10 - Software Development Security Flashcards
- When security is increased, what is typically decreased?a. Administrative responsibilitiesb. User functionalityc. Complexity of the systemd. Cost of sustaining the IT environment
B: When security is increased, user functionality is usually decreased.
- Which of the following occurrences does not demonstrate foresight and planning on the part of a programmer when a software product encounters a security error?a. Blue screenb. Switching into a non-privileged state upon failurec. Locking out all high-level privilegesd. Rebooting into any available state
D: Rebooting into any available state could result in booting into a privileged state which is not the proper outcome when software encounters a security error.
- Database access is usually indirect access that provides for all but which of the following?a. Confidentiality b. Integrityc. Availabilityd. Controlled interface
C: Availability is not ensured with indirect access.
- Which of the following is required in every row of a table in order to maintain uniqueness?a. Cellb. Filec. Primary keyd. Schema
C: A primary key is required in every row of a table in order to maintain uniqueness.
- An attribute in one table that also serves as the primary key in another table is known as?a. A cross-referenceb. A viewc. Tupled. A foreign key
D: A foreign key is an attribute in one table that also serves as the primary key in another table.
- What is the data that defines or describes the database?a. Schemab. Primary keyc. Data dictionaryd. Base relation
A: A schema holds the data that defines or describes the database.
- Why does most software have security disabled by default?a. Ease of installation b. Every environment has different security needsc. Most environments don’t require securityd. Security is dependant upon a security policy
A: Most software has security disabled by default for ease of installation.
- What is a collection of related items of the same type?a. Fileb. Record c. Databased. Base relation
A: A file is a collection of related items or records of the same type.
- A tuple is what?a. A table stored in a databaseb. A row stored in a databasec. A column stored in a databased. A column that makes each row of a table unique
B: A tuple is a row stored in a database.
- What is an attribute?a. A table stored in a databaseb. A column that has a unique value in each rowc. A column in a databased. The data that describes the database
C: An attribute is a column in a database.
- What database model provides for many-to-many relationships?a. Sequential data modelb. Hierarchical data modelc. Ordinal data modeld. Distributed data model
D: A distributed data model offers many-to-many relationships.
- An indication that integrity of the database has been violated is when which following includes a null value?a. primary keyb. cellc. tupled. relation
A: If the primary key contains a null value then integrity has been violated.
- In a relational database, the number of rows is referred to as?a. Degreeb. Cardinalityc. Prime factord. Tuple
B: The number of rows in a relational database is known as the cardinality.
- Which of the following in the design and programming phases of software development can not result in buffer overflows?a. data input block sizeb. ASCII vs. binary inputc. Alpha vs. numeric inputd. English vs. Spanish
D: Whether the input is in Spanish or English will not have a direct bearing on a buffer overflow.
- When a program or operating system experiences a failure state, what should it do?a. save a memory dumpb. revert to a secure statec. restart in privilege moded. automatically reboot
B: After a failure state, the program or system should revert to a secure state.
- Which of the following is not true about out of the box security?a. security and functionality are directly proportionalb. security is usually disabled for installationc. security must be configured for the environmentd. security is often a tradeoff for ease of use
A: Security and functionality are usually inversely proportional, the greater the security the less functionality a system offers.
- What element of new robust software is considered a security failure or downfall?a. platform dependenceb. a wide range of features or functionalityc. interpreted vs. compiled languaged. implementation within a distributed computing environment
B: A wide range of features or functionality is considered a security failure or downfall. The more capabilities a system has, the greater the range of its vulnerabilities and risks.
- What is the primary reason why so much software is unable to handle failures or errors in a secure fashion?a. use of interpreted languagesb. designed to be used in a distributed computing environmentc. circumstances of use are difficult to predict and plan ford. lack of software change management
C: The primary reason software is unable to handle failures is a secure fashion is that circumstances of use are difficult to predict and plan for.
