a. 1 and 2

b. 2 and 3

c. 3 and 4

d. 1 and 4

147. c. Hidden code attacks are based on data and information. Using layered protections and disabling active-content code (for example, ActiveX and JavaScript) from the Web browser are effective controls against such attacks. War dialing software is good at detecting trapdoors (backdoor modems) and not good against trapdoor attacks. Firewalls are effective against spoofing attacks.

148. The scope of a functional configuration audit does not include which of the following?

a. Evaluation of change control

b. Testing of software product

c. Tracing of system requirements

d. Evaluation of test approach and results

148. a. Evaluation of change control is a part of the physical configuration audit, whereas the other choices are part of the functional configuration audit. The physical configuration audit provides an independent evaluation of whether components in the as-built version of the software map to the specifications of the software. Specifically, this audit is held to verify that the software and its documentation are internally consistent and ready for delivery. Activities typically planned and executed as part of the physical configuration audit include evaluation of product composition and structure, product functionality, and change control.

The functional configuration audit provides an independent evaluation of configuration items to determine whether actual functionality and performance are consistent with the requirements specifications. Specifically, this audit is conducted prior to the software delivery to verify that all requirements specified in the requirements document have been met. Activities typically planned and executed as part of a functional configuration audit include testing of software products, tracing of system requirements from their initial specification through system testing, evaluation of the test approach and results attained, and evaluating the consistency between the baselined product elements.

149. Which of the following statements is not true about applets?

a. Applets are large application programs.

b. Applets are written mostly in Java language.

c. Applets are automatically downloaded.

d. Applets are small application programs.

149. a. Applets are small application programs mostly written in Java programming language that are automatically downloaded and executed by applet-enabled Web browsers.

150. The contingency processes should be tested in which of the following phases of system development life cycle (SDLC)?

a. Initiation

b. Development/acquisition

c. Implementation

d. Operation/maintenance

150. c. The contingency processes should be tested and maintained during the implementation phase of the SDLC. The capability to recover and reconstitute data should be considered during the initiation phase. Recovery strategies should be considered during the development phase. The contingency plan should be exercised and maintained during the operation/maintenance phase.

151. Programmers frequently create entry points into a program for debugging purposes and/or insertion of new program codes at a later date. What are these entry points called?

a. Logic bombs

b. Worms

c. Backdoors

d. Trojan horses

151. c. Backdoors are also called hooks and trapdoors. Logic bomb is incorrect because it is a program that triggers an unauthorized, malicious act when some predefined condition occurs. Worms are incorrect because they search the network for idle computing resources and use them to execute the program in small segments. Trojan horses are incorrect because a Trojan horse is a production program that has access to otherwise unavailable files and is changed by adding extra, unauthorized instructions. It disguises computer viruses.

152. Software vendors and contractors can install a backdoor entry into their own products or client’s computer systems. Which of the following are major risks arising from such installation?

a. Software disconnection and hacker entry

b. Remote monitoring and remote maintenance

c. Software disconnection and remote monitoring

d. Remote maintenance and hacker entry

152. a. Some vendors can install a backdoor or a trapdoor entry for remote monitoring and maintenance purposes. The good news is that the backdoor is a convenient approach to solve operational problems. The bad news is that the backdoor is wide open for hackers. Also, the vendor can modify the software at will without the user’s knowledge or permission. An unhappy vendor can disconnect a user from accessing the software as a penalty for nonpayment or disputes in payment. Access codes should be required for remote monitoring and maintenance.

153. A macro virus is most difficult to:

a. Prevent

b. Detect

c. Correct

d. Attach

153. b. A macro virus is associated with a word processing file, which can damage the computer system. Macro viruses pass through the firewall with ease because they are usually passed on as either an e-mail message or simply downloaded as a text document. The macro virus represents a significant threat because it is difficult to detect. A macro virus consists of instructions in Word Basic, Visual Basic for applications, or some other macro languages, and resides in documents. Any application that supports macros that automatically execute is a potential platform for macro viruses. Now, documents are more widely shared through networks and the Internet than via disks.

154. Which of the following is most vulnerable to Trojan horse attacks?

a. Discretionary access control

b. Mandatory access control

c. Access control list

d. Logical access control

154. a. Because the discretionary access control system restricts access based on identity, it carries with it an inherent flaw that makes it vulnerable to Trojan horse attacks. Most programs that run on behalf of a user inherit the discretionary access control rights of that user.

155. Which of the following is the best place to check for computer viruses?

a. Each computer

b. Each workstation

c. The e-mail server

d. Each network

155. c. Virus checkers monitor computers and look for malicious code. A problem is that virus-checking programs need to be installed at each computer, workstation, or network, thus duplicating the software at extra cost. The best place to use the virus-checking programs is to scan e-mail attachments at the e-mail server. This way, the majority of viruses are stopped before ever reaching the users.

156. What do you call attacks that can disclose the end users’ session token and attack the local machine?

a. Broken access control