chapter 11 (2) Flashcards

1
Q

What is the primary motivation for casual intruders?
a) Espionage
b) Financial gain
c) The thrill of the hunt; to show off
d) Professional advancement

A

c

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Who are script kiddies?
a) Novice attackers using hacking tools
b) Experts in security
c) Organization employees
d) Professional hackers

A

a

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What distinguishes crackers from other types of intruders?
a) They have limited knowledge
b) They use hacking tools for fun
c) They cause damage
d) They are motivated by financial gain

A

c

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is a common characteristic of insider threats?
a) They have limited knowledge about hacking
b) They are motivated by the thrill of the hunt
c) They have legitimate access to the network
d) They primarily engage in espionage activities

A

c

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Crackers are casual hackers with a limited knowledge of computer security

A

f. Experts in security (hackers)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Which of the following is not a type of intruder who attempts to gain intrusion to
computer networks?
a. Delphi team member
b. script kiddies
c. crackers
d. professional hackers
e. organization employees

A

a

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What is the best rule for maintaining high security with sensitive data?
a) Keeping sensitive data online but encrypted
b) Storing sensitive data in computers isolated from the network
c) Sharing sensitive data with trusted third parties
d) Deleting sensitive data permanently

A

b

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

hich of the following is NOT considered an important control for detecting, preventing, or recovering from intrusion?
a) Security policy
b) Server and client protection
c) Encryption
d) Employee breakroom access control

A

d

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Which of the following is NOT listed as an important control for detecting, preventing, or recovering from intrusion?
a) Security policy
b) Intrusion Detection Systems (IDSs)
c) Encryption
d) Intrusion recovery

A

b. Intrusion Protection System (IPSs)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What is the primary purpose of a security policy?
a) To increase company profits
b) To control risk due to intrusion
c) To reduce employee productivity
d) To promote employee creativity

A

b

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

According to the security policy, what should be clearly defined?
a) Employee vacation days
b) Company lunch hours
c) Important assets to be safeguarded and necessary controls
d) Preferred office attire

A

c

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Which of the following is NOT a component that a security policy should clearly define?
a) Important assets to be safeguarded
b) Procedures for filing expense reports
c) Controls needed to protect assets
d) What employees should and should not do

A

b

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

How often should employees receive security training according to the security policy?
a) Once a year
b) Every five years
c) Whenever they feel like it
d) Routinely

A

d

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Who is typically responsible for decision-making regarding security, according to the security policy?
a) The CEO
b) The IT department
c) The decision-making manager designated in the policy
d) External security consultants

A

c

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What is an essential component of the security policy for responding to security breaches?
a) Sending a company-wide email
b) Contacting law enforcement immediately
c) Having an incident reporting system and a rapid-response team
d) Ignoring the breach and hoping it resolves itself

A

c

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What does the security policy prioritize in its risk assessment?
a) Least important assets
b) Most convenient access points
c) Important assets
d) Non-critical user activities

A

c

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

What is the purpose of having effective controls at major access points into the network?
a) To welcome external agents
b) To deter access by internal users
c) To prevent access by external agents
d) To provide entertainment for users

A

c

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

The most common access point used by attackers to gain access to an organization’s
network is the Internet connection.

A

t

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

Why are effective controls within the network necessary?
a) To ensure users exceed their authorized access
b) To enhance management time
c) To minimize inconvenience to users
d) To prevent internal users from exceeding their authorized access

A

d

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

According to the security policy, what is the recommended approach regarding the number of controls?
a) Maximize controls for better security
b) Use as few controls as possible
c) Use a moderate number of controls for balance
d) Allow users to set their own controls

A

b. using just enough security measures to keep things safe without making them too complicated or annoying for users

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

What does the acceptable use policy outline?
a) Guidelines for users to do whatever they want
b) Guidelines for accessing others’ accounts
c) Guidelines for avoiding password security
d) Guidelines for ignoring email rules

A

b. An acceptable use policy that explains to users what they can and cannot do, including guidelines for accessing others’ accounts, password security, email rules, and so on

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

What procedure does the security policy recommend for monitoring changes to important network components?
a) Routine coffee breaks
b) Annual team-building retreats
c) Regular monitoring of network components
d) Ignoring changes altogether

A

c

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

What is the purpose of routinely training users regarding security policies?
a) To decrease security awareness
b) To increase the likelihood of security breaches
c) To build awareness of security risks
d) To waste company resources

A

c

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

How often should the security practices be audited and reviewed according to the policy?
a) Weekly
b) Quarterly
c) Annually
d) Never, as audits are unnecessary

A

c

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

A __________ is a router or special purpose computer that examines packets flowing
into and out of a network and restricts access to the organization’s network.
a. firewall
b. token system
c. ANI
d. call-back modem
e. firefighter

A

a

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

What is a common purpose of a firewall in an organization’s network security strategy?
a) To provide physical security for servers
b) To secure internal communications
c) To manage employee schedules
d) To help secure the organization’s Internet connection

A

d

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q

What additional function can some firewalls perform besides restricting access?
a) Generating daily reports on office activities
b) Scheduling employee meetings
c) Identifying and preventing denial-of-service attacks
d) Ordering office snacks

A

c

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
28
Q

Where are firewalls typically placed within an organization’s network architecture?
a) Only within the company cafeteria
b) At every network connection between the organization and the Internet
c) Inside individual employees’ desks
d) At the entrance of the CEO’s office