- Since all circumstances of use are difficult to predict and plan for, programmers should?a. not produce softwareb. use only fifth generation programming languagesc. avoid CGI scriptsd. design a general method for handling unexpected failures
D: Since all circumstances of use are difficult to predict and plan for, programmers should design into their software a general method for handling unexpected failures.
- A reliable and controlled software development, design, and coding process is necessary to ensure?a. marketabilityb. securityc. interoperabilityd. compatibility
B: A reliable and controlled software development, design, and coding process is necessary to ensure security.
- Buffer overflows are caused by a programmer failing to compensate for all but which of the following?a. input data block sizeb. ASCII vs. Binary inputc. English vs. Spanishd. alpha vs. numeric
C: Buffer overflows are not caused by differences in languages.
- Failing to compensate for invalid or extensive values of data types, formats, or lengths in input to programs can cause?a. time of check/time of use attackb. aggregationc. unauthorized alterations of a configuration itemd. buffer overflows
D: Failing to compensate for invalid or extensive values of data types, formats, or lengths in input to programs can cause a buffer overflow.
- Environmental controls and hardware devices cannot prevent problems created by?a. bad program codingb. unrestricted physical accessc. lack of boundary controlsd. poor air quality
A: Environmental controls and hardware devices cannot prevent problems created by bad program coding.
- Which of the following is not one of the standard phases in a the system life cycle?a. penetration testingb. project initiationc. system design specificationsd. maintenance
A: Penetration testing is not one of the phases in the system life cycle.
- Which of the following is not one of the standard phases in a the system life cycle?a. functional design analysis and planningb. risk assessmentc. software developmentd. installation
B: Risk assessment is not one of the phases in the system life cycle.
- Due care is not related to?a. Good faithb. Prudent manc. Profitd. Best interest
C: This is a term not related to Due Care, it’s going to give us the opposite.
- If a system encounters a failure and it is prevented from rebooting, this will help avoid what?a. denial of serviceb. initial program load vulnerabilitiesc. time of check/time of use attacksd. inference
B: If a system encounters a failure and it is prevented from rebooting, this will help avoid IPL vulnerabilities.
- _____________ is most effective if it is planned and managed throughout the lifecycle of a system or application.a. capabilityb. functionalityc. securityd. marketability
C: Security is most effective if it is planned and managed throughout the lifecycle of a system or application.
- _________________ keeps the development project on target and moving toward the goal of a completed product.a. business continuity planningb. change control managementc. facility design and constructiond. project management
D: Project management keeps the development project on target and moving toward the goal of a completed product.
- If a system should fail for any reason, it should always perform a ______________.a. fail safe operationb. self diagnosticc. fail over maneuverd. privileged restart function
A: If a system should fail for any reason, it should always perform a fail safe operation.
- When testing a newly developed software, system, or solution, all but which of the following should be true?a. all aspects of the system should be testableb. testing should examine how incorrect values are handledc. testing should probe boundary conditionsd. testing should use real or live data
D: Testing should never use real or live data. Testing using real data can result in disclosure or alteration of sensitive information.
- Which of the following is not one of the elements of the software maintenance phase and change control process?a. risk controlb. request controlc. change controld. release control
A: Risk control is not one of the elements of the software maintenance phase and change control process.
- In what level of the software capability maturity model are project management practices institutionalized?a. initiatingb. repeatablec. definedd. managed
B: Security requirements are institutionalized in the repeatable level of the software capability maturity model.
- The waterfall models allows for what?a. improved managementb. greater control over project progress toward objective completionc. creation of multiple prototypesd. modification only to the immediately previous stage of the life cycle process
D: The waterfall model of the life cycle development process allows for modifications only to the immediately previous stage of the life cycle process.
- Which of the following life cycle phase models allows for all phases of the life cycle process to be repeated?a. spiral modelb. waterfall modelc. modified waterfall modeld. Information security and life cycle model
A: The spiral model allows the phases of the life cycle process to be repeated as necessary.
