Midterm Exam deck Flashcards
In FISMA, ________ is done internally by the organization.
both certification and accreditationn
Quantum key distribution ________.
- creates a major threat to many traditional cryptographic methods
- Both is a way to deliver enormously long keys to communication partners and creates a major threat to many traditional cryptographic methods
- *is a way to deliver enormously long keys to communication partners
is a way to deliver enormously long keys to communication partners
Port scanning software does the following:
*The software is used to catch external threats
The software divulges vulnerable ports
*
The software divulges open ports
The software divulges open ports
Which of the following are types of countermeasures? Preventative Detective Corrective all of these?
all of these: Preventative
Detective
Corrective
________ are programs that attach themselves to legitimate programs.
viruses
The ultimate goal of a DoS attack is to ________.
cause harm
Which of the following measures offers strong security?
*Using spread spectrum transmission in 802.11
Turning off SSID broadcasting
WEP
all of these
none of these
none of these
A planned series of actions in a corporation is a(n) ________.
sequence
The primary weapon in a DoS attack is the: *icmp ping dns poisoning mac flooding arp poisoning
ICMP Ping packet set at 65000 bytes
A commonly SSL/TLS-aware application is ________.
webservice
Mandatory vacations should be enforced ________.
to reduce the possibility of collusion between employees
A botmaster can remotely ________.
Both fix a bug in the bots and update bots with new functionality
Which of the following can be used as a keying method?
Public key encryption for confidentiality
________ is a random string of 40 to 4,000 bits (ones and zeros) used to encrypt messages.
key
Digital signatures are used for ________ authentication.
message-by-message
________ security uses the RC4 cipher in encryption for confidentiality and the Temporal Key Integrity Protocol for keying and rekeying.
WEP
A program that gives the attacker remote access control of your computer is specifically called a ________
RAT
Which of the following statements accurately describes RC4?
*
RC4 is very slow.
RC4 uses a large amount of RAM.
RC4 can use a broad range of key lengths.
All of these
RC4 can use a broad range of key lengths
The most popular public key encryption cipher is ________
RSA
WLAN DoS attacks are designed to affect the ________ of the network.
availability
Firms still choose to use WPA in order to ________.
*avoid configuration expenses for access points
avoid configuration expenses for wireless clients
-Both avoid configuration expenses for access points and avoid configuration expenses for wireless clients
*Neither avoid configuration expenses for access points nor avoid configuration expenses for wireless clients
Correct Both avoid configuration expenses for access points and avoid configuration expenses for wireless clients
________ can spread through e-mail attachments.
- viruses
- viruses and worms
- Worms
*viruses and worms
In SSL/TLS, a specific set of protocols that a particular cryptographic system will use to provide protection is called a ________.
cipher suite
Which encryption method does MS-CHAP use?
symetric, public / neither, both?
neither