FiltersDone

Question type

Essay

Multiple Choice

Short Answer

True False

Matching

Exam 7: Infromation System Controls for Systems Reliability

Show Answer

Share

---

All types

Filters

Study FlashcardsPractice ExamLearn

Question 31

Multiple Choice

Review LaterAdd Note

Review Later

The most common input-related vulnerability is

A) Buffer overflow attack
B) Hardening
C) War dialing
D) Encryption

E) B) and D)
F) B) and C)

Correct Answer

verified

Show Answer

Question 32

Essay

Review LaterAdd Note

Review Later

Explain social engineering.

Correct Answer

verified

Social engineering attacks use deception...

View Answer

Show Answer

Question 33

Multiple Choice

Review LaterAdd Note

Encryption has a remarkably long and varied history.Spies have been using it to convey secret messages ever since there were secret messages to convey.One powerful method of encryption uses random digits.Two documents are prepared with the same random sequence of numbers.The spy is sent out with one and the spy master retains the other.The digits are used as follows.Suppose that the word to be encrypted is SPY and the random digits are 352.Then S becomes V (three letters after S) ,P becomes U (five letters after P) ,and Y becomes A (two letters after Y,restarting at A after Z) .The spy would encrypt a message and then destroy the document used to encrypt it.This is an early example of

A special purpose hardware device or software running on a general purpose computer which filters information that is allowed to enter and leave the organization's information system.

Asymmetric key encryption combined with the information provided by a certificate authority allows unique identification of

A process that takes plaintext of any length and transforms it into a short code.

Which of the following is the most effective method of protecting against social engineering attacks on a computer system?

This determines which packets are allowed entry and which are dropped..

The final layer of preventive controls.

Perimeter defense is an example of which of the following preventive controls that are necessary to provide adequate security.

This protocol specifies the procedures for dividing files and documents into packets to be sent over the Internet.

Which of the following is not a requirement of effective passwords?

Information technology managers are often in a bind when a new exploit is discovered in the wild.They can respond by updating the affected software or hardware with new code provided by the manufacturer,which runs the risk that a flaw in the update will break the system.Or they can wait until the new code has been extensively tested,but that runs the risk that they will be compromised by the exploit during the testing period.Dealing with these issues is referred to as

The process of turning off unnecessary features in the system is known as

Which of the following describes one weakness of encryption?

The process of transforming normal text into cipher text

What is a penetration test?

In 2007,a major U.S.financial institution hired a security firm to attempt to compromise its computer network.A week later,the firm reported that it had successfully entered the system without apparent detection and presented an analysis of the vulnerabilities that had been found.This is an example of a

The trust services framework identifies four essential criteria for successfully implementing each of the principles that contribute to systems reliability.Which of the following is not one of those four essential criteria?

These systems use the same key to encrypt and to decrypt.