Cybersecurity: from viruses to digital signature di Luca Libanore (luca@libanore.it), Francesco Pagano (fpagano64@alice.it)

Test

1. What is a computer virus?

2. What is a worm?

3. What is an Hacker?

4. During a denial-of-service attack, what is the objective of the attacker?

5. What is a Denial-of-Service Attacks?

6. What is a Trojan horse?

  1. If data is moved across the network as plain text, unauthorized persons can monitor and capture the data.
  2. The intruder records a network exchange between a user and a server and plays it back at a later time to impersonate the user.
  3. Sometimes breaking into a network is as simple as telephoning new employees, telling them you are from the IT department, and asking them to verify their password for your records.
  4. This term refers to malicious code running as auto-executed ActiveX control or a Java Applet uploaded from the Internet on a Web Server.
  5. This is a generic term for a malicious program that masquerades as a desirable and harmless utility.

7. What is an example of a macro virus?

  1. The intruder records a network exchange between a user and a server and plays it back at a later time to impersonate the user.
  2. Application-specific viruses could exploit the macro language of sophisticated documents and spreadsheets.
  3. This is a generic term for a malicious program that masquerades as a desirable and harmless utility.
  4. An administrator of a computing system knowingly or mistakenly uses full privileges over the operating system to obtain private data.
  5. Network-based business and financial transactions are compromised if the recipient of the transaction cannot be certain who sent the message.

8. What is an example of a denial of service?

  1. Network-based business and financial transactions are compromised if the recipient of the transaction cannot be certain who sent the message.
  2. This is a generic term for a malicious program that masquerades as a desirable and harmless utility.
  3. The intruder floods a server with requests that consume system resources and either crash the server or prevent useful work from being done. Crashing the server sometimes provides opportunities to penetrate the system.
  4. Application-specific viruses could exploit the macro language of sophisticated documents and spreadsheets.
  5. This term refers to malicious code running as auto-executed ActiveX control or a Java Applet uploaded from the Internet on a Web server.

9. What is referred to as a denial of service attack?

  1. The intruder causes network data to be modified or corrupted. Unencrypted network financial transactions are vulnerable to manipulation. Viruses can corrupt network data.
  2. The intruder floods a server with requests that consume system resources and either crash the server or prevent useful work from being done. Crashing the server sometimes provides opportunities to penetrate the system.
  3. This is a generic term for a malicious program that masquerades as a desirable and harmless utility.
  4. Sometimes breaking into a network is as simple as calling new employees, telling them you are from the IT department, and asking them to verify their password for your records.

10. What is a replay attack?

  1. An unauthorized user pretends to be a valid user. In one case, a user may assume the IP address of a trusted system and use it to gain the access rights that are granted to the impersonated device or system.
  2. The intruder records a network exchange between a user and a server and plays it back at a later time to impersonate the user.
  3. The intruder causes network data to be modified or corrupted. Unencrypted network financial transactions are vulnerable to manipulation. Viruses can corrupt network data.
  4. The intruder floods a server with requests that consume system resources and either crash the server or prevent useful work from being done. Crashing the server sometimes provides opportunities to penetrate the system.

11. What is repudiation?

  1. The intruder causes network data to be modified or corrupted. Unencrypted network financial transactions are vulnerable to manipulation. Viruses can corrupt network data.
  2. This term refers to malicious code running as an auto-executed ActiveX control or Java applet uploaded from the Internet on a Web server.
  3. Network-based business and financial transactions are compromised if the recipient of the transaction cannot be certain who sent the message.
  4. Sometimes breaking into a network is a simple as calling new employees, telling them you are from the IT department, and asking them to verify their password for your records.

12. When is IPSec used?

  1. To make the communication links secure, and to keep network data packets confidential
  2. With PGP
  3. With SMTP
  4. With POP3

13. Public key encryption depends on:

  1. Two keys, one public and one private
  2. Two keys, both public
  3. Two keys, both private
  4. One private key that is sent with the message

14. Symmetrical encryption is another name for:

  1. Kerberos 5
  2. Secret key encryption
  3. PKI
  4. IPSec

15. What is authentication?

  1. Once the user is identified, he has authentication to access a specific set of network resources based on permissions.
  2. Authentication identifies the user when the user logs on and when the user makes network connections to services.
  3. Rights and permissions granted only to files and folders.
  4. Rights and permissions granted only to computer objects and leaf objects in the tree.

16. What is authorization?

  1. Once the user has been identified, the user is authorized to access a specific set of network resources based on permissions.
  2. Authentication identifies the user when the user logs on and when the user makes network connections to services.
  3. Authorization is what provides the user with the permissions to log on from a particular computer using a particular password on any particular day.
  4. Authorization is provided only through biometrics or smart cards.

17. What is a trust?

  1. A trust is what distinguishes an administrative domain from a resource domain.
  2. A trust allows users in a resource domain to access resources in the administrative domain.
  3. A relationship built up between two people after many years of being together.
  4. A trust is a logical relationship established between domains to allow authentication in which a trusting domain honors the logon authentications of a trusted domain.

18. What is the definition of a virtual private network?

  1. A VPN connects two network segments using leased lines.
  2. A VPN connects two network segments using a dial-up connection.
  3. A VPN can only be used with services like ATM networks or AT&T Worldnet Services.
  4. A VPN is any wireless implementation.
  5. A VPN is the extension of a private network that encompasses links across shared or public networks like the Internet.

19. What is the goal of a VPN?

  1. To make remote connections to the corporate network faster
  2. To simulate a secure private LAN connection
  3. To transfer e-mail securely
  4. To lay the groundwork for voice over IP

20. Which of the following encryptions uses two keys?

  1. Symmetric Key Encryption
  2. Planar Key Encryption
  3. Public Key Encryption
  4. Sign-on Encryption

21. Firewalls primarily protect against what type of attack?

22. Describe Identification and Authentication

23. What is a firewall?

24. What is the encryption?

25. What is the Cryptography?

26. What is the Plaintext?

27. What is the Ciphertext?

28. What Is Private Key Encryption?

39. What Is Public Key Encryption?

30. What Is a Digital Signature?

   27/27   

Approfondimenti/commenti:

    Nessuna voce inserita

Inserisci approfondimento/commento

Indice percorso Edita
Edurete.org Roberto Trinchero