Preview

13 - Final Test

 1. Storing usernames and passwords as unencrypted text is secure and would be suitable for a real-world application

  TRUE

  FALSE

 2. Encryption does not itself prevent interference, but denies the intelligible content to a would-be interceptor

  TRUE

  FALSE

 3. A DoS or DDoS attack is analogous to ?

  a group of people crowding the entry door of a shop, making it hard for legitimate customers to enter, disrupting trade

  a group of people moving out of a door of a shop when an alarm sounds

  a single person entering and leaving the shop at any given time

  All of the above are valid analogies

 4. Denial-of-service attacks are characterized by an explicit attempt by attackers to prevent legitimate use of a service. They could be motivated by:

  blackmail

  activism

  All of the above

  revenge

 5. MAC address filtering allows you to define a list of devices and only allow those devices on your Wi-Fi network.
Note: That's the theory, anyway. In practice, this protection is tedious to set up and easy to breach

  FALSE

  TRUE

 6. In computer networking, Media Access Control MAC Filtering (or EUI filtering, or layer 2 address filtering) refers to a security access control method whereby

  the 48-bit address assigned to each network card is used to determine access to the network

  the address assigned to each IPS is used to block hackers manually

  the address assigned to each user is masked by a piece of software called a 'MAC'

  None of the above

 7. An example of social engineering is the use of a trojan horse.

  FALSE

  TRUE

 8. Malware distribution is legal in most countries and helpful in preventing security breaches.

  TRUE

  FALSE

 9. Viruses are engineered pieces of code that cause great destruction. They do not need to attach themselves to a program unlike worms.

  FALSE

  TRUE

 10. Worms are a type of social engineering and are designed to mislead and attach to other programs.

  TRUE

  FALSE

 11. Trojan horses are designed to access a computer by misleading users of its? intent by prompting to download a program

  FALSE

  TRUE

 12. Viruses cannot affect a user's hard drive, so files saved on the hard disk are always safe.

  TRUE

  FALSE

 13. Sending requests to a single server using hijacked machines is commonly referred to as Phishing

  FALSE

  TRUE

 14. Social engineering, phishing and worms are all examples of viruses.

  FALSE

  TRUE

 15. Data travels across networks in __________-- and these ________are vulnerable to interception.

  bits

  packets

  bytes

  herz

 16. The download and installation of 'patches' can protect organisations against attacks like SQL injections.

  FALSE

  TRUE

 17. An SQL injection can grant an attacker access to a _____________ where they can manipulate or even steal all the data.

  hard disk

  binary tree

  database

  graph

 18. SQL injections typically cause unauthorised access to databases, servers, mainframes as well as directly to the PCs CPU.

  FALSE

  TRUE

 19. Netwok forensics primarily involves the examination of comptuer data that is stored in archives.

  TRUE

  FALSE

 20. What is needed to decrypt an encrypted file?

  A key

  A bit

  A message

  A hacker

 21. Many failures in security can be attributed to human weakness, misunderstanding, misinformation, misdirection, or failure to grasp the importance of prescribed processes and procedures.

  TRUE

  FALSE

 22. A distributed denial-of-service (DDoS) is a ____________ where the perpetrator uses more than one unique IP address, often thousands of them
The incoming traffic flooding the victim originates from many different sources, so it is impossible to stop the attack

  small scale DoS attack

  large-scale DoS attack

  IPS (internet service provider) attack

  full blown government attack

 23. SQL injection usually occurs when you ask a user for input, like their username/userid, and instead of a name/id, the user gives you ___________

  an SQL statement that deletes all your hard disk files

   an SQL statement that you will unknowingly run on your database

  a piece of malware that will obliterate your hard disk

  a piece of malware that directly disrupts the CPU

 24. One way of protecting a website from SQL injection is to use what is called 'SQL parameters'
SQL parameters are values that are added to an SQL query at execution time, in a controlled manner.

  TRUE

  FALSE

 25. A ______________is a network security system that monitors and controls over all your incoming and outgoing network traffic based on advanced and a defined set of security rules.

  Virus

  DNS server

  DDOS server

  Firewall