Course Introduction
Computer Security
Final Exam Questions
Computer Security explores the principles and practices used to protect computer systems and networks from threats and vulnerabilities. The course covers key topics such as cryptography, authentication, access control, malware, software security, network security, and security policies. Students will learn to identify potential security risks, analyze attack techniques, and design effective defense mechanisms. With a mix of theoretical foundations and hands-on labs, the course prepares students to understand and apply strategies for safeguarding information in todays interconnected digital world.
Recommended Textbook
Hands On Ethical Hacking and Network Defense 2nd Edition by Michael T. Simpson
Available Study Resources on Quizplus
13 Chapters
673 Verified Questions
673 Flashcards
Source URL: https://quizplus.com/study-set/2085
Page 2
Chapter 1: Ethical Hacking Overview
Available Study Resources on Quizplus for this Chatper
50 Verified Questions
50 Flashcards
Source URL: https://quizplus.com/quiz/41510
Sample Questions
Q1) The ____ certification is designated by the Institute for Security and Open Methodologies (ISECOM), a nonprofit organization that provides security training and certification programs for security professionals.
A)CompTIA Security+
B)OSSTMM Professional Security Tester (OPST)
C)Certified Information Systems Security Professional (CISSP)
D)Certified Ethical Hacker (CEH)
Answer: B
Q2) Why is it hard for an ethical hacker to avoid breaking any laws?
Answer: Because the job of an ethical hacker is fairly new,the laws are constantly changing.Even though a company has hired you to test its network for vulnerabilities,be careful that you aren't breaking any laws for your state or country.If you're worried that one of your tests might slow down the network because of excessive bandwidth use,that concern should signal a red flag.The company might consider suing you for lost time or monies caused by this delay.
Q3) Those who break into systems to steal or destroy data are often referred to as
Answer: crackers
To view all questions and flashcards with answers, click on the resource link above.
3
Chapter 2: Tcpip Concepts Review
Available Study Resources on Quizplus for this Chatper
57 Verified Questions
57 Flashcards
Source URL: https://quizplus.com/quiz/41511
Sample Questions
Q1) ____ is an attack that relies on guessing the ISNs of TCP packets.
A)ARP spoofing
B)Session hijacking
C)DoS
D)Man-in-the-middle
Answer: B
Q2) A(n) ____ is the logical, not physical, component of a TCP connection.
A)ISN
B)socket
C)port
D)SYN
Answer: C
Q3) What is a Class B IP address?
Answer: These address are evenly divided between a two-octet network and a two-octet host address,allowing more than 65,000 host computers per Class B network address.Large organizations and Internet service providers are often assigned Class B Internet addresses.Class B addresses have the format "network.network.node.node".
Q4) The IP in TCP/IP stands for ____________________.
Answer: Internet Protocol
To view all questions and flashcards with answers, click on the resource link above. Page 4
Chapter 3: Network and Computer Attacks
Available Study Resources on Quizplus for this Chatper
50 Verified Questions
50 Flashcards
Source URL: https://quizplus.com/quiz/41512
Sample Questions
Q1) hardware keylogger
A)shell
B)W32/Sobig.F
C)Luckysploit
D)Ping of Death
E)KeyGhost
F)Melissa
G)Back Orifice
H)Slammer
I)Mytob
Answer: E
Q2) The most effective approach to protect a network from malware being introduced is to conduct structured training of all employees and management.
A)True
B)False
Answer: True
Q3) Computer crime is the fastest growing type of crime worldwide.
A)True
B)False
Answer: True
To view all questions and flashcards with answers, click on the resource link above. Page 5
Chapter 4: Footprinting and Social Engineering
Available Study Resources on Quizplus for this Chatper
51 Verified Questions
51 Flashcards
Source URL: https://quizplus.com/quiz/41513
Sample Questions
Q1) The ____________________ utility gives you information on a company's IP addresses and any other domains the company might be part of.
Q2) A(n) ____________________ is a text file generated by a Web server and stored on a user's browser.
Q3) Request could not be fulfilled by server
A)HTTP 400 Bad Request
B)HTTP 403 Forbidden
C)HTTP 404 Not Found
D)HTTP 405 Method Not Allowed
E)HTTP 408 Request Timeout
F)HTTP 500 Internal Server Error
G)HTTP 502 Bad Gateway
H)HTTP 503 Service Unavailable
I)HTTP 504 Gateway Timeout
Q4) How can computer criminals use the Whois utility for their purposes?
