Security Roundtable Quiz-3

Reviewed by Editorial Team

The ProProfs editorial team is comprised of experienced subject matter experts. They've collectively created over 10,000 quizzes and lessons, serving over 100 million users. Our team includes in-house content moderators and subject matter experts, as well as a global network of rigorously trained contributors. All adhere to our comprehensive editorial guidelines, ensuring the delivery of high-quality content.

Learn about Our Editorial Process

| By Advaiya

Advaiya

Community Contributor

Quizzes Created: 1 | Total Attempts: 436

| Attempts: 436

Questions

Feedback

During the Quiz End of Quiz

Difficulty

Easy First Hard First Sequential

Share on Facebook Share on Twitter Share on Whatsapp Share on Pinterest Share on Email Copy to Clipboard Embed on your website

1/11 Questions

Granting of access privileges to certain files is:
- Authentication
- Identification
- Authorization
- Accountability

About This Quiz

Security Roundtable Quiz-3 covers topics like internal intruders, attack methods, virus characteristics, system access controls, and biometric systems.

2.

Audit logs should record all of the following EXCEPT:
- Successful access attempts
- System performance measurements
- Failed access attempts
- Changes to user permissions
Correct Answer

A. System performance measurements

Explanation

Answer b:
The audit data will reveal that a specific user accessed the file,
the time of access, and the type of access.

Rate this question:
3.

Requiring approval before granting system access would be:
- A physical control
- A logical control
- A compensating control
- An administrative control
Correct Answer

A. An administrative control

Explanation

Answer d:
Administrative controls consist of management activities such
as organizational policies and procedures.

Rate this question:
4.

Audit logs should be protected for all of the reasons EXCEPT:
- Modification may impede an investigation
- An attacker may try to alter them.
- They may contain confidential information.
- Standard format is critical for automated processing.
Correct Answer

A. Standard format is critical for automated processing.

Explanation

Answer d:
The audit trail data should be protected at the most sensitive system level.

Rate this question:
5.

How might an attacker with little systems experience gain privileged systems access?
- Dictionary attack
- Brute-force attack
- Birthday attack
- Shoulder-surfing attack
Correct Answer

A. Shoulder-surfing attack

Explanation

Answer d: Shoulder-surfing
, the process of direct visual observation of monitor
displays to obtain access to sensitive information.

Rate this question:
6.

What is a security benefit related to thin-client architecture?
- Reduced total cost of ownership of desktops
- Standardized access control
- Easier training for users
- Wider availability of applications
Correct Answer

A. Standardized access control

Explanation

Answer b:
Access controls can be centrally located on the server.

Rate this question:
7.

Which of the following is NOT a characteristic of a virus?
- Its primary effect is to consume system resources.
- It may or may not carry a malicious payload.
- It spreads through user action.
- It attaches itself to executable code.
Correct Answer

A. Its primary effect is to consume system resources.

Explanation

Answer a:
Worms usually do not cause damage to data; instead, the worm
absorbs the network’s resources causing the damage.

Rate this question:
8.

Important elements in choosing a biometric system include all of the following EXCEPT:
- User acceptance
- Accuracy
- Productivity
- Processing speed
Correct Answer

A. Productivity

Explanation

Answer c:
Important elements of biometric devices are accuracy, processing
speed, and user acceptability.

Rate this question:
9.

Internal intruders are NOT usually defined as:
- Authorized users exceeding their authority
- Persons who have defeated the physical access controls of a facility
- Employees gaining access to controlled areas
- Users who access unintended areas of the network
Correct Answer

A. Persons who have defeated the physical access controls of a facility

Explanation

Answer b:
Authorized users trying to gain access to data or resources
beyond their need-to-know or access limitations. Authorized users trying
to gain unauthorized physical access to network connections, server
equipment, etc.

Rate this question:
10.

What is the best method of reducing a brute-force denial-of-service attack against a password file?
- Setting a higher clipping level
- Locking out a user for a set time period
- Establishing a lockout that requires administrator intervention
- Using a stronger cryptographic algorithm
Correct Answer

A. Locking out a user for a set time period

Explanation

Answer b:
Denial-of-service attack, whereby the perpetrator is able to lock out many users by discovering their user identifications and entering a specified number of invalid passwords, is minimized.
Note that answer A could also be correct but is not the best answer from a security perspective.

Rate this question:
11.

Which of the following is NOT a common attack performed against smart cards?
- Etching
- Microprobing
- Fault generation
- Eavesdropping
Correct Answer

A. Etching

Explanation

Answer a:
There are several weaknesses and types of attacks against smart cards, including answers b, c, and d.

Rate this question:

Quiz Review Timeline (Updated): Mar 21, 2023 +

Our quizzes are rigorously reviewed, monitored and continuously updated by our expert board to maintain accuracy, relevance, and timeliness.

Current Version
Mar 21, 2023

Quiz Edited by
ProProfs Editorial Team
Jul 12, 2009

Quiz Created by
Advaiya

Security Roundtable Quiz-3

Granting of access privileges to certain files is:

Quiz Preview

Audit logs should record all of the following EXCEPT:

Requiring approval before granting system access would be:

Audit logs should be protected for all of the reasons EXCEPT:

How might an attacker with little systems experience gain privileged systems access?

What is a security benefit related to thin-client architecture?

Which of the following is NOT a characteristic of a virus?

Important elements in choosing a biometric system include all of the following EXCEPT:

Internal intruders are NOT usually defined as:

What is the best method of reducing a brute-force denial-of-service attack against a password file?

Which of the following is NOT a common attack performed against smart cards?