1. Briefly define/describe what is meant by "defensive programming."
2. Which of the following is NOT a valid category of software errors?
a) Porous Defenses
b) Malware activation
c) Insecure interaction between components
d) Risky resource management
3. Identify a form of injection attack, AND briefly describe what is involved in this type of attack.
4. Which of the following is NOT a valid characteristic of cross site scripting?
a) An attack where input from one user is later output to another user
b) Commonly seen in scripted web apps
c) Can be created with JavaScript and Active X
d) Social networking websites are immune to cross site scripting
5. Identify AND briefly describe an approach for validating the input to a program.
6. Match the following with the words that best describe them Memory leak; Race condition; Fuzzing; Least Privilege;
Privilege escalation; Canonicalization; Safe code; XSS reflection;
a) A powerful testing method using a large range of randomly generated inputs ____________________
b) Where multiple processes or threads compete to gain access to resources possibly resulting in corrupted data and/or lost changes ____________________
c) Attackers exploit flaws in programs to give the attacker great authority or power ____________________
d) Where a program fails to correctly manage use and release of memory causing a steady reduction in available memory to the point where it is completely exhausted ____________________
7. Briefly define/describe the "white listing" security approach.
8. Which of the following is the best definition/description of the chroot jail Linux/Unix security control?
a) Prevents a user from switching to su/root level privilege
b) Shuts down discretionary access control mechanisms
c) Restricts a system/user view of the file system to a specified portion
d) Encrypts the password file
9. Briefly define/describe the function/purpose of a virtual machine hypervisor OR describe one of the hypervisor's security roles.
10. Which of the following is the best definition for a data archive?
a) Saving copies of all security logs and records
b) Retaining copies of data over an extended period of time
c) Automatic saving of data
d) Making copies of data at regular intervals
11. Briefly define what we mean by "system hardening" AND identify one specific step/approach you might take for hardening an operating system.
12. Identify and briefly describe one (1) of the primary rules of the BLP model.
13. Match the following with the words that best describe them:
Biba model; Clark Wilson model; Chinese Wall Model; Reference Monitors;
a) Developed for commercial applications to deal with conflicts of interest ____________________
b) Elaborate yet practical integrity model that includes rules requiring well-formed transactions and separation of duties ____________________
c) Controlling element in the hardware and operating system of a computer that regulates the access of subjects to objects ____________________
14. Which of the following is NOT one of the basic services offered by a TPM?
a) Certified patching
b) Authenticated boot
c) Encryption
d) Certification
15. Briefly describe the fundamental problem/flaw of BLP that prevents it being widely implemented or practically useful.
16. Briefly define/describe "assurance" AND identify how it is related to the "common criteria."
17. Which of the following security concepts is particularly suitable for use in a Multilevel Security (MLS) environment?
a) Poly-instantiation
b) Role-based access control (RBAC)
c) Chinese Firewall
d) Three person control
18. Briefly define a "security audit."
19. Which of the following is NOT a part of the security audit model/architecture?
a) Audit trail database
b) Alarm processor
c) Audit analyzer
d) Event discriminator
20. Which of the following is the best definition for an audit trail?
a) The database of security related events collected by an audit system
b) A chronological record of the steps that auditors go through during an evaluation of your security controls
c) The path that your log data takes as it moves through the network to the archives
d) A timeline of system activities that is sufficient to reconstruct an event like a break-in
21. Identify/list three (3) auditable events that your audit system should collect.
22. Which of the following is NOT one of the six major audit functions?
a) Audit analysis
b) Data generation
c) Event translation
d) Automatic response
23. Briefly describe the role and importance of "baselining" or "establishing a baseline" as part of a security audit program.
24. Which IP Security (IPSec) mode protects the entire IP packet?
a) Transport mode
b) AH mode
c) Tunnel mode
d) Privacy mode
25. Which of the following is NOT one of the SSL protocols?
a) Handshake
b) Change cipher spec
c) Agreement
d) Record
26. Which of the following is NOT one of security functions of S/MIME?
a) Receipt service
b) Envelope
c) Signature
d) Confidentiality/encryption
27. Name three (3) types of agents involved in DomainKeys Identified Mail (DKIM).
28. Which of the following best describes HTTPS?
a) Combination of HTTP and IPSec
b) Combination of HTTP and SSL
c) Combination of HTTP and S/MIME
d) Combination of HTTP and DKIM
29. Name the three primary components and avenues for attack of wireless system.
30. Which of the following is NOT a threat associated with wireless networks?
a) Man-in-the-middle attack
b) Malicious association
c) Denial of Service
d) Transport reflection
31. Name one acceptable form of 802.11 wireless LAN security/encryption AND name one unacceptable form.
32. Briefly describe/explain what an IEEE 802.11 BSS consists of AND how it is different than an ESS.
33. Which of the following is NOT one of the IEEE 802.11i phases of operation?
a) Key management
b) Discovery
c) Negotiation
d) Protected data transfer