Security by Tanat Tonguthaisri email@example.com
1. Public key cryptography is used formessage encryption to prevent wiretapping. Which of the following is the key used toencrypt the message to be sent? a) Receiver’s public key b) Receiver’s private key c) Sender’s public key d) Sender’s private key
2. Which of the following is the purposeof attaching a digital signature to softwarepublished on the Internet? a) To notify that the software author is responsible for its maintenance b) To restrict the software usage to certain users c) To express that the software copyright holder is the signer of the digital signature d) To assure that the software content has not been changed or tampered with
3. Which of the following is an effectivemeasure against information leakage? a) A checksum should be appended to the data to be sent. b) Hard disks in which data is stored should be mirrored. c)Copies of data backup media should be stored at a remote site. d) Content of hard disks in notebook PCs should be encrypted.
4. Which of the following is the mostappropriate description concerning worms? a) They infect the OS system files and repetitively intrude other computers over the network. b) Unauthorized functions, such as file destruction, are activated when a certain specific date or condition is met. c) They copy and multiply themselves, and move from one computer to the next through a network. d) They infect other programs and propagate themselves independently without using a network.
5. A Web server was invaded from the outside and tampered with itscontent. Which of the following is the appropriate sequence of actions tobe taken? 1 Analyze the server, IDS (Intrusion Detection System), and firewall logs to identify the access method, the extent of the impact, and the route of entry. 2 Rebuild the system, and apply the latest patches and security setup data. 3 Disconnect the server from the network. 4 Connect the server to the network, and monitor its operation for a while. a) 1→2→3→4 b) 1→3→2→4 c) 2→3→1→4 d) 3→1→2→4
6. Which of the following can berealized by using SSL/TLS? a) Communication processing time between the client and server is reduced. b) Communication between the client and server is encrypted. c) Communication logs between the Web server and browser are recorded. d) SMTP connection from e-mail software to a Web server is enabled.
7. Which of the following is anappropriate description concerninginformation security policy? a) According to ISO/IEC 27001, corporate security policy must be approved at a general shareholders’ meeting. b) Corporate security policy must be defined for each system to be implemented. c) The company must externally disclose the vulnerability of the information system, which is a contributing factor of establishing the security policy. d) In order to achieve the target security level, it is necessary to clarify the way of thinking behind both actions to be followed and judgment.
8. In online electronic commerce, retail stores andcustomers are vulnerable to threats such asfalsification, spoofing, and repudiation during orderprocessing.Which of the following is a security technologyapplicable to prevent these three threats? a) Virus check b) Junk mail filtering c) Digital signature d) Packet filtering
9. Which of the following is anappropriate method to manage user IDsfor a company’s in-house system? a) Shared IDs are recommended rather than personal IDs in order to reduce consumption of system resources. b) IDs for retired employees should be kept until removal is requested by them. c) Registered IDs and user privileges should be regularly inspected. d) When users are transferred, new access privileges should be granted in addition to the previously vested access privileges.
10. Which of the following describes how to usea virus definition file as a countermeasureagainst computer viruses? a) It is a file that is included in antivirus software, and is used to repair files infected with viruses. b) It is a file, containing signature codes of known viruses, which is used by antivirus software to detect viruses. c) It is a file, containing program codes of known viruses, which is used to reactivate the viruses and to determine the damage. d) It is a file that is required for recovery, and is used when data files are destroyed by viruses.
11. Which of the following is the mainpurpose of a penetration test? a)To confirm the strength of the in-use encryption method b)To confirm that the outputs resulting from various inputs to the target program are identical with the outputs defined in the specifications c) To confirm the number of sessions that the firewall can process per unit time d)To confirm that there is neither a security hole nor a setup error on the firewall and public servers
12. A document was received via e-mail as an attachmentwhile at work. When the document was opened by usinga word processing program, it was abnormally terminated. When the received e-mail or attached document ispossibly contaminated with a computer virus, which of thefollowing is an appropriate action to be taken? a) Disconnecting the PC from the network, and then reinstalling the OS b) Disconnecting the PC from the network, and immediately reporting to the person in charge of the system management department c) Checking whether the problem is reproducible, if necessary, by reinstalling the word processing program d) Sending an e-mail to all employees, and alerting them to the virus infection
13. Which of the following is an appropriatedescription concerning cryptography?a) The process of turning the encrypted text back into its original plain text is called reset.b) In common key cryptography, the encrypted text and common key are transmitted together.c) In public key cryptography, the key used for encryption is different from that for recovering the plain text from the encrypted text.d) Common key cryptography is used for digital signature.
14. Which of the following can be madepossible by using a digital signature inelectronic commerce? a)Preventing an unintended third party from accessing any confidential file b)Checking that a file is not infected with a virus c) Preventing the contents of a transaction from being leaked through wiretapping d)Authenticating the trading partner and checking that the contents of a transaction are not falsified
15. Which of the following is the purposeof a DoS attack against a server? a) Takeover of server administrator’s privileges b) Blocking of services c) Falsification of data d) Stealing of data
16. Which of the following is the self-propagating program that can send itsreplication attached to an e-mail messagevia a network, such as the Internet, or copyitself onto other computers in the network? a) Cookie b) Spyware c) Trojan horse d) Worm
17. Which of the following is an appropriateexplanation of spam mail? a) E-mail that is indiscriminately sent to users without their consent b) E-mail that is distributed to all participants registered previously for a specific purpose c) E-mail that is sent or forwarded with the same content by a receiver to multiple destinations and causes the number of receivers to continue increasing d) A message exchange system that provides a message posting function using e-mail or Web page to enable information exchange with the general public
18. Which of the following is a securityincident categorized as being caused by aphysical threat?a) The server room is flooded because of heavy rain, which causes the equipment to stop.b) A large amount of data is sent from the external network to the public server, which causes the server to stop.c) An attacker intrudes into the corporate server over the network and destroys files.d) An employee makes an operational error on the computer, and data is destroyed.