- Which life cycle model provides mechanisms for back verification and validation against defined baselines?a. Spiral modelb. Modified waterfall modelc. Clark Wilson modeld. Information security and life cycle model
B: The modified waterfall model provides mechanisms for back verification and validation against defined baselines.
- According to the Information security and life cycle model, security implemented early in the life cycle process results in all but which of the following?a. greater chance for successb. lower costsc. greater granularityd. reduced work
C: The Information security life cycle model does not indicate whether introducing security early in the life cycle process results in greater granularity.
- The ability for one object to be removed from a system and replaced with another object is known as?a. polymorphismb. data diddlingc. substitution propertyd. normalization
C: The ability for one object to be removed from a system and replaced with another object is known as the substitution property.
- The communications sent to an object in order to instruct it to perform some operation is known as?a. methodb. behaviorc. delegationd. message
D: The communications sent to an object in order to instruct it to perform some operation is known as a message.
- The code that defines the actions that an object performs in response to an instruction is known as?a. methodb. behaviorc. delegationd. message
A: The code that defines the actions that an object performs in response to an instruction is known as a method.
- The forwarding of an instruction from one object to another is known as?a. methodb. behaviorc. delegationd. message
C: The forwarding of an instruction from one object to another is known as delegation.
- Objects in an object oriented programming environment that are created on the fly by software as it executes are known as?a. dynamic lifetime objectsb. transient elementsc. volatile agentsd. distributed computing applets
A: Objects in an object oriented programming environment that are created on the fly by software as it executes are known as dynamic lifetime objects.
- The characteristic of objects in an object oriented programming environment of encapsulation means what?a. objects can produce multiple outputs from the same inputb. objects are self-containedc. objects are more secure that compiled programsd. objects are transient
B: Encapsulation means that objects are self-contained.
- What programming language can be used directly by computers?a. assembly languageb. artificial intelligence languagesc. machine languaged. interpreted languages
C: A computer can only use machine language directly.
- Which of the following is most susceptible to insertion of malicious code?a. assembly languageb. compiled languagec. commercial softwared. CGI scripts
D: CGI scripts, being interpreted, are most susceptible to insertion of malicious code.
- Which of the following is true regarding ActiveX?1. Platform independent2. Platform dependent3. Language independent4. Language dependenta. 1 and 3b. 2 and 4c. 2 and 3d. 1 and 4
C: ActiveX is platform dependent (Windows only) and language independent.
- Which of the following is true regarding Java?1. Platform independent2. Platform dependent3. Language independent4. Language dependenta. 1 and 3b. 2 and 4c. 2 and 3d. 1 and 4
D: Java is platform independent and language dependent.
- The primary security flaw of ActiveX is?a. It stores controls to the hard driveb. It uses a sandboxc. It is specific to Windows OSes d. It is not language dependant
A: The primary security flaw of ActiveX is that it stores controls to the hard drive.
- Which of the following is not true about Java applets?a. It uses a sandboxb. It is stored on the hard drivec. It is multithreadedd. It is temporarily stored in memory
B: Java applets are not stored to the hard drive, ActiveX is stored to the hard drive.
- What type of computer system exhibits the same reasoning capabilities as that of a human?a. expert systemb. neural networkc. object oriented systemd. commodore 64
A: An expert system is a computer system that exhibits the same reasoning capabilities as that of a human.
- What type of computer system mimics the functioning of biological neurons?a. expert systemb. neural networkc. object oriented systemd. artifical intelligence system
B: A neural network is a computer system that mimics the functioning of biological neurons.
- Expert systems function using all but which of the following?a. If-then statement rule databasesb. Fuzzy logicc. Delta ruled. Inference engine
C: Expert systems do not use the delta rule. Neural networks use the delta rule, the learning rule.
- Which of the following is not one of the steps used by expert systems when performing fuzzy logic operations?a. Fuzzificationb. Inferencec. Compositiond. Normalization
D: Normalization is not one of the steps used in fuzzy logic operations. Normalization is the removal of errors from a database.