A

b

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
29
Q

Which of the following is NOT a typical feature of a firewall?
a) Identifying and preventing denial-of-service attacks
b) Filtering and monitoring network traffic
c) Arranging company picnics
d) Restricting access to the organization’s network

A

c

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
30
Q

. A(n) ____________ examines the source and destination address of every network
packet that passes through it.
a. packet level firewall
b. mullion server
c. ANI system
d. IP spoofing system
e. network switch

A

A

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
31
Q

Which layer of the OSI model do packet-level firewalls inspect packets at?
a) Physical layer
b) Data link layer
c) Network protocol level
d) Application layer

A

c. Examines IP addresses and TCP port addresses only

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
32
Q

What is a characteristic of application-level firewalls?
a) They only operate at the physical layer of the OSI model
b) They offer less control over traffic compared to other types of firewalls
c) They operate at the application layer of the OSI model
d) They are not concerned with inspecting packets

A

c

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
33
Q

What is the primary function of NAT firewalls?
a) Inspecting packets at the network protocol level
b) Offering granular control over traffic
c) Translating private IP addresses into public ones
d) Preventing unauthorized access to the network

A

c

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
34
Q

How does a packet-level firewall determine whether to allow or deny packets?
a) By inspecting packet contents
b) By analyzing packet behavior
c) By examining source and destination addresses
d) By monitoring packet history

A

c

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
35
Q

Why is a packet-level firewall considered to operate on a “stateless” basis?
a) Because it maintains detailed records of packet history
b) Because it lacks awareness of packet history
c) Because it can detect packet tampering
d) Because it focuses solely on application-layer data

A

b

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
36
Q

What type of inspection do packet-level firewalls typically use?
a) Deep packet inspection
b) Stateless inspection
c) Stateful inspection
d) Application-layer inspection

A

b

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
37
Q

What is the purpose of an Access Control List (ACL) in packet-level firewalls?
a) To allow only packets with specific content
b) To restrict access based on packet history
c) To create rules for permitting or denying packets
d) To identify all applications within the network

A

c

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
38
Q

What do IP packets contain that ACLs may rely on for access control?
a) Source and destination MAC addresses
b) Source and destination IP addresses
c) Application-layer data
d) Packet payloads

A

b

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
39
Q

Why might ACLs not heavily rely on source IP addresses?
a) Due to the limited capabilities of packet-level firewalls
b) Because source IP addresses can be easily spoofed
c) Because source IP addresses are always trustworthy
d) Because ACLs primarily focus on packet contents

A

b

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
40
Q

An intruder uses TCP spoofing to send packets to a target computer requesting certain
privileges be granted to some user

A

F. IP spoofing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
41
Q

A packet-level firewall examines the source and destination address of every network
packet that passes though the firewall.

A

t

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
42
Q

IP spoofing means to:
a. fool the target computer and any intervening firewall into believing that messages
from the intruder’s computer are actually coming from an authorized user inside
the organization’s network
b. clad or cover the internal processing (IP) lines with insulating material to shield
the IP lines from excess heat or radiation
c. illegally tape or listen in on telephone conversations
d. detect and prevent denial-of-service attacks
e. act as an intermediate host computer between the Internet and the rest of the
organization’s networks

A

A

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
43
Q

A(n) ____________ can use stateful inspection to monitor and record the status of
each connection and can use this information in making decisions about what packets
to discard as security threats.
a. application level firewall
b. bullion server
c. ANI system
d. IP spoofing systems
e. packet level firewall

A

A

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
44
Q

What is a key feature of Application-Level Firewalls?
a) They only inspect packet headers
b) They operate exclusively at the network layer
c) They examine contents of application layer packets
d) They lack rules for processing applications

A

C

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
45
Q

What action do many Application-Level Firewalls take regarding external users and executable files?
a) They encourage external users to upload executable files
b) They prohibit external users from uploading executable files
c) They modify executable files on behalf of external users
d) They do not interact with executable files

A

b

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
46
Q

How are software modifications to Application-Level Firewalls typically managed?
a) Remotely via the network
b) Through a web-based interface
c) Via physical access to the firewall
d) Through email requests

A

c

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
47
Q

With application level firewalls, any access that has not been explicitly denied is
automatically permitted.

A

f

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
48
Q

What is the primary function of Network Address Translation (NAT) firewalls?
a) Deep packet inspection
b) Packet filtering
c) Address translation between public and private IP addresses
d) Application-layer inspection

A

c

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
49
Q

How does NAT operate in terms of the translation process?
a) It operates visibly, alerting computers to the translation process
b) It operates transparently, meaning computers are unaware of the translation process
c) It operates sporadically, causing disruptions in network traffic
d) It operates randomly, assigning IP addresses without a specific pattern

A

b

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
50
Q

What are the primary purposes of NAT?
a) To increase the complexity of network configurations
b) To conserve IPv6 addresses
c) To conserve IPv4 addresses and enhance security
d) To facilitate direct targeting of internal computers by external intruders

A

c

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
51
Q

Where is NAT commonly integrated?
a) Only in high-end enterprise-grade firewalls
b) Only in specialized network appliances
c) Only in routers intended for corporate use
d) In routers and firewalls, including low-cost routers for home use

A

d

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
52
Q

How does NAT contribute to security?
a) By exposing private IP addresses to external entities
b) By enhancing the visibility of internal computers on the Internet
c) By hiding private IP addresses, making it difficult for external intruders to target internal computers directly
d) By randomly assigning IP addresses to external entities

A

c

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
53
Q

A NAT firewall uses an address table to translate private IP addresses used inside the
organization into proxy IP addresses used on the Internet.

