# Course: CS 585 03f ####################################### :TYPE:MC:1:0:C :TITLE: Certificate Authorities :QUESTION:H Certificate authorities have issuance and authentication policies. Which type of policy would be most similar to the Alabama Department of Motor Vehicles granting licenses only to residents of the state? :ANSWER1:0:T authentication :ANSWER2:100:T issuance :CAT:test6_tf ####################################### :TYPE:MC:1:0:C :TITLE: Anonymity :QUESTION:H Is a principal service of a certificate authority to provide anonymity? :ANSWER1:100:T False :ANSWER2:0:T True :CAT:test6_tf ####################################### :TYPE:MC:1:0:C :TITLE: Self Propagating :QUESTION:H Which of the following is self propagating? :ANSWER1:0:T Trojan Horse :ANSWER2:0:T Virus :ANSWER3:100:T Worm :CAT:test6_tf ####################################### :TYPE:MC:1:0:C :TITLE: Mixmaster remailers :QUESTION:H Mixmaster remailers provide :ANSWER1:100:T Anonymity :ANSWER2:0:T Authentication :CAT:test6_tf ####################################### :TYPE:MC:1:0:C :TITLE: Packet Filtering :QUESTION:H Which of the following is better suited to filtering based on content? :ANSWER1:0:T Firewall :ANSWER2:100:T Proxy Server :CAT:test6_tf ####################################### :TYPE:MC:1:0:C :TITLE: Website :QUESTION:H Suppose a car company wants to have a website that allows customers to view information about the types of cars available. Should this website be in a DMZ? :ANSWER1:0:T no :ANSWER2:100:T yes :CAT:test6_tf ####################################### :TYPE:MC:1:0:C :TITLE: Connecting :QUESTION:H Firewalls provide more protection if they operate in which type of configuration? :ANSWER1:0:T parallel :ANSWER2:100:T series :CAT:test6_tf ####################################### :TYPE:MC:1:0:C :TITLE: Thresholds :QUESTION:H We discussed threshold models as a type of which of the following: :ANSWER1:100:T Anomaly Modeling :ANSWER2:0:T Markov Modeling :ANSWER3:0:T Misuse Modeling :ANSWER4:0:T Specification Modeling :CAT:test6_mc ####################################### :TYPE:MC:1:0:C :TITLE: Prediction :QUESTION:H Which of the following types of models would be most appropriate to predict the next letter in a word give a prefix of that word? :ANSWER1:0:T Anomaly Model :ANSWER2:100:T Markov Model :ANSWER3:0:T Misuse Model :ANSWER4:0:T Specification Model :CAT:test6_mc ####################################### :TYPE:MC:1:0:C :TITLE: System Protection :QUESTION:H Which of the following types of models would be most appropriate to detect an exploit that uses multiple programs? :ANSWER1:0:T Anomaly Model :ANSWER2:0:T Markov Model :ANSWER3:100:T Misuse Model :ANSWER4:0:T Specification Model :CAT:test6_mc ####################################### :TYPE:MC:N:1:C :TITLE: VPN :QUESTION:H Suppose that your company has a VPN set up between two gateways, which of the following statements are most accurate. :ANSWER1:50:T a firewall between the gateways can not perform useful packet filtering :ANSWER2:-50:T a firewall between the gateways can perform useful packet filtering :ANSWER3:50:T the VPN will not prevent a worm in one of the LANs from propagating to the other :ANSWER4:-50:T the VPN will prevent a worm in one of the LANs from propagating to the other :CAT:test6_mc ####################################### :TYPE:MC:1:0:C :TITLE: Source Anonymity :QUESTION:H Which of the following would provide the best in terms of Anonymity? :ANSWER1:0:T Demilitarized Zone :ANSWER2:0:T Firewall :ANSWER3:0:T Honey Pot :ANSWER4:100:T Network Address Translator :CAT:test6_mc ####################################### :TYPE:MC:1:0:C :TITLE: Packet Modification :QUESTION:H Which of the following modifies addresses in a packet? :ANSWER1:0:T Demilitarized Zone :ANSWER2:0:T Firewall :ANSWER3:100:T Network Address Translator :ANSWER4:0:T Router :CAT:test6_mc ####################################### :TYPE:MC:1:0:C :TITLE: Risk Management :QUESTION:H Which of the following techniques starts with an undesirable outcome and tries to determine potential causes? :ANSWER1:0:T Annual Loss Expectancy :ANSWER2:0:T FMEA :ANSWER3:0:T Specification Modeling :ANSWER4:0:T Threat Trees :CAT:test6_mc ####################################### :TYPE:MC:1:0:C :TITLE: Programming Error :QUESTION:H A user inputs an index into an array that is too large, and a value is written at that location. This is an example of a: :ANSWER1:100:T buffer