Network Security Plus Questions and Answers
According to the 2007 FBI Computer Crime and Security Survey, the loss due to the theft of confidential data for 494 respondents was approximately ____.a. $1 million b. $10 million c. $50 million d. $100 million
$10 million
The _____ Act is designed to broaden the surveillance of law enforcement agencies so they can detect and suppress terrorism.a. Gramm-Leach-Bliley b. Sarbanes-Oxley c. California Database Security Breach d. USA Patriot
USA Patriot
According to the research group Postini, over ____ of daily email messages are unsolicited and could be carrying a malicious payload.
a. one-third b. two-thirds c. three-fourths d. four-fifths
two-thirds
A ____ is a program advertised as performing one activity but actually does something else. a. script b. virus c. Trojan d. worm
Trojan
One type of virtualization in which an entire operating system environment is simulated is known as ____ virtualization.
a. NOS b. guest c. operating system d. host
operating system
____ typically involves using client-side scripts written in JavaScript that are designed to extract information from the victim and then pass the information to the attacker.a. Spam b. SQL injection c. Cross-site scripting (XSS) d. SQL scripting
Cross-site scripting (XSS)
____ is a process of ensuring that any inputs are “clean” and will not corrupt the system. a. Cross-site scripting b. SQL injection c. Script injection d. Input validation
Input validation
____ are active Internet connections that download a specific file that is available through a tracker. a. Torrents b. Applets c. ActiveX controls d. Scripts
Torrents
With wireless CSMA/CA, the amount of time that a device must wait after the medium is clear is called the ____.a. collision time b. slot time c. clear time d. tx time
slot time
The most common type of antenna for war driving is an omnidirectional antenna, also known as a ____ antenna.a. bipole b. dipole c. GPS d. tagging
dipole
____ is the name given to a wireless technology that uses short-range RF transmissions. a. Bluetooth b. Piconet c. Scatternet d. Wi-fi
Bluetooth
____ is the unauthorized access of information from a wireless device through a Bluetooth connection.
a. Blue jacking b. Bluesnarfing c. Blue poisoning d. Blue spoofing
Bluesnarfing
____, networks can essentially be divided into three parts: network, subnet, and host. a. classful addressing b. subnetting c. stateful addressing d. stateless addressing
subnetting
____ IP addresses are not assigned to any specific user or organization; instead, they can be used by any user on the private internal network.
a. Public b. Virtual c. DMZ d. Private
Private
____ packet filtering keeps a record of the state of a connection between an internal computer and an external server and then makes decisions based on the connection as well as the rule base.a. Stateless b. Stateful c. Classful d. Classless
Stateful
____ honeypots are complex to deploy and capture extensive information. These are used primarily by research, military, and government organizations.a. Research b. Production c. Clustered d. Virtual
Research
A ____ is an instruction that interrupts the program being executed and requests a service from the operating system.
a. system call b. system command c. kernel call d. system module
system call
____ works to protect the entire network and all devices that are connected to it. a. HIPS b. HIDS c. Reverse proxy d. NIPS
NIPS
____ can fully decode application-layer network protocols. Once these protocols are decoded, the different parts of the protocol can be analyzed for any suspicious behavior.a. Proxy servers b. Protocol analyzers c. Firewalls d. HIDS
Protocol analyzers
____ is an industry standard protocol specification that forwards username and password information to a centralized server.a. TACACS+ b. LDAP c. RADIUS d. Kerberos
TACACS+
The ____, sometimes called X.500 Lite, is a simpler subset of DAP. a. Kerberos b. RADIUS c. TACACS+ d. LDAP
LDAP
____ refers to any combination of hardware and software that enables access to remote users to a local internal network.a. LDAP b. EAP c. RAS d. VPN
RAS
A(n) ____ is the end of the tunnel between VPN devices. a. concentrator b. demux c. VPN server d. endpoint
endpoint
____ generally denotes a potential negative impact to an asset. a. Risk b. Threat c. Weakness d. Vulnerability
Risk
The ____ model can dynamically assign roles to subjects based on a set of rules defined by a custodian.
a. Discretionary Access Control (DAC) b. Role Based Access Control (RBAC) c. Rule Based Access Control (RBAC) d. Mandatory Access Control (MAC)
Rule Based Access Control (RBAC)
In the early 1980s, the IEEE began work on developing computer network architecture standards. This work was called Project ____, and it quickly expanded into several different categories of network technology.