A

t

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
54
Q

__________ refers to the process of translating between one set of private IP
addresses inside a network and a set of public addresses outside the network.
a. Translation
b. Conversion
c. Network Address Translation
d. Proxy translation
e. IP conversion.

A

c

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
55
Q

A ______ uses an address table to translate the private IP addresses used inside the
organization into proxy IP addresses used on the Internet.
a. NAT proxy server
b. virtual server
c. DNS server
d. privacy server
e. anomaly server

A

A

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
56
Q

RAID1 writes duplicate copies of all data on at least two different disks; this means
that if one disk in the RAID array fails, there is no data loss because there is a second
copy of the data stored on a different disk. This is referred to as _____.
a. disk backup
b. hard drive duplication
c. cloud backups
d. disk duplication
e. disk mirroring

A

e

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
57
Q

How does a NAT firewall handle outgoing IP packets from internal computers?
a) It changes the destination IP address to the firewall’s address
b) It changes the source IP address to the firewall’s address
c) It changes the source IP address to a publicly illegal IP address
d) It changes the source IP address to a unique number

A

b

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
58
Q

What does a NAT firewall use as an index to the original source IP address?
a) Destination IP address
b) Source port number
c) Destination port number
d) Firewall’s IP address

A

b

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
59
Q

When external computers respond to outgoing messages, to which IP address do they address their messages?
a) Destination IP address
b) Source IP address
c) Firewall’s IP address
d) Unique number

A

c

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
60
Q

What does the NAT firewall do upon receiving incoming messages from external computers?
a) It discards the messages
b) It forwards the messages without any changes
c) It changes the destination IP address to the private IP address of the internal computer and adjusts the TCP port number
d) It changes the destination IP address to the firewall’s address

A

c

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
61
Q

What range of IP addresses is reserved for private networks, according to the information provided?
a) 128.192.55.x
b) 10.x.x.x
c) 192.168.x.x
d) 172.16.x.x to 172.31.x.x

A

b. 10.x.x.x is reserved for private networks (never used on Internet)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
62
Q

What benefit does NAT provide in terms of internal IP addresses for an organization?
a) It decreases the number of available internal IP addresses
b) It increases the likelihood of IP conflicts
c) It limits the number of internal IP addresses to conserve network resources
d) It allows for more internal IP addresses to be used within the organization

A

d

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
63
Q

Which type of firewall typically performs initial screening from the Internet?
a) Application-level firewall
b) NAT firewall
c) Packet-level firewall
d) Stateful inspection firewall

A

C

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
64
Q

What is typically found behind a packet-level firewall?
a) Private internal networks
b) Public access servers such as Web servers and public DNS servers
c) DMZ network
d) Application-level firewalls

A

b,c

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
65
Q

What is the primary purpose of a DMZ in network architecture?
a) To facilitate internal communication within a network
b) To provide a secure environment for public access servers
c) To isolate critical servers from external access
d) To serve as a backup for internal network resources

A

b

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
66
Q

A(n) _______ is a screened subnet devoted solely to public access servers such as
Web servers and public DNS servers.
a. intranet
b. DMZ
c. zone of authority
d. VLAN
e. smart hub

A

b

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
67
Q

What types of access does the packet-level firewall permit and deny according to the provided information?
a) It permits FTP access but denies HTTP and SMTP access
b) It permits HTTP and SMTP access but denies FTP access
c) It permits FTP and SMTP access but denies HTTP access
d) It permits FTP and HTTP access but denies SMTP access

A

b. HTTP (web browsing), SMTP (email), and others

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
68
Q

What role does a NAT firewall play in address translation for packets destined for internal computers?
a) It changes the destination address to its own address
b) It changes the source address to its own address
c) It changes both the source and destination addresses to its own address
d) It forwards packets without any address translation

A

b

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
69
Q

What does the NAT firewall change in the IP packet when it receives a packet from a client computer inside the internal network?
a) Source address and destination port number
b) Destination address and source port number
c) Source address and source port number
d) Destination address and destination port number

A

c

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
70
Q

What is the purpose of an application-level firewall?
a) To protect individual applications on servers
b) To provide access to public servers
c) To manage network traffic routing
d) To perform address translation for internal networks

A

a

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
71
Q

What does physical security aim to prevent?
a) Unauthorized access to internal LANs
b) Unauthorized access to external websites
c) Unauthorized software installations
d) Unauthorized access to email accounts

A

a

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
72
Q

What is a recommended practice to control access to areas where network equipment is located?
a) Allowing unrestricted access to all personnel
b) Implementing proper access controls and allowing only authorized personnel access
c) Posting access codes on public bulletin boards
d) Installing surveillance cameras without access controls

A

b

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
73
Q

What is the purpose of implementing locks on power switches and passwords to disable keyboard and screens?
a) To increase network bandwidth
b) To enhance system performance
c) To prevent unauthorized access to network equipment
d) To facilitate remote access for all personnel

A

D

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
74
Q

Why should organizations be careful about distributed backup and servers?
a) Because it improves network performance
b) Because it increases the risk of unauthorized access
c) Because it reduces network complexity
d) Because it simplifies network management

