Tag: security

Questions Related to security

The main reason why UDP has a larger attack surface than TCP is:
technology security

  1. It allows the spread of worms

  2. It is a connection-oriented protocol

  3. It is a “fire and forget” protocol

  4. The IP address is easily spoofed

Show answer
Correct Option: D

Which of the following is a process for assessing and documenting the weaknesses or security risks associated with an application?
technology security

  1. Control Identification

  2. Threat Modeling

  3. Control Prioritization

  4. Attack Surface Evaluation

Show answer
Correct Option: B

Which of the following is attempting to gain access to a system by using a false identity

technology security

  1. Repudiation

  2. Eavesdropping

  3. Spoofing

  4. Hijacking

Show answer
Correct Option: C
Explanation:

To solve this question, the user needs to be familiar with common cybersecurity threats.

Now, let's go through each option and explain why it is right or wrong:

A. Repudiation: This option refers to an attacker's attempt to deny that they have performed an action. It does not involve impersonating another user or using a false identity to gain access to a system.

B. Eavesdropping: This option refers to an attacker's attempt to intercept and listen to communications between two parties. It does not involve using a false identity to gain access to a system.

C. Spoofing: This option is correct. Spoofing involves an attacker using a false identity to gain access to a system. This can be accomplished through a variety of means, such as email spoofing or IP address spoofing.

D. Hijacking: This option refers to an attacker's attempt to take control of a system or communication channel. It does not necessarily involve using a false identity, although it can be a means to that end.

The Answer is: C

Which of the following is the ability of users to deny that they performed specific actions or transactions?

technology security

  1. Repudiation

  2. Eavesdropping

  3. Spoofing

  4. Hijacking

Show answer
Correct Option: A
Explanation:

To answer this question, the user needs to be familiar with the basic security concepts.

The ability of users to deny that they performed specific actions or transactions is known as repudiation. This can occur when a user denies that they have performed an action such as sending an email or making a purchase.

Therefore, the correct answer is: A. Repudiation

What is the best method for prioritizing a threat and its related countermeasures?
technology security

  1. Measuring the relative attack surface

  2. Quantifying the level of risk

  3. Enumerating the entry points and exit points

  4. Identifying the type of accessibility required

Show answer
Correct Option: B

Why should a host-based firewall not be relied upon solely to mitigate a risk?

technology security

  1. It does not block incoming traffic

  2. It does not block outgoing traffic.

  3. It can be turned off.

  4. It can’t be turned off.

Show answer
Correct Option: C

AI Explanation

To answer this question, you need to understand the limitations of a host-based firewall. Let's go through each option to understand why it is correct or incorrect:

Option A) It does not block incoming traffic - This option is incorrect because a host-based firewall can indeed block incoming traffic. It acts as a barrier between the host computer and the external network, filtering incoming packets based on predetermined rules.

Option B) It does not block outgoing traffic - This option is incorrect because a host-based firewall can also block outgoing traffic. It can be configured to monitor and control the outbound communication from the host computer.

Option C) It can be turned off - This option is correct because a host-based firewall can be disabled or turned off by the user or an attacker with sufficient privileges. If the firewall is disabled, it leaves the host computer vulnerable to potential threats and attacks.

Option D) It can’t be turned off - This option is incorrect because, as mentioned earlier, a host-based firewall can be turned off. It is a software-based firewall that runs on the host computer, and like any other software, it can be disabled or stopped.

The correct answer is C) It can be turned off. This option is correct because relying solely on a host-based firewall to mitigate a risk is not recommended since it can be bypassed or disabled, leaving the host computer vulnerable to potential threats. It is important to have additional layers of security, such as network-based firewalls, to provide a more comprehensive defense against risks.

The choice of mitigation technologies should:
technology security

  1. Follow security best practices

  2. Depend on the number of sources researched

  3. Not depend on the technology of the application

  4. Address as few threat types as possible

Show answer
Correct Option: A

A normal user assuming the identity of an administrator is what kind of attack?
technology security

  1. Elevation of privilege

  2. Denial of service

  3. Spoofing

  4. Repudiation

Show answer
Correct Option: A

One of the main characteristics of a hardened operating system (OS) is :
technology security

  1. Has a smaller attack surface than an unhardened OS

  2. Implements mandatory access control

  3. Is less secure than an unhardened OS

  4. Has more entry and exit points than an unhardened OS system

Show answer
Correct Option: A

Which of the following is used to preserve integrity in software?

technology security

  1. Encryption

  2. Hashing

  3. Recovery

  4. Redundancy

Show answer
Correct Option: B