Created by
Students also studied
Textbook solutions
Flashcard sets
Study guides
Practice tests
Introduction to Algorithms
3rd Edition•ISBN: 9780262033848 (2 more)Charles E. Leiserson, Clifford Stein, Ronald L. Rivest, Thomas H. Cormen
Information Technology Project Management: Providing Measurable Organizational Value
5th Edition•ISBN: 9781118898208Jack T. MarchewkaTerms in this set (40)
Countermeasures that an organization can take regarding protecting domain information include:
Employing a commonly available proxy service to block the access of sensitive domain data.
Cryptography provides an invaluable service to security by providing all of the following except:
the ability to hack into systems and remain undetected.
A hash algorithm can be compromised with a collision, which occurs when two separate and different messages or inputs pass through the hashing process and generate:
the same value.
Countermeasures an organization can take to thwart footprinting of the organization's Web site include all of the following except:
adding unnecessary information to the Web site to throw attackers off the trail.
In using symmetric encryption to encrypt a given piece of information, there are two different mechanisms an algorithm can use, either:
a stream cipher or a block cipher.
An application designed without security devices is considered a(n):
insecure application.
Which of the following terms refers to using a search engine to find useful data about a targeted company?
Google hacking
Google hacking can be thwarted to a high degree by:
sanitizing information that is available publicly whenever possible.
What type of encryption uses the same key to encrypt and to decrypt information?
Symmetric encryption
TheRoot Zone Database page of the Internet Assigned Numbers Authority (IANA):
lists all top-level domains, including .com, .edu, .org, and also shows two-character country codes.
Which of the following refers to the Web application created by the Internet Archive that takes"snapshots" of a Web site at regular intervals and makes them available to anyone?
The Wayback Machine
Which of the following is NOT considered a readily available source of financial information on publicly traded U.S. companies?
The Federal Reserve Bank
Which of the following refers to a program to query Internet domain name servers?
Nslookup
Automated methods for obtaining network range information:
are faster than manual methods.
Which of the following refers to is the protocol designed to query databases to look up and identify the registrant of a domain name?
Whois
To create a digital signature, two steps take place that result in the actual signature that is sent with data. In the first step, the message or information to be sent is passed through a hashing algorithm that creates a hash to:
verify the integrity of the message.
Which of the following terms refers to the process of positively identifying a party as a user, computer, or service?
Authentication
Which of the following asymmetric algorithms is used to establish and exchange asymmetric keys over an insecure medium?
Diffie-Hellman
Which of the following statements is NOT true regarding information in a public company?
Correct Companies should attempt to keep any and all information secret.
Which password attack method tries every possible sequence of keys until the correct one is found?
Brute-force password attack
The main function or capability of certificate authorities (CAs) is to:
generate key pairs and bind a user's identity to the public key.
Message Security Protocol (MSP), Secure Shell (SSH), and Secure Hypertext Transfer Protocol (S-HTTP) are:
common cryptographic systems.
Which of the following terms refers to the ability to have definite proof that a message originated from a specific party?
Nonrepudiation
The manual method of obtaining network range information requires the attacker to visit at least one or more of the Regional Internet Registries (RIRs), which are responsible for:
management, distribution, and registration of public IP addresses within their respective assigned regions.
Which of the following terms refers to functions employed in asymmetric encryption that are easy to compute in one direction, but tough to compute in other?
Trapdoor functions
Which of the following terms refers to the ability to verify that information has not been altered and has remained in the form originally intended by the creator?
Integrity
Which of the following refers to a software program used to determine the path a data packet traverses to get to a specific IP address?
Traceroute
Which of the following is specifically designed to passively gain information about a target?
Footprinting
Which of the following is NOT considered a source from which valuable information can be gleaned about an intended target?
Company logos and trademarks
To create a digital signature, two steps take place that result in the actual signature that is sent with data. In the second step, the hash is passed through the encryption process using the sender's:
private key as the key in the encryption process
The Internet Assigned Numbers Authority (IANA) delegates Internet resources to the Regional Internet Registries (RIRs) who then:
delegate resources as needed to customers, who include Internet service providers (ISPs) and end-user organizations.
Facebook, MySpace, LinkedIn, and Twitter are referred to as:
social networking sites
Which of the following is NOT one of the Internet sources that hackers use to gather information about a company or its employees?
Internet protocol resources
Which of the following is used to bring trust, integrity, and security to electronic transactions?
Public key infrastructure
Which step(s) in the information-gathering process does footprinting cover?
Gathering information and determining the network range
A one-way hashing function is designed to be:
relatively easy to compute one way, but hard to undo or reverse.
Which of the following statements is NOT true regarding asymmetric encryption?
If the holder of the private key encrypts something with the private key, only other individuals with access to the private key can decrypt
To verify the integrity of the message when creating a digital signature, the message or information to be sent is passed through a hashing algorithm that creates a
hash
Digital certificates:
provide a form of identification on the Internet and in other areas.
Which password attack method uses long lists of words that have been predefined and can be quickly downloaded for use to break a password that is a word or a name?
Dictionary password attack
The best way to study. Sign up for free.
By signing up, you accept Quizlet's Terms of Service and Privacy Policy