A

b

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
75
Q

What is a potential drawback of having a dispersed base of servers?
a) Reduced network bandwidth
b) Increased risk of unauthorized access
c) Enhanced network security
d) Improved network scalability

A

b. but good for continuity

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
76
Q

How can a well-backed-up, centralized data center potentially enhance security?
a) By reducing the need for security education
b) By increasing the number of access points
c) By simplifying physical security measures
d) By inherently providing better security than a dispersed base of servers

A

D

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
77
Q

In addition to physical security measures, what other factors are important to consider?
a) Network bandwidth optimization
b) Proper security education, background checks, and error and fraud controls
c) Software licensing agreements
d) Employee training on network protocols

A

b

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
78
Q

Why is physical security important in reducing the possibility of attackers posing as employees?
a) To increase network bandwidth
b) To simplify network management
c) To prevent unauthorized access and eavesdropping
d) To enhance system performance

A

c

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
79
Q

Which area is considered the easiest target for eavesdropping due to signals often extending beyond physical walls?
a) Wired LANs
b) Network devices
c) Wireless LANs
d) Fiber-optic cables

A

c

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
80
Q

What makes wireless LANs vulnerable to eavesdropping?
a) Signals extending beyond physical walls
b) Encryption protocols
c) Regular checking for tampering
d) Locked wiring closets

A

a

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
81
Q

What type of network cables are susceptible to eavesdropping, especially when running long distances?
a) Armored cables
b) Fiber-optic cables
c) Pressurized cables
d) Unsecured cables

A

D. Network cable

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
82
Q

What is recommended to secure network devices such as switches and routers?
a) Keeping them in open areas for easy access
b) Storing them in unlocked wiring closets
c) Securing them in locked wiring closets to prevent unauthorized access
d) Regularly checking for tampering without locking them

A

c

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
83
Q

Why are local cables considered easier targets for eavesdropping?
a) They are regularly checked for tampering
b) They are harder to tap into
c) They often run short distances
d) They usually run long distances and are not regularly checked

A

d

84
Q

What is a notable feature of armored cable regarding cutting attempts?
a) It generates alarms when cut
b) It is virtually impossible to cut
c) It is easier to tap into
d) It is regularly checked for tamperin

A

b

85
Q

Which type of cable is effective in generating alarms when cut?
a) Pressurized cable
b) Armored cable
c) Fiber-optic cable
d) Unsecured cable

A

a

86
Q

Which type of network devices are considered more vulnerable?
a) Wireless access points
b) LAN devices such as switches and routers
c) Modems
d) Servers

A

b

87
Q

A sniffer program is a _____.
a. type of macro-virus
b. small peep-hole in a door or wall to allow a security guard to sniff the area with
his or her nose before entering a secure area or location
c. used in a call-back modem
d. a program that records all LAN messages received for later analysis
e. secure hub program

A

D

88
Q

How can authorization codes for switch access help improve network security?
a) By increasing network bandwidth
b) By simplifying network management
c) By preventing unauthorized access and recording message traffic
d) By reducing network latency

A

c

89
Q

What feature does a secure switch typically have?
a) It automatically connects new computers without requiring any action
b) It requires a special code before new computers are connected
c) It restricts access to authorized personnel only
d) It disables all network connections

A

b

90
Q

What are security holes typically caused by?
a) Physical damage to network hardware
b) Unauthorized access to network devices
c) Flaws in network software
d) Overloading network bandwidth

A

c

91
Q

A software solution to correct a security hole is often referred to as a patch or update

A

t

92
Q

A security hole is a bug or vulnerability that permits intrusion to a computer.

A

t

93
Q

A security hole is a(n) _____.
a. malfunction or bug in an application program that allows data to be seen or
accessed by unauthorized users
b. small peep-hole in a door or wall to allow a security guard to examine an
individual before allowing that individual access to a secure area or location
c. packet-level firewall
d. missing or absent protected mode addressing restrictions on user programs during
multitasking or multithreaded program execution
e. ANI system

A

a

94
Q

What is the primary role of CERT (Computer Emergency Response Team)?
a) Developing new network protocols
b) Providing technical support for software issues
c) Acting as a central clearing house for Internet-related security holes
d) Managing network infrastructure

A

c

95
Q

What is a “zero-day attack” in the context of network security?
a) An attack that occurs only during the day
b) An attack that exploits vulnerabilities before a patch is available
c) An attack that targets networks with zero security measures
d) An attack that occurs every day at the same time

A

b

96
Q

What is a common challenge faced by network managers regarding security patches?
a) Overloading network bandwidth
b) Forgetting to regularly update systems with new patches
c) Excessive use of encryption protocols
d) Lack of access to security resources

A

b

97
Q

Microsoft’s Windows operating system meets the US government’s A1 level security

A

f

98
Q

What was Windows originally designed for?
a) Multiple users with different levels of access
b) Maximum security with restricted user control
c) One user on one computer with full control
d) Compatibility with various hardware architectures

A

c

99
Q

What advantage does Windows offer in terms of applications?
a) Limited functionality to prevent hostile takeovers
b) More powerful applications without requiring users to understand internals
c) Minimalistic design to enhance security
d) Compatibility only with Microsoft products

A

b

100
Q

What disadvantage is associated with Windows operating systems?
a) Limited application compatibility
b) Difficulty in understanding system internals
c) Hostile applications taking over the system
d) Higher security levels compared to Linux

A

c

101
Q

What security level does Microsoft’s Windows operating system provide at least?
a) A1
b) B2
c) C2
d) D3

A

c

102
Q

How was Linux designed in terms of user access?
a) One user with full control
b) Multiple users with equal levels of access
c) Multiple users with different levels of access
d) Limited access for security purposes

A

c

103
Q

A Trojan horse may allow an unauthorized user to access a computer from a remote
location.

