A software designer has realized that a soon-to-be released version of a popular game contains a flaw that will make it especially vulnerable to hacking. The way best to protect against the exploitation of this flaw will involve: A. setting up a firewall B. issuing a patch C. update antivirus software D. change the graphic user interface E. guarding against spoofing  A particular business has found its servers with firewalls subject to frequent port 80 attacks. To learn more about these attacks, the business decided to: A. set up a honeypot B. update its antivirus software C. remove its firewall D. harden all systems that face the Internet E. engage in pharming Having decided to shut down access to the servers of a large multinational business, hackers have: A. engaged in spamming B. thwarted the business' firewalls C. launched a distributed denial of service attack D. defeated the biometric information safeguards E. begun a sophisticated program of phishing A type of encryption protocol is called Special Spoofing Layering (SSL).  True False A cybersecurity specialist, hired to test the security of a client's servers, starts by looking at the long identification strings associated with each server. So, the specialiast is looking at: A. firewalls B. antivirus systems C. certificates D. remote access protocols E. port 80 access Virtual private networks are to computers as inbound proxy servers are to A. smartphones B. firewalls C. antivirus systems D. remote access protocols E. USB drives Being able to inspect information packets in a stream of network traffic is to a firewall as a triggering mechanism that detects changes in the environment is to: A. an antivirus system B. secure socket layering C. a Demilitarized Zone D. patches E. tripwire  Cryptographic algorithms rely upon confusion and diffusion. True False Time sharing is cloud computing as ARPANET is to A. a Demilitarized Zone B. Identity management systems C. the Internet D. Intrusion protection systems E. web access firewalls  An Intrusion prevention system compares virus signatures with what viruses would look like as they traveled across the network. True False In chapter 2 of the Cyber Security Policy Handbook text, the authors quote Hubbard: "Ineffective risk management methods that somehow manage to become standard spread vulnerability to everything they touch." Explain what that quote means. Given an example to support your answer. Maximum number of   characters (including HTML tags added by text editor): 32,000 At the time of the publication of the article, Brooks says that there are four types of malevolent software programs, which include: A. directed denial of service attacks B. logic bombs C. spoofing D. spamming E. firewall sabotaging Under a theory of recovery in tort for product liability, potential plaintiffs who used software defectiv ...

1. A software designer has realized that a soon-to-be released
version of a popular game contains a flaw that will make it
especially vulnerable to hacking. The way best to protect
against the exploitation of this flaw will involve:
A. setting up a firewall
B. issuing a patch
C. update antivirus software
D. change the graphic user interface
E. guarding against spoofing
A particular business has found its servers with firewalls
subject to frequent port 80 attacks. To learn more about these
attacks, the business decided to:
A. set up a honeypot
B. update its antivirus software

2. C. remove its firewall
D. harden all systems that face the Internet
E. engage in pharming
Having decided to shut down access to the servers of a large
multinational business, hackers have:
A. engaged in spamming
B. thwarted the business' firewalls
C. launched a distributed denial of service attack
D. defeated the biometric information safeguards
E. begun a sophisticated program of phishing
A type of encryption protocol is called Special Spoofing
Layering (SSL).

3. True
False
A cybersecurity specialist, hired to test the security of a client's
servers, starts by looking at the long identification strings
associated with each server. So, the specialiast is looking at:
A. firewalls
B. antivirus systems
C. certificates
D. remote access protocols
E. port 80 access
Virtual private networks are to computers as inbound proxy
servers are to

4. A. smartphones
B. firewalls
C. antivirus systems
D. remote access protocols
E. USB drives
Being able to inspect information packets in a stream of
network traffic is to a firewall as a triggering mechanism that
detects changes in the environment is to:
A. an antivirus system
B. secure socket layering
C. a Demilitarized Zone
D. patches
E. tripwire
Cryptographic algorithms rely upon confusion and diffusion.

5. True
False
Time sharing is cloud computing as ARPANET is to
A. a Demilitarized Zone
B. Identity management systems
C. the Internet
D. Intrusion protection systems
E. web access firewalls
An Intrusion prevention system compares virus signatures with
what viruses would look like as they traveled across the
network.