- The most common example of a distributed computing environment (DCE) is which of the following?a. client/serverb. terminal/hostc. stand alone desktop systemd. portable computers
A: A client/server system is the most common example of a DCE.
- Which of the following is not an example of a mobile code language used in a distributed computing environment?a. ActiveXb. Fortranc. Javad. Macromedia Flash
B: Fortran is a 3rd generation programming language, but it is not a mobile code language used in DCE.
- The results of communications sent to an object in order to instruct it to perform some operation is known as?a. methodb. behaviorc. delegationd. message
B: The result exhibited by an object upon receipt of an instruction is known as a behavior.
- The ability for an object to produce different behaviors from the same message is known as?a. methodb. data diddlingc. electronic vaultingd. polymorphism
D: The ability for an object to produce different behaviors from the same message is known as polymorphism.
- The number of rows in a relational database is known as?a. schemab. data dictionaryc. cardinalityd. degree
C: The cardinality is the number of rows in a relational database.
- The number of columns in a relational database is known as?a. schemab. data dictionaryc. cardinalityd. degree
D: The degree is the number of columns in a relational database.
- The data that defines the structure of the database is known as?a. schemab. data dictionaryc. cardinalityd. degree
A: The schema is the data that defines the structure of the database.
- A relational database provides for what types of relationships?a. one-to-oneb. one-to-manyc. many-to-manyd. many-to-one
C: A relational database provides for many to many relationships.
- A hierarchical database provides for what types of relationships?a. one-to-oneb. one-to-manyc. many-to-manyd. many-to-one
B: A hierarchical database provides for one-to-many relationships.
- An intersection of a row and a column in a relational database is known as? a. fileb. tuplec. celld. attribute
C: A cell is the intersection of a row and a column.
- Which of the following is not a means to aid in mitigating the threat of malicious code in a distributed computing environment?a. screen applets at firewallsb. configure browsers to accept code from trusted servers onlyc. avoid using FTPd. train users regarding mobile code
C: Avoiding the use of FTP is the least effective means to mitigate the threat of malicious code in a DCE.
- Which of the following is not one of the three primary models of databases?a. hierarchicalb. distributedc. relationald. dyanmic
D: There is no such database model as the dynamic model.
- A row in a relational database table is known as?a. fileb. tuplec. celld. attribute
B: A tuple is a row of a relational database table.
- The attribute that makes each tuple unique in relational database?a. domainb. candidate keyc. primary keyd. foreign key
C: The primary key is the attribute that makes each tuple unique in relational database.
- A unique attribute from another relational database table is known as?a. domainb. candidate keyc. primary keyd. foreign key
D: A foreign key is a unique attribute from another relational database table.
- The range of allowable or valid values for attributes is known as?a. domainb. candidate keyc. primary keyd. foreign key
A: The domain is the range of allowable or valid values for attributes.
- Attributes in a relational database that provide a unique identifier for tuples is known as?a. domainb. candidate keyc. primary keyd. foreign key
B: A candidate key is any attribute in a relational database that provides a unique identifier for tuples.
- A column in a relational database table is known as?a. fileb. tuplec. celld. attribute
D: An attribute is a column in a relational database table.
- A collection of records of the same type is known as?a. fileb. tuplec. celld. attribute
A: A file is a collection of records of the same type.
- Hiding specific cells in a database to prevent against inference attacks is known as?a. polyinstantiationb. database partitioningc. cell suppressiond. perturbation
C: Cell suppression is the technique of hiding specific cells in a database to prevent against inference attacks.
- A centralized repository of normalized information from various databases that is made available to users to perform queries against is known as?a. data miningb. data martc. data dictionaryd. data warehouse
D: A data warehouse is a centralized repository of normalized information from various databases that is made available to users to perform queries against.
- What type of virus requires just a host program to replicate and distribute itself?a. common virusb. boot virusc. multi-part virusd. macro virus
A: A common virus, also known as a file virus, needs only a host program to replicate and distribute itself.
