Exam 2 Solution - CIS 3360 Security in Computing Second...

Info iconThis preview shows pages 1–3. Sign up to view the full content.

View Full Document Right Arrow Icon
CIS 3360 – Security in Computing Second Examination (Points: 100, Time: 75 min) March 29, 2010 Name __________________________________ PID____________________ You can use a calculator. But show your steps. Viruses 1) [5] Choose the correct answer: a) If a malicious code copies itself from computer to computer without human interaction, it is probably a (Malicious page 7) i) Virus ii) Worm iii) Spam Answer : ii) b) This type of malicious code triggers an action when a specific condition occurs (Book page 117) i) Logic bomb ii) Time bomb iii) Trojan horse Answer : i) c) This type of malicious code installs virus code in memory (Malicious page 11) i) Rootkit ii) Trojan horse iii) Injector Answer : iii) d) In this virus scanning technique, certain bytes offset from the beginning are checked for virus. (Antivirus page 29) i) Hashing ii) Bookmarks iii) Smart scanning Answer : ii) e) In this type of virus, some part of the program is overwritten to store the virus code. (Malicious page 22) i) Appending virus ii) Prepending virus iii) Cavity virus Answer : iii) 2) [5] Indicate True or False: a) A trapdoor is a feature in a program that can be used to gain unauthorized access to a system. ( True / False) (Book page 117) b) Boot viruses are rarely used these days. ( True / False) (Malicious page 16)
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
c) Entry-point obscuring viruses change code at the entry point. (True / False ) (Antivirus page 30) d) Virus scanners search for computer viruses in files stored on disk but not in memory. (True / False ) (Antivirus page 17) e) Grum botnet is a kind of kernel-mode rootkit. ( True / False) (Botnet page 6) Architecture 3) [5] Choose the correct answer: a) In the specialized CPU EFLAGS register, the following bit is set if the result of 2’s complement arithmetic is out of range: (Architecture page 27) i) Carry ii) Overflow iii) Parity Answer : ii) b) This type of RAM is usually used for cache memory: (Architecture page 37) i) Dynamic RAM ii) Static RAM iii) CMOS RAM Answer : ii) c) Intel 80x86 is an example of a: (Architecture page 11) i) Reduced Instruction Set ii) Complete Instruction Set iii) Complex Instruction Set Answer : ii) d) The instruction add 0 al (Add zero to register al) is the same as: (Antivirus page 20) i) xor 1 al ii) nop iii) Both (i) and (ii) Answer : ii) e)
Background image of page 2
Image of page 3
This is the end of the preview. Sign up to access the rest of the document.

Page1 / 9

Exam 2 Solution - CIS 3360 Security in Computing Second...

This preview shows document pages 1 - 3. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online