Chapter 3

Review Questions

1. A(n) _____ is a general software security update intended to cover vulnerabilities that have been discovered.

A. service pack

B. hotfix

C. patch

D. critical update

2. Each of the following is an advantage of an automated patch update service except

A. Users can download the patch immediately when it is released

B. Bandwidth can be saved because each computer does not have to connect to an external server

C. Reports can be obtained regarding what updates each system needs

D. Users cannot circumvent updates

3. Attackers use buffer overflows to

A. point to another area in data memory that contains the attacker’s malware code

B. corrupt the kernel so the computer cannot reboot

C. place a virus into the kernel

D. erase buffer overflow signature files

4. The Windows application _____ will not allow code in the memory area to be executed.

A. Dynamic Memory Expansion Restriction (DMER)

B. Buffer Overflow Prevention (BOP)

C. Execute Bit (EXB)

D. Data Execution Prevention (DEP)

5. Each of the following is a step that most security organizations take to configure operating system protection except

A. Develop a security policy

B. Create configuration baselines

C. Create security templates

D. Deploy nX randomization

6. A cookie that was not created by the Web site that attempts to access it is called a(n)

A. first-party cookie

B. second-party cookie

C. third-party cookie

D. fourth-party cookie

7. _____ resides inside an HTML document

A. ActiveX

B. JavaScript

C. Java

D. Virtual Machine (VM)

8. A Java applet _____ is a barrier that surrounds the applet to keep it away from resources on the local computer.

A. fence

B. sandbox

C. playpen

D. Java Container Closed Object (JCCO)

9. Address Space Layout Randomization (ASLR) randomly assigns _____ to one of several possible locations in memory.

A. executable operating system code

B. xN bits


D. sockets

10. The TCP/IP protocol _____ handles outgoing mail.

A. Post Office Protocol (POP)

B. Simple Mail Transfer Protocol (SMTP)


D. Microsoft Mail Transport (MMT)

11. Instant Messaging (IM) connects two systems

A. through the IM server

B. directly without using a server

C. only in a remote chat session

D. using Internet Relay Chat (IRC)

12. With a(n) _____ network users do not search for a file but download advertised files.

A. BitTorrent

B. P2P

C. swarm


13. Another name for antivirus definition files is

A. signature files

B. virus resource entities (VRE)

C. AV patches

D. SigDef

14. The preferred location for an spam filter is

A. on the SMTP server

B. on the POP3 server

C. integrated into the network firewall

D. on the DHCP client

15. A(n) _____ is a list of pre-approved e-mail addresses that the user will accept mail from.

A. blacklist

B. client access account (CAA)

C. whitelist

D. POP3 transfer list

16. Another name for a packet filter is a(n)

A. firewall


C. SQL eliminator


17. A(n) _____ works on the principle of comparing new behavior against normal behavior.

A. Host Intrusion Detection System (HIDS)

B. packet filter

C. Internet Resource Chat (IRC)

D. personal software firewall

18. A(n) _____ is a cumulative package of all security updates plus additional features.

A. service pack

B. update

C. update rollup

D. hotfix patch

19. A(n) _____ is a method to configure a suite of configuration baseline security settings.

A. security template

B. group policy

C. snap-out

D. Active Directory Planner

20. A(n) _____ is a program that does not come from a trusted source.

A. ActiveX Controller Entity

B. signed JavaScript application

C. JavaScript applet

D. unsigned Java applet