Security + Chapter 1 System Security

A Trojan is a program that disguises itself as a useful application. Unlike viruses, Trojans do not replicate themselves, but they can still be destructive. Trojans are designed to perform functions without the user's knowledge, often causing harm or stealing sensitive information.

In the early versions of Java, it was possible to use the programming language to issue commands to the client system. This meant that developers had the ability to manipulate files and data files on the client system as they pleased. Therefore, the statement that early versions of Java could be used to issue commands to the client system and manipulate files and data files at will is true.

A boot sector virus is a type of virus that is placed into the first sector of the hard drive. When the computer boots up, the virus loads into memory. This type of virus is particularly dangerous as it can infect the computer's operating system and spread to other files and programs. It can also be difficult to detect and remove, as it often hides itself and uses various techniques to avoid detection.

Rootkits are a type of malicious software that can be installed and concealed on a computer. Their main objective is to compromise the system and obtain elevated privileges. Rootkits are designed to operate covertly, making it difficult for users to detect their presence. They can be used by attackers to gain unauthorized access, control the system, and perform malicious activities without the user's knowledge.

The correct answer is Common Gateway Interface. CGI is a standard protocol that allows web servers to interact with external programs or scripts. It enables dynamic content generation and facilitates communication between the web server and the program that processes user requests. CGI is commonly used to create interactive web applications and handle form submissions on websites.

The common gateway interface (CGI) is indeed a standard method used by web servers to transmit a user's request to an application program and then receive data back from the program to send it back to the user. This allows web servers to interact with dynamic web applications and generate dynamic content for users. Therefore, the statement "True" is the correct answer.

The correct answer is Secure Socket Layer. It is a commonly-used protocol for managing the security of a message transmission on the Internet. It uses a program layer located between the internet hypertext HTTP to ensure secure communication between the client and the server.

The early version of JVM allowed Java applets to redirect the browser and create connections to other hosts without the user's knowledge. This means that Java applets had the ability to manipulate the browser and establish connections to external hosts without the user's consent or awareness. This could potentially lead to security vulnerabilities and unauthorized access to user data.

The statement is false because bots, short for robots, are automated computer programs that can operate without direct user interaction. They can be controlled by outside sources, and unfortunately, some bots are designed for malicious purposes, providing a venue for activities such as spamming or spreading viruses. Therefore, the given statement inaccurately suggests that bots do not operate without user interaction or that they cannot be controlled externally, and it overlooks the potential for misuse.

Java is a compiled language, meaning that the code is first converted into bytecode, which is then executed by the Java Virtual Machine (JVM). This allows Java to have more control over the execution of commands and direct manipulation of data. On the other hand, JavaScript is a client-side interpreted language, which means that the code is executed directly by the web browser. This can lead to potential security vulnerabilities, particularly related to privacy issues. Therefore, the statement that Java can lead to the execution of arbitrary commands or direct manipulation of data, while JavaScript poses privacy-related vulnerability issues, is true.

SSL- Secure Socket Layer- Think of SecurityGuard, EyeSocket, and Cake Layer. SSL

A logic bomb is a type of malicious code that is intentionally inserted into a program or system with the purpose of causing harm at a specific time or when specific conditions are met. In this case, the hidden code inside the utility is programmed to trigger on April 4, 2010, and erase the contents of the hard drive. This demonstrates the characteristics of a logic bomb attack, as it is designed to execute a destructive action based on a specific event or condition.

A polymorphic virus is a type of virus that can change its form each time it is executed. This ability allows the virus to avoid detection by antivirus software, as it constantly presents a different appearance. Polymorphic viruses were developed specifically to evade detection and make it difficult for antivirus programs to identify and remove them.

A. Worms are self replicating and are built to take advantage of of security holes in existing application. The idea o the worm is to find internet connectivity and jump from one pc to the next.

A multipartite virus is a type of virus that combines characteristics of both boot and program viruses. It infects the boot sector of a computer's hard drive and then spreads to system files. It may also mask its file size to avoid detection. This type of virus is designed to be stealthy and difficult to remove, as it attacks multiple parts of the computer's operating system.