- The mechanism that ensures that every tuple has a primary key and that primary key is related to an existing record is known as?a. referential integrity mechanismb. concurrencyc. semantic integrity rulesd. transaction management
A: The mechanism that ensures that every tuple has a primary key and that that primary key is related to an existing record is the referential integrity mechanism.
- Which of the following are not elements of transaction management for databases?a. Rollback statementb. Normalizationc. Commit statementd. Checkpoints
B: Normalization is a process used on databases to ensure that the attributes of a table depend upon the primary key. However, normalization is not part of transaction management.
- At what layer of the OSI model does SQL, as a service protocol, operate?a. Layer 3b. Layer 4c. Layer 5d. Layer 6
C: SQL operates at layer 5 the Session layer.
- The central repository for the data elements and their relationships is known as?a. schemab. data dictionaryc. cardinalityd. degree
B: The data dictionary is the central repository for the data elements and their relationships.
- Which of the following is not one of the steps or elements in data normalization?a. eliminating repeating groupsb. eliminating redundant datac. eliminating the possibility of corrupted data by locking cells while they are being editedd. eliminating attributes that are not dependant on the primary key
C: Locking cells is an aspect of concurrency protection, not normalization.
- Semantic integrity rules ensure that all structural and semantic rules of the database are not violated. Which of the following is not something that these rules would examine?a. data typeb. logical valuec. uniqueness constraints d. relevance
D: The semantic integrity rules would not address or examine the relevance of the data.
- What is concurrency?a. A mechanism used to ensure the integrity of database information.b. A mechanism to ensure that structural and semantic rules are not violated.c. A mechanism that ensures that no record contains references to a primary key of a non-existent record. d. A mechanism that terminates the current transaction and cancels all changes made to the database.
A: Concurrency is a mechanism used to ensure the integrity of database information.
- The act of deducing information from higher sensitivity levels from data at their own lower sensitivity level is known as?a. Aggregationb. Inference c. Suppressiond. Perturbation
B: Inference is the act of deducing information from higher sensitivity levels from data at their own lower sensitivity level
- Which of the following is not considered a valid safeguard against viruses?a. file hash valuesb. biometric authenticationc. strong DACL access controlsd. scanning for e-mail born viruses on e-mail gateway systems
B: Biometric authentication has no bearing on virus protection.
- What model of database is useful for mapping or creating many to many relationships?a. Flux model b. Hierarchical model c. Distributed Data model d. Reflective model
C: A distributed data model uses many to many relationships.
- Which of the following conditions indicate that the integrity of an entity has been violated?a. A random value in a cellb. A reoccurring value in a tuplec. A duplicate value in the foreign keyd. A null value in the primary key
D: This indicates that the integrity of an entity has been violated.
- SQL server is not vulnerable to which of the following types of attacks?a. aggregationb. inferencec. salami techniqued. dead lock
D: SQL is not vulnerable to dead locks since it supports concurrent transaction through transaction management.
- When a database system supports transaction management, which of the following is it still vulnerable to, because users have access to data cells?a. inferenceb. deadlockc. denial of serviced. data integrity loss
A: Databases may be still vulnerable to inferencing even with transaction management.
- The user interface for a database enforces indirect access. This type of restricted interface or controlled view provides all but which of the following?a. support for confidentialityb. providing availabilityc. protection from unauthorized disclosured. maintaining integrity
B: Database views and client interfaces do not provide availability.
- What level of the Carnegie Mellon University Software Engineering Institute (SEI)’s Software Capability Maturity Model (CMM) represents the project management processes and ensures that practices are institutionalized?a. Level 5 - Optimizedb. Level 4 - Managedc. Level 3 - Definedd. Level 2 - Repeatable
D: Level 2 - Repeatable is focused on the project management processes and ensures that practices are institutionalized.