19. A cookie is a small data file that a web site can transfer to abrowser to maintain records of the visit to the web site. Amongdescriptions A through C concerning such a cookie, which of thefollowing is a list of only the appropriate descriptions?A: Since the cookie always inherits the ID and passwordentered during the last visit to a Web site, it is not necessaryto enter them again when the Web site is viewed usinganother PC.B: After a Web site is viewed from a temporarily PCrented at an Internet cafe or other places, the cookie shouldbe deleted.C: When personal information is stored in the cookie,such information may be stolen using cross site scripting orsome other means. a) A, B b) A, B, C c) A, C d) B, C
20. Which of the following is an appropriate guideline for users concerning protection against computer viruses?a) When software is installed, the “read-me” file or other instructions should be read and followed prior to running a virus check.b) The autostart function should be enabled as a preventive measure against virus infection via removable disc media.c) The auto preview function should be disabled as a preventive measure against virus infection via e-mail.d) File extension names should be hidden to prevent application software from being started automatically by identifying the type of file.
21. Which of the following is anappropriate description concerning amethod used for phishing?a) If data entered in a Web page is displayed as is, a malicious script embedded in the page causes damage to users and servers.b) Computers infected with a virus are controlled from outside via a network such as the Internet.c) Computer user’s personal information, such as IP address or Web browsing history, is secretly collected and sent outside.d) E-mails, which pretend to be from an existing business or organization, are sent to lead recipients to a bogus Web site and to steal their personal information.
22. When portable computers are used forremote access to data on an office server, whichof the following is an effective security measure? a) The login screen of portable computers should be set up so that the previously entered user ID and password can be reused. b) As much of the required data as possible should be copied onto the portable computers in order to keep network use to a minimum. c) User IDs should be shared among multiple users so that unauthorized access can be detected easily. d) One-time passwords should be used to allow access to the office server from a remote location.
23. Among information security measures A through D implemented in the workplace to maintain the “confidentiality” and “integrity” of information, which of the following is a list of only the appropriate measures?A: PCs should remain unlocked to keep them ready foroperation from the start to the end of the business day.B: Documents and electronic storage media, such as CD-Rcontaining important information, should be stored in lockedcabinets except when they are used.C: Documents sent or received by facsimile should be pickedup immediately without leaving them unattended on the tray.D: Messages or information written on the whiteboard shouldbe erased immediately after use. a) A, B b) A, B, D c) B, D d) B, C, D
24. A PC was checked for computer viruses, and a certainnumber of infected files were discovered. Which of thefollowing is an appropriate course of action that should betaken by the person who found the infected files? a) Contacting the recipients to whom the files infected by an unknown virus were forwarded, after identifying the virus so that they can take corrective action b) Forwarding the infected files to the system administrator by e-mail so that the administrator can promptly take measures c) Disconnecting the infected PC immediately from the network in order to prevent other PCs from being infected d) Enabling the write protection of removable media that were used for a day-old backup in order to prevent other files from being infected
25. There exists a model of communication from A to Bbased on public key cryptography as shown below. Whichof the following is an appropriate description concerningthis model? The message sent by A is used to generate a message authentication code. This authentication code is encrypted using A’s private key to generate a bit string that is sent to B by e-mail along with the original message. B obtains A’s public key from a trusted organization, and in addition to decrypting the received bit string, B generates the message authentication code from the received message to verify that both codes are the same before the message is used. a) A can confirm that the message is delivered to B. b) A can guarantee to B that the message is not wiretapped. c) B is guaranteed to receive the message from A. d) B can confirm that the message is from A and is not falsified.
26. Which of the following is an appropriate descriptionconcerning the information security policy? a) The security policy of a company is intended to define what should be set for each security system, so its contents vary depending on the security-related product to be installed. b) The security policy of a company provides guidelines on the action and judgment to be followed and does not cover the stance and direction on security measures. c) It is desirable for top management of a company to disclose the vulnerability of the information system that forces the company to create the security policy. d) It is necessary to clarify the vision about the action and judgment to be followed to achieve the target security level.
27. Which of the following is the term that refers to the actof setting up a bogus Web page imitating a bank, a creditcard company, or other organization, and tricking a userwith an e-mail disguised as an official message from thefinancial organization or a public organization in order toguide a user to the bogus Web page and steal personalinformation such as the personal identification number andcredit card number? a) Cracking b) Buffer overflow c) Phishing d) Bot
28. Which of the following is an appropriatedescription concerning a macro virus? a) It is a new virus that is created by combing multiple viruses into one. b) It moves across computers connected via a network while replicating itself. c) It is an executable file that is sent as an attachment to an e-mail message. d) It infects data files used by word processing software or spreadsheet software.
29. Which of the following is a method thatmay cause a mail server to go down bysending a large number of unsolicited e-mails to a lot of e-mail users in a short periodof time with the aim of advertising or sellinggoods or services? a) Spam mail b) Chain mail c) E-mail bomb d) Multi-posting