Part I Q1-10 choose best one, Please provide reason of your choice in a few sentences, in your own words and/or reasons not choosing the other choices. Restating the problem in your own words does not constitute as the reason. Sometimes defining the terms may give you a clue to the reason.
1. What piece of legislation allows computer records documenting criminal activity to be used in court?
a. National Infrastructure Protection Act
b. Federal Computer Documents Rule 703(a)
c. Digital Signature Bill
d. Federal Rules of Evidence 803(6)
2. How should you NOT report computer crime?
a. telephone
b. e-mail
c. tell management in person
d. tell the IT department in person
3. What is most often overlooked when planning for information security?
a. firewalls
b. education
c. virus scans
d. electronic surveillance
4. Which of the following are the reason for the difficulties in prosecutions of computer-related crimes?
1. The area of litigation is extremely technical and difficult to understand.
2. Most of the crimes do not fall under any of the current laws
3. The laws themselves are relatively new and untested.
4. The technology is very dynamic, and the tactics of the perpetrators are constantly changing.
a. 1 and 2
b. 1, 2 and 3
c. 1, 2 and 4
d. 1, 3 and 4
5. What is authentication?
a. the act of binding an entity to a representation of identity
b. the act of ensuring that information is being sent securely
c. the act of ensuring that the receiver of information actually received it
d. the act of binding a computer system to a network
6. What is not considered the misuse of information?
a. the untimely release of secret information
b. the deletion of information from a system
c. the illegal sale of information to rival companies
d. the misrepresentation of information
7. How does a client machine find the web address associated with a particular URL?
e. It uses translation software in the interpreter.
a. It sends a message to the nearest domain name server.
b. It uses hashing to translate the address.
c. It sends a message to the URL server.
8. What does the first field of a cookie contain?
a. name of the issuing site
b. chocolate chips
c. encryption algorithm
d. public key for the site
9. Which security solution is best for protecting the information system connected to the Internet?
a. virus scanning software
b. encryption
c. biometric authentication
d. firewalls
10. A(n) __ accomplishes many of the same goals as a firewall but is more limited in scope.
a. proxy server
b. screening router
c. IDS
d. ICQ
Firewalls can block ports and programs that try to gain unauthorized access to your computer, while proxy servers basically hide your internal network from the Internet. It works as a firewall in the sense that it blocks your network from being exposed to the Internet by redirecting Web requests when necessary
Part II Q1-3
QII.1 For a public-key encryption system, list reasons,
1) in favor of
2) and against
for using the same key pair for 1) the encryption and for 2) the digital signature
QII.2 Describe "inference controls"
Give reasons why they are needed.
And give specific examples (at least 3), and
Describe how the inference controls are implemented; how they serve the purpose (effective) in a database.
QII.3 Describe the "crypto dilemma."
Suggest 3 ways to address the "crypto dilemma."
State the pros and cons of each way.