- Objects are ___________ of classes that contain their methods.a. Instancesb. Behaviorsc. Aspectsd. Elements
A: Objects are instances of classes that contain their methods.
- The forwarding of a request by an object to another object is known as?a. Inheritanceb. Delegationc. Methodd. Behavior
B: Delegation is the forwarding of a request by an object to another object.
- Within configuration management, what is a component whose state is recorded and changes are measured against that saved state?a. Buildingb. Configuration itemc. Build listd. Software library
B: Configuration item is a component whose state is recorded and changes are measured against that saved state.
- Which procedure of configuration management is responsible for recording the processing of changes?a. Configuration Identificationb. Configuration Controlc. Configuration Status Accounting d. Configuration Audit
C: Configuration Status Accounting is the procedure that records the processing of changes.
- In a relational database, mandatory access controls are imposed by using which of the following mechanisms?a. Access based on subject and object classification levelsb. Access based on subject rolec. Access based on a tuples in an access control matrixd. Access based on biometrics
A: Mandatory access control is based on classification levels.
- What is normalization?a. The process of removing duplicate or redundant data from a databaseb. Is the standardization of all security baselines within an organization.c. A function of fuzzy logic that converts fuzzy output into quantitative numbers.d. Is the process of resetting all security systems to their installed defaults
A: Normalization is the process of removing duplicate or redundant data from a database.
- Which of the following is not true?a. Applets are a form of mobile code distributed via the Web.b. Browsers may assign different security or trust levels to various applets.c. It is easy to alter or duplicate the signature on an applet.d. A signature on an applet informs you about the source of the applet but not the content or quality of the applet
C: This is not true. It is not possible to alter or duplicate the signature on an applet.
- Inference engines are able to manage uncertainty using all but which of the following means?a. Fuzzy logicb. Direct reasoningc. Probability factorsd. Bayesian network theory
B: Direct reasoning is not a feature or capability of inference engines.
- The fineness of access control specification within a database is known as?a. Accuracyb. Granularityc. Cardinalityd. Bayesian Theory
B: Granularity is the fineness of access control specification within a database.
- What is polyinstantiation?a. A mechanism that prevents the creation of entities within a database at a lower sensitivity level when that entity already exists at a higher sensitivity level.b. A mechanism that allows a database table to contain two primary keys.c. A mechanism that allows a duplicate primary key to be created at a lower sensitivity level when the same key already exists at a higher sensitivity level. d. A mechanism for entering the same information into multiple databases simultaneously.
C: Polyinstantiation is a mechanism that allows a duplicate primary key to be created at a lower sensitivity level when the same key exists at a higher sensitivity level. This prevents inference.
- Which software life cycle models allows for modifications to the project to travel only to the previous development stage?a. Spiral modelb. Referential modelc. Series modeld. Waterfall model
D: The waterfall model allows for modifications to the project to travel only to the previous development stage.
- Which of the following is not true when performing testing during product development?a. Testing should use real or live datab. Testing should ensure that only valid value ranges are acceptedc. Testing should verify that incorrect input types are rejectedd. Testing should verify all bounds and conditions of input
A: Testing should never use real or live data.
- What is polymorphism?a. The ability for a block of code to alter itself based on its environmentb. The ability of a database to allow the creation of a duplicate entity at a lower sensitivity level when one already exists at a higher sensitivity level in order to prevent inference attacks.c. The ability of an object to respond differently to the same message.d. The ability for a distributed data model database to integrate information from multiple locations into a single view.
C: Polymorphism is the ability of an object to respond differently to the same message.
- Formerly known as OLE, what object oriented system standard defines the exchange of objects between programs executing on the same system?a. COBRAb. ORBc. DCOMd. COM
D: COM or Common Object Model is the standard that defines the exchange of objects between programs executing on the same system.
- What type of system demonstrates reasoning abilities similar to humans? a. Expert systemb. Artificial Intelligence systemsc. Neural networksd. Clustered networks
A: Expert systems demonstrate reasoning abilities similar to humans.
