A(n) temporal key is a symmetric key used for limited-use temporary communications by a hybrid encryption system.
False
A firewall uses its ____ to decide whether or not to allow packets into the network.
...
Secure Sockets Layer (SSL) was developed to provide security for online electronic commerce transactions.
True
A ____ is an example of the "something you are" authentication mechanism.
fingerprint
A ____ intrusion detection and prevention system is also known as a behavior-based intrusion detection system.
statistical anomaly-based
The ____ authentication mechanism is considered to be biometric.
something you are
Port number ____ is commonly used for the Hypertext Transfer Protocol service.
80
Biometric technologies are generally evaluated according to three basic criteria: False Reject Rate, False Accept Rate and Authentication Error Rate.
False
A dual-homed host firewall is able to translate between the protocols of two different data link layers.
True
A(n) ____________________ is a private word or combination of characters known only by the user.
password
A ____ is NOT an example of the "something you have" authentication mechanism.
password
The ____ is a criteria used to compare and evaluate biometric technologies.
false reject rate
Footprinting is the organized research of the Internet addresses owned or controlled by a target organization, using public Internet data.
True
A firewall should never be directly accessible from ____.
the public network
Port number ____ is commonly used for the Simple Mail Transfer Protocol service.
25
Access control encompasses four processes beginning with ____________________, checking a client requesting access.
idenification
Voice recognition authentication mechanism captures the ____________________ waveforms of human speech.
analog
A popular extension to the TCP/IP protocol suite is Secure Shell (SSH), which provides security for remote access connections over public networks by creating a secure and persistent connection.
True
Any firewall device must have its own set of configuration rules that controls its actions.
True
A ____ is a network channel connection point in a data communications system.
port
In cryptology, an original message is in a ____ form.
plaintext
Knowledge-based intrusion detection and prevention systems examine data traffic for signatures which may comprise preconfigured, predetermined attack patterns.
True
A system that is secret is safe.
False
A(n) ____________________ token uses a challenge-response system in which the server challenges the user with a number, that when entered into the token provides a response that provides access.
asynchronous
The Internet is an example of a trusted network.
False
____ are scanning and analysis tools that are capable of scanning networks for very detailed information.
Vulnerability scanners
An attacker can use a(n) ____________________ device to locate the connection points on dial-up lines.
war-dialer
Something you are" and "something you ____________________" are considered to be biometric.
produce
An intrusion detection and prevention device denies access to a system by default.
False
____ architecture makes use of a demilitarized zone between the trusted and untrusted network.
Screened-Subnet firewall system
A ____ is an example of the "something you know" authentication mechanism.
password
The Data Encryption Standard (DES) is a popular symmetric encryption system and uses a 64-bit block size and a(n) 64-bit key.
False
A best practice in the configuration of a firewall is all traffic from the trusted network is ____________________.
allowed out
Which of the following biometric authentication system is considered to be the most secure?
Retina pattern recognition
Bastion host is also referred to as a(n) ____________________ host.
sacrificial
Although literally hundreds of variations exist, four architectural implementations of firewalls are especially common: packet filtering routers, screened-host firewalls, dual-homed host firewalls, and screened-subnet firewalls.
True
The ____ is a Kerberos interacting service that exchanges information with the client and server by using secret keys.
Key Distribution Center
Public key encryption is also known as asymmetric encryption.
True
Cryptology is the process of deciphering the original message also known as plaintext from an encrypted message.
False
Digital key infrastructure is the entire set of hardware, software, and cryptosystems necessary to implement asymmetric key encryption in online commerce.
False
It is advisable to deny all ICMP data in order to limit the number of attacks to a network as the protocol is a common method for hacker reconnaissance and can be used for snooping.
True
A dumb card is a category that includes ID and ATM cards with magnetic strips containing the digital PIN against which a user's input is compared.
True
A(n) password protection mechanism is a plain-language phrase, from which a virtual password is derived.
False
A ____ commonly combines a separate dedicated firewall such as an application proxy server with a packet filtering router.
screened-host firewall
In the case of the man-in the-middle attack, an attacker pretends to be the second party in a conversation and routes traffic to the actual second party.
True
Scanning and analysis tools ensure confidentiality by concealing private information from unauthorized parties.
False
Kerberos' ____ is an interacting application that validates clients and servers.
Authentication Server
Encryption uses algorithms to manipulate plaintext into ciphertext before transmission.
True
Which of the following biometric authentication systems is considered to be the least secure?
Signature recognition
In cryptology, an encrypted message is in a ____ form.
cryptext