ITN 262 MIDTERM EXAM
REPORTED QUESTIONS WITH
CORRECT DETAILED ANSWERS
Which of the following yields a more specific set of attacks tied to our particular threat
agents? - Answer-Attack matrix
Which of the following produces a risk to an asset? - Answer-A threat agent and an
attack the agent can perform
Which of the following are threat agents? - Answer--Cracker
-Phone phreak
-Script kiddy
-Black-hat hacker
True or False? Modus operandi applies only to criminal organizations. - Answer-False
Which of the following types of threat agents is most typically associated with
masquerade attacks? - Answer-Identity thieves
Which threat agent is most often associated with denial of service attacks? - Answer-
Natural threats
Impact x Likelihood = ______________ - Answer-Relative Significance of Risk
Typical retail businesses expect a _____ rate of loss due to theft, damages, and other
causes. - Answer-3 percent
True or False? Once we have filled in the attack likelihoods and impacts, we compute
the significance by multiplying these values together. - Answer-True
We are estimating the impact of an individual attack. Which of the following has the
greatest estimated impact? - Answer-An attack with a $100 loss that could happen once
a week
We draft the __________ requirements to address the risks we identified. - Answer-
security
True or False? To analyze a risk, we review it against the threat agents behind the risk.
- Answer-True
, By default ,most systems only record the most ______ events. - Answer-significant
What does AUP stand for? - Answer-Acceptable Use Policy
Cyber vulnerabilities became a public issue in the __________ as new internet users
struggled to understand the technology's risks. - Answer-1990s
True or False? Victims can protect themselves against zero-day attacks. - Answer-False
True or False? A zero-day vulnerability is one that has been reported to the software's
vendor and the general public. - Answer-False
Which of the following describes the effect of the Digital Millennium Copyright Act
(DMCA) on the investigation and publication of security flaws in commercial equipment?
- Answer-It restricts the publication of techniques to reverse-engineer copy protection
schemes.
Which of the following most often forbids people from performing trial-and-error attacks
on computer systems? - Answer-Acceptable use policies
Section 1.6.2 outlines a procedure for disclosing security vulnerabilities in a commercial
device or product. Assume that we have discovered a vulnerability in a commercial
product. The vendor has not acknowledged our initial vulnerability report or
communicated with us in any other way. They have not announced the vulnerability to
the public. We wish to warn the public of the vulnerability as soon as is ethically
defensible. Given the procedure in Section 1.6.2, which of the following is the best
course of action? - Answer-After 30 days, announce that the vulnerability exists, and
describe how to reduce a system's risk of attack through that vulnerability.
Given the vulnerability disclosure procedure in Section 1.6.2 and the story of Michael
Lynn's presentation of a Cisco router vulnerability at Black Hat 2005, which of the
following most accurately describes Lynn's action? - Answer-Lynn acted ethically
because the vulnerability had already been reported and patched, and he did not
describe how to exploit the vulnerability.
A person skilled in attacking computer systems, who uses those skills as a security
expert to help protect systems, is a: - Answer-white-hat hacker
When disclosing a security vulnerability in a system or software, the manufacturer
should avoid: - Answer-including enough detail to allow an attacker to exploit the
vulnerability.
A risk assessment involves which of the following? - Answer--Identifying risks
-Prioritizing risks
REPORTED QUESTIONS WITH
CORRECT DETAILED ANSWERS
Which of the following yields a more specific set of attacks tied to our particular threat
agents? - Answer-Attack matrix
Which of the following produces a risk to an asset? - Answer-A threat agent and an
attack the agent can perform
Which of the following are threat agents? - Answer--Cracker
-Phone phreak
-Script kiddy
-Black-hat hacker
True or False? Modus operandi applies only to criminal organizations. - Answer-False
Which of the following types of threat agents is most typically associated with
masquerade attacks? - Answer-Identity thieves
Which threat agent is most often associated with denial of service attacks? - Answer-
Natural threats
Impact x Likelihood = ______________ - Answer-Relative Significance of Risk
Typical retail businesses expect a _____ rate of loss due to theft, damages, and other
causes. - Answer-3 percent
True or False? Once we have filled in the attack likelihoods and impacts, we compute
the significance by multiplying these values together. - Answer-True
We are estimating the impact of an individual attack. Which of the following has the
greatest estimated impact? - Answer-An attack with a $100 loss that could happen once
a week
We draft the __________ requirements to address the risks we identified. - Answer-
security
True or False? To analyze a risk, we review it against the threat agents behind the risk.
- Answer-True
, By default ,most systems only record the most ______ events. - Answer-significant
What does AUP stand for? - Answer-Acceptable Use Policy
Cyber vulnerabilities became a public issue in the __________ as new internet users
struggled to understand the technology's risks. - Answer-1990s
True or False? Victims can protect themselves against zero-day attacks. - Answer-False
True or False? A zero-day vulnerability is one that has been reported to the software's
vendor and the general public. - Answer-False
Which of the following describes the effect of the Digital Millennium Copyright Act
(DMCA) on the investigation and publication of security flaws in commercial equipment?
- Answer-It restricts the publication of techniques to reverse-engineer copy protection
schemes.
Which of the following most often forbids people from performing trial-and-error attacks
on computer systems? - Answer-Acceptable use policies
Section 1.6.2 outlines a procedure for disclosing security vulnerabilities in a commercial
device or product. Assume that we have discovered a vulnerability in a commercial
product. The vendor has not acknowledged our initial vulnerability report or
communicated with us in any other way. They have not announced the vulnerability to
the public. We wish to warn the public of the vulnerability as soon as is ethically
defensible. Given the procedure in Section 1.6.2, which of the following is the best
course of action? - Answer-After 30 days, announce that the vulnerability exists, and
describe how to reduce a system's risk of attack through that vulnerability.
Given the vulnerability disclosure procedure in Section 1.6.2 and the story of Michael
Lynn's presentation of a Cisco router vulnerability at Black Hat 2005, which of the
following most accurately describes Lynn's action? - Answer-Lynn acted ethically
because the vulnerability had already been reported and patched, and he did not
describe how to exploit the vulnerability.
A person skilled in attacking computer systems, who uses those skills as a security
expert to help protect systems, is a: - Answer-white-hat hacker
When disclosing a security vulnerability in a system or software, the manufacturer
should avoid: - Answer-including enough detail to allow an attacker to exploit the
vulnerability.
A risk assessment involves which of the following? - Answer--Identifying risks
-Prioritizing risks
