Principles of Computer Security 5Th Ed by Wm. Arthur Conklin - Test Bank

Chapter 03 Operational/Organizational Security     
Multiple Choice Questions
  1. (p. 51) Statements made by management that lays out the organization's position on an issue are called ________. 
A. policies
B. procedures
C. standards
D. guidelines   
Difficulty: Easy
  2. (p. 51) Your boss needs instructions explaining the steps of how to send encrypted email properly for all employees. You will need to create the _________. 
A. policy
B. procedure
C. standard
D. guideline   
Difficulty: Easy
  3. (p. D) Recommendations as it relates to a policy is a function of 
A. Standards
B. Guidelines
C. Laws and regulations
D. CIRT emails   
Difficulty: Easy
 4. (p. 52) The company CIO wants you and your team to check the security of the network by simulating an attack by malicious individuals. He is asking you to 
A. Do something illegal
B. Conduct a vulnerability assessment
C. Conduct a penetration test
D. Analyze the risk the network faces   
Difficulty: Easy
  5. (p. 55) The three types of authentication used for access control are 
A. Passwords, tokens, and key cards
B. Something you have, something you know, something you are
C. Encryption, deception, retention
D. Encryption, hashes, signatures.   
Difficulty: Easy
  6. (p. 56) The outermost layer of physical security should 
A. Be where the most specific controls are
B. Have the strongest authentication controls
C. Contain the most private activities
D. Contain the most publicly visible activities   
Difficulty: Easy
  7. (p. 57) A critical piece of equipment that provides power to systems even during a black out is called a(n) _______________. 
A. power strip
B. surge protector
C. uninterruptible power supply
D. password generator   
Difficulty: Easy
 8. (p. 58) A fire suppression system that is safe for equipment, but dangerous for humans is 
A. Halon
B. Sprinkler-based systems
C. Class A fire extinguisher
D. Water-based systems.   
Difficulty: Easy
  9. (p. 58) A fire suppression system that is safe for humans, but will destroy equipment is 
A. Halon
B. Sprinkler-based systems
C. Argon
D. Carbon dioxide   
Difficulty: Easy
  10. (p. 58) Bluetooth is a wireless technology that is used for 
A. Underwater communications
B. Long-range communications
C. Short-range communications
D. Space communications   
Difficulty: Easy
  11. (p. 59) IEEE 802.11 is a set of standards suited for 
A. Wide area networks
B. Local area networks
C. Personal area networks
D. Cellular networks.   
Difficulty: Easy
 12. (p. 59) 802.11 wireless networks in relation to wired networks are 
A. Difficult to set up and less secure
B. Easy to set up and easy to secure
C. Difficult to set up but more secure
D. Easy to set up but less secure   
Difficulty: Easy
  13. (p. 60) Which of the following is NOT one of the three basic ways to protect electromagnetic emanations? 
A. Put the equipment beyond the point that the emanations can be picked up.
B. Provide shielding for the equipment itself.
C. Create a reverse magnetic field around the equipment to cancel out waves emanating from or going to the equipment.
D. Provide a shielded enclosure (such as a room) to put the equipment in.   
Difficulty: Easy
  14. (p. 59) What is the problem described by the van Eck phenomenon and studied under TEMPEST? 
A. Electromagnetic pulses destroying sensitive computer equipment
B. Magnetic fields that interfere with signals crossing Local Area Network (LAN) cables
C. Electromagnetic eavesdropping
D. Piggybacking on electromagnetic communications   
Difficulty: Easy
  15. (p. 58-59) Which of the following is not a common wireless communications method? 
A. 802.11 standard communications
B. Bluetooth
C. Cellular
D. E.A.R.S. system   
Difficulty: Easy
 16. (p. 57-58) What fire-suppression system is the best for areas with expensive computer equipment? 
A. Water (sprinklers)
B. Handheld fire extinguishers
C. Halon-based
D. Sand buckets   
Difficulty: Easy
  17. (p. 53) The greatest danger to networks comes from 
A. Foreign hackers
B. Attacks coming across the public switched telephone network
C. Natural disasters
D. Insiders   
Difficulty: Easy
  18. (p. 55) Locks, sign-in logs, and security guards are examples of 
A. Access controls.
B. Intrusion detection mechanisms.
C. Authentication methods.
D. Auditing devices.   
Difficulty: Easy
  19. (p. 61) The location where wireless access points are placed can 
A. Interfere with other wired network communications
B. Make it easier or harder for and attacker to access the network
C. Cause electromagnetic interference
D. Cause illness from prolonged exposure   
Difficulty: Easy
 20. (p. 61) The most sensitive equipment should be located 
A. At the outer perimeter of the building
B. In a publicly accessible area
C. Deep inside the organization
D. Wherever it is easiest for employees to access it   
Difficulty: Easy
    
True / False Questions
  21. (p. 51) Procedures are high-level, broad statements of what the organization wants to accomplish. 
