Business Computer and Network Security

Full file at

Test Item File
Revised September 2003

Business Computer and Network Security

Raymond R. Panko

Prentice-Hall, 2004

Chapter 1: A Framework

1-1.According to the CSI/FBI survey data for 2002, ____ percent of all firms responding had experienced at least one actual security breach.

*a.90%

b.70%

c.50%

d.30%

e.10%

1-2.The most prevalent threat today according to the CSI/FBI survey is _____.

a.system penetration (hacking)

b.employee theft

*c.viruses

d.denial-of-service attacks

e.theft of intellectual property

1-3.According to the CSI/FBI survey data for 2002, ____ percent of all firms responding had experienced at least one systems penetration security breach.

a.80%

b.60%

*c.40%

d.20%

e.10%

1-4.In most attack categories, dollar losses are growing more rapidly than the percentage of firms experiencing the attack according to the CSI/FBI surveys.

*a.True

b.False

1-5.Which of the following resulted in the highest dollar loss per firmexperiencing a breach according to the CSI/FBI survey?

*a.Theft of intellectual property (trade secrets)

b.System penetration (hacking)

c.Wiretapping

d.Viruses

e.Denial-of-service attacks

1-6.The relative amount of media coverage of various security threats is at least a good rough indicator of their relative importance.

a.True

*b.False

1-7.The Honeynet project showed that while Windows PC are not secure, LINUX PCs are safe.

a.True

*b.False

1-8.The SecurityFocus data indicates that while Microsoft Windows is attacked frequently, UNIX is rarely attacked.

a.True

*b.False

1-9.According to Riptech’s data, most attacks ______.

a.Are aimed at specific firms.

*b.Strike firms randomly.

1-10.Today’s security threat environment is a good basis for planning countermeasures to be implemented over the next three to five years.

a.True

*b.False

1-11.According to the book, the term “hacking” should be used as _____.

*a.intentionally accessing (using) a computer without authorization or beyond authorized permission.

b.a general name for a wide variety of attacks

1-12.Which of the following is illegal?

a.Writing viruses

*b.Releasing viruses

c.Both of the above.

d.Neither a. nor b.

1-13.Despite their derogatory name, script kiddies tend to have extensive attack skills.

a.True

*b.False

1-14.Script kiddies are dangerous because of _____

a.their attack skills

*b.their large numbers

c.Both of the above.

1-15.Espionage focuses on the theft of _____.

a.money

*b.intellectual property (trade secrets)

c.credit card numbers

d.identity

1-16.How will tomorrow’s threat environment be worse than today’s?

*a.If past trends continue, attacks will roughly double each year.

b.Attacks will focus more precisely on specific firms.

c.Security through obscurity will be ever more critical.

d.All of the above

1-17.Which group of attackers is dangerous because of their knowledge about and existing access to internal corporate systems?

a.Elite hackers

b.Script kiddies

c.Criminal attackers

*d.Employees

e.Spies

1-18.Although national governments and terrorist groups are dangerous, individual amateur attackers can only do a small amount of damage.

a.True

*b.False

1-19.Which of the following is one of the four main types of attacks in the book’s taxonomy?

a.Social engineering attacks

b.Dialog attacks

c.Penetration attacks

*d.All of the above

1-20.Eavesdropping is more difficult in _____.

*a.wired LANs

b.wireless LANs

1-21.I trick an employee into giving me proprietary information. I have used a(n) _____ attack.

a.site access

b.penetration

c.dialog

*d.social engineering

e.crafted

1-22.Which of the following is thwarted by authentication?

a.Eavesdropping

*b.Impersonation

c.Both of the above.

d.Neither a. nor b.

1-23.Cryptographic systems handle which of the following activities?

a.Authentication

b.Key exchange

*c.Both of the above.

d.Neither a. nor b.

1-24.Which of the following traditionally drop dangerous packets?

*a.firewalls

b.IDSs

c.Both of the above.

d.Neither a. nor b.

1-25.What probably is the single most important technical step that companies can take to improve their security?

a.Install firewalls

b.Install IDSs

*c.Install patches for known weaknesses

d.Install cryptographic systems

e.Install employee monitoring systems

1-26.Security is primarily a technology issue, so it makes sense to place it in the information systems department. (If any part of the statement is false, the statement is false.)

a.True

*b.False

1-27.Enforcing security policies through the sanctioning (punishment) of violators is _____.

*a.important

b.hurts more than it helps

1-28.An attacker has to break through several countermeasures to succeed; this is an example of _____.

a.asymmetrical warfare

*b.defense in depth

c.multilevel security

d.All of the above.

e.Both b. and c.

1-29.When an attack team hired by the firm attempts to penetrate the system, this is _____.

a.unethical

*b.a security audit

c.defense in depth

d.grey hat hacking

e.black hat hacking

1-30.In security, “CIA” stands for _____.

a.Central Intelligence Agency

b.Centralized information analysis

*b.Confidentiality, integrity, and availability

c.Central information assurance

d.Certified information assurance

1-31.Multiplying the dollar loss if a threat succeeds times the probability that a threat will succeed gives the _____.

a.priority rating

b.value of protection

*c.threat severity

d.sanction value

e.risk rating

1-32.Whether a countermeasure is worth implementing depends on the _____.

*a.value of protection

b.threat severity

c.sanction value

d.risk rating

1-33.Policies are set in the ____ phase.

*a.planning

b.protecting

c.responding

d.implementation

1-34.Reducing firewall mis-configurations is accomplished best with _____.

a.training

b.patching

c.updating

*d.security audits

1-35.If a firewall is set up properly, it can be ignored for a few months afterward.

a.True

*b.False

1-36.Setting up a CERT is best done after an incident has occurred, so that the proper mix of expertise can be brought to bear.

a.True

*b.False

1-37.In incident response, forensics is used primarily in _____.

*a.punishing offenders

b.system recovery

1-38.Is it easier to punish employees or external attackers?

a.External attackers

*b.Employees

1-39.What the military calls multilevel security is what the book calls defense in depth.

a.True

*b.False

1-40.Risk analysis is used to determine security spending _____.

*a.More in corporations than in the military.

b.More in the military than in corporations.

c.Both about equally.

Chapter 2: Access Control and Site Security

2-1.The password someone uses to check his or her e-mail normally is a reusable password.

*a.True

b.False

2-2.Cracking passwords on a remote computer, over a network, is _____.

a.often successful

*b.rarely successful

2-3.The equivalent to the root account in Microsoft Windows is _____.

a.root

*b.administrator

c.supervisor

d.su

e.sa

2-4.An attacker who cracks the root password and logs in as root can delete any file on a UNIX computer.

*a.True

b.False

2-5.Which of the following is better to use against common word passwords?

a.brute-force password guessing

*b.dictionary attacks

c.Both work about equally well.

2-6.Which of the following is better to use against GOOD passwords?

*a.brute-force password guessing

b.dictionary attacks

c.Both work about equally well.

2-7.Does “Amazon7” follow the rules for a good password?

a.Yes

*b.No

2-8.You are only using the letters of the alphabet, without case. Adding a single character to password length increases password cracking time by a factor of _____.

a.2

b.10

*c.26

d.52

e.100