169. Which of the following is based on precomputed password hashes?
a. Brute force attack
b. Dictionary attack
c. Rainbow attack
d. Hybrid attack
A brute force attack is a form of a guessing attack in which the attacker uses all possible combinations of characters from a given character set and for passwords up to a given length.
A dictionary attack is a form of a guessing attack in which the attacker attempts to guess a password using a list of possible passwords that is not exhaustive.
A hybrid attack is a form of a guessing attack in which the attacker uses a dictionary that contains possible passwords and then uses variations through brute force methods of the original passwords in the dictionary to create new potential passwords.
170. For intrusion detection and prevention system capabilities, anomaly-based detection uses which of the following?
1. Blacklists
2. Whitelists
3. Threshold
4. Program code viewing
a. 1 and 2
b. 1, 2, and 3
c. 3 only
d. 1, 2, 3, and 4
An anomaly-based detection does not use blacklists, whitelists, and program code viewing. A blacklist is a list of discrete entities, such as hosts or applications that have been previously determined to be associated with malicious activity. A whitelist is a list of discrete entities, such as hosts or applications known to be benign. Program code viewing and editing features are established to see the detection-related programming code in the intrusion detection and prevention system (IDPS).
171. Which of the following security models addresses “separation of duties” concept?
a. Biba model
b. Clark-Wilson model
c. Bell-LaPadula model
d. Sutherland model
172. From a computer security viewpoint, the Chinese-Wall policy is related to which of the following?
a. Aggregation problem
b. Data classification problem
c. Access control problem
d. Inference problem
The Chinese-Wall policy does not meet the definition of an aggregation problem; there is no notion of some information being sensitive with the aggregate being more sensitive. The Chinese-Wall policy is an access control policy in which the access control rule is not based just on the sensitivity of the information, but is based on the information already accessed. It is neither an inference nor a data classification problem.
173. Which of the following security models promotes security clearances and sensitivity classifications?
a. Biba model