FALSE   
Difficulty: Easy
  22. (p. 51) Standards are recommendations relating to a policy. 
FALSE   
Difficulty: Easy
  23. (p. 53) The biggest danger to any organization comes from external attacks according to most experts. 
FALSE   
Difficulty: Easy
  24. (p. 56) Voice recognition, iris scans, and facial geometry can be used for biometric access controls. 
TRUE   
Difficulty: Easy
 25. (p. 56) Open spaces can serve as a barrier to protect a facility. 
TRUE It is difficult to cross open spaces without being detected.   
Difficulty: Easy
  26. (p. 57) UPS is short for keeping UP Services. 
FALSE   
Difficulty: Easy
  27. (p. 57) HVAC keeps equipment temperatures within reasonable ranges. 
TRUE   
Difficulty: Easy
  28. (p. 58) Halon is effective at putting out fires and safe for humans but can damage equipment. 
FALSE   
Difficulty: Easy
  29. (p. 58) Bluetooth is an wireless networking technology that is good for ranges up to 1000 meters. 
FALSE   
Difficulty: Easy
  30. (p. 59) TEMPEST is a program developed by the US department of defense to protect equipment from the ill effects of weather and other natural disasters. 
FALSE   
Difficulty: Easy
   
Fill in the Blank Questions
  31. (p. 51) _______________ are high-level, broad statements of what the organization wants to accomplish. 
Policies   
Difficulty: Medium
  32. (p. 51) _______________ are the step-by-step instructions on how to implement policies in the organization. 
Procedures   
Difficulty: Medium
  33. (p. 51) _______________ are mandatory elements regarding the implementation of a policy. 
Standards   
Difficulty: Medium
  34. (p. 51) _______________ are recommendations relating to a policy. 
Guidelines   
Difficulty: Medium
  35. (p. 52) Plan, implement, monitor, and evaluate are the four steps of the _____________ 
policy lifecycle   
Difficulty: Medium
 36. (p. 55) Access controls that utilize "something you are," such as finger prints, irises, or hand geometry, is called _______________. 
biometrics.   
Difficulty: Medium
  37. (p. 56) _______________ consists of a small space that is large enough for only one person at a time, with two locking doors. 
Man trap   
Difficulty: Medium
  38. (p. 56) _______________ are systems used to maintain the comfort level of an office environment. 
HVAC   
Difficulty: Medium
  39. (p. 57) _______________ are devices that have batteries that are used to keep equipment running in the event of a power outage. 
UPS   
Difficulty: Medium
  40. (p. 58) _______________ is designed as a short-range (approximately ten meters) personal area network (PAN). 
Bluetooth   
Difficulty: Medium
    Essay Questions
  41. (p. 53-54) Explain what is meant by the statement "Consider access from all six sides."  It means the four walls, plus above and below. Check walls, doors, windows, vents, ceilings, floors, etc.   
Difficulty: Hard
  42. (p. 54-56) What are physical access controls? Give examples.  The method of allowing some (and not others) access to areas in a facility. Locks, doors, biometric authentication devices, and security guards are some examples.   
Difficulty: Hard
  43. (p. 57-58) What are the types of fire suppression equipment and what are the important characteristics of each?  Activation-smoke- or heat-based.
Suppression-sprinkler-(water) or gas-based.
Water damages equipment, but is safe for humans. Gas is safe for equipment, but harmful to humans.   
Difficulty: Hard
  44. (p. 60-61) Choosing the location of equipment can have an impact on your security. Explain the security issues you would consider when placing various types of equipment.  Wireless access points should be placed where it is difficult for outsiders to access. Monitors should not face windows. Devices that have electromagnetic emanation should be contained properly.   
Difficulty: Hard
  Chapter 01 Introduction and Security Trends     
Multiple Choice Questions
  1. (p. 1) What is the most common name for the first large-scale attack on the Internet that occurred in November of 1988? 
