Preview

11 - Final Test

 1. Storing usernames and passwords as unencrypted text is secure and would be suitable for a real-world application

  TRUE

  FALSE

 2. Encryption does not itself prevent interference, but denies the intelligible content to a would-be interceptor

  FALSE

  TRUE

 3. A DoS or DDoS attack is analogous to ?

  All of the above are valid analogies

  a group of people crowding the entry door of a shop, making it hard for legitimate customers to enter, disrupting trade

  a group of people moving out of a door of a shop when an alarm sounds

  a single person entering and leaving the shop at any given time

 4. Denial-of-service attacks are characterized by an explicit attempt by attackers to prevent legitimate use of a service. They could be motivated by:

  blackmail

  All of the above

  revenge

  activism

 5. MAC address filtering allows you to define a list of devices and only allow those devices on your Wi-Fi network.
Note: That's the theory, anyway. In practice, this protection is tedious to set up and easy to breach

  FALSE

  TRUE

 6. In computer networking, Media Access Control MAC Filtering (or EUI filtering, or layer 2 address filtering) refers to a security access control method whereby

  the address assigned to each IPS is used to block hackers manually

  the 48-bit address assigned to each network card is used to determine access to the network

  the address assigned to each user is masked by a piece of software called a 'MAC'

  None of the above

 7. An example of social engineering is the use of a trojan horse.

  TRUE

  FALSE

 8. Malware distribution is legal in most countries and helpful in preventing security breaches.

  FALSE

  TRUE

 9. Viruses are engineered pieces of code that cause great destruction. They do not need to attach themselves to a program unlike worms.

  TRUE

  FALSE

 10. Worms are a type of social engineering and are designed to mislead and attach to other programs.

  FALSE

  TRUE

 11. Trojan horses are designed to access a computer by misleading users of its? intent by prompting to download a program

  FALSE

  TRUE

 12. Viruses cannot affect a user's hard drive, so files saved on the hard disk are always safe.

  FALSE

  TRUE

 13. Sending requests to a single server using hijacked machines is commonly referred to as Phishing

  TRUE

  FALSE

 14. Social engineering, phishing and worms are all examples of viruses.

  TRUE

  FALSE

 15. Data travels across networks in __________-- and these ________are vulnerable to interception.

  packets

  herz

  bits

  bytes

 16. The download and installation of 'patches' can protect organisations against attacks like SQL injections.

  FALSE

  TRUE

 17. An SQL injection can grant an attacker access to a _____________ where they can manipulate or even steal all the data.

  graph

  binary tree

  database

  hard disk

 18. SQL injections typically cause unauthorised access to databases, servers, mainframes as well as directly to the PCs CPU.

  TRUE

  FALSE

 19. Netwok forensics primarily involves the examination of comptuer data that is stored in archives.

  FALSE

  TRUE

 20. What is needed to decrypt an encrypted file?

  A bit

  A hacker

  A key

  A message

 21. Many failures in security can be attributed to human weakness, misunderstanding, misinformation, misdirection, or failure to grasp the importance of prescribed processes and procedures.

  TRUE

  FALSE

 22. A distributed denial-of-service (DDoS) is a ____________ where the perpetrator uses more than one unique IP address, often thousands of them
The incoming traffic flooding the victim originates from many different sources, so it is impossible to stop the attack

  small scale DoS attack

  large-scale DoS attack

  IPS (internet service provider) attack

  full blown government attack

 23. SQL injection usually occurs when you ask a user for input, like their username/userid, and instead of a name/id, the user gives you ___________

  an SQL statement that deletes all your hard disk files

  a piece of malware that will obliterate your hard disk

  a piece of malware that directly disrupts the CPU

   an SQL statement that you will unknowingly run on your database

 24. One way of protecting a website from SQL injection is to use what is called 'SQL parameters'
SQL parameters are values that are added to an SQL query at execution time, in a controlled manner.

  FALSE

  TRUE

 25. A ______________is a network security system that monitors and controls over all your incoming and outgoing network traffic based on advanced and a defined set of security rules.

  DNS server

  Virus

  DDOS server

  Firewall