A

t

104
Q

How do attackers typically disguise Trojan horses?
a) As physical objects
b) As legitimate software
c) As hardware components
d) As network protocols

A

b

105
Q

How do Trojan horses often gain access to a user’s computer?
a) By physically connecting to the computer
b) By exploiting vulnerabilities in antivirus software
c) By silently installing when users download and play infected files
d) By using encryption to bypass security measures

A

c

106
Q

Which of the following was one of the first major Trojans targeting Windows servers?
a) Back Scatter
b) Back Orifice
c) Back End
d) Back Tracker

A

b

107
Q

Spyware, adware and DDOS agents are three types of _____.
a. IP spoofing attacks
b. Denial-of-service attacks
c. Trojans
d. Physical security threats
e. Intrusion prevention detection approaches

A

c

108
Q

What is a characteristic feature of spyware?
a) It displays pop-up advertisements
b) It redirects browsers to competitor websites
c) It monitors activities on the target computer, recording keystrokes
d) It launches Distributed Denial of Service (DDoS) attacks

A

c

109
Q

What is the primary purpose of adware?
a) To steal user credentials
b) To monitor user actions
c) To display pop-up advertisements or redirect browsers
d) To enhance network security

A

c

110
Q

What is plaintext in a cryptographic system?
a) Encrypted message
b) The encryption algorithm
c) Unencrypted, cleartext message
d) Decryption algorithm

A

c

111
Q

What role does the encryption algorithm play in a cryptographic system?
a) It works like the safe’s combination
b) It works like the unlocking mechanism
c) It works like the locking mechanism to a safe
d) It works like the key to a safe

A

c

112
Q

What is ciphertext in a cryptographic system?
a) Unencrypted, cleartext message
b) Encrypted, scrambled message produced from the plaintext message
c) The encryption algorithm
d) The decryption algorithm

A

b

113
Q

What is the primary difference between symmetric and asymmetric encryption?
a) Symmetric encryption uses different keys for encryption and decryption, while asymmetric encryption uses the same key for both
b) Symmetric encryption is more secure than asymmetric encryption
c) Symmetric encryption uses the same key for both encryption and decryption, while asymmetric encryption uses different keys
d) Asymmetric encryption is faster than symmetric encryption

A

c

114
Q

What is another name for asymmetric encryption?
a) Private-key cryptography
b) Secret-key cryptography
c) Public-key cryptography
d) Shared-key cryptography

A

c

115
Q

What is another name for symmetric encryption?
a) Double-Key Encryption
b) Public-Key Encryption
c) Single-Key Encryption
d) Triple-Key Encryption

A

c

116
Q

How does symmetric encryption work for outgoing messages?
a) Sender uses different keys for encryption and decryption
b) Sender uses a single key to encrypt the message
c) Sender uses a public key to encrypt the message
d) Sender uses a private key to encrypt the message

A

a

117
Q

What role does the key play in symmetric encryption?
a) It ensures the uniqueness of the algorithm
b) It encrypts and decrypts the message
c) It personalizes the algorithm, ensuring unique data transformation
d) It provides secure communication over the internet

A

c

118
Q

What is one vulnerability of symmetric encryption?
a) The encryption algorithm is publicly known
b) The keys must be securely shared among communicating parties
c) Interception of the key while being sent from sender to receiver
d) The need for separate keys for communication with different entities

A

c

119
Q

What is a key management challenge associated with symmetric encryption?
a) Ensuring the uniqueness of the algorithm
b) Recording and securely storing the keys to prevent theft or unauthorized access
c) Using different keys for communication with each company
d) Keeping the encryption algorithm secret

A

b

120
Q

What happens when identical information is encrypted with the same algorithm but different keys?
a) The encryption fails
b) The ciphertext remains the same
c) Completely different ciphertexts are produced
d) The decryption becomes impossible

A

c

121
Q

What are the two components of symmetric encryption?

a) The sender and the receiver
b) The plaintext and the ciphertext
c) The algorithm and the encryption key
d) The encryption key and the decryption key

A

c

122
Q

What factor contributes to the strength of encryption?
a) Length of the ciphertext
b) Complexity of the algorithm
c) Length of the secret key
d) Speed of the decryption process

A

c

123
Q

Why are longer keys preferred in encryption?
a) They make the encryption process faster
b) They ensure the secrecy of the algorithm
c) They make it easier to crack the encryption
d) They make it more difficult to crack the encryption

A

d

124
Q

What needs to be kept secure to maintain the security of encryption?
a) The algorithm
b) The ciphertext
c) The decryption process
d) The keys

A

d

125
Q

What is brute force in the context of breaking encryption?
a) A method of guessing the correct password by trying every possible key
b) A method of analyzing ciphertext for patterns
c) A method of decrypting the message without the key
d) A method of intercepting encrypted messages

A

a. Symmetric encryption requires a large number of possible keys to resist exhaustive brute-force attacks

126
Q

What is Data Encryption Standard (DES)?
a) A symmetric encryption algorithm developed by IBM in the mid-1970s
b) A symmetric encryption algorithm developed by the US government and IBM in the mid-1970s
c) An asymmetric encryption algorithm standardized by NIST
d) An encryption standard established by AES

A

b

127
Q

What is the key length of the most common version of DES?
a) 40 bits
b) 56 bits
c) 128 bits
d) 168 bits

A

b

128
Q

Network cables are the easiest target for eavesdropping.

