IS 305 Midterm Exam | Complete Solutions (Verified)
12 views 0 purchase
Course
IS 305
Institution
IS 305
IS 305 Midterm Exam | Complete Solutions (Verified) The Domain Name Service is what translates human-readable domain names into IP addresses that computers and routers understand. True The type of hacking that involves breaking into telephone systems is called sneaking. False The technique for br...
The Domain Name Service is what translates human-readable domain names into IP
addresses that computers and routers understand.
True
The type of hacking that involves breaking into telephone systems is called sneaking.
False
The technique for breaching a system's security by exploiting human nature rather than
technology is war-driving.
False
Malware is a generic term for software that has a malicious purpose.
True
Software that lays dormant until some specific condition is met is a Trojan horse.
False
Someone who breaks into a system legally to assess security deficiencies is a sneaker.
True
Auditing is the process to determine if a user's credentials are authorized to access a
network resource.
False
Confidentiality, integrity, and availability are three pillars of the CIA triangle.
True
The Health Insurance Portability and Accountability Act of 1996 requires government
agencies to identify sensitive systems, conduct computer security training, and develop
computer security plans.
False
The SANS Institute website is a vast repository of security-related documentation.
True
In which type of hacking does the user block access from legitimate users without
actually accessing the attacked system?
Denial of Service
Your company is instituting a new security awareness program. You are responsible for
educating end users on a variety of threats, including social engineering. Which of the
following best defines social engineering?
,Using people skills to obtain proprietary information
Which type of hacking occurs when the attacker monitors an authenticated session
between the client and the server and takes over that session?
Session hijacking
Someone who finds a flaw in a system and reports that flaw to the vendor of the system
is a __________.
White hat hacker
Someone who gains access to a system and causes harm is a __________?
Black hat hacker
A black hat hacker is also called a ___________
Cracker
Someone who calls himself a hacker but lacks the expertise is a ________.
Script kiddy
Someone who legally breaks into a system to assess security deficiencies is a
________.
Penetration tester
A(n) ______ is a basic security device that filters traffic and is a barrier between a
network and the outside world or between a system and other systems.
Firewall
A(n) hides the internal network's IP address and presents a single IP address to the
outside world.
Proxy server
Which one of these is NOT one the three pillars of security in the CIA triangle?
Authentication
Which of these is the process to determine if the credentials given by a user or another
system are authorized to access the network resource in question?
Authentication
Which of these is a repository of security-related documentation and also sponsors a
number of security research projects?
SANS Institute
Which of these was the first computer incident-response team?
Computer Emergency Response Team
Which of these is a repository for detailed information on virus outbreaks?
, F-Secure
The notation used to perform variable-length subnet masking for IP addresses is CIDR.
True
The name you type into a browser's address bar, such as www.microsoft.com, is known
as the IP locator.
False
The IP command-line command to determine your computer's IP address, subnet mask,
and default gateway is ping.
False
The IP command-line command to determine the number of hops it takes to get from
your computer to its destination is ping.
False
No protocols operate at the physical layer of the OSI model.
True
The session layer of the OSI model provides the mechanism to manage the dialogue
between end-user application processes.
True
The TCP protocol works at the network layer of the OSI model.
False
MAC addresses are unique addresses for each NIC.
True
The first four bytes of the MAC address identify the vendor.
False
A host is a machine with data on it, to which you can connect.
True
Unshielded twisted-pair cable capable with a specification of 100 MHz/100 Mbps is also
called Category ________.
5
Which device can connect many computers and sends packets out every port?
Hub
Which device is used to boost a signal?
Repeater
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller Bri254. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $18.49. You're not tied to anything after your purchase.
