Lesson 12 Flashcards
5
One example of network security is the usage of passwords to protect individual accounts and information. What common sense password rule is often ignored in this case?
- Making a password too short.
- Making a password hard to guess and not using easy things such as a pet name or a family member’s birthday.
- Writing the password down and leaving it in the open.
- Making the password completely unique, not simply recycling the same password with a simple change.
Writing the password down and leaving it in the open.
What legal and regulatory system governs the way data is handled in a medical office?
HIPAA
ATM
PCI
FERPA
HIPAA
In the case of webcam hacking mentioned in the lesson, the term spyware was used. What is spyware?
Viral software that destroys a computer.
Software that allows the access of data from a computer without the person’s knowledge.
Software that creates popups.
Software used by spies.
Software that allows the access of data from a computer without the person’s knowledge.
A good administrator _____ the needs of security in the organization and the capabilities of the employees in the organization.
talks about
balances
considers
ignores
balances
What organization sets the rules as to how credit card data is handled?
PCI
HIPAA
FDIC
ATM
PCI
Public and private _____ can help verify identity in transmitting a document between two parties.
Keys
Addresses
Profiles
Emails
keys
To repudiate means to do what?
To enhance your security efforts
To breach network security
To deny or contest something
To start something over
To deny or contest something
The use of _____ might include a fingerprint scan to complete a bank transaction via a mobile application.
Physical signatures
Biometrics
Timestamps
Public keys
Biometrics
Non-repudiation means putting measures in place to assure something cannot be denied. Which of these is a simplified method of non-repudiation?
Sending a link via social media
Delivering a document to a home address
Attaching a document to an email
Sending a letter through certified mail
Sending a letter through certified mail
What is meant by network security?
A security team hired to protect your office equipment
Entering your password on a social networking site
Protection of electronic data and computer systems
Securing your workplace computer at night
Protection of electronic data and computer systems
WPA2 Enterprise uses a _____ server for logins.
Active Directory.
RADIUS.
Kerberos.
Microsoft Access.
RADIUS.
What does WPA stand for?
Wi-Fi Protocol Adapter.
Wireless Protocol Administration.
Wireless Protection Advanced.
Wi-Fi Protected Access.
Wi-Fi Protected Access.
What advantage does WPA2 have over WPA?
WPA2 uses the AES encryption standard.
WPA2 is open source.
WPA2 is faster.
WPA2 is widely supported.
WPA2 uses the AES encryption standard.
Why did the first version of WPA use TKIP?
TKIP was cheaper.
Many old devices still used WEP and TKIP was intended to make it easy to upgrade.
TKIP had a catchy name.
TKIP was fast.
Many old devices still used WEP and TKIP was intended to make it easy to upgrade.
Why was WEP deprecated in favor of WPA?
WEP was too slow.
WEP was insecure.
WEP was full of bugs.
WEP didn’t work on the Mac.
WEP was insecure.
Wireless technology was created to eliminate cables, yet provide _____.
additional features
a similar set of features
an identical set of features
most of the features
an identical set of features
WEP stands for _____.
Wireless Extra Privacy
Wired Engineer Privacy
Wireless Equivalent Privacy
Wired Equivalent Privacy
Wired Equivalent Privacy.
Security in a network ensures all of the following about the information that is passed around EXCEPT:
usability
safety
integrity
affordability
affordability
WEP affects _____ in a network.
computers
printers
wireless connections
wired connections
wireless connections
WEP is part of the _____ standard.
802.11
802.11c
802.11b
802.11a
802.11b
When are guest accounts most likely necessary?
a doctor’s office in the waiting room
a doctor’s office in the consultation office
a doctor’s office in the patient’s exam rooms
a doctor’s office in the lab
a doctor’s office in the waiting room
Which of these best describes the process of encryption?
only letting certain devices on
password protection
breaking something into a million pieces and reassembling it
using a secret code
using a secret code
Which of these would most likely benefit from registering its MAC addresses.
a busy hospital
a school
a large department store’s guest account
a small investment firm
a small investment firm
Which of these represents the strongest defense of a wireless network?
WPA2 with Guest Accounts
WEP with Guest accounts
WEP with MAC registration
WPA2 with MAC registration
WPA2 with MAC registration
Which describes the best attitude about network names?