6. True
False
In chapter 2 of the Cyber Security Policy Handbook text, the
authors quote Hubbard: "Ineffective risk management methods
that somehow manage to become standard spread vulnerability
to everything they touch." Explain what that quote means.
Given an example to support your answer.
Maximum number of characters (including HTML tags added
by text editor): 32,000
At the time of the publication of the article, Brooks says that
there are four types of malevolent software programs, which
include:
A. directed denial of service attacks
B. logic bombs
C. spoofing
D. spamming

7. E. firewall sabotaging
Under a theory of recovery in tort for product liability, potential
plaintiffs who used software defectively infected by a virus
would include:
A. the purchaser
B. the software company
C. the ISPs
D. data repositories
E. bulletin board system operators
When a court would assess a plaintiff's claim for negligence
against a software programmer, it likely would find that the
standard of care would be that which a reasonable or prudent
software programmer would do under the circumstances.
True

8. False
Which one of the following could a tortfeasor expect to avoid
having to face liability for committing, where the tortfeasor
intentionally released a worm onto the Internet?
A. negligence
B. trespass to chattels
C. conversion
D. nuisance
E. interference with contract relations.
A trojan horse could release a virus.
True
False
An action in intentional tort could arise from a failure to

9. exercise reasonable care to warn a user of a virus contained in
software.
True
False
Given the foreseeability of injury to all who had personal
information stored in a database, data possessors most often
will have a duty to exercise reasonable care to protect data from
intruders.
True
False
The party in the best position to win an action in common law
negligence against a database possessor, according to Johnson,
will be:
A. the Internet Service Provider

10. B. State law enforcement, such as a state police organization
C. a business customer
D. a non-profit organization
E. Federal law enforcement, such as the F.B.I.
According to Johnson, the best source of guidance that data
possessors can get about meeting a duty of care should come
from:
A. other data possessors
B. plaintiffs
C. international law
D. insurers
E. those convicted of crimes involving databases
An argument against imposing a burden against unauthorized
access to a database would involve:

11. A. the impact of breach of duty of care upon the community
B. the kinds of losses that a database possessor might have to
bear
C. the difficulty of creating an industry-wide standard
D. the availability of insurance
E. how the risk of loss would deter a database possessor
from ignoring the dangers that could arise for negligently
protecting the data in the defendant's possession.
Given the list of federal crimes at
http://www.law.cornell.edu/wex/computer_and_internet_fraud,
the most common crime associated with these is:
A. destruction of property
B. disorderly conduct
C. fraud
D. vandalism

12. E. electronic robbery
One definition of a Zero-Day vulnerability is that the software
is obviously flawed from the moment it is released to the
general public for use.
True
False
Most likely, a cybercrime will be against a:
A. non-profit organization
B. non-profit organization's property
C. government agency
D. person's property
E. law enforcement agency

13. Although stolen data might not be considered tangible property,
in the way that a laptop is tangible, if a court did consider the
stolen data to be tangible, then an offense that a thief could then
face would be:
A. assault
B. vandalism
C. possession of stolen property
D. destruction of stolen property
E. computer sabotage
Identify who is not typically part of a financial transaction
involving the use of a credit card to purchase an item.
A. purchaser
B. credit card company
C. merchant
D. thief

14. E. credit card company's bank
Another criminal enterprise includes infecting computers, via a
virus, so as to create a collection of compromised personal
computers. The criminal has created a:
A. server farm
B. botnet
C. an online crime ecosystem
D. a network listening service
E. nothing; this cannot happen
A traditional view towards cybercrime might mean overlooking
what kind of cybersecurity problem
A. an insider threat
B. the vulnerability of business websites

15. C. computer networks that thieves use to attack a website
D. electronic fraud
E. "logic bombs"
Identify at least five of the elements of the cyber underground
economy. Then, make the case for why one of those five plays
the greatest role in maintaining the cyber underground
economy.
Maximum number of characters (including HTML tags added
by text editor): 32,000
Make a persuasive case that a virus would cause more harm to a
networked computer or make a persuasive case that a worm
would cause more harm to a networked computer.