One extreme viewpoint about computer security is what?

There are no imminent dangers to your system

Before you can formulate a defense for a network you need what?
A clear picture of the dangers to be defended against

What is a computer virus?

Any program that self-replicates

What is spyware?
Any software that monitors your system

What is a sneaker?
A person who hacks a system to test its vulnerabilities

What is the term for hacking a phone system?

Phreaking

What is malware?
Software that has some malicious purpose

What is war-driving?
Driving looking for wireless networks to hack

When a hacking technique uses persuasion and deception

Social Engineering

What is the most common threat on the Internet?

Computer viruses

An intrusion-detection system is an example of which of the following?

Proactive Security

What are the three approaches to security?

Perimeter, Layered, and Hybrid

What is the most basic security activity?

Authentication

The most desirable approach to security is one that is:

Layered and Dynamic

According to a recent survey of 223 computer professionals prepared by the Computer Security
Institute, which of the following was cited as an issue by more of the respondents?
Employee abuse

The first computer incident-response team is affiliated with what university?

Carnegie-Mellon University

Definition of sensitive information

Any information that if accessed by unauthorized personnel could damage your organization in
any way

Major resource for detailed information on computer viruses:

F-Secure Virus Library

What type of cable do most networks use?

Category 5

The connector used with network cables is called what?

RJ-45

The cable used in networks is also referred to as what?

Unshielded twisted pair

The simplest device for connecting computers is called what?

Hub

What is a NIC?
Network Interface Card

A device used to connect two or more networks together is a what?

Router

A T1 line sends data at what speed?

1.54Mbps

How big is a TCP packet header?

The size is always 20 bytes

Translates URLs into Web addresses

DNS (Domain Name Service)

What protocol is used to send email, and on what port does it work?
SMTP, port 25
What protocol is used for web pages, and what port does it work on?
HTTP, port 80

What protocol is used for remotely logging on to a computer?

Telnet

The point where the backbones of the Internet connect is called what?
Network access points

Be able to identify invalid IP addresses

Look at the first number. If it is not 0 - 255 then it is not a valid IP address

What ranges for the first number in an IP address are for A-E?
A: 0-126, B: 128 - 191, C: 192 - 223, D: 224 - 247, E: 248 - 255

The IP address of 127.0.0.1 always refers to your what?

Yourself

Internet addresses of the form www.google.com are called what?

Uniform Resource Locators (URL)

Which US government agency created the distributed network that formed the basis for the
Internet?
Advanced Research Projects Agency (ARPA)

Which of the following was one of the three universities involved in the original distributed
network setup by a government agency?
Berkeley
Vince Cerf created:
TCP?

Tim Berners-Lee invented:

World Wide Web

Which utility gives you information about your machine's network configuration?
IPConfig

The TCP protocol operates at what layer of the OSI model?

Level 4: Transport

Which layer of the OSI model is divided into two sublayers?

Data Link

A unique hexadecimal number that identifies your network card is called what?
MAC Address

What is the CIA triad?

Confidentiality, Integrity, Availability

The most common Internet investment fraud is known as what?

The Nigerian fraud

Artificially inflating a stock in order to sell it at a higher value is referred to as what?

Pump and Dump
A seller (on an online auction site) bidding on his or her own items to drive up the price is
referred to as what?
Shill bidding

Submitting a fake but very high bid to deter other bidders is referred to as what?
Bid shielding

According to the U.S. Department of Justice, identity theft is usually motivated by what?
Economic gain

Why is cyber stalking a serious crime?

It can be a prelude to violent crime

What is the first step in protecting yourself from identity theft?

Never provide any personal data about yourself unless absolutely necessary

What is a cookie?
A small file made that contains data and then is stored on your computer

What percentage of cyber stalking cases escalate to real-world violence?

19%

If you are a victim of cyber stalking, what should you do to assist the police?
Keep electronic and printed copies of all harassing communications

What do you call a DoS launched from several machines simultaneously?

DDos attack

Leaving a connection half open is referred to as what?

SYN flood attack

What are three methods for protecting against SYN flood attacks?
SYN cookies, RST cookies, and stack tweaking

What type of defense depends on changing the server so that unfinished handshaking times
out sooner?
Stack tweaking

Which of the following is a real-life example of a DDoS attack?

MyDoom virus

What can you do with your firewall to defend against DoS attacks?
Block all incoming ICMP packets

Why will protecting against Trojan horse attacks reduce DoS attacks?
Because many denial of service attacks are conducted by using a Trojan horse to get an
unsuspecting machine to execute the DoS

Which of the following is the best definition of "virus"

Program that self-replicates

What is historically the most common way for a virus to spread?

By email attachment

Which of the following virus attacks used a multimodal approach?

Sobig virus

What factor about the Sobig virus made it most intriguing to security experts?
It spread in multiple ways

What was most interesting to security experts about the Mimail virus?
It grabbed email addresses from documents on the hard drive

Which of the following is something a Trojan horse might do?

Open a back door for malicious software

What is a buffer-overflow attack?

Putting more data in a buffer than it can hold

What virus exploited buffer overflows?

Sasser virus

What can you do with a firewall to help protect against virus attack?
Shut down all unneeded ports

A key logger is what type of virus?

Spyware

This virus appears to be benign software but secretly downloading a virus or some other type of
malware onto your computer from within.
Trojan Horse

Which of the following is not one of the three major classes of threats?
Online auction fraud

What is a penetration tester?

A person who hacks a system to test its vulnerabilities
When a hacking technique uses persuasion and deception to get a person to provide
information to help compromise security, this is referred to as what?
Social engineering

An intrusion detection system is an example of which of the following?

proactive Security

Which of the following is the most basic security activity?

Authentication

The most desirable approach to security is one that is which of the following?
Layered and dynamic

Which of the following types of privacy law affects computer security?

Any privacy law applicable to your organization

Which of the following is the best definition of the term sensitive information?
Any information that has impact on national security