Each of the following is a reason it is difficult to defend against today’s attackers except ……….. .
Anonymous Quiz
53%
complexity of attack tools
16%
weak patch distribution
18%
greater sophistication of attacks
14%
delays in patching software products
. In a general sense, “security” is ……………… .
Anonymous Quiz
8%
protection from only direct actions
65%
the necessary steps to protect a person or property from harm
23%
only available on hardened computers and systems
5%
using reverse attack vectors (RAV) for protection
By definition, a(n) ……… is a person or thing that has the power to carry out a threat. .
Anonymous Quiz
10%
vulnerability
18%
exploit
60%
threat agent
12%
risk
The ……….. requires that enterprises must guard protected health information and implement
policies and procedures to safeguard it.
policies and procedures to safeguard it.
Anonymous Quiz
35%
Hospital Protection and Insurance Association Agreement (HPIAA)
13%
Sarbanes-Oxley Act (Sarbox)
13%
Gramm-Leach-Bliley Act (GLBA)
39%
Health Insurance Portability and Accountability Act (HIPAA)
An organization that purchased security products from different vendors is demonstrating
which security principle?
which security principle?
Anonymous Quiz
37%
diversity
22%
limiting
23%
obscurity
18%
layering
Each of the following can be classified as an “insider” except …….. .
Anonymous Quiz
8%
business partners
17%
employees
19%
contractors
56%
cybercriminals
An example of a(n) ………….. is a software defect in an operating system that allows an
unauthorized user to gain access to a computer without a password.
unauthorized user to gain access to a computer without a password.
Anonymous Quiz
11%
threat agent
13%
threat
59%
vulnerability
17%
asset exploit (AE)
A ……………. requires a user to transport it from one computer to another.
Anonymous Quiz
25%
worm
12%
rootkit
60%
virus
4%
Trojan
❤1
IS 23 MCQ
ورد في الإختبار النصفي والدكتور اعتمد الإجابة Physical security
الله يعينكم على مزاجيات الصبري😢
😁3👍2
العنوان "الامتحان النهائي لمادة امنية معلومات للدكتور عبد الرحمن الصبري"
هذا الامتحان تمت إعادة كتابته ذكريات لنا💔🌚 وفائدة للي بعدنا 🙂
صراحة كان هذا الامتحان بالنسبة للامتحان حق السنة الاولى المعنى الحقيقي ل"قلبة خادم🫠"
اتمنى ان يتقبل الله هذا العمل لتوفيقنا في بقية الامتحانات مش ناقصين نكبات 💔😔
نبدأ بأول سؤال وأول طنانة 🤓
1♦ which of the following is not a requirment for the effectiveness and security of RSA?
🔹the encryption and decryption function should be difficult to compute.
🔹given public key, private key, cipher text, plain text should be at leasr 1024.
🔹given public key must be computationally infeasible to determine the private key.
🔹assuming large enough modulus there should be enough key pairs to prevent a brute face attacks
2♦what is the motivation of white hat attacker?
not to steal data but to test vulnerabiltity "كانت الاجابة بهذا المعنى "
3♦firewall examines each.... that are entering or leaving the internal network?
🔹data packet
4♦a threat agent is a....?
🔹person or element with power to carry out a threat
5♦what is the reason that internal security threat might cause greater danger than external security threat?
🔹they have direct access to the infrastructure devices.
🔹they have direct access to the infrastructure devise through network
🔹they can access the device without authentication.
6♦kind of firewall that connect between the device and the network connecting to the internet?
🔹hardware firewall
🔹softwarefirewall
🔹microsoft firewall
🔹intrusion detection firewall
7♦DoS attack targeting application resource typically aims to overload or crash it's network handling software.
🔹true
🔹false
8♦what is the best technique for breaking substituation cipher?
🔹statistical attack
🔹brute force attack
9♦given public key (n, e) and plaintext (x) how (y) is generated?
