Professional Documents
Culture Documents
Informationsecurity(ISec)describesactivitiesthatrelatetotheprotection
ofinformationandinformationinfrastructureassetsagainsttherisksofloss,
misuse,disclosureordamage.
Informationsecuritymanagement(ISM)describescontrolsthatan
organizationneedstoimplementtoensurethatitissensiblymanagingthese
risks.
Theriskstotheseassetscanbecalculatedbyanalysisofthefollowing
issues:
Threatstoyourassets:Theseareunwantedeventsthatcouldcause
thedeliberateoraccidentalloss,damageormisuseoftheassets
Vulnerabilities:Howsusceptibleyourassetsaretoattack
Impact:Themagnitudeofthepotentiallossortheseriousnessofthe
event.
Network Security
1- A Self-Enforcing Protocol
(A) Makes it obvious to all parties involved in a
transaction when a party attempts to cheat.
(B)Uses an adjudicator to evaluate if any party to the
transaction cheated
(C)Uses a trusted third party (TTP) to mediate the
transaction between the various parties
(D) Others
2- Disadvantages in using an arbitrated computer protocol.
(A) Two sides may not agree on a neutral third party.
(B)Arbitration causes a time in communication
(C)Secrecy becomes invulnerable,
(D) Others
3- One of Goals Of secure computing is :
(A) Confidentiality
(B)Interruption
(C)Modification
(D) Others
4-One of the following is threats to security in computing:
(A)Confidentiality
(B) Interruption
(C)Integrity
(D) Others
5- Circuit-level Gateway means :
(A)Stand-alone system
(B)Specialized function performed by an Application-level
Gateway
(C)Sets up two TCP connections
(D) All
6- Fabrication:
(A) Counterfeit objects on a computing system.
12- Transient
(A) Runs when its attached program executes and
terminates when its attached program ends
(B)Locates itself in memory so that it can remain active even
after its attached program ends
By Patents we mean :
(A) Protect inventions
(B)Algorithms are facts of nature
(C)Patent process is expensive
(D) Others
(D) Others
40) Open design principle means:
(A) The security of system should not depend on
keeping the design of its mechanism secret
(B)Interfere with the work of users
(C)Security mechanisms should simple and small as
possible.
(D) Others
41) One of the general techniques for Firewall Characteristics is :
(A)Packet-filtering routers
(B)Application-level gateways
(C)Circuit-level gateways
(D) Others
42) The behavior control allows:
(A) Controls how particular services are used
(B)Controls access to a service according to which user is
attempting to access it
(C)The types of Internet services that can be accessed
(D) Others
43) Filter packets going:
(A) In both directions
(B)In One direction
(C)In Parallel direction
(D) Others
44) The main disadvantages of packet-filtering Router:
(A)Simplicity
(B)Transparency to users
(C) Lack of Authentication
(D) Others
45) We can call the application-level Gateway:
(A)Stand-alone system
(B) Proxy server
(C)The SOCKS package
(D) Others
46-The primary choice for password storage:
A- Clear text
B- Encrypted password
C- Hash value of a password
D- All of the above
Client to RADIUS.
User for RADIUS server.
Peer to RADIUS server.
None of the above
encrypted.
Hashed.
In clear text.
None of the above.
B- Virus code runs the original program but has control before
and after its execution.
C- Virus program replaces some of its target, integrating itself
into the original code of the target.
D- A & C.
56- Virus attaches itself to memory resident code.
A- Virus gains control very early in the boot process before most
detection tools are active.
B- Virus is activated many times while the machine is
running
C- Virus embeds itself in data files
D-None of the above.
D57- The DBMS maintains the integrity by:
A- Applying field checks
B- Access control
C- Change log
D- All of the above
58-Interruption affects
A- availability
Bintegrity
C- authenticity
59-Modification affects
A- availability
Bintegrity
C- authenticity
D- none of the above
60-Error detection and correction is one of the aspects of
A- availability
Bintegrity
C- authenticity
D- none of the above
61-International Standards in Information Security are developed by
A- the
A- IETF
BC- ETSI
CB- IEEE
DC- ISO/IEC
62-