Session hijacking refers to the unauthorized access of information or services in a computer system by exploiting a valid computer session or session key. It involves gaining control of a user's session without their permission and using it to access sensitive data or perform unauthorized actions. This can be done by intercepting and manipulating session cookies, session IDs, or other session tokens. Session hijacking is a serious security threat that can lead to data breaches and unauthorized access to user accounts.

A. Program may have flawed code which crashes the pc and provides the intruder with the rights to intrude and function as the user and or admin.

Cookies are known as small files that maintain data between visits.

Spyware is a software program that communicates information from the user's computer. It is designed to collect data without the user's knowledge or consent and transmit it to a third party. This can include personal information, browsing habits, and other sensitive data. Spyware can slow down the computer and may also corrupt the internet explorer, but its primary purpose is to gather and transmit information.

The correct answer is Java script. Java applets are small programs written in the Java programming language that can be embedded into web pages. They are executed on the client side and require support from the client's environment. Java script is a scripting language that is commonly used in web development and can be used to interact with Java applets. Therefore, the client side environment support for Java applets is referred to as Java script.

A stealth virus is a type of virus that utilizes techniques to avoid detection. It is able to temporarily remove itself from an infected file or mask the file's size. This allows the virus to go undetected by antivirus software or other security measures. By hiding within the infected file, the stealth virus can continue to spread and carry out its malicious activities without being detected.

Laptop BIOS passwords are typically stored in the firmware, which is a type of software that is permanently stored in hardware. This is different from regular passwords that are typically stored in the operating system or other software applications. The firmware is responsible for initializing the hardware components of the laptop and it is where the BIOS password is stored. This makes the BIOS password more difficult to bypass or reset, as it is stored at a lower level than regular passwords. Therefore, the statement "Passwords of laptops are a bit different and are usually part of firmware" is true.

A macro virus is a type of virus that is inserted into a Microsoft Office document and emailed to unsuspecting users. This type of virus takes advantage of the macros feature in Microsoft Office applications, which allows users to automate tasks. When the infected document is opened, the macro virus is activated and can spread to other documents or cause harm to the user's computer. This technique of spreading through email attachments makes it easier for the virus to reach a large number of users and increase its chances of infecting more systems.

Buffer overflow causes disruption of service and lost data. This condition occurs when the data presented to an application or service exceeds the storage space.

Java applications are capable of installing and running on multiple platforms because Java is a recompiled language. A Java based mini-program that can be embedded in web pages and run on the client-side is called an applet. Applets are small applications that are written in Java and can be executed within a web browser. They provide interactive and dynamic content on websites, making them a suitable choice for creating interactive web pages.

A logic bomb is a type of malicious software (virus or Trojan horse) that is programmed to execute a harmful action when a specific event or a certain period of time passes. It is designed to remain dormant until triggered, at which point it can cause damage to a computer system or network. This explanation aligns with the given correct answer.

CGI scripts may leak information about the server, such as sensitive server configurations or database credentials. This can be exploited by attackers to gain unauthorized access to the server or to gather information for further attacks. Additionally, CGI scripts used to process user input data may be vulnerable to command injection attacks, where an attacker can execute arbitrary commands on the server by manipulating the input data. This can lead to unauthorized access, data theft, or disruption of server operations.

A buffer overflow can result in overwriting of data or memory settings, which means that the excess data can overwrite important information stored in the memory, leading to unpredictable behavior or system crashes. It can also cause a denial of service by overwhelming the input buffer's capacity to handle additional data, causing the system to become unresponsive. Additionally, a buffer overflow can allow the originator to execute arbitrary code, often at a privileged level, which can lead to unauthorized access or control of the system.

A vulnerability in the Bios can allow local users to cause the system not to boot or result in a Denial of Service (DoS) attack. This means that the local users can exploit the vulnerability to prevent the system from starting up properly or cause it to become unresponsive, effectively denying access to legitimate users. This can be a serious security concern as it can disrupt normal operations and potentially lead to data loss or system downtime.