🔹y=x^e mod n
🔹y=e^x mod n
10♦intrusion detection based on the assumption that the behaviour of the intruder differs from that of ligitmate user in a way that can be quantified.
🔹true
🔹false
11♦malware that does not replecate itself or infected other devices through network.
🔹virus
12♦DMS is one of the firewall protection the bulk of the enterprise network.
🔹true
🔹false
13♦which if the following is malicious software that conceal itself.
🔹hacker use techniques to improve the ranking of a website so that users are redirect to malicious websites.
🔹botnets that gain information and send it back to hacker
🔹send email to employee with attatchment file appear to be an update but contain spyware.
14♦proving that user send email message
🔹repudiation
🔹non-repudation
🔹confidentiality
15♦SYN flood attack targeting TCP table on server.
🔹true
🔹false
16♦the......difines the packet filtering the firewall.
🔹access control list
🔹policies
🔹protocol
🔹port
17♦botnets can contain thousand and tens of thousand bots.
🔹true
🔹false
18♦what is the purpose if rootkit?
19♦what is the step of risk management?
20♦script or written code that take advantage of vulnerabilite called..
🔹antiviruse
🔹exploit
🔹firewall
21♦whichof the followingyou shoulddo to restrict the access to your file
🔹multi factoring authentication
22♦hide users browsing activity
🔹incognito mood
🔹firewall
🔹VPN
23♦number of process for vulnerability appraisal.
🔹3
🔹2
🔹4
🔹1
24♦the private key is kept secret by the receiver
🔹true
🔹false
25♦firewall can protect against attacks that bypass the firewall
🔹true
🔹false
هذا السؤال لوحده💔🙂
26♦identifing what needs to protect
🔹asset identification
🔹vulnerability appraisal
🔹risk assessment
27♦using VPN we can access....
🔹access sites that are blocked geographically
🔹hide our browsin activity"hide the IP address"
28♦in symmmetric key cryptography the sender and receiver use different key.
🔹true
🔹false
29♦Bob wants to send Alice an encrypted message ,whose key to use
🔹Alice's public key
30♦insure who clam to be
🔹authentication
31♦the primary goal of DoS attack.
هذا الامتحان تمت إعادة كتابته ذكريات لنا💔🌚 وفائدة للي بعدنا 🙂
صراحة كان هذا الامتحان بالنسبة للامتحان حق السنة الاولى المعنى الحقيقي ل"قلبة خادم🫠"
اتمنى ان يتقبل الله هذا العمل لتوفيقنا في بقية الامتحانات مش ناقصين نكبات 💔😔
نبدأ بأول سؤال وأول طنانة 🤓
1♦ which of the following is not a requirment for the effectiveness and security of RSA?
🔹the encryption and decryption function should be difficult to compute.
🔹given public key, private key, cipher text, plain text should be at leasr 1024.
🔹given public key must be computationally infeasible to determine the private key.
🔹assuming large enough modulus there should be enough key pairs to prevent a brute face attacks
2♦what is the motivation of white hat attacker?
not to steal data but to test vulnerabiltity "كانت الاجابة بهذا المعنى "
3♦firewall examines each.... that are entering or leaving the internal network?
🔹data packet
4♦a threat agent is a....?
🔹person or element with power to carry out a threat
5♦what is the reason that internal security threat might cause greater danger than external security threat?
🔹they have direct access to the infrastructure devices.
🔹they have direct access to the infrastructure devise through network
🔹they can access the device without authentication.
6♦kind of firewall that connect between the device and the network connecting to the internet?
🔹hardware firewall
🔹softwarefirewall
🔹microsoft firewall
🔹intrusion detection firewall
7♦DoS attack targeting application resource typically aims to overload or crash it's network handling software.
🔹true
🔹false
8♦what is the best technique for breaking substituation cipher?
🔹statistical attack
🔹brute force attack
9♦given public key (n, e) and plaintext (x) how (y) is generated?
