Quiz 1

Question 1

What is encapsulation?

Adding a header and footer to data as it moves down the
OSI stack

Verifying a person’s identity

Protecting evidence until it has been properly collected

Changing the source and destination addresses of a packet

Answer 1

Adding a header and footer to data as it moves down the OSI stack

Question 2

Which OSI model layer manages communications in
simplex, half-duplex, and full-duplex modes?
Session
Application
Transport
Physical

Answer 2

Session

Question 3

A large table includes multiple subjects and objects. It
identifies the specific access each subject has to different
objects. What is this table called?
Access control matrix
Federation
Creeping privilege
Federated identity management

Answer 3

Access control matrix

Question 4

Access control mechanisms include which of the
following?
Logical, physical, and administrative controls
Management, operational, and technical controls
Corrective, recovery, and preventive controls
Directive, preventive, and detective control

Answer 4

Logical, physical, and administrative controls

Question 5

Which the following ags are used to establish a TCP connection? 
PSH
ACK
SYN
URG
FIN

Answer 5

ACK

SYN

Question 6

Which option is not a LAN technology?
Ethernet 
Token Ring
Fiber Distributed Data Interface 
ATM

Answer 6

ATM

Question 7

When using UDP, the TCP/IP transport layer is equivalent to the functions of only
the …………………… of the OSI model.
Transport
Transport, Session
Transport, Session, Application
Session, Presentation, Application

Answer 7

Transport

Question 8

Which one is not a protocol in application layer? 
SRPC
SET
SMTP
IPSec

Answer 8

IPSec

Question 9

…………………….accepts packets from the Network layer and converts
them into the proper format of ……………………. for transmission
Data Link, Segment
Data Link, Frame
Transport, Frame
Transport, Packet

Answer 9

Data Link, Frame

Question 10

which is not a Network hardware device that function at Layer 1?
NIC
hubs
concentrators
bridge

Answer 10

bridge

Question 11

Used to resolve  MAC addresses into IP addresses
ARP
RARP
DNS
NAT

Answer 11

RARP

Question 12

..................................records all activity that has been passed or blocked by the
rewall
Firewall log 
System Log
Change log 
network log

Answer 12

Firewall log

Question 13

HIDS are more costly to manage than NIDS.

True/False

Answer 13

True

Question 14

To establish a TCP session, we are using the TCP 3-way handshake. What is the
correct order of the handshake?
SYN/ACK > ACK > SYN.
SYN > ACK > ACK.
SYN > SYN/ACK > ACK.
SYN > SYN/ACK > SYN

Answer 14

SYN > SYN/ACK > ACK

Question 15

An IPv4 address consists of how many bytes?
32
128
8
4

Answer 15

4

Question 16

You get stopped on the way to your office by the CEO. She wants to talk to you because
you are one of those IT people. The CEO is wanting us to implement VoIP and has
heard it uses the User Datagram Protocol (UDP). On which layer of the Open Systems
Interconnection model (OSI model) would we find the UDP protocol?
1
3
4
2

Answer 16

4

Question 17

Which of the following is a form of denial of service attack that uses
spoofed ICMP packets to flood a victim with echo requests using a
bounce/amplification network?
smurf
Fraggle
Man in the Middle
Spam

Answer 17

smurf

Question 18

What is Kerberos?
Access-oriented protection system
Ticket-oriented protection system
List-oriented protection system
Lock-and-key-oriented protection system

Answer 18

Ticket-oriented protection system

Question 19

Intrusion detection systems cannot do which of the following?
Report alterations to data les
Trace user activity
Compensate for weak authentication
Interpret system logs

Answer 19

Compensate for weak authentication

Question 20

What is impersonating a user or system called?
snooping attack 
spoofing attack 
sniffing 
spamming

Answer 20

spoofing attack

Question 21

Source/Destination verification on routers is a technique used as a countermeasure
against ……………………. attack.
spoofing
spamming
DDoS
Sniffer

Answer 21

spoofing

Question 22

Packet delay and lost packets can be a sign of ....... attack.
sniffer
spamming 
spoofing 
fraggle

Answer 22

sniffer

Question 23

In Kerberos, the \_\_\_\_\_\_\_\_ is an encrypted session key that only the verfier can
decrypt.
ticket granting ticket
service ticket
Both A and B
Neither A nor B

Answer 23

service ticket

Question 24

IPsec operates at the \_\_\_\_\_\_\_\_ layer.
application
data link
internet
transport

Answer 24

internet

Question 25

review of recordings captured by security cameras is a ...................... access control 
Deterrent 
Detective 
Preventive 
Recovery

Answer 25

Detective

Question 26

A ……………………. access control confine, or control the actions of subjects to force or
encourage compliance with security policies
Directive
Detective
Compensation
Preventive

Answer 26

Directive

Question 27

Firewalls is considered to be technical access control. (True/False)

Answer 27

True

Question 28

Which option is not a step in the process of accountability. 
Authentication 
Authorization 
Auditing 
Availability

Answer 28

Availability

Question 29

the process of ………………………………..ensures that the requested activity or object
access is possible given the rights and privileges assigned to the authenticated
identity

authentication
authorization
identification
integration

Answer 29

authorization

Question 30

Cryptographic authentication systems must specify how the cryptographic
algorithms will be used. Which of the following authentication systems would
reduce the risk of impersonation in an environment of networked computer
systems?

Kerberos based authentication system
Password based authentication system
Memory token based authentication system
Smart token based authentication system

Answer 30

Kerberos based authentication system

Question 31

Which of the following security services can Kerberos best provide?
Authentication
Confidentiality
Integrity 
Availability

Answer 31

Authentication

Question 32

which access control relies upon the use of classification labels?
MAC
DAC
RBAC
TBAC

Answer 32

MAC

Question 33

Lattice-based access controls dene upper and lower bounds of access for every
relationship between a subject and an object
(True False)

Answer 33

true

Question 34

which type of access control does not have single point of failure?
centralized access control
decentralized access control

Answer 34

decentralized access control

Question 35

Non discretionary access control type has a central authority that
determine to what objects the subjects have access to and it is based
on role or on the organizational security policy.
(TrueFalse)

Answer 35

True