A. The Code Red Worm
B. The Morris Worm
C. The Slammer Worm
D. The Jester Worm   
Difficulty: Easy
  2. (p. 1-2) Why is the Morris worm significant? 
A. It placed embarrassing text on people's screens.
B. This was the first large-scale attack on the Internet.
C. It was the very first virus on the Internet.
D. It attacked the Windows operating system.   
Difficulty: Easy
  3. (p. 7) What is the most common threat to information security in an organization? 
A. Computer viruses
B. Power surges
C. Forgotten passwords
D. SPAM   
Difficulty: Easy
 4. (p. 8) The term "script kiddies" refers to 
A. A hacker of low-end technical ability
B. A children's television show
C. A type of video game
D. An Internet site for peer-to-peer music sharing   
Difficulty: Easy
  5. (p. 8) What is an unstructured threat? 
A. An elite hacker who mounts an attack against a specific target
B. A poorly engineered building
C. A type of malicious code that formats the hard drive on a computer.
D. An attack that is uncoordinated, nonspecific, and lasts a short amount of time   
Difficulty: Easy
  6. (p. 9) What is a structured threat? 
A. An attack that uses coordination, insiders, and lasts for a long period of time
B. A type of malicious code that formats the hard drive on a computer
C. An attempt to weaken infrastructure
D. An official threat from a terrorist organization   
Difficulty: Easy
  7. (p. 9) Information warfare is 
A. A video game
B. Warfare conducted against information and information processing equipment
C. A type of malicious code that "declares war" on a network by formatting the hard drives on computers and copying itself to other computers
D. A weapon that uses microwaves to destroy enemy vehicles   
Difficulty: Easy
 8. (p. 11) The term "hacktivist" refers to 
A. A hacker who works for the government
B. A hacker with low technical ability
C. A hacker who is motivated by a political agenda
D. A hacker who can write scripts   
Difficulty: Easy
  9. (p. 12) What is a port scan? 
A. Identifies what ports can be used to smuggle information across borders
B. Identifies ports that are open and services that are running
C. Identifies the USB, parallel, and serial ports that can be used to connect to the system
D. Identifies the IP addresses of computers on the network   
Difficulty: Easy
  10. (p. 12) A ping sweep 
A. Is a method of clearing your network
B. Sends ICMP echo requests to the target machine
C. Determines what services are running on a system
D. Is an exploit that creates a denial of service (DoS) using ICMP echo requests   
Difficulty: Easy
  11. (p. 2) Who is Kevin Mitnick? 
A. He used social engineering, sniffers, and cloned cell phones to gain unauthorized access to networks belonging to Motorola, Novell, Fujitsu, and Sun Microsystems.
B. He made bank transfers from St. Petersburg using the Citibank cash management system.
C. He gained access to a loop carrier system operated by NYNEX and cut off FAA control tower and emergency services.
D. He developed the "Love Bug" love-letter virus that spread to 45 million people.   
Difficulty: Easy
 12. (p. 3) What is Solar Sunrise? 
A. An attack that was made to look like an attack from Iraq, but was actually made by two teenagers from California who got training in Israel
B. Electronic interference resulting from solar flares, occurring most commonly in the early morning hours.
C. A penetration test conducted by the FBI and other government agencies to test the defenses of government networks and critical infrastructure
D. The name of a virus that would "burn up" your hard drive at 6 A.M on the day of the summer solstice   
Difficulty: Easy
  13. (p. 5) What was the Slammer Worm/Virus? 
A. It was a macro virus that spread by emailing the first 50 people in the victim's address book with the subject: Important message.
B. The first Internet worm that "slammed" the Internet, created by a graduate student at Cornell University in 1988.
C. Malware that exploited Microsoft SQL Server and spread across the world in just 10 minutes.
D. Malware that would "slam" shut your computer by not allowing you to log in.   
Difficulty: Easy
  14. (p. 8) What is an elite hacker? 
