Chapter 17: Security Flashcards
Which component of physical security addresses outer-level access control?
A. Perimeter security
B. Mantraps
C. Security zones
D. Strong passwords
A.
The first layer of access control is perimeter security.
Perimeter security is intended to delay or deter entrance into a facility.
Which technology uses a physical characteristic to establish identity?
A. Biometrics
B. Surveillance
C. Smart card
D. CHAP authenticator
A.
Biometrics is a technology that uses personal characteristics, such as a retinal pattern or
fingerprint, to establish identity.
As part of your training program, you’re trying to educate users on the importance of security.
You explain to them that not every attack depends on implementing advanced technological methods.
Some attacks, you explain, take advantage of human shortcomings to gain access
that should otherwise be denied.
What term do you use to describe attacks of this type?
A. Social engineering
B. IDS system
C. Perimeter security
D. Biometrics
A.
Social engineering uses the inherent trust in the human species, as opposed to technology, to gain access to your environment.
You’re in the process of securing the IT infrastructure by adding fingerprint scanners to
your existing authentication methods.
This type of security is an example of which of the following?
A. Access control
B. Physical barriers
C. Biometrics
D. Softening
C.
A fingerprint scanner, or any device that identifies a person by a physical trait, is considered a biometric security control.
Which type of attack denies authorized users access to network resources?
A. DoS
B. Worm
C. Logic bomb
D. Social engineering
A.
Although the end result of any of these attacks may be denying authorized users access
to network resources, a DoS attack is specifically intended to prevent access to network
resources by overwhelming or flooding a service or network.
As the security administrator for your organization, you must be aware of all types of attacks that can occur and plan for them.
Which type of attack uses more than one computer to attack the victim?
A. DoS
B. DDoS
C. Worm
D. UDP attack
B.
A distributed denial of service (DDoS) attack uses multiple computer systems to attack a
server or host in the network.
A server in your network has a program running on it that bypasses authentication.
Which type of attack has occurred?
A. DoS
B. DDoS
C. Back door
D. Social engineering
C.
In a back door attack, a program or service is placed on a server to bypass normal
security procedures.
You’ve discovered that an expired certificate is being used repeatedly to gain logon privileges.
Which type of attack is this most likely to be?
A. Man-in-the-middle attack
B. Back door attack
C. Replay attack
D. TCP/IP hijacking
C.
A replay attack attempts to replay the results of a previously successful session to gain
access.
A junior administrator comes to you in a panic.
After looking at the log files, he has become convinced that an attacker is attempting to use a duplicate IP address to replace another system in the network to gain access. Which type of attack is this?
A. Man-in-the-middle attack
B. Back door attack
C. Worm
D. TCP/IP hijacking
D.
TCP/IP hijacking is an attempt to steal a valid IP address and use it to gain authorization
or information from a network.
Which of the following is different from a virus in that it can reproduce itself, it’s
self-contained, and it doesn’t need a host application to be transported?
A. Worm
B. Smurf
C. Phish
D. Trojan
A.
A worm is different from a virus in that it can reproduce itself, it’s self-contained, and it
doesn’t need a host application to be transported.
A smurf attack attempts to use a broadcast ping on a network; the return address of the
ping may be that of a valid system in your network.
Which protocol does a smurf attack use to conduct the attack? A. TCP B. IP C. UDP D. ICMP
D.
A smurf attack attempts to use a broadcast ping (ICMP) on a network.
The return address of the ping may be that of a valid system in your network.
This system will be flooded with responses in a large network.
Your system log files report an ongoing attempt to gain access to a single account.
This attempt has been unsuccessful to this point.
What type of attack are you most likely experiencing?
A. Password-guessing attack
B. Back door attack
C. Worm attack
D. TCP/IP hijacking
A.
A password-guessing attack occurs when a user account is repeatedly attacked using a
variety of passwords.
One of the vice presidents of the company calls a meeting with the information technology department after a recent trip to competitors’ sites.
She reports that many of the companies she visited granted access to their buildings only after fingerprint scans, and she wants similar technology employed at this company.
Of the following, which technology relies on a physical attribute of the user for authentication?
A. Smart card
B. Biometrics
C. Mutual authentication
D. Tokens
B.
Biometrics relies on a physical characteristic of the user to verify identity.
Biometric devices typically use either a hand pattern or a retinal scan to accomplish this.
Your company provides medical data to doctors from a worldwide database.
Because of the sensitive nature of the data you work with, it’s imperative that authentication be established on each session and be valid only for that session.
Which of the following authentication methods provides credentials that are valid only during a single session?
A. Tokens
B. Certificate
C. Smart card
D. Kerberos
A.
Tokens are created when a user or system successfully authenticates.
The token is destroyed when the session is over.
Your help desk has informed you that they received an urgent call from the vice president
last night requesting his logon ID and password.
When talking with the VP today, he says he never made that call. What type of attack is this?
A. Spoofing
B. Replay attack
C. Social engineering
D. Trojan horse
C.
Someone trying to con your organization into revealing account and password information is launching a social engineering attack.