Preview

11 - Final Test

 1. Storing usernames and passwords as unencrypted text is secure and would be suitable for a real-world application

  FALSE

  TRUE

 2. Encryption does not itself prevent interference, but denies the intelligible content to a would-be interceptor

  FALSE

  TRUE

 3. A DoS or DDoS attack is analogous to ?

  a single person entering and leaving the shop at any given time

  All of the above are valid analogies

  a group of people moving out of a door of a shop when an alarm sounds

  a group of people crowding the entry door of a shop, making it hard for legitimate customers to enter, disrupting trade

 4. Denial-of-service attacks are characterized by an explicit attempt by attackers to prevent legitimate use of a service. They could be motivated by:

  activism

  revenge

  All of the above

  blackmail

 5. MAC address filtering allows you to define a list of devices and only allow those devices on your Wi-Fi network.
Note: That's the theory, anyway. In practice, this protection is tedious to set up and easy to breach

  TRUE

  FALSE

 6. In computer networking, Media Access Control MAC Filtering (or EUI filtering, or layer 2 address filtering) refers to a security access control method whereby

  the 48-bit address assigned to each network card is used to determine access to the network

  None of the above

  the address assigned to each IPS is used to block hackers manually

  the address assigned to each user is masked by a piece of software called a 'MAC'

 7. An example of social engineering is the use of a trojan horse.

  FALSE

  TRUE

 8. Malware distribution is legal in most countries and helpful in preventing security breaches.

  TRUE

  FALSE

 9. Viruses are engineered pieces of code that cause great destruction. They do not need to attach themselves to a program unlike worms.

  FALSE

  TRUE

 10. Worms are a type of social engineering and are designed to mislead and attach to other programs.

  TRUE

  FALSE

 11. Trojan horses are designed to access a computer by misleading users of its? intent by prompting to download a program

  TRUE

  FALSE

 12. Viruses cannot affect a user's hard drive, so files saved on the hard disk are always safe.

  TRUE

  FALSE

 13. Sending requests to a single server using hijacked machines is commonly referred to as Phishing

  TRUE

  FALSE

 14. Social engineering, phishing and worms are all examples of viruses.

  TRUE

  FALSE

 15. Data travels across networks in __________-- and these ________are vulnerable to interception.

  packets

  herz

  bits

  bytes

 16. The download and installation of 'patches' can protect organisations against attacks like SQL injections.

  FALSE

  TRUE

 17. An SQL injection can grant an attacker access to a _____________ where they can manipulate or even steal all the data.

  binary tree

  graph

  database

  hard disk

 18. SQL injections typically cause unauthorised access to databases, servers, mainframes as well as directly to the PCs CPU.

  TRUE

  FALSE

 19. Netwok forensics primarily involves the examination of comptuer data that is stored in archives.

  FALSE

  TRUE

 20. What is needed to decrypt an encrypted file?

  A message

  A key

  A hacker

  A bit

 21. Many failures in security can be attributed to human weakness, misunderstanding, misinformation, misdirection, or failure to grasp the importance of prescribed processes and procedures.

  FALSE

  TRUE

 22. A distributed denial-of-service (DDoS) is a ____________ where the perpetrator uses more than one unique IP address, often thousands of them
The incoming traffic flooding the victim originates from many different sources, so it is impossible to stop the attack

  small scale DoS attack

  large-scale DoS attack

  IPS (internet service provider) attack

  full blown government attack

 23. SQL injection usually occurs when you ask a user for input, like their username/userid, and instead of a name/id, the user gives you ___________

  a piece of malware that will obliterate your hard disk

   an SQL statement that you will unknowingly run on your database

  a piece of malware that directly disrupts the CPU

  an SQL statement that deletes all your hard disk files

 24. One way of protecting a website from SQL injection is to use what is called 'SQL parameters'
SQL parameters are values that are added to an SQL query at execution time, in a controlled manner.

  TRUE

  FALSE

 25. A ______________is a network security system that monitors and controls over all your incoming and outgoing network traffic based on advanced and a defined set of security rules.

  Firewall

  DDOS server

  DNS server

  Virus