contact me for testbank if your quiz is different

Name_________________________                                    Date____________________

·       There are 30 questions in this Exam and each question is worth 2 point

·       The exam is worth 25% of your final grade for the course.

·       For multiple choices, choose the option that best answers the question. For True/False, put either a T or an F. For short answer questions, be very brief but concise. You do not need to describe the background, just offer your contributions.

·       Please provide your answers in the Answer Table below.

·       When applicable, please provide your own examples to complement your material.

·       The exam is due on Nov 29, 11:59 PM US EDT. Early submission is encouraged and is welcomed. There will be a 20% penalty for every day late (less than or equal to 24 hours is considered a day) until no points are left.

·       The exam is to be of your own work and no other individuals may assist you in this effort.

·       Please put your name at the top of the document and name your file using this file naming convention: fLastFinalExam.doc, e.g. the file name for me would be aGhafarianFinalExam.doc

·       Please submit your work using the Midterm link in the assignment folder.

·       Use Cybercafé to post your questions about the Midterm but no questions about the questions themselves.

TRUE/FALSE QUESTIONS:

1.     No cybercriminal databases exist that can point investigators to likely suspects.

2.     Complying with regulations and contractual obligations is a benefit of security awareness, training, and education programs.

3.     Deleting the browsing history and cookies in a computer system can be the way to completely delete the recently visited sites.

4.     A malicious driver can potentially bypass many security controls to install malware.

5.     A stack overflow can result in some form of denial-of-service attack on a system.

MULTIPLE CHOICES QUESTIONS

6.     Broad categories of payloads that malware may carry include which of the following:

A.    Corruption of system or data files

B.    Theft of service in order to make the system a zombie agent of attack as part of a botnet

C.    Theft of information from the system, especially of logins, passwords or other personal details by keylogging or spyware programs;

D.    All of the above

7.     The _______ category is a transitional stage between awareness and training.

A.    roles and responsibilities relative to IT systems

B.    security basics and literacy

C.    education and experience

D.    security awareness

8.     What is both a benefit and a potentially harmful implication of multilayer protocols?

A.    throughput

B.    encapsulation

C.    hash integrity checking

D.    logical addressing

9.     The World Wide Web (WWW) can be protected against the risk of eavesdropping in an economical and convenient manner through the use of which of the following?

A.    link and document encryption

B.    Secure Socket layer and secure HTTP

C.    Link encryption and secure socket layer

D.    Document encryption and secure HTTP

10.  An effective way to run a World Wide Web (WWW) service is not by.

A.    Disabling automatic directory listings

B.    Placing the standard WWW computer outside the firewall in the DMZ

C.    Implementing encryption

D.    Relying on third-party providers

11.  Methods to avoid SQL injection include which of the following?

A.    Providing functions to escape special characters

B.    Techniques for the automatic detection of database language in legacy code.

C.    Techniques for the automatic detection of SQL language in legacy code.

D.    All of the above

12.  __________ is when the data in the SDB can be modified so as to produce statistics that cannot be used to infer values for individual records.

A.    Data perturbation

B.    Database access control

C.    Inference channeling

D.    Output perturbation

13.  With __________ the records in the database are clustered into a number of mutually exclusive groups and the user may only query the statistical properties of each group as a whole.

A.    compromise

B.    inference

C.    partitioning

D.    query restriction

14.  Richard received an encrypted message sent to him by Sue. Which key should he use to decrypt the message?

A.    Richard’s public key

B.    Richard’s private key

C.    Sue’s public key

D.    Sue’s private key

15.  Which of the following malicious code objects might be inserted in an application by a disgruntled software developer with the purpose of destroying system data after the developer’s account has been deleted (e.g. following his/her termination)

A.    Virus

B.    Worm

C.    Trojan horse

D.    Logic bomb

16.  Incorrect handling of program _______ is one of the most common failings in software security.

A.    lines

B.    input

C.    output

D.    disciplines

17.  _________ is a program flaw that occurs when program input data can accidentally or deliberately influence the flow of execution of the program.

A.    PHP attack

B.    Format string injection attack

C.    XSS  attack

D.    Injection attack

18.  Security concerns that result from the use of virtualized systems include ______.

A.    guest OS isolation

B.    guest OS monitoring by the hypervisor

C.    virtualized environment security

D.    all of the above

19.   ___________ scan critical system files, directories, and services to ensure they have not been changed without proper authorization.

A.    Intrusion prevention systems

B.    System integrity verification tools

C.    Log analysis tools

D.    Network and host intrusion detection systems

20.  _______ is a form of crime that targets a computer system to acquire information stored on that computer system, to control the target system without authorization or payment, or to alter the integrity of data or interfere with the availability of the computer or server.

A.     Computers as targets

B.    Computers as storage devices

C.    Computers as mediums

D.    Computers as communication tools

FILL-IN-THE-BLANK

21.  A ________ is a condition where more input is placed into a buffer or data holding area than the capacity allocated and thus overwrites other information.

22.  At the basic machine level, all of the data manipulated by machine instructions executed by the computer processor are stored in either the processor’s registers or in ________.

23.  _______ was one of the earliest operating systems written in a high-level language.

24.  A _______ overflow occurs when the targeted buffer is located on the stack, usually as a local variable in a function’s stack frame.

25.  The function of the _______ was to transfer control to a user command line interpreter that gave access to any program available on the system with the privileges of the attacked program

Answer Table

SHORT ANSWER QUESTION

26.  Interpret simple file permission in the following UNIX operating systems permission

-rw-rw-r– 1 maestro conductors 35414 Mar 25 01:38 baton_dealers.txt

Listing 25-3: File-Listing Showing Permissions

27.  List the most common weaknesses in Linux Operating Systems.

28.  There are many important components in Windows operating systems that make up the fundamental security infrastructure, List those components here:

29.  Briefly describe how Access Control Lists (ACL) works in Windows Operating systems

30.  Windows, like all operating systems, has security bugs, and a number of these bugs have been exploited by attackers to compromise customer operating systems. After 2001, Microsoft decided to change its software development process to better accommodate secure design, coding, testing, and maintenance requirements, with one goal in mind: reduce the number of vulnerabilities in all Microsoft products. This process improvement is called the Security Development Lifecycle (SDL). List the core SDL requirements here:

Answers