🔹y=x^e mod n
🔹y=e^x mod n
10♦intrusion detection based on the assumption that the behaviour of the intruder differs from that of ligitmate user in a way that can be quantified.
🔹true
🔹false
11♦malware that does not replecate itself or infected other devices through network.
🔹virus
12♦DMS is one of the firewall protection the bulk of the enterprise network.
🔹true
🔹false
13♦which if the following is malicious software that conceal itself.
🔹hacker use techniques to improve the ranking of a website so that users are redirect to malicious websites.
🔹botnets that gain information and send it back to hacker
🔹send email to employee with attatchment file appear to be an update but contain spyware.
14♦proving that user send email message
🔹repudiation
🔹non-repudation
🔹confidentiality
15♦SYN flood attack targeting TCP table on server.
🔹true
🔹false
16♦the......difines the packet filtering the firewall.
🔹access control list
🔹policies
🔹protocol
🔹port
17♦botnets can contain thousand and tens of thousand bots.
🔹true
🔹false
18♦what is the purpose if rootkit?
19♦what is the step of risk management?
20♦script or written code that take advantage of vulnerabilite called..
🔹antiviruse
🔹exploit
🔹firewall
21♦whichof the followingyou shoulddo to restrict the access to your file
🔹multi factoring authentication
22♦hide users browsing activity
🔹incognito mood
🔹firewall
🔹VPN
23♦number of process for vulnerability appraisal.
🔹3
🔹2
🔹4
🔹1
24♦the private key is kept secret by the receiver
🔹true
🔹false
25♦firewall can protect against attacks that bypass the firewall
🔹true
🔹false
هذا السؤال لوحده💔🙂
26♦identifing what needs to protect
🔹asset identification
🔹vulnerability appraisal
🔹risk assessment
27♦using VPN we can access....
🔹access sites that are blocked geographically
🔹hide our browsin activity"hide the IP address"
28♦in symmmetric key cryptography the sender and receiver use different key.
🔹true
🔹false
29♦Bob wants to send Alice an encrypted message ,whose key to use
🔹Alice's public key
30♦insure who clam to be
🔹authentication
31♦the primary goal of DoS attack.
❤6👍2😢1
32♦the viruse can do the following except...
🔹replcate itself through network
33♦not an option for dealing with risk
🔹eleminate
🔹transefer
🔹accept
🔹diminish
34♦the first process of vulnerability appraisal is to determine which need to protect
🔹true
🔹false
35♦type of firewall..
🔹3
🔹2
🔹1
🔹4
36♦firewall protect which of the following attack..
🔹phishing attack
🔹shoulder surfaing
🔹DoS
🔹dumpster diving
37♦Caesar cipher is type of ...
🔹substitution ciphers
🔹transposition ciphers
38♦all the following can be logic bombs except...
🔹send spam email to employee
39♦which of the following is not true about honeybot.
🔹it may disrupt the operating system of the network or system.
🔹it produce a short report of the attack methods and value of the exploited data.
🔹it contain real data files because attacker will know if the data was fake.
🔹it is typically located in an area with limited security.
🔹replcate itself through network
33♦not an option for dealing with risk
🔹eleminate
🔹transefer
🔹accept
🔹diminish
34♦the first process of vulnerability appraisal is to determine which need to protect
🔹true
🔹false
35♦type of firewall..
🔹3
🔹2
🔹1
🔹4
36♦firewall protect which of the following attack..
🔹phishing attack
🔹shoulder surfaing
🔹DoS
🔹dumpster diving
37♦Caesar cipher is type of ...
🔹substitution ciphers
🔹transposition ciphers
38♦all the following can be logic bombs except...
🔹send spam email to employee
39♦which of the following is not true about honeybot.
🔹it may disrupt the operating system of the network or system.
🔹it produce a short report of the attack methods and value of the exploited data.
🔹it contain real data files because attacker will know if the data was fake.
🔹it is typically located in an area with limited security.
❤12👍3