True/False
Indicate whether the sentence or statement is true
or false.
|
|
1.
|
A
buffer overflow attack can be triggered by sending small amounts of data that equals the capacity of
the receiving application within a given field
|
|
2.
|
It is
possible for an attacker to obtain a given cookie directly from a victim's computer.
|
|
3.
|
A
signed applet operate subject to a set of restrictions called the sandbox model.
|
|
4.
|
Third-party SMTP relay occurs when a mail server allows an internal mail client to
forward mail not destined for delivery to any direct users of that server.
|
Multiple Choice
Identify the
letter of the choice that best completes the statement or answers the question.
|
|
5.
|
Another name for public key encryption is: a. | symmetric
encryption | c. | secure
encryption | b. | asymmetric encryption | d. | None of the above | | | | |
|
|
6.
|
Another name for secret key encryption is: a. | symmetric
encryption | c. | secure
encryption | b. | asymmetric encryption | d. | None of the above | | | | |
|
|
7.
|
SSL
stands for: a. | Security
Statement Layer | c. | Secure Sockets
Layer | b. | symmetric Sockets Layer | d. | None of the above | | | | |
|
|
8.
|
A
typical certificate has the following component(s): a. | time
stamp | c. | certificate
issuer's name | b. | public key of the subject | d. | All of the above | | | | |
|
|
9.
|
Some
of the most widely used instant-messaging applications are: a. | AOL Instant
Messenger | c. | Yahoo
Messenger | b. | ICQ | d. | All of the above | | | | |
|
|
10.
|
The
most visible security risk associated with most IM systems is the lack of: a. | user
acceptance | c. | knowledge | b. | encryption | d. | use | | | | |
|
|
11.
|
IDS
stands for: a. | Ideal Data
Standard | c. | Intrusion
Detection Systems | b. | Internal Data Security | d. | None of the above | | | | |
|
|
12.
|
What
type of programs are executed based on the intended functionality and security context of the web
page with which they were downloaded? a. | JavaScript | c. | HTTPS | b. | HTML | d. | Web
browser | | | | |
|
|
13.
|
What
can be used to keep track of the state of a user's shopping cart on an on-line
store? a. | hyperlink | c. | URL | b. | cookie | d. | buffer overflow | | | | |
|
|
14.
|
What
can be used to track the browsing habits of users? a. | cookie | c. | applet | b. | hyperlink | d. | None of the above | | | | |
|
|
15.
|
What
type of applets typically display warning messages? a. | signed
applets | c. | secure
applets | b. | unsigned applets | d. | All of the above | | | | |
|
|
16.
|
What
does JDK stand for? a. | Java Development Kit | c. | Java Design Kit | b. | Java Deployment
Kit | d. | None of the
above | | | | |
|
|
17.
|
What
is a component of a CGI script? a. | executable program on the server | b. | user
input | c. | HTML page that feeds input to the
program | d. | Both A and C | | |
|
|
18.
|
What
needs to be examined carefully to identify the real source of spam e-mail? a. | SMTP
relay | c. | mail
headers | b. | HTML | d. | mail footers | | | | |
|
|
19.
|
Secure Sockets Layer (SSL) was developed by: a. | Microsoft | c. | Sun
Microsystems | b. | Netscape | d. | None of the above | | | | |
|
|
20.
|
What
can be considered a standard way of binding a public key to a name? a. | certificate | c. | ciphers | b. | private key | d. | None of the above | | | | |
|
|
21.
|
HTTPS
stand for: a. | Hypertext
Transfer Protocol Security | c. | Secure Hypertext
Transfer Protocol | b. | Hypertext Transfer Policy
Security | d. | Hypertext
Terminal Protocol Security | | | | |
|
|
22.
|
What
port does ICQ use for voice and video traffic?
|
|
23.
|
An
element in an electronic document that links to another place is called a(n): a. | HTML | c. | connection | b. | HTTP | d. | hyperlink | | | | |
|
|
24.
|
Error
message returned when the server cannot find the file you requested is called: a. | 505 File
Error | c. | 606 File
Error | b. | 404 File Error | d. | None of the above | | | | |
|
|
25.
|
A
temporary storage area, usually in RAM is called a(n): a. | buffer | c. | private
key | b. | cipher | d. | public
key | | | | |
|
Matching
|
|
|
Please match the best term from the list below to the most appropriate
concept. a. | SSL | e. | JavaScript | b. | <script> | f. | </script> | c. | DoS | g. | TCP | d. | SMTP | h. | HTTPS | | | | |
|
|
26.
|
Uses
TCP port 25.
|
|
27.
|
End
of JavaScript.
|
|
28.
|
Protocol used to enable on-line purchasing.
|
|
29.
|
Malicious attack flooding network with worthless traffic.
|
|
30.
|
Embedded into HTML document.
|
|
|
Please match the best term from the list below to the most appropriate
concept. a. | IDS | e. | TCP
1863 | b. | buffer
overflow | f. | keys | c. | TCP 80 | g. | cookies | d. | ciphers | h. | ActiveX | | | | |
|
|
31.
|
NetMessenger port for plaintext messages.
|
|
32.
|
Yahoo
Messenger port for direct file transfers.
|
|
33.
|
Used
to monitor and prevent IM traffic.
|
|
34.
|
Downloaded to client machines by web servers.
|
|
35.
|
Large
amounts of data that exceeds capacity.
|