A

f

129
Q

DES is a commonly used symmetric encryption algorithm, developed in the mid1990s by the American government in conjunction with IBM, and is the
recommended encryption algorithm for highly sensitive data.

A

f

130
Q

Why is DES not recommended for data needing high security?
a) Because it is too complex to implement
b) Because it can be broken by brute force (in less than a day)
c) Because it requires too much computational power
d) Because it is too slow

A

b

131
Q

What is Triple DES (3DES)?
a) An encryption standard established by AES
b) An encryption technique that applies DES three times, effectively giving it a 168-bit key
c) An encryption technique that combines DES with AES
d) An encryption technique that uses a 256-bit key

A

b

132
Q

What is the purpose of Advanced Encryption Standard (AES)?
a) To replace DES
b) To enhance the security of RC4
c) To establish a new encryption algorithm by IBM
d) To standardize asymmetric encryption techniques

A

a

133
Q

What key lengths does AES use?
a) 40, 56, and 168 bits
b) 56, 128, 192, and 256 bits
c) 128, 192, and 256 bits
d) 256 bits only

A

c

134
Q

What is RC4?
a) An encryption standard established by AES
b) An encryption technique developed by the US government
c) An encryption technique that uses a 40-bit key
d) An encryption technique that applies DES three times

A

c

135
Q

What vulnerability does RC4 suffer from?
a) Vulnerabilities similar to DES, particularly with its longer key lengths
b) Vulnerabilities similar to DES, particularly with its shorter key lengths
c) Vulnerabilities related to its complexity
d) Vulnerabilities related to its speed

A

b

136
Q

Triple DES uses a total of 512 bits as the key.

A

f. 168

137
Q

What is another name for asymmetric encryption?
a) Secret key encryption
b) Private key encryption
c) Public key encryption (PKE)
d) Single key encryption

A

c

138
Q

How many keys does asymmetric encryption operate with?
a) One key
b) Two keys
c) Three keys
d) Four keys

A

b

139
Q

Who invented the most popular form of asymmetric encryption, RSA?
a) Alan Turing
b) Edward Snowden
c) Rivest, Shamir, and Adelman
d) Bill Gates

A

c

140
Q

What is the typical length of keys used in the public key in asymmetric encryption?
a) 128 bits
b) 256 bits
c) 512 bits, 1,024 bits, or 2,048 bits
d) 64 bits

A

c

141
Q

How is the public key in asymmetric encryption distributed?
a) It is kept secret
b) It is exchanged between sender and recipient
c) It is easily accessible in a public directory
d) It is never used

A

c

142
Q

How is the private key in asymmetric encryption handled?
a) It is shared publicly
b) It is distributed to all users
c) It is never distributed and kept secret
d) It is used for encryption

A

c

143
Q

What is the role of the recipient’s public key in asymmetric encryption?
a) Encrypting the message
b) Decrypting the message
c) Both encrypting and decrypting the message
d) Verifying the authenticity of the message

A

a

144
Q

What enables the use of digital signatures for authentication purposes?
a) Symmetric encryption
b) Asymmetric encryption
c) Triple DES
d) RC4

A

b

145
Q

What does a digital signature provide proof of?
a) The recipient’s identity
b) The encryption algorithm used
c) The sender’s identity
d) The decryption key

A

a

146
Q

When using a digital signature for the process of authentication, the sender encrypts
the message with their private key and the recipient decrypts the message with the
sender’s public key

A

t

147
Q

__________ provide authentication which can legally prove who sent a message over
a network.
a. Digital signatures
b. DES keys
c. Directory keys
d. Screen names
e. User Ids

A

a

148
Q

How does public key encryption enable digital signatures?
a) By encrypting the message with the recipient’s private key
b) By encrypting the message with the recipient’s public key
c) By encrypting the message with the sender’s private key
d) By encrypting the message with the sender’s public key

A

c

149
Q

How can a recipient verify a digital signature?
a) By decrypting the message with the sender’s public key
b) By decrypting the message with the sender’s private key
c) By decrypting the message with the recipient’s public key
d) By decrypting the message with the recipient’s private key

A

a

150
Q

What does a “digital signature” computer file typically include?

a) Only the name of the signing party
b) Only the date and time of signing
c) Name of the signing party and other key contents such as date and time
d) Encrypted message contents

A

c

151
Q

What is the role of Public Key Infrastructure (PKI) in public key encryption on the Internet?
a) Encrypting messages with the recipient’s public key
b) Verifying the authenticity of users
c) Decrypting messages with the sender’s private key
d) Issuing digital certificates containing the user’s private key

A

b

152
Q

What does a Certificate Authority (CA) do in PKI?
a) Encrypts messages with the recipient’s public key
b) Decrypts messages with the sender’s private key
c) Vouches for the authenticity of users using authentication
d) Issues digital certificates containing the user’s private key

A

c

153
Q

What is the main requirement for a merchant to register with a Certificate Authority (CA)?
a) Providing proof of identity
b) Paying a registration fee
c) Encrypting all communication with customers
d) Obtaining a digital certificate from another merchant

