103. Regarding network data analysis, which of the following is not a data concealment tool?
a. File encryption utility software
b. Content filtering software
c. Steganographic tool
d. System cleanup tool
103. b. Some people use tools that conceal data from others. This may be done for benign purposes, such as protecting the confidentiality and integrity of data against access by unauthorized parties, or for malicious purposes, such as concealing evidence of improper activities. Content filtering software, whether network-based or host-based, is not a data concealment tool. This software is effective at stopping known Web-based malware.
Examples of data concealment tools include file encryption utility software, steganographic tools, and system cleanup tools. System cleanup tools are special-purpose software that removes data pertaining to particular applications, such as Web browsers, as well as data in general locations, such as temporary directories.
104. Which of the following is strictly based on a precedent?
a. Criminal law
b. Civil law
c. Common law
d. Administrative law
104. c. Common law is also called case law and is based on past and present court cases that become a precedent for future cases. Criminal law deals with crimes, and the government on behalf of the people brings criminal cases. A precedent may not be used. Civil laws rely primarily on statutes for the law without the use of a precedent. Administrative law is based on government’s rules and regulations to oversee business activity. A precedent may not be used.
105. What is a data diddling technique?
a. Changing data before input to a computer system
b. Changing data during input to a computer system
c. Changing data during output from a computer system
d. Changing data before input, during input, and during output
105. d. Data diddling involves changing data before or during input to computers or during output from a computer system.
106. What is a salami technique?
a. Taking small amounts of assets
b. Using a rounding-down fraction of money
c. Stealing small amounts of money from bank accounts
d. Taking assets, rounding-down of money, and stealing money
106. d. A salami technique is a theft of small amounts of assets and money from a number of sources (e.g., bank accounts, inventory accounts, and accounts payable and receivable accounts). It is also using a rounding-down fraction of money from bank accounts.
107. Trade secret elements do not include which of the following?
a. Secrecy
b. Value
c. Publicity
d. Use
107. c. Publicity is not an element of a trade secret. The basic elements of a trade secret are secrecy, value, and use. There must be a continuous effort to maintain the secret.
108. Regarding monitoring of information systems, which of the following is the most important benefit of alerting security personnel about inappropriate or unusual activities with security implications?
a. Analyzes the communications traffic patterns
b. Analyzes the communications event patterns
c. Develops profiles representing traffic/event patterns
d. Uses the traffic/event profiles to reduce the number of false positives and false negatives
108. d. After security personnel are notified about inappropriate or unusual activities, the system triggers a series of alerts. The most important benefit of these alerts is to fine-tune the system-monitoring devices to reduce the number of false positives and false negatives to an acceptable number.
109. An attacker sending specially crafted packets to a Web server is an example of which of the following computer-security incident type?
a. Denial-of-service
b. Malicious code
c. Unauthorized access
d. Inappropriate usage
109. a. A denial of service (DoS) attack prevents or impairs the authorized use of networks, systems, or applications by exhausting resources. An attacker can send specially crafted packets to a Web server.
Malicious code includes a virus, worm, Trojan horse, or other code-based malicious entity that infects a host. Unauthorized access is where a person gains logical or physical access without permission to a network, operating system, application system, data, or device. Inappropriate usage occurs when a person violates acceptable computing use policies.
