Info Security Quiz 3

The nucleus / core / kernel is the part of the operating system True
that performs the lowest-level functions.
A hypervisor is the hardware that implements a virtual False, a hypervisor is
machine and can support two or more operating systems the software that
simultaneously. implements a virtual
machine and can
support two or more
operating systems
simultaneously
An operating system addresses several particular functions True
that involve computer security such as memory protection
whereby each user’s program must run in a portion of
memory protected against unauthorized accesses.
The Orange Book was developed by scientists to spur the False (Orange book had 6
development of multiuser systems that were highly resistant rankings and Common
Criteria had 7)
to unacceptable information flows and had 5 rankings. A
more flexible structure was developed namely the Common
Criteria with 4 assurance levels
A honeypot shows a safe set of resources for the attacker False (Virus companies
while the administrators monitor the attacker’s activities in absolutely put out poorly
protected systems for
real time. Virus detection companies will never put out poorly prod dev)
protected systems as part of research to check how the
system have been infected as part of their product
development.
A sandbox is an environment from which a process can have True
only limited, controlled impact on outside resources whereas
in virtualization the operating systems present a user with just
the resources that class of user should see.
An operating system can implement a controlled security False (Separation can
environment by controlling sharing through separating occur physically,
logically, temporally or
classes of subjects and objects. The separation can occur in cryptographically)
several ways such as temporal, logical and network
separation.
An audit log tracks any security relevant changes and must be False (audit log must be
protected against tampering, modification or deletion other active at all times of sys
op)
than by an authenticated security administrator. The audit
log does not have to be active throughout the system
operation in order to save processing power.
The super user is the most powerful user in Unix and is False (root is most
usually a user with login credentials. powerful user and does
not have login
credentials)
Least privilege, economy of mechanism, open design and False (design principles
complete mediation are examples of good design principles for operating systems)
for databases.
The application layer of the OSI model includes network True
processes to applications.
A replay attack or problem involves permuting the order of False
data.
Installing anti-malware and updating the operating system False – once a year is too
and applications with security updates once a year are little
recommended as basic security measures.
An organisations requires a firewall that can be set up to False – use packet filter
blocks or accepts packets solely on the basis of the IP
addresses and ports as well as examine each single packet,
but which will not see the inside of the packets. The statefull
inspection firewall is recommended.
A substitution attack is the replacement of one piece of data True
stream with another. In this attack a metallic cable is more
subject to cross talk from adjacent cables than optic fibre.
A circuit firewall joins two subnetworks. True
Wi-Fi Protected Access (WPA) is a stronger protocol suite True
than WEP because WPA uses a 64-bit encryption key.
A protocol is a language or set of conventions for how two True* - Wireless (and
computers will interact. also wired) data
communications are
implemented through an
orderly set of exchanges
called a protocol.
A SYN flood is a variation of a ping attack where the attacker False
spoofs the source address in the ping packet so that it
appears to come from the victim, and sends the request to
the network in broadcast mode. The victim is saturated with
ECHO replies from the entire network.
When an intruder taps a wire and reads radiated signals False – packet sniffing
without making physical contact with the cable, this is called requires hardware
because it works on
packet sniffing. LANs
When the structure of a database is preserved and a False – this is logical
modification to the value of one field does not affect the database integrity
other it is referred to as physical database integrity.
Anonymized data can also be revealing and lead to privacy True
concerns when data is correlated by aggregation.
One of the most common ways to implement big data False - Apache Hadoop
projects is to use a database with a SQL query.
Suppression and concealment is used to address inference in True*
aggregation and geotracking.
Big data correlation capabilities could have privacy True*
implications, which are also lucrative.
A change log contains both original and modified values. True
Big data is the process of sifting through multiple databases False, data mining
and correlating multiple data elements to find useful
information.
Field checks, access control and a change log are used to False – element integrity
achieve logical integrity in a database.
The integrity of the database elements is their correctness or True - corrective action
accuracy. Separate files are used as a method for taking can be taken in three
ways: by field checks,
corrective action to correct integrity errors. through access
control, and with change
log.
Redundancy is a way to infer or derive sensitive data from False (inference)
non-sensitive data using methods such as a sum, mean or
median.
Which of the following is not a service of an operating adware
system?
What is meant by the term “trusted computing base”? The set of all
protection
mechanisms within a
computing system
that enforce a unified
security policy.
In the network layer structure a … contains the destination packet
address, source address and data.
… is an attack that uses a flood of ping commands that are Ping of death
ordinarily used to test response time from a host.
A few SQL queries have resulted in the following information: Indirect: mean
the number of employees in a company, the mean salary of
all the employees, and the mean salary of the CEO. Given
these data, the CEO’s salary can be calculated. What kind of
attack is this?