Quiz1_Answers

Question 1

1. A subject can identify itself by providing (check all that apply) …
   a. A username
   b. A process id
   c. A password
   d. A biometric factor

Answer 1

a. A username
b. A process id
d. A biometric factor

Question 2

2. In mandatory access control, access is granted or denied based on
   a. The discretion of the object’s owner
   b. The subject’s clearance
   c. The subject’s identity

Answer 2

b. The subject’s clearance

Question 3

3. At which layer of the OSI protocol stack does the Internet Protocol (IP) operate?
   a. Transport Layer
   b. Network Layer
   c. Data Link Layer
   d. Session Layer
   e. Application Layer

Answer 3

b. Network Layer

Question 4

4. Which one of the following statements about a network-based IDS is false?
   a. Is installed on dedicated hardware
   b. Monitors a single network host
   c. Can operate in stealth mode
   d. May not work well on switched networks
   e. Has little negative impact on overall network performance

Answer 4

b. Monitors a single network host

Question 5

5. The accounting branch of a large organization requires an application to process expense vouchers. Each voucher must be input by one a of the many accounting clerks, verified by the clerk’s applicable supervisor, then reconciled by an auditor before the reimbursement check is produced. What access control techniques should be built into the application to meet the information protection needs?
   a. Mandatory Access Control
   b. Password Security
   c. Role Based Access Control
   d. Terminated Access Controller Access System

Answer 5

c. Role Based Access Control

Question 6

6. To which form of access control is a rule-based control access mechanism usually related?
   a. Discretionary Access Control
   b. Non-Discretionary Access Control
   c. Token Based Access Control
   d. Subject Dependent Access Control

Answer 6

b. Non-Discretionary Access Control

Question 7

7. A major disadvantage of SSO is:
   a. Consistent time out enforcement across platforms
   b. A compromised password exposes all authorized applications
   c. Use of multiple passwords is hard to remember
   d. Password change control

Answer 7

b. A compromised password exposes all authorized applications

Question 8

You are troubleshooting some anomalies with network communication on your network. You notice that some communication isn’t taking the expected or most efficient route to the destination. Which layer of the OSI model you should troubleshoot?2

a. Layer 1
b. Layer 2
c. Layer 3
d. Layer 4
e. Layer 5

Answer 8

c. Layer 3

Question 9

You are performing a security audit for a customer. During the audit, you find several instances of users gaining access to data without going through a formal access approval process. As part of the remediation, you recommend establishing a formal access approval process. Which role should you list to approve policies that dictate which users can gain access to data?

a. Data Creator
b. Data Processor
c. Data Owner
d. Data Custodian
e. System Owner

Answer 9

c. Data Owner

Question 10

10. You are a security consultant. A large enterprise customer hires you to ensure that their security operations are following industry standard control frameworks. For this project, the customer wants you to focus on technology solutions that will discourage malicious activities. Which type of control framework should you focus on?
    a. Preventive
    b. Deterrent
    c. Detective
    d. Assessment
    e. Corrective

Answer 10

b. Deterrent

Question 11

11. You are implementing a multi-factor authentication solution. As part of the design, you are capturing the three authentication factors. What are they?3
    a. Something you make
    b. Something you know
    c. Something you have
    d. Something you need
    e. Something you are
    f. Something you do

Answer 11

b. Something you know
c. Something you have
e. Something you are

Question 12

12. Segments are packaged into frames at which layer of the OSI model?2
    a. Layer 1
    b. Layer 2
    c. Layer 3
    d. Layer 4
    e. Layer 5

Answer 12

c. Layer 3 (Network)

Responsible for adding routing and addressing information to the data
Accepts segments from the Transport layer and adds information to it to create a packet
The packet