #nhto #nhassess #nhthe #nhvulnerabilities #nhof #nha #nhsystem #nhshould #nhbe
#nhboth #nhtechnically #nhproficient #nhand #nhethical.
9. A(n) #nh is #nha #nhbasic #nhsecurity #nhdevice #nhthat #nhfilters #nhtraffic #nhand #nhis #nha
#nhbarrier #nhbetween #nha #nhnetwork #nhand #nhthe #nhoutside #nhworld #nhor #nhbetween #nha #nhsystem
#nhand #nhother #nhsystems.
a. Firewall
b. Proxy #nhserver
c. Intrusion #nhdetection #nhsystem
d. Network #nhMonitor
Answer #nhA. #nhA #nhfirewall #nhcan #nhbe #nha #nhserver, #nha #nhrouter, #nhor #nhsoftware #nhrunning #nhon #nha
#nhmachine.
10. A(n) #nhhides #nhthe #nhinternal #nhnetwork’s #nhIP #nhaddress #nhand #nhpresents #nha #nhsingle #nhIP
#nhaddress #nhto #nhthe #nhoutside #nhworld.
a. Firewall
b. Proxy #nhserver
c. Intrusion #nhdetection #nhsystem
d. Network #nhMonitor
Answer #nhB.
11. Which #nhone #nhof #nhthese #nhis #nhNOT #nhone #nhthe #nhthree #nhpillars #nhof #nhsecurity #nhin #nhthe #nhCIA
#nhtriangle?
a. Confidentiality
b. Integrity
c. Availability
d. Authentication
SCHOLARVAULT