A

a

154
Q

What are the levels of certification provided by a Certificate Authority (CA)?
a) Simple confirmation of an email address
b) Complete police-style background check
c) Both a and b
d) Neither a nor b

A

c

155
Q

What information does a digital certificate issued by a CA contain?
a) The user’s private key
b) The CA’s private key
c) The user’s public key encrypted with the CA’s private key
d) The CA’s public key encrypted with the user’s private key

A

c

156
Q

. A certificate authority is a trusted organization that can vouch for the authenticity of a
person or organization

A

t

157
Q

A __________ is a trusted organization that can vouch for the authenticity of the
person or the organization using the authentication.
a. disaster recovery firm
b. DES company
c. directory company
d. certificate authority
e. fingerprint advisory board

A

d

158
Q

What is the purpose of a digital certificate?
a) To encrypt messages
b) To verify the identity of a digital signature’s source
c) To create a secure connection between devices
d) To generate unique fingerprints for messages

A

b

159
Q

How does the recipient verify a digital certificate?
a) By encrypting it with the sender’s public key
b) By decrypting it with the Certificate Authority’s (CA) public key
c) By comparing it with the sender’s private key
d) By verifying it with the recipient’s public key

A

b

160
Q

What additional step might the recipient take to ensure the validity of a digital certificate?
a) Compare it with the sender’s private key
b) Decrypt it with the sender’s public key
c) Check with the Certificate Authority (CA) for revocation status
d) Encrypt it with the CA’s private key

A

c

161
Q

In higher security certifications, what does the Certificate Authority (CA) issue for each message sent by the user?
a) Digital signature
b) Unique fingerprint
c) Encryption key
d) Authentication token

A

b

162
Q

How is a unique fingerprint for a message created in higher security certifications?
a) By combining the sender’s private key with the message’s contents
b) By encrypting the message with the CA’s public key
c) By hashing the combination of the CA’s private key and the message’s authentication key contents
d) By decrypting the message with the recipient’s public key

A

c

163
Q

Secure Sockets Layer is an encryption standard designed for use on the Web.

A

t

164
Q

Where does SSL operate in the network protocol stack?
a) Between the network and data link layers
b) Between the application and transport layers
c) Between the transport and network layers
d) Between the data link and physical layers

A

b

165
Q

What is the purpose of SSL negotiation for PKI?
a) To encrypt outbound packets
b) To decrypt inbound packets
c) To establish a secure connection between server and client
d) To compress data transmission

A

c

166
Q

What does the server send during SSL negotiation for PKI?
a) Its private key
b) Its public key and symmetric encryption technique
c) A digital certificate
d) A hash of the data to be transmitted

A

b

167
Q

What does the browser do during SSL negotiation for PKI?
a) Decrypts the server’s public key
b) Generates a symmetric encryption key
c) Sends its private key to the server
d) Verifies the server’s identity using a digital certificate

A

b

168
Q

How does the browser encrypt the symmetric encryption key during SSL negotiation?
a) With the server’s private key
b) With the server’s public key
c) With the browser’s private key
d) With the browser’s public key

A

b

169
Q

How are messages encrypted between the server and browser in SSL?
a) Using the server’s public key
b) Using the browser’s public key
c) Using a symmetric key generated by the browser
d) Using a symmetric key generated by the server

A

c

170
Q

Where does IP Security Protocol (IPSec) sit in the network protocol stack?
a) Between the network and data link layers
b) Between the application and transport layers
c) Between IP at the network layer and TCP/UDP at the transport layer
d) Between the transport and network layers

A

c

171
Q

What is a key feature of IPSec?
a) It encrypts outbound packets from the application layer
b) It operates only with web applications
c) It can be used with other application layer protocols
d) It negotiates PKI for server authentication

A

c

172
Q

How do A and B establish a symmetric key in IPSec using Internet Key Exchange (IKE)?
a) They share their public keys
b) They generate and exchange random numbers
c) They decrypt packets from the application layer
d) They negotiate with the Certificate Authority (CA

A

b

173
Q

Which mode of IPSec encrypts only the IP payload and adds an Authentication Header (AH) or an Encapsulating Security Payload (ESP) packet?
a) Transport mode
b) Tunnel mode
c) Key Exchange mode
d) Encryption mode

A

a

174
Q

In which mode of IPSec does the entire IP packet get encrypted and a new header for routing is added?
a) Transport mode
b) Tunnel mode
c) Key Exchange mode
d) Encryption mode

A

b

175
Q

What is a benefit of Tunnel mode in IPSec?
a) Allows easy routing through the Internet
b) Encrypts only the IP payload
c) Requires the IPSec agent at the next destination to decrypt the data
d) Allows attackers to learn the ultimate source and destination of the packets

A

d

176
Q

In transport mode, IPSec encrypts the entire IP packet.