Only use numbers for network names.
Never mention either the router name or the tech company that built it.
Always mention the tech company that built the router in the name of the network.
Always mention the router name.
Never mention either the router name or the tech company that built it.
Which of these best describes the Stuxnet virus?
Low-level threat
Non-issue
Passive threat
Active threat
Active threat
A spy keeping track of communications between two heads of state would likely use which of these?
Denial of Service
Sniffer
Data manipulation
Man in the middle
Man in the middle
Which of these is a type of attack that can start off as passive then turn active?
Sniffer
Man in the Middle
Denial of Service
Data modification
Sniffer
Which of these floods a server with requests?
Sniffer
Denial of Service
Man in the middle
Data manipulation
Denial of service
What is a data modification attack?
When information is intercepted and changed
When a worm is put on a computer
When information is intercepted
When anti-virus software finds a virus
When information is intercepted and changed
Which type of computer attack is considered a distributed attack?
DoSS
DRoS
DDoS
DoS
DDoS
Which of these options properly defines both a DoS and a DDoS attack?
Organized electronic impulses
Organized electronic incursions
Establishment of organized limits
Arbitrarily-set login restrictions
Organized electronic incursions
Which of these options contains the three basic target categories for a DoS or a DDoS?
Systems, memory, and network access card
Resources, printers, and storage devices
Network access card, applications, and peripheral devices
Networks, systems, and applications
Networks, systems, and applications
Which of these options contains a primary objective of a DoS or DDoS attack?
Consume as much bandwidth as possible
Destroy access memory
Blank the screen to deny input
Lock out the computer’s keypad entry
Consume as much bandwidth as possible
Which of these answers describes one possible method to prevent or limit the impacts of a DoS or DDoS?
Disable the firewall
Install network interface software
Install and maintain anti-virus (AV) software
Install new application software
Install and maintain anti-virus (AV) software
Which type of computer attack is considered a distributed attack?
Report an Error
DoSS
DDoS
DRoS
DoS
DDos
What is the maximum number of zones that can be associated to a firewall?
Report an Error
Four
Two
One
Firewalls can have many zones associated to them.
Firewalls can have many zones associated to them.
What type of firewall can stop more advanced threats, such as tricks devised by hackers to bypass the firewall’s access policy protection?
Report an Error
A next-generation firewall
A standard firewall will block all threats and tricks
An intelligent firewall
A stateful inspection firewall
A next-generation firewall
Which word below best describes a flaw in network security which permits an assault on network resources.
Report an Error
Instability
Vulnerability
Unreliability
Incompatibility
Vulnerability
Which of the following is NOT an element of access in regards to network security?
Report an Error
Authorization
Accounting
Authentication
Availability
Availability
Intrusion detection systems provide what function in network security?
Report an Error
Provide retina scanning at the computer room door
Scramble data so outsiders can’t make use of it
Provide badge-access only to the building
Intrusion detection systems provide what function in network security?
Report an Error
Provide retina scanning at the computer room door
Scramble data so outsiders can’t make use of it
Provide badge-access only to the building
Alert network administrators to a breach and detect unusual activity within a network
Intrusion detection systems provide what function in network security?
Report an Error
Provide retina scanning at the computer room door
Scramble data so outsiders can’t make use of it
Provide badge-access only to the building
Alert network administrators to a breach and detect unusual activity within a network
Which of the following is an unintentional threat to the security of computer networks?
Computer viruses
Theft of Data
Denial of Service (DoS) attacks
Computer failures
Sabotage
Computer failures
Which of the following is a method for securing data by using special mathematical algorithms to convert the data into a scrambled code before transmission?
Algebra
Encryption
Firewall
Anti-Virus Software
Coding
Encryption
Which is the oldest, least secure method of wireless security?
Report an Error
TKIP
WPA2
WPA
WEP
WEP
A multi-layered approach to network security is best because _____.
It uses less resources in your datacenter.
Some brands are better than others.
Different types of network security systems focus on different threats and vulnerabilities
It costs less the other approaches.
Different types of network security systems focus on different threats and vulnerabilities
Which of the following are NOT a method to deliver network security?
Report an Error
Hardware appliance
Software
Over the telephone
Cloud service
Over the telephone