Chapter 7 Flashcards
Combo: Quiz 7 plus Book End of Chapter Questions
Which of the following TCP/IP protocols do not relate to security?
a. IP
b. SNMP
c. HTTPS
d. FTP
a. IP
Aideen sent an email to her supervisor
explaining the Domain Name System Security Extensions (DNSSEC). Which of the following statements would Aideen have NOT included in her email?
a. It is fully supported in BIND9.
b. It adds additional resource records.
c. It adds message header information.
d. It can prevent a DNS transfer attack.
d. It can prevent a DNS transfer attack.
What is the recommended secure protocol for voice and video applications?
a. Secure Real-time Transport Protocol (SRTP)
b. Hypertext Transport Protocol Secure (HTTPS)
c. Network Time Protocol (NTP)
d. Secure/Multipurpose Internet Mail Extensions (S/MIME)
a. Secure Real-time Transport Protocol (SRTP)
Which type of log can provide details
regarding requests for specific files on a system?
a. Audit log
b. Event log
c. Access log
d. SysFile log
b. Event log
Which type of device log contains the most beneficial security data?
a. Firewall log
b. Email log
c. Switch log
d. Router log
a. Firewall log
Which type of cloud is offered to specific organizations that have common concerns?
a. Public cloud
b. Hybrid cloud
c. Private cloud
d. Community cloud
d. Community cloud
Which of these is NOT correct about an SSL accelerator?
a. It can be a separate hardware card that inserts into a web server.
b. It can be a separate hardware module.
c. It should reside between the user’s device and the web servers.
d. It can only handle the SSL protocol.
d. It can only handle the SSL protocol.
Catriona needed to monitor network traffic. She did not have the resources to install an additional device on the network. Which of the following solutions would meet her needs?
a. Network tap
b. Port mirroring
c. Aggregation switch
d. Correlation engine
b. Port mirroring
Which version of Simple Network Management Protocol (SNMP) is considered the most secure?
a. SNMPv2
b. SNMPv3
c. SNMPv4
d. SNMPv5
b. SNMPv3
Which Domain Name System (DNS) attack replaces a fraudulent IP address for a symbolic name?
a. DNS replay
b. DNS masking
c. DNS poisoning
d. DNS forwarding
c. DNS poisoning
Which of these is the most secure protocol for transferring files?
a. FTPS
b. SFTP
c. TCP
d. FTP
c. TCP
Which of the following can be used to prevent a buffer overflow attack?
a. DEP
b. FIM
c. VPN
d. DNS
a. DEP
Which of the following is NOT a service
model in cloud computing?
a. Software as a Service (SaaS)
b. Hardware as a Service (HaaS)
c. Platform as a Service (PaaS)
d. Infrastructure as a Service (IaaS)
b. Hardware as a Service (HaaS)
Eachna is showing a new security intern the log file from a firewall. Which of the following entries would she tell him do not need to be investigated?
a. Suspicious outbound connections
b. IP addresses that are being rejected and dropped
c. Successful logins
d. IP addresses that are being rejected and dropped
c. Successful logins
Which type of hypervisor does not run
on an underlying operating system?
a. Type I
b. Type II
c. Type III
d. Type IV
a. Type I
Which application stores the user’s
desktop inside a virtual machine that resides on a server and is accessible from multiple locations?
a. Application cell
b. Container
c. VDE
d. VDI
d. VDI
Kyle asked his supervisor which type of computing model was used when the enterprise first started. She explained that the organization purchased all the hardware and software necessary to run the company. What type of model was she describing to Kyle?
a. Virtual services
b. Off-premises
c. On-premises
d. Hosted services
c. On-premises
DNSSEC adds additional and message header information, which can be used to verify that the requested data has not been altered in transmission.
a. resource records
b. field flags
c. hash sequences
d. zone transfers
a. resource records
What functions of a switch does a software defined network separate?
a. Host and virtual
b. Control plane and physical plane
c. RAM and hard drive
d. Network level and resource level
b. Control plane and physical plane
Which of the following is NOT a security
concern of virtualized environments?
a. Virtual machines must be protected from both the outside world and from other virtual machines on the same physical computer.
b. Physical security appliances are not always designed to protect virtual systems.
c. Virtual servers are less expensive than their physical counterparts.
d. Live migration can immediately move one virtualized server to another hypervisor.
c. Virtual servers are less expensive than their physical counterparts.
At what level of the OSI model does the IP protocl function?
a) Transport Layer
b) Network layer
c) Presentation Layer
d) Data link layer
b) Network layer
Which of the following protocols is unsecured?
a) HTTPS
b) TLS
c) FTP
d) SSL
c) FTP
File integrity check (FIC) is a service that can monitor any changes made to computer files, such as operating systems files.
(T/F)
True
Which cloud computing service model uses the cloud computing vendor to provide access to the vendor’s software applications running on a cloud infrastructure?
a) system as a service
b) infrastructure as a service
c) software as a service
d) application as a service
c) software as a service