- Which of the following is correlations between data or data about data?a. Data martb. Metadatac. Data dictionaryd. Data warehouse
B: Metadata is correlations between data or data about data.
- What type of virus attaches itself to a program so it is activated whenever the software is executed?a. Boot virusb. Macro virusc. File virusd. Companion virus
C: A file virus attaches itself to a program so it is activated whenever the software is executed.
- Which of the following is true for centralized systems?a. Numerous platforms execute independent copies of software against independent sets of datab. Easily accommodates change to DCOM objectsc. Protection is afforded by the OS or the platformd. Combines processing capabilities from various platforms
C: This is a benefit of centralized systems.
- Java and ActiveX are both examples of?a. Code that can be run on any platformb. Interpreted programming languagec. Programming languages that operate within a sandboxd. Mobile code
D: ActiveX and Java are examples of mobile code.
- Which of the following is not a countermeasure against malicious code?a. Screening applets at the firewallb. Requiring strong passwordsc. Require signed applets from trusted serversd. Train users for safe Internet usage
B: This is not a countermeasure against malicious code.
- Which of the following is a mandatory access control model for object-oriented systems?a. View Mechanismb. Positive/Negative Authorizationsc. SORIONd. Methods Data Hiding
C: SORION is a mandatory access control model for object-oriented systems.
- An unapproved method of gaining access to a system is known as?a. Least privilegeb. Network accessc. Physical accessd. Backdoor
D: An unapproved method of gaining access to a system is known as a backdoor.
- The biggest issue related to database security is?a. Logic bombsb. Human errorsc. Inference attacksd. Validation errors
B: Human errors are the biggest issue related to database security. All other problems can be addressed and countered.
- Which of the following is not an example of a programming or data attack?a. Brute forceb. Covert channelsc. Logic bombsd. Salami attack
A: Brute force is a password attack, not a programming or data attack.
- What is the most significant disadvantage of using compiled mobile code?a. It can contain hidden malicious codeb. It employs run-time bindingc. It operates very fastd. It is limited to single thread execution
A: Compiled code can contain hidden malicious code.
- A __________ is a form of malicious code that is triggered to perform an activity once a specific event occurs, such as a time period, accessing a online resource, or launching a program.a. Logic bombb. Wormc. Macro virusd. Trojan horse
A: A logic bomb is a form of malicious code that is triggered to perform an activity once a specific event occurs, such as a time period, accessing a online resource, or launching a program.
- Accreditation is what?a. A structured examination of a system’s security policyb. An institutionalized assessment program for the design specifications of a security productc. A formal acceptance of a security certificationd. The degree of confidence that a security measure will work as designed and intended.
C: Accreditation is a formal acceptance of a security certification.
- The primary difference between a virus and a worm is?a. A virus always infects executable programsb. A worm only attempts to replicate itself rather than cause damagec. A virus always destroys data on the infected systemd. A worm seeks to spread itself to other systems
D: The primary difference between a virus and a worm is that a worm primarily seeks to spread itself to other systems while a virus seeks to replicate itself within a system.
- Which of the following is not considered a denial of service attack? a. Consuming bandwidth from a victimb. Sending a limited amount of spam to a victimc. Blocking the ability to respond to legitimate traffic d. Consuming all computing resources
B: While spam is unwanted and a large amount can result in a DoS attack, a limited amount of spam is little more than annoying.
- Countermeasures to the Smurf Denial of Service attack include all but which of the following?a. Disable broadcast capabilities on border routersb. Block spoofed internal packetsc. Deploy host-based IDSd. Disable ICMP traffic
C: A network-based IDS may have some affect as a countermeasure against Smurf, but a host-based IDS is ineffective against any DoS.
- At what point in a product’s development cycle should infosec be introduced?a. Evaluation and testingb. Inceptionc. Design specificationd. Software development
B: InfoSec should be introduced into a product’s development cycle from inception.
