Deck 1: Cybersecurity and Technology

A)Traceroute
B)Cookie
C)Weblog
D)Audit trail

A)Bit robbing
B)Web services description language (WSDL)
C)Jabber
D)Port scan

A)ERM group
B)Computer emergency response tea
C)Tiger team
D)Silicone cockroach

A)Authorized program analysis report
B)Private key
C)Service level agreement
D)Dongle

A)Application layer
B)Network layer
C)Session layer
D)Transport layer

A)PCMCIA card
B)Smart card
C)Server accelerator card
D)Network interface card

A)Reverse engineering
B)Magneto resistive head technology
C)Van Eck phreaking
D)Electronic data processing (EDP)

A)Security Identifier (SID)
B)Public key infrastructure (PKI)
C)Internet Assigned Numbers Authority (IANA)
D)Private Branch Exchange (PBX)

A)Trojan horse
B)Hashing
C)Switching fabric
D)Cut and paste attack

A)Rules are easy to define.
B)Custom protocols can be easily analyzed.
C)The engine can scale as the rule set grows.
D)Malicious activity that falls within normal usage patterns is detected.

A)An alert that indicates nefarious activity on a system that, upon further inspection, turns out to represent legitimate network traffic or behavior.
B)An alert that indicates nefarious activity on a system that is not running on the network.
C)The lack of an alert for nefarious activity.
D)Both a. and b.

A)E-signature
B)Digital certificate
C)Private key
D)Security token

A)To flag attacks against known vulnerabilities
B)To help reduce false positives in a signature-based IDS.
C)To randomly check suspicious traffic identified by an anomaly detection system.
D)To enhance the accuracy of a traditional honeypot.

A)Secret key algorithm
B)Message queuing
C)Spyware
D)Steganography

A)Inspection of password files to detect inadvisable passwords
B)Mechanisms put in place to reenact known methods of attack and record system responses
C)Inspection of system to detect policy violations
D)Inspection of configuration files to detect inadvisable settings

A)An electronic signature used to authenticate the identity of a user on the network
B)Attack-definition file
C)It refers to "normal," baseline network behavior
D)None of the above

A)Application layer
B)Network layer
C)Session layer
D)Both a and c

A)Cross-site scripting
B)Command injection
C)SQL injection
D)Path traversal attacks

A)Attackers can use error messages to extract specific information from a system.
B)Attackers can use unexpected errors to knock an application off line, creating a denial-of- service attack.
C)Unexpected errors can provide an attacker with a buffer or stack overflow condition that sets the stage for an arbitrary code execution.
D)All of the above.

A)Client-side data validation
B)Filtering data with a default deny regular expression
C)Running the application under least privileges necessary
D)Using parameterized queries to access a database

A)Cross-site scripting
B)Command injection
C)Path traversal attack
D)Buffer overflow

A)Cross-site scripting
B)Command injection
C)SQL injection
D)Buffer overflow

A)Blocking access to antivirus and antispyware updates
B)Aggregating surfing habits across multiple users for advertising
C)Customizing search results based on an advertiser's needs
D)All of the above

A)Inside the firewall
B)Outside the firewall
C)Both
D)None