A

f

177
Q

Which of the following is a mode that is used by IPSec?
a. exchange
b. sniffer
c. tunnel
d. creeper
e. firefighter

A

c

178
Q

What is the primary purpose of a user profile in a network?
a) To assign IP addresses to users
b) To determine the limits of user access on the network
c) To regulate network bandwidth usage
d) To monitor network traffic

A

b

179
Q

Who typically assigns user profiles to user accounts?
a) Network users
b) System administrators or network managers
c) Security auditors
d) Software developers

A

b

180
Q

What does a user profile specify regarding log-in access?
a) User’s email address
b) User’s password strength
c) Allowable log-in day and time of day
d) Network speed for the user

A

c

181
Q

What aspect of user access does a user profile control in terms of physical locations?
a) User’s workstation hardware
b) User’s favorite websites
c) Allowable physical locations for log-in
d) User’s software preferences

A

c

182
Q

What action might be taken if a user exceeds the allowable number of incorrect log-in attempts specified in their profile?
a) Automatic account deletion
b) Automatic password reset
c) Notification to network security
d) Automatic log-out of the user

A

d

183
Q

What could trigger an automatic logout according to a user profile?
a) User inactivity
b) User exceeding bandwidth limits
c) User accessing unauthorized websites
d) User changing network settings

A

a

184
Q

Which of the following is not a method for deterring intrusion?
a. training end users not to divulge passwords
b. using a smart card in conjunction with a password to gain access to a computer
system
c. using biometric devices to gain access to a computer system
d. using a security software package that logs out users if that user is ‘idle’ for a
certain amount of time
e. performing social engineering

A

e

185
Q

. Which of the following is not true about one-time passwords?
a. Users’ pagers or smart phones (via text messaging) can receive them.
b. They can be used in conjunction with a token system.
c. The user must enter the one-time password to gain access or the connection is
terminated.
d. This is a good security solution for users who travel frequently and who must
have secure dial-in access.
e. They create a packet level firewall on the system.

A

e

186
Q

A ______________ is a browser add-in or app that stores website passwords.
a. password collaborator
b. password manager
c. script manager
d. security envelope
e. security manager

A

b

187
Q

What protects all passwords in a password manager?
a) Two-factor authentication
b) A master password
c) Biometric authentication
d) Security questions

A

b

188
Q

Biometric systems scan the user to ensure that the user is the sole individual
authorized to access the network account.

A

t

189
Q

The most commonly used central authentication protocol used today is Kerberos.

A

t

190
Q

What problem does Central Authentication aim to solve?
a) Slow internet connection
b) Users forgetting their passwords
c) Managing multiple user profiles and passwords across different computers
d) System crashes

A

c

191
Q

What is another name for Central Authentication?
a) Multi-factor authentication
b) Network encryption
c) Single sign-on (SSO)
d) Two-step verification

A

c

192
Q

What does the authentication server do upon successful user authentication?
a) Assigns a random password to the user
b) Issues a certificate (credentials)
c) Deletes the user’s account
d) Redirects the user to another server

A

b

193
Q

How do users access restricted services or resources in Central Authentication?
a) By entering a new password
b) By presenting the certificate to the authentication server
c) By bypassing authentication
d) By logging in to individual servers

A

b

194
Q

What is the primary purpose of Intrusion Prevention Systems (IPS)?
a) To increase network speed
b) To detect and prevent intrusions into computer systems or networks
c) To provide antivirus protection
d) To improve network connectivity

A

b

195
Q

What are the two general types of IPS?
a) Internet-based IPS and server-based IPS
b) Network-based IPS and host-based IPS
c) Software-based IPS and hardware-based IPS
d) Firewall-based IPS and antivirus-based IPS

A

b

196
Q

How does a network-based IPS function?
a) It installs software on individual hosts or servers
b) It utilizes IPS sensors on key network circuits to monitor network packets
c) It scans emails for malicious content
d) It encrypts all network traffic

A

b

197
Q

How does a host-based IPS operate?
a) It installs sensors on key network circuits
b) It monitors activity on a server or host
c) It scans emails for malicious content
d) It encrypts all network traffic

A

b

198
Q

What does the host-based IPS report intrusions to?
a) The host’s operating system
b) An IPS management console
c) An antivirus software
d) The network firewall

A

b

199
Q

A host based intrusion prevention system (IPS) monitors activity on the server and
reports intrusions to the IPS management console.

A

t

200
Q

What is the primary function of misuse detection in Intrusion Prevention Systems (IPSs)?
a) Monitoring network traffic
b) Comparing monitored activities with signatures of known attacks
c) Generating random alerts
d) Analyzing failed logins

A

b

201
Q

What is a challenge associated with the use of misuse detection in IPSs?
a) Keeping database records organized
b) Ensuring stable network operation
c) Maintaining an up-to-date database of attack signatures
d) Managing network bandwidth

A

c

202
Q

What is the primary objective of anomaly detection in IPSs?
a) Comparing monitored activities with signatures of known attacks
b) Identifying major deviations from normal network operation
c) Generating random alerts
d) Analyzing successful logins

A

b

203
Q

In what type of computing environments does anomaly detection typically operate?
a) Dynamic environments
b) Unstable environments
c) Stable environments
d) Isolated environments

A

c

204
Q

What triggers an alert in anomaly detection?
a) The presence of known attack signatures
b) Minor fluctuations in network traffic
c) Major deviations from normal parameters of network operation
d) Successful logins

A

c

205
Q

A fundamental technique to determine if an intrusion is in progress in a stable
network is:
a. anomaly detection
b. armoring cable
c. RSA algorithm
d. patching
e. scanning a user’s fingerprint

A

a

206
Q

To snare intruders, many organizations now use _________ techniques.
a. entrapment
b. hacker
c. Trojan horse
d. cracker
e. DES

A

a

207
Q

The use of computer analysis techniques to gather evidence for criminal and/or civil
trials is known as _____.
a. Trojan horse
b. sniffing
c. tunneling
d. computer forensics
e. misuse detection

A

d