Q5) List the five techniques used by social engineers in their attempts to gain information from unsuspecting people.
Q6) What is "competitive intelligence"?
Q7) What type of information is usually gathered by social engineering?
6
To view all questions and flashcards with answers, click on the resource link above.
Chapter 5: Port Scanning
Available Study Resources on Quizplus for this Chatper
50 Verified Questions
50 Flashcards
Source URL: https://quizplus.com/quiz/41514
Sample Questions
Q1) When a TCP three-way handshake ends, both parties send a(n) ____ packet to end the connection.
A)SYN
B)ACK
C)FIN
D)RST
Q2) TCP scan with all the packet flags are turned off
A)Nmap
B)pcAnywhere
C)XMAS scan
D)connect scan
E)closed port
F)ACK scan
G)filtered port
H)open port
I)NULL scan
Q3) To verify if all the IP addresses of a network are being used by computers that are up and running, you can use a port scanner to ____________________ the range of IP addresses.
Q4) Why is port scanning considered legal by most security testers and hackers?
To view all questions and flashcards with answers, click on the resource link above. Page 7
Chapter 6: Enumeration
Available Study Resources on Quizplus for this Chatper
50 Verified Questions
50 Flashcards
Source URL: https://quizplus.com/quiz/41515
Sample Questions
Q1) What can be accomplished by typing "finger root" in *nix systems?
Q2) Windows 95 uses the ____ file system.
A)FAT16
B)FAT32
C)NTFS
D)ext3
Q3) replaced the Registry with Active Directory for object storage
A)Windows 98
B)Windows 95
C)Windows Server 2003
D)Fedora Linux
E)Solaris
F)Windows XP Professional
G)Novell Open Enterprise Server
H)Windows 2000 Server/Professional
I)Windows NT 3.51 Server/Workstation
Q4) List at least eight variations of UNIX.
Q5) Many password-guessing programs are available that can determine a password in a matter of seconds. One such program the Department of Defense uses is
To view all questions and flashcards with answers, click on the resource link above. Page 8
Chapter 7: Programming for Security Professionals
Available Study Resources on Quizplus for this Chatper
53 Verified Questions
53 Flashcards
Source URL: https://quizplus.com/quiz/41516
Sample Questions
Q1) What is a dangerous thing about programming in the C language?
Q2) In C, ____ show where a block of code begins and ends.
A)braces
B)parenthesis
C)brackets
D)dashes
Q3) Structures called classes can be written in many ____________________ languages (Java, Object COBOL, or Perl).
Q4) Why is documenting computer programs essential?
Q5) In HTML, each tag has a matching closing tag that's written with a(n) ____ added.
A)forward slash (/)
B)backward slash (\)
C)bang (!)
D)ampersand (&)
Q6) A ____ is a mini program within a main program that carries out a task.
A)function
B)script
C)branch
D)loop
Page 9
To view all questions and flashcards with answers, click on the resource link above.
Chapter 8: Desktop and Server Os Vulnerabilities
Available Study Resources on Quizplus for this Chatper
50 Verified Questions
50 Flashcards
Source URL: https://quizplus.com/quiz/41517
Sample Questions
Q1) For a Windows computer to be able to access a *nix resource, ____ must be enabled on both systems.
A)NetBIOS
B)SMB
C)CIFS
D)NetBEUI
Q2) Trusted Computer Solutions____ program is used to tighten Linux system security configuration by using templates.
A)OpenVAS
B)MBSA
C)SQL Server
D)Security Blanket
Q3) What is the purpose of a file system?
Q4) Samba is as an closed-source implementation of CIFS.
A)True
B)False
Q5) Why is NetBIOS still used sometimes?
Q6) SMB stands for _________________________.
Q7) What is the Common Internet File System (CIFS) protocol?
Q8) Why should you review logs regularly? How should you accomplish this task?
To view all questions and flashcards with answers, click on the resource link above. Page 10
Chapter 9: Embedded Operating Systems: The Hidden Threat
Available Study Resources on Quizplus for this Chatper
50 Verified Questions
50 Flashcards
Source URL: https://quizplus.com/quiz/41518
Sample Questions
Q1) For sensitive embedded systems that need only a fraction of the features offered by other kernels, the risk of vulnerabilities might outweigh the benefits, and a(n) ____ kernel might be most suitable.
