Chapter 17: Security Flashcards

1
Q

Which component of physical security addresses outer-level access control?

A. Perimeter security
B. Mantraps
C. Security zones
D. Strong passwords

A

A.

The first layer of access control is perimeter security.

Perimeter security is intended to delay or deter entrance into a facility.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Which technology uses a physical characteristic to establish identity?

A. Biometrics
B. Surveillance
C. Smart card
D. CHAP authenticator

A

A.

Biometrics is a technology that uses personal characteristics, such as a retinal pattern or
fingerprint, to establish identity.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

As part of your training program, you’re trying to educate users on the importance of security.
You explain to them that not every attack depends on implementing advanced technological methods.
Some attacks, you explain, take advantage of human shortcomings to gain access
that should otherwise be denied.

What term do you use to describe attacks of this type?

A. Social engineering
B. IDS system
C. Perimeter security
D. Biometrics

A

A.

Social engineering uses the inherent trust in the human species, as opposed to technology, to gain access to your environment.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

You’re in the process of securing the IT infrastructure by adding fingerprint scanners to
your existing authentication methods.

This type of security is an example of which of the following?

A. Access control
B. Physical barriers
C. Biometrics
D. Softening

A

C.

A fingerprint scanner, or any device that identifies a person by a physical trait, is considered a biometric security control.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Which type of attack denies authorized users access to network resources?

A. DoS
B. Worm
C. Logic bomb
D. Social engineering

A

A.

Although the end result of any of these attacks may be denying authorized users access
to network resources, a DoS attack is specifically intended to prevent access to network
resources by overwhelming or flooding a service or network.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

As the security administrator for your organization, you must be aware of all types of attacks that can occur and plan for them.

Which type of attack uses more than one computer to attack the victim?

A. DoS
B. DDoS
C. Worm
D. UDP attack

A

B.

A distributed denial of service (DDoS) attack uses multiple computer systems to attack a
server or host in the network.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

A server in your network has a program running on it that bypasses authentication.
Which type of attack has occurred?

A. DoS
B. DDoS
C. Back door
D. Social engineering

A

C.

In a back door attack, a program or service is placed on a server to bypass normal
security procedures.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

You’ve discovered that an expired certificate is being used repeatedly to gain logon privileges.

Which type of attack is this most likely to be?

A. Man-in-the-middle attack
B. Back door attack
C. Replay attack
D. TCP/IP hijacking

A

C.

A replay attack attempts to replay the results of a previously successful session to gain
access.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

A junior administrator comes to you in a panic.

After looking at the log files, he has become convinced that an attacker is attempting to use a duplicate IP address to replace another system in the network to gain access. Which type of attack is this?

A. Man-in-the-middle attack
B. Back door attack
C. Worm
D. TCP/IP hijacking

A

D.

TCP/IP hijacking is an attempt to steal a valid IP address and use it to gain authorization
or information from a network.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Which of the following is different from a virus in that it can reproduce itself, it’s
self-contained, and it doesn’t need a host application to be transported?

A. Worm
B. Smurf
C. Phish
D. Trojan

A

A.

A worm is different from a virus in that it can reproduce itself, it’s self-contained, and it
doesn’t need a host application to be transported.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

A smurf attack attempts to use a broadcast ping on a network; the return address of the
ping may be that of a valid system in your network.

Which protocol does a smurf attack use to conduct the attack?
A. TCP
B. IP
C. UDP
D. ICMP
A

D.

A smurf attack attempts to use a broadcast ping (ICMP) on a network.

The return address of the ping may be that of a valid system in your network.

This system will be flooded with responses in a large network.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Your system log files report an ongoing attempt to gain access to a single account.

This attempt has been unsuccessful to this point.

What type of attack are you most likely experiencing?

A. Password-guessing attack
B. Back door attack
C. Worm attack
D. TCP/IP hijacking

A

A.

A password-guessing attack occurs when a user account is repeatedly attacked using a
variety of passwords.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

One of the vice presidents of the company calls a meeting with the information technology department after a recent trip to competitors’ sites.

She reports that many of the companies she visited granted access to their buildings only after fingerprint scans, and she wants similar technology employed at this company.

Of the following, which technology relies on a physical attribute of the user for authentication?

A. Smart card
B. Biometrics
C. Mutual authentication
D. Tokens

A

B.

Biometrics relies on a physical characteristic of the user to verify identity.

Biometric devices typically use either a hand pattern or a retinal scan to accomplish this.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Your company provides medical data to doctors from a worldwide database.

Because of the sensitive nature of the data you work with, it’s imperative that authentication be established on each session and be valid only for that session.

Which of the following authentication methods provides credentials that are valid only during a single session?

A. Tokens
B. Certificate
C. Smart card
D. Kerberos

A

A.

Tokens are created when a user or system successfully authenticates.

The token is destroyed when the session is over.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Your help desk has informed you that they received an urgent call from the vice president
last night requesting his logon ID and password.

When talking with the VP today, he says he never made that call. What type of attack is this?

A. Spoofing
B. Replay attack
C. Social engineering
D. Trojan horse

A

C.

Someone trying to con your organization into revealing account and password information is launching a social engineering attack.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Internal users suspect repeated attempts to infect their systems as reported to them by pop-up messages from their virus-scanning software.

According to the pop-up messages, the virus seems to be the same in every case.

What is the most likely culprit?

A. A server is acting as a carrier for a virus.
B. You have a caterpillar virus.
C. Your antivirus software has malfunctioned.
D. A DoS attack is under way.

A

A.

Some viruses won’t damage a system in an attempt to spread into all the other systems
in a network.

These viruses use that system as the carrier of the virus.

17
Q

You’re working late one night, and you notice that the hard disk on your new computer is
very active even though you aren’t doing anything on the computer and it isn’t connected to the Internet.

What is the most likely suspect?

A. A disk failure is imminent.
B. A virus is spreading in your system.
C. Your system is under a DoS attack.
D. TCP/IP hijacking is being attempted.

A

B.

A symptom of many viruses is unusual activity on the system disk.

This is caused by the virus spreading to other files on your system.

18
Q

You’re the administrator for a large bottling company.

At the end of each month, you routinely view all logs and look for discrepancies.

This month, your email system error log reports a large number of unsuccessful attempts to log on. It’s apparent that the email server is being targeted.

Which type of attack is most likely occurring?

A. Software exploitation attack
B. Backdoor attack
C. Worm
D. TCP/IP hijacking

A

A.

A software exploitation attack attempts to exploit weaknesses in software.

A common attack attempts to communicate with an established port to gain unauthorized access.

19
Q

Upper management has decreed that a firewall must be put in place immediately, before
your site suffers an attack similar to one that struck a sister company.

Responding to this order, your boss instructs you to implement a packet filter by the end of the week.

A packet filter performs which function?

A. Prevents unauthorized packets from entering the network
B. Allows all packets to leave the network
C. Allows all packets to enter the network
D. Eliminates collisions in the network

A

A.

Packet filters prevent unauthorized packets from entering or leaving a network.

Packet filters are a type of firewall that block specified traffic based on IP address, protocol, and many other attributes.

20
Q

Which media is susceptible to viruses?

A. Tape
B. Memory stick
C. CD-R
D. All of the above

A