T or F
It is not possible to spread a virus via an USB stick.
False
T or F
Malicious software aims to trick users into revealing sensitive personal data.
False
T or F
Many forms of infection can be blocked by denying normal users the right to modify programs on the system
True
T or F
In addition to propagating, a worm usually carries some form of payload.
true
T or F
Flooding attacks take a variety of forms based on which network protocol is being used to implement the attack.
True
SYN-ACK and ACK packets are transported using IP, which is an unreliable network protocol.
True
A cyberslam is an application attack that consumes significant resources, limiting the server’s ability to respond to valid requests from other users.
true
The SYN spoofing attack targets the table of TCP connections on the server.
True
Given sufficiently privileged access to the network handling code on a computer system, it is difficult to create packets with a forged source address.
false
A DoS attack targeting application resources typically aims to overload or crash its network handling software.
false
The attacker needs access to a high-volume network connection for a SYN spoof attack.
false
Intrusion detection is based on the assumption that the behavior of the intruder differs from that of a legitimate user in ways that can be quantified.
true
The IDS component responsible for collecting data is the user interface.
false
Activists are either individuals or members of an organized crime group with a goal of financial reward.
false
The primary purpose of an IDS is to detect intrusions, log suspicious events, and send alerts.
true
Intruders typically use steps from a common attack methodology
true
An intruder can also be referred to as a hacker or cracker
true
Those who hack into computers do so for the thrill of it or for status.
true
Signature-based approaches attempt to define normal, or expected, behavior, whereas anomaly approaches attempt to define proper behavior.
false
Running a packet sniffer on a workstation to capture usernames and passwords is an example of intrusion.
True
A firewall can serve as the platform for IPSec.
True
The firewall can protect against attacks that bypass the firewall.
False
A traditional packet filter makes filtering decisions on an individual packet basis and does not take into consideration any higher layer context.
True
The firewall may be a single computer system or a set of two or more systems that cooperate to perform the firewall function.
True
A DMZ is one of the internal firewalls protecting the bulk of the enterprise network
false
One disadvantage of a packet filtering firewall is its simplicity
false
A prime disadvantage of an application-level gateway is the additional processing overhead on each connection.
True
The primary role of the personal firewall is to deny unauthorized remote access to the computer.
True
A packet filtering firewall is typically configured to filter packets going in both directions.
True
Detecting and reacting to incidents is not a function of IT security management.
False
IT security management has evolved considerably over the last few decades due to the rise in risks to networked systems
True
Organizational security objectives identify what IT security outcomes should be achieved.
True
IT security management consists of first determining a clear view of an
organization’s IT security objectives and general risk profile.
True
Once the IT management process is in place and working the process never needs to be repeated.
False
IT security needs to be a key part of an organization’s overall management plan.
True
Water damage protection is included in security controls
true
To ensure that a suitable level of security is maintained, management must follow up the implementation with an evaluation of the effectiveness of the security controls
True
Management controls refer to issues that management needs to address
false
Detection and recovery controls provide a means to restore lost computing resources.
True
Operational controls range from simple to complex measures that work together to secure critical and sensitive data, information, and IT systems functions.
false
Complying with regulations and contractual obligations is a benefit of security awareness, training, and education programs.
true
Security awareness, training, and education programs may be needed to comply with regulations and contractual obligations
true
To emphasize the importance of security awareness, an organization should have a security awareness policy document that is provided to all employees.
true
Awareness only communicates information security policies and procedures that need to be followed and does not provide the foundation for any sanctions or disciplinary actions imposed for noncompliance.
False
The education and experience learning level provides the foundation for subsequent training by providing a universal baseline of key security terms and concepts.
False
Employee behavior is not a critical concern in ensuring the security of computer systems
false
Employees cannot be expected to follow policies and procedures of which they are unaware.
True
Security basics and literacy is required for those employees, including contractor employees, who are involved in any way with IT systems.
true
Awareness is used to explain the rules of behavior for using an agency’s information systems and information and establishes a level of expectation on the acceptable use of the information and information systems
true
Programmers, developers, and system maintainers require less advanced security training than other employees.
false