overflow :ANSWER2:0:T numeric overflow :ANSWER3:0:T race condition :ANSWER4:0:T usability failure :CAT:test6_mc ####################################### :TYPE:P :TITLE: Threat Tree :QUESTION:H:60:30 Describe a threat tree for the deletion of a file (only to at most six nodes) and a policy that might be formed based on that tree. :CAT:test6_p ####################################### :TYPE:P :TITLE: Remailers :QUESTION:H:60:30 Give an alternative to the utilization of a mixmaster remailer, how does it differ in the services it provides? :CAT:test6_p ####################################### :TYPE:P :TITLE: Possible Malware :QUESTION:H:60:30 If you are asked to run an unknown program and only have access to its binary form, how could you ensure that it does no damage? :CAT:test6_p ####################################### :TYPE:MC:N:1:C :TITLE: Worm or Virus :QUESTION:H The 'I Love You' malware was a: :ANSWER1:100:T Virus :ANSWER2:-100:T Worm :CAT:test6b_mc ####################################### :TYPE:MC:N:1:C :TITLE: Worm or Virus :QUESTION:H The 'Code Red' malware was a: :ANSWER1:-100:T Virus :ANSWER2:100:T Worm :CAT:test6b_mc ####################################### :TYPE:MC:1:1:C :TITLE: BAN Logic :QUESTION:H BAN logic is most often used to compare the relative performance of security protocols. :ANSWER1:100:T false :ANSWER2:-100:T true :CAT:test6b_mc ####################################### :TYPE:MC:1:1:C :TITLE: Certificate Chains :QUESTION:H Which of the following would be least appropriate for establishing the amount of trust associated with a certificate chain? :ANSWER1:-100:T Use the average amount of trust between a pair of successive links. :ANSWER2:100:T Use the largest amount of trust between a pair of successive links. :ANSWER3:-100:T Use the smallest amount of trust between a pair of successive links. :ANSWER4:-100:T Use the trust in the first element in the chain. :ANSWER5:-100:T Use the trust of the last element in the chain. :CAT:test6b_mc ####################################### :TYPE:MC:N:1:C :TITLE: Revocation Lists :QUESTION:H Which of the following protocols utilizes nonces? :ANSWER1:-50:T IPSec :ANSWER2:50:T Needham-Schroeder :ANSWER3:50:T TLS :ANSWER4:-50:T X.509 :CAT:test6b_mc ####################################### :TYPE:MC:1:1:C :TITLE: Constrained Data Items :QUESTION:H Constrained data items are a part of which model? :ANSWER1:-100:T bell-lapadula :ANSWER2:-100:T biba :ANSWER3:-100:T chinese wall :ANSWER4:100:T clark-wilson :CAT:test6b_mc ####################################### :TYPE:MC:1:1:C :TITLE:Warning Sign :QUESTION:H A homeowner who puts up a 'Beware of Dog' sign is using which of the following: :ANSWER1:-100:T detection :ANSWER2:100:T prevention :ANSWER3:-100:T reaction :ANSWER4:-100:T all of the above :CAT:test6b_mc ####################################### :TYPE:MC:1:1:C :TITLE:Liveness :QUESTION:H The liveness property described in class is most similar to which of the following properties :ANSWER1:-100:T authentication :ANSWER2:100:T availability :ANSWER3:-100:T confidentiality :ANSWER4:-100:T integrity :CAT:test6b_mc ####################################### :TYPE:MC:N:1:C :TITLE: Covert Channels :QUESTION:H Non interference and non deducibility are both ways of addressing the existence of covert channels. How do they differ? :ANSWER1:100:H if a system has non interference then it has non deducibility :ANSWER2:-100:H if a system has non deducibility then it has non interference :ANSWER3:-100:H non interference prevents someone from sending on a covert channel, non deducibility prevents someone from receiving on a covert channel :ANSWER4:-100:H non deducibility prevents someone from sending on a covert channel, non interference prevents someone from receiving on a covert channel :ANSWER5:-100:H non interference describes a security policy and non deducibility describes a security mechanism :ANSWER6:-100:H non deducibility describes a security policy and non interference describes a security mechanism :CAT:test6b_mc ####################################### :TYPE:MC:N:1:C :TITLE: Public Key Crypto :QUESTION:H Public key cryptography and symmetric key cryptography can be used together, which is the most likely combination :ANSWER1:50:T public key used for interchange key :ANSWER2:-50:T public key used for session key :ANSWER3:-50:T symmetric key used for interchange key :ANSWER4:50:T symmetric key used for session :CAT:test6b_mc