Cybersecurity Quiz chapter 1

FruitfulJadeite2991 avatar
FruitfulJadeite2991
·

Start Quiz

Study Flashcards

64 Questions

Which security requirement focuses on ensuring that data is not disclosed to unauthorized parties?

What is the main purpose of the OSI Security Architecture?

Which type of attack involves an unauthorized individual eavesdropping on network communications?

What are attack surfaces and attack trees used for?

Which of the following best describes asymmetric encryption?

What is the main purpose of data integrity algorithms?

What do authentication protocols aim to do?

What does computer security aim to achieve?

Which of the following is NOT one of the three security objectives listed in the NIST standard FIPS 199?

What does a loss of availability refer to?

Which of the following is NOT mentioned as an additional concept that some in the security field feel is needed to present a complete picture of security objectives?

What is the purpose of accountability in computer security?

Which of the following is true about security mechanisms?

What should be considered when developing a security mechanism or algorithm?

Why are security mechanisms often counterintuitive?

What is the advantage that attackers have in computer and network security?

Which of the following is an example of a severe or catastrophic adverse effect according to the security policy document?

Which of the following is an example of an asset with a high requirement for integrity?

Which of the following is an example of an asset with a low availability requirement?

Which of the following is an example of an asset with a moderate level of integrity requirement?

Which form of masquerade attack involves capturing and replaying authentication sequences to obtain unauthorized privileges?

What is the purpose of the denial of service attack?

Which type of attack involves altering legitimate messages or delaying/reordering messages?

What is the main objective of a masquerade attack?

Which type of attack involves the passive capture of a data unit and its subsequent retransmission to produce an unauthorized effect?

What can an authorized entity with few privileges obtain through a masquerade attack?

Which of the following best describes a security attack?

What is the main objective of a passive attack?

Which of the following is an example of a passive attack?

What is the main purpose of encryption in preventing passive attacks?

Which of the following best describes a security attack?

What is the difference between a passive attack and an active attack?

What is the goal of a passive attack?

What is a masquerade attack?

True or false: Asymmetric encryption is used to protect blocks of data from alteration.

True or false: Data integrity algorithms are used to conceal small blocks of data.

True or false: Authentication protocols are schemes based on the use of cryptographic algorithms.

True or false: Computer security aims to preserve the confidentiality, availability, and integrity of information system resources.

True or false: Cryptographic algorithms and protocols are mainly used for network and internet security.

True or false: Symmetric encryption is used to conceal the contents of blocks or streams of data of any size.

True or false: The X.800 security architecture is used for OSI.

True or false: Attack surfaces and attack trees are used to identify and analyze potential security threats.

True or false: A severe or catastrophic adverse effect can result in major financial loss.

True or false: Student grade information is an asset with a low confidentiality rating.

True or false: Inaccurate information about a patient's allergy can result in serious harm or death.

True or false: An online telephone directory lookup application typically has a high availability requirement.

Passive attacks involve altering system resources or affecting their operation.

Active attacks attempt to learn or make use of information from the system without affecting system resources.

Passive attacks include eavesdropping on or monitoring transmissions.

Active attacks involve the release of message contents and traffic analysis.

True or false: Availability ensures that systems work promptly and service is not denied to authorized users.

True or false: Confidentiality refers to preserving authorized restrictions on information access and disclosure.

True or false: Integrity involves guarding against improper information modification or destruction.

True or false: Authenticity means verifying that users are who they say they are and that each input arrived from a trusted source.

True or false: The OSI security architecture provides a systematic approach for defining security requirements and characterizing security approaches.

True or false: Successful attacks on security mechanisms often exploit unexpected weaknesses that result from looking at the problem in a different way.

True or false: Security mechanisms typically involve only a particular algorithm or protocol and do not require participants to possess any secret information.

True or false: In computer and network security, the attacker only needs to find a single weakness, while the designer must find and eliminate all weaknesses to achieve perfect security.

True or false: A masquerade attack involves capturing and replaying authentication sequences to obtain unauthorized privileges.

True or false: Modification of messages in a masquerade attack means altering a legitimate message to produce an unauthorized effect.

True or false: Denial of service attack prevents or inhibits the normal use or management of communications facilities.

True or false: A masquerade attack involves delaying or reordering messages to produce an unauthorized effect.

True or false: A masquerade attack involves suppressing all messages directed to a particular destination.

True or false: A passive attack involves the passive capture of a data unit and its subsequent retransmission to produce an unauthorized effect.

Description

Test your knowledge of cybersecurity with this quiz on security attacks, mechanisms, and services. Learn about the different types of attacks that can compromise information, the processes and devices designed to prevent or recover from attacks, and the communication services that enhance the security of data processing systems. Put your cybersecurity expertise to the test!

Make Your Own Quiz

Transform your notes into a shareable quiz, with AI.

Get started for free

More Quizzes Like This

Use Quizgecko on...
Browser
Browser