A)micro
B)proprietary
C)monolithic
D)macro
Q2) What principle can be used to help reduce insider threats to an organization?
Q3) Which of the following could be considered the biggest security threat for an organization?
A)spyware
B)employees
C)kernels
D)routers
Q4) Restricting network access to only the ___________________________________ that need to communicate with embedded systems is one way to reduce the potential of vulnerabilities.
Q5) Explain the BIOS-level rootkit, called SubVirt, developed by Microsoft and the University of Michigan.
To view all questions and flashcards with answers, click on the resource link above. Page 11
Chapter 10: Hacking Web Servers
Available Study Resources on Quizplus for this Chatper
52 Verified Questions
52 Flashcards
Source URL: https://quizplus.com/quiz/41519
Sample Questions
Q1) foundation of most Web applications
Q2) OLE DB relies on connection strings that enable the application to access the data stored on an external device.
A)True
B)False
Q3) tool for searching Web sites for CGI scripts that can be exploited
A)WebGoat
B)HTML
C)CGI
D)Cgi Scanner v1.4
E)Apache
F)Wfetch
G)JScript
H)virtual directory
I)XSS
Q4) CFML stands for ______________________________.
Q5) What is the main difference between HTML pages and Active Server Pages (ASP)?
Q6) As a security professional, what should you do after identifying that a Web server you are testing is using PHP?
Q7) What is ColdFusion?
To view all questions and flashcards with answers, click on the resource link above. Page 12
Chapter 11: Hacking Wireless Networks
Available Study Resources on Quizplus for this Chatper
52 Verified Questions
52 Flashcards
Source URL: https://quizplus.com/quiz/41520
Sample Questions
Q1) What is PPP?
Q2) ____ is a product for conducting wardriving attacks written by Mike Kershaw. This product is free and runs on Linux, BSD, Mac OS X, and even Linux PDAs.
A)NetStumbler
B)Kismet
C)Wardriver
D)AirSnort
Q3) ____ is an enhancement to PPP.
A)EAP
B)WEP
C)WPA
D)802.1X
Q4) A(n) ______________________________ is the name used to identify the wireless local area network (WLAN), much the same way a workgroup is used on a Windows network.
Q5) ______________________________ is specified in the 802.11i standard and corrected many security vulnerabilities in 802.11b.
Q6) What is a basic service set (BSS)?
Q7) What is WEP? Is it a good way to secure wireless networks?
Page 13
To view all questions and flashcards with answers, click on the resource link above.
Chapter 12: Cryptography
Available Study Resources on Quizplus for this Chatper
58 Verified Questions
58 Flashcards
Source URL: https://quizplus.com/quiz/41521
Sample Questions
Q1) How does public key infrastructure work?
Q2) The Purple Machine code was broken by ____, a cryptanalyst for the U.S. government and known as the "Father of U.S. Cryptanalysis."
A)Arthur Scherbius
B)Bruce Schneier
C)William Frederick Friedman
D)Herbert O.Yardley
Q3) uses a single key to encrypt and decrypt data
A)asymmetric encryption
B)collision free
C)symmetric encryption
D)certificate
E)hashing
F)collision
G)stream cipher
H)message digest
I)block cipher
Q4) What is the difference between a public key and a private key?
Q5) ____________________ attacks are used to find the same hash value for two different inputs.
To view all questions and flashcards with answers, click on the resource link above. Page 14
Chapter 13: Network Protection Systems
Available Study Resources on Quizplus for this Chatper
50 Verified Questions
50 Flashcards
Source URL: https://quizplus.com/quiz/41522
Sample Questions
Q1) ____ monitor network devices so that security administrators can identify attacks in progress and stop them.
A)Firewalls
B)DMZs
C)Honeypots
D)IDSs
Q2) To see the contents of flash memory and the amount of memory used and available, a Cisco administrator would type this command: ____.
A)show running-config
B)show startup-config
C)show flash
D)show ip route
Q3) To see what information is stored in RAM, a Cisco administrator would type this command: ____.
A)show running-config
B)show startup-config
C)show flash
D)show ip route
Q4) How do you know what mode a Cisco router is in?
To view all questions and flashcards with answers, click on the resource link above. Page 15