Security
Chapter Questions (take home assignment – due at final or during finals week)
True/False
Indicate
whether the sentence or statement is true or false.
____ 1. Every organization should assess its
security risks by conducting a security audit.
____ 2. For each possible security threat, you
should rate the severity of its potential consequences, as well as its
likelihood.
____ 3. Network security is more often compromised
from external sources than "from the inside".
____ 4. A denial-of-service attack occurs before a
cracker has gained access to your system through the Internet.
____ 5. If users complain about password
requirements, you may allow them not to use passwords as long as the users
understand the risks.
____ 6. Packet-filtering firewalls require little
to no custom configuration to be effective.
____ 7. Public key encryption is also known as
asymmetric encryption.
____ 8. VPNs are private networks that use public
channels to connect clients and servers.
Modified
True/False
Indicate
whether the sentence or statement is true or false. If false, change the identified word or phrase to make the
sentence or statement true.
____ 9. A(n) filter is a specialized device
(usually a router, but possibly only a PC running special software) that selectively
filters or blocks traffic between networks. _________________________
____ 10. Network operating system software
typically contains "trapdoors" or security flaws.
_________________________
____ 11. An incorrectly configured firewall may
allow outsiders to obtain internal IP addresses and then use those addresses to
pretend that they have authority to access your internal network from the
Internet. This process is called IP
cloning. _________________________
____ 12. One method that many large organizations
use to provide physical security is to require authorized employees to wear
access badges, which can be programmed to allow their owner the correct
accesses. _________________________
____ 13. The simplest and most common form of a
firewall is a(n) data-filtering firewall. _________________________
____ 14. The most popular private key
encryption is the data encryption standard (DES), which was developed by IBM in
the 1970s. _________________________
Multiple
Choice
Identify
the letter of the choice that best completes the statement or answers the
question.
____ 15. In general, ____ refers to a highly
privileged user ID that has all rights to create, delete, modify, move, read,
write, or execute files on a system.
|
a. |
administrator |
c. |
super |
|
b. |
superuser |
d. |
root |
____ 16. A ____ uses his knowledge of operating
systems and utilities to intentionally damage or destroy data or systems.
|
a. |
cracker |
c. |
hacker |
|
b. |
debugger |
d. |
host |
____ 17. ____ is the process of verifying a user's
validity and authority on a system.
|
a. |
Authentication |
c. |
Verification |
|
b. |
Validation |
d. |
Error checking |
____ 18. Preferably, an organization should assess
its security risks ____.
|
a. |
monthly |
c. |
annually |
|
b. |
quarterly |
d. |
biannually |
____ 19. By some estimates, human errors,
ignorance, or omissions cause more than ____ percent of security breaches
sustained by networks.
|
a. |
10 |
c. |
50 |
|
b. |
25 |
d. |
75 |
____ 20. Risks associated with hardware and network
design are inherent in (roughly) which OSI Layers?
|
a. |
Physical and Application |
c. |
Presentation and Session |
|
b. |
Transport and Data Link |
d. |
Physical and Data Link |
____ 21. Which cannot be intercepted?
|
a. |
wireless transmissions |
c. |
spread-spectrum wireless transmissions |
|
b. |
wire-based transmissions |
d. |
None of the above. |
____ 22. Network hubs broadcast traffic over the
entire segment, thus making transmissions more widely vulnerable to ____.
|
a. |
eavesdropping |
c. |
interception |
|
b. |
sniffing |
d. |
backdooring |
____ 23. Which is the least risky when selecting
your network hardware and design?
|
a. |
Having unused server ports that are
enabled. |
|
b. |
Having remote users access dial-in
servers. |
|
c. |
Computers hosting sensitive data
coexisting on the same subnet with computers open to the general public. |
|
d. |
Using switches. |
____ 24. Which is true about a denial-of-service
attack?
|
a. |
It is relatively complex to launch. |
|
b. |
The easiest resolution is to turn off
the affected server. |
|
c. |
It may result from malfunctioning
software. |
|
d. |
None of the above. |
____ 25. The first step in securing your network is
to implement ____.
|
a. |
hardware security measures |
c. |
a security policy |
|
b. |
software security measures |
d. |
operating system security measures |
____ 26. Which is not true about a security policy?
|
a. |
It may include content that does not
pertain to computers or networks. |
|
b. |
It specifies which software will be used
to ensure security. |
|
c. |
It prevents intentional damage to
hardware or software. |
|
d. |
None of the above. |
____ 27. Which is not true about a security
response team?
|
a. |
Each member should be assigned a role
and responsibilities related to the security policy. |
|
b. |
It should regularly rehearse its defense
in a security threat drill. |
|
c. |
It should be composed of members of the
network group with highly technical skills. |
|
d. |
The leader of the team is often called a
security coordinator. |
____ 28. Which is true about passwords?
|
a. |
The shorter the better. |
|
b. |
Use something that is easy to remember,
such as your pet's or child's name. |
|
c. |
Even if allowed, do not use special
characters, such as exclamation marks, because they are easy to mistype. |
|
d. |
Do not write them down, even if it is in
safe place. |
____ 29. It is recommended to change a password at
least every ____.
|
a. |
day |
c. |
30 days |
|
b. |
week |
d. |
90 days |
____ 30. Which areas should be physically secured?
|
a. |
computer rooms |
|
b. |
wiring closet with hubs or switches |
|
c. |
telecommunications closet with leased
line to the Internet |
|
d. |
All of the above. |
____ 31. Using color patterns in an eye's iris or
whorls in a fingerprint to establish identity are examples of ____.
|
a. |
scanning access |
c. |
bio-recognition access |
|
b. |
physical characteristic access |
d. |
electronic access |
____ 32. Which is the most expensive type of
security?
|
a. |
electronic badge system |
|
b. |
bio-recognition device |
|
c. |
locks that have numeric codes which must
be punched |
|
d. |
key lock |