a. 100 b. 302 c. 513 d. 802
802
____ was designed to ensure that only authorized parties can view transmitted wireless information. a. WECA b. MAC c. WEP d. 802.11g
WEP
The plaintext to be transmitted has a cyclic redundancy check (CRC) value calculated, which is a checksum based on the contents of the text. WEP calls this the ____ and appends it to the end of the text. a. integrity check value (ICV) b. keystream c. initialization vector (IV) d. pre-pended IV
integrity check value (ICV)
In order to address growing wireless security concerns, in October 2003 the Wi-Fi Alliance introduced ____. a. RC5 b. WEP2 c. AES d. WPA
WPA
Regarding access control, a(n) ____ is a specific resource, such as a file or a hardware device. a. object b. subject c. operation d. asset
object
Known as ____, this practice requires that if the fraudulent application of a process could potentially result in a breach of security, then the process should be divided between two or more individuals.
a. separation of duties b. job rotation c. least privilege d. implicit deny
separation of duties
The principle of ____ in access control means that each user should be given only the minimal amount of privileges necessary to perform his or her job function. a. job rotation b. implicit deny c. separation of duties d. least privilege
least privilege
____ is the presentation of credentials or identification, typically performed when logging on to a system. a. Authentication b. Identification c. Authorization d. Access
Identification
____ is the verification of the credentials to ensure that they are genuine and not fabricated. a. Authentication b. Identification c. Authorization d. Access
Authentication
____ is granting permission for admittance. a. Authentication b. Identification c. Authorization d. Access
Authorization
There are several types of OTPs. The most common type is a ____ OTP. a. time-synchronized b. challenge-based c. token-based d. biometric-based
time-synchronized
____ is a decentralized open source FIM that does not require specific software to be installed on the desktop. a. OpenID b. Windows CardSpace c. NET Passport d. Windows Live ID
OpenID
The International Organization for Standardization (ISO) created a standard for directory services known as ____.
a. X.400i b. X.459 c. X.500 d. X.589
X.500
____ is a very basic authentication protocol that was used to authenticate a user to a remote access server or to an Internet service provider (ISP).
a. MS-CHAP b. EAP-MD5 c. EAP-TLS d. PAP
PAP
Known as ____, this in effect takes a snapshot of the security of the organization as it now stands. a. risk identification b. risk mitigation c. threat identification d. vulnerability appraisal
vulnerability appraisal
The ____ is the expected monetary loss every time a risk occurs. a. Single Loss Expectancy (SLE) b. Exposure Factor (EF) c. Asset Value (AV) d. Annualized Loss Expectancy (ALE)
Single Loss Expectancy (SLE)
In a ____, the risk is spread over all of the members of the pool. a. retained risk b. risk retention pool c. joined risk d. cooperative risk
risk retention pool
Most communication in TCP/IP involves the exchange of information between a program running on one device (known as a ____) and the same or a corresponding process running on another device.
a. port b. socket c. scanner d. process
process
TCP/IP uses a numeric value as an identifier to applications and services on the systems. This is known as the ____.
a. process b. socket c. port number d. protocol
port number
The Windows file and folder ____ permission allows files or folders to be opened as read-only and to be copied.
a. Write b. Read and Execute c. Modify d. Read
Read
The Windows file and folder ____ permission allows the creation of files and folders, and allows data to be added to or removed from files. a. Modify b. Read and Execute c. Write d. Read
Write
ILM strategies are typically recorded in ____ policies. a. user security b. storage and retention c. data confidentiality d. group
storage and retention
____ is the process for generating, transmitting, storing, analyzing, and disposing of computer security log data. a. Log management b. Log auditing c. Event management d. Event auditing
Log management
____ logs can be used to determine whether new IP addresses are attempting to probe the network and if stronger firewall rules are necessary to block them.
a. Proxy servers b. Firewall c. Authentication servers d. DNS
Firewall
A ____ monitor is typically a low-level system program that uses a notification engine designed to monitor and track down hidden activity on a desktop system, server, or even personal digital assistant (PDA) or cell phone. a. performance b. baseline c. behavior d. system
system
No comments:
Post a Comment