A. A hacker with a high level of technical ability
B. A hacker who has a wealthy background, and who is politically motivated
C. A hacker who has elitist ideas and hacks for political purposes
D. A hacker who searches for scripts and ready-made tools to use for attacks   
Difficulty: Easy
  15. (p. 2-3) If the system is infected with a time bomb, it means that 
A. It has a virus that will do physical damage to the computer.
B. It has equipment that is coming close to the end of its life cycle.
C. It has a piece of malicious code that will be triggered at a certain time.
D. It has a piece of malicious code that will be triggered by a certain user activity.   
Difficulty: Easy
 16. (p. 14) A successful attack on a network may adversely impact security in all the following ways EXCEPT: 
A. Loss of confidentiality
B. Loss of integrity
C. Loss of functionality
D. Loss of availability While the loss of functionality may also result, the main target of attacks from a security perspective will be against the confidentiality, integrity, and availability of information. Oddly enough, a loss of functionality may increase the security of the network.   
Difficulty: Medium
  17. (p. 14) When information is modified by individuals not authorized to change it you have suffered a 
A. Loss of confidentiality
B. Loss of integrity
C. Loss of functionality
D. Loss of availability   
Difficulty: Easy
  18. (p. 14) When information is disclosed to individuals not authorized to see it, you have suffered a 
A. Loss of confidentiality
B. Loss of integrity
C. Loss of functionality
D. Loss of availability   
Difficulty: Easy
 19. (p. 10-11) As the level of sophistication of attacks has increased, 
A. The level of knowledge necessary to exploit vulnerabilities has increased
B. The level of knowledge necessary to exploit vulnerabilities has decreased
C. The level of skill necessary to exploit vulnerabilities has increased
D. The amount of exploit software available on the Internet has decreased   
Difficulty: Easy
  20. (p. 11) According to the Computer Crime and Security Survey, the four types of attacks that increased from 2007 to 2008 were 
A. Viruses, insider abuse, laptop theft, and unauthorized access
B. Unauthorized access, theft/loss of proprietary information, misuse of web applications, and DNS attacks
C. Viruses, insider abuse, misuse of web applications, and DNS attacks
D. Laptop theft, unauthorized access, and theft/loss of proprietary information   
Difficulty: Easy
  21. (p. 5) In April 2009, Homeland Security Secretary Janet Napolitano told reporters 
A. Organized crime made attempts to break into the US electric power grid
B. Hacktivists made attempts to break into the US electric power grid
C. Terrorists made attempts to break into the US electric power grid
D. China and Russia made attempts to break into the US electric power grid   
Difficulty: Easy
  22. (p. 13) The first step an administrator can take to reduce possible attacks is to 
A. Ensure all patches for the operating system and applications are installed
B. Install a firewall
C. Install anti-spyware software
D. Configure an intrusion detection system   
Difficulty: Easy
 23. (p. 4) The message "Hacked by Chinese," was left by the 
A. Melissa virus
B. Love Letter virus
C. Slammer Worm
D. Code Red Worm   
Difficulty: Easy
  24. (p. 14) When users are unable to access information or the systems processing information, you may have suffered a 
A. Loss of confidentiality
B. Loss of integrity
C. Loss of authentication
D. Loss of availability   
Difficulty: Easy
  25. (p. 6) Each of the infected systems became part of what is known as a bot network, which could be used to cause a DoS attack on a target or to forward spam e-mail to millions of users, as a result of the 
A. Slammer Worm
B. Morris Worm
C. Conficker
D. Melissa Worm   
Difficulty: Easy
    
True / False Questions
  26. (p. 1) Fifty years ago, few people had access to a computer system or network, so securing them was a relatively easy matter. 
TRUE   
Difficulty: Easy
 27. (p. 1) The biggest change that has occurred in security over the last 30 years has been the change in the computing environment from small, tightly contained mainframes to a highly widespread network of much larger systems. 
FALSE   
Difficulty: Easy
  28. (p. 12) The steps an attacker takes in attempting to penetrate a targeted network are extremely different from the ones that a security consultant performing a penetration test would take. 
FALSE   
Difficulty: Medium
  29. (p. 13) The first step an administrator can take to minimize possible attacks is to ensure that all patches for the operating system and applications are installed. 
TRUE   
Difficulty: Easy
  30. (p. 11) There are three general reasons a particular computer system is attacked: It is specifically targeted by the attacker, it is a target of opportunity, or it is a target that was specified to be attacked by a larger criminal organization. 
FALSE   
Difficulty: Easy
  31. (p. 10-11) One significant trend observed over the last several years has been the decrease in the number of computer attacks by nonaffiliated intruders as opposed to attacks by organized hacking groups, criminal organizations, or nations. 
FALSE   
Difficulty: Easy
 32. (p. 7-10) There are a number of different threats to security, including viruses and worms, intruders, insiders, criminal organizations, terrorists, and information warfare conducted by foreign countries. 
TRUE   
Difficulty: Easy
  33. (p. 7) Viruses have no useful purpose. 
TRUE   
Difficulty: Easy
  34. (p. 4) The Code Red Worm spread to 350,000 computers in just over a week. 
FALSE It took just 14 hours.   
Difficulty: Easy
  35. (p. 9) One of the hardest threats that the security professional will have to deal with is the elite hacker. 
FALSE The insider threat is the hardest one to deal with. They already have access to the organization and its assets.   
Difficulty: Easy
    Fill in the Blank Questions
  36. (p. 10-11) As the level of sophistication of attacks _________, the level of knowledge necessary to exploit vulnerabilities decreased. 
increased   
Difficulty: Medium
  37. (p. 11) _______________ are people who attack networks with a political purpose in mind. 
Hacktivists   
Difficulty: Medium
  38. (p. 1) The first worm to attack the Internet was the _______________. 
Morris Worm   
Difficulty: Medium
  39. (p. 2) Vladimir Levin was able to steal $10 Million from _______________ by using its cash management system. 
Citibank   
Difficulty: Medium
  40. (p. 6) In 2009 _______________ was cut and resulted in widespread phone and Internet outages in the San Jose area of California. 
fiber cable   
Difficulty: Medium
 41. (p. 8) Hackers who are able to discover new vulnerabilities and write code to exploit them are known as _______________. 
elite hackers   
Difficulty: Medium
  42. (p. 8) _______________ are hackers who do not have enough technical skill to discovery vulnerabilities on their own, and cannot write their own scripts to exploit vulnerabilities. 
Script kiddies   
Difficulty: Medium
  43. (p. 11) The two general reasons a particular computer system is attacked: either it is specifically targeted by the attacker, or it is a(n) _______________. 
opportunistic target   
Difficulty: Medium
  44. (p. 13) The second step an administrator can take in minimizing possible avenues of attack is _______________. 
system hardening   
Difficulty: Medium
  45. (p. 12) A hacker will run a(n) _______________ in order to determine what services are running on the target machine. 
port scan   
Difficulty: Medium
    Essay Questions
  46. (p. 1-6) Choose 3 security incidents from the last 20 or so years and state the significance of the incident.  Answer may include the following information:

Morris Worm-first large scale attack on the Internet.
Omega International-time bomb set by employee to destroy company data.
Worcester Airport-teen was able to disable FAA control tower and emergency services
Solar Sunrise-an attack by teens led by an Israeli was made to look as though it was coming from Iraq.
Melissa virus-best-known, early macro-type virus.
Love Letter virus-The worm successfully used people's need for love to propagate the virus by using the subject line "I Love You." 45 million infected; $10 billion in damages.
Code Red Worm-350,000 infected in 14 hours.
Slammer Worm-100,000 infected in 10 minutes.   
Difficulty: Hard
  47. (p. 7-8) What are the three different types of hackers and what are their technical abilities?  The answer might include the following information:

Script kiddies-Low technical ability, can download and run programs other hackers create.
Script writers-8 to 12 percent. They have greater technical ability than script kiddies and can write scripts to do their work.
Elite hackers-1 to 2 percent. They have a high degree of technical ability and can write programs from scratch to take advantage of vulnerabilities in software.   
Difficulty: Hard
 48. (p. 12-13) Briefly explain the steps in an attack.  Answer might include the following information:
First, attackers gather information about the target to include getting information from the web. Next, a ping sweep is done to identify machines that are up and their IP address. A port scan might be done afterwards to identify the ports and services running on machines. With this information, the attacker researches relevant and available vulnerabilities and exploits. They will then execute attacks systematically against the target.   
Difficulty: Hard
  49. (p. 13-14) Explain the steps in minimizing possible avenues of attack.  Answer might include the following information:
First, the administrator will ensure that all patches for the operating system and applications are installed. Next, they will harden the system by shutting down as many of the services as possible. Lastly, try to minimize the amount of information made available to the public as much as possible.   
Difficulty: Hard
  50. (p. 14) What are the three types of losses that can result from an attack on information?  Answer should include the following information:

Loss of confidentiality
Loss of integrity
Loss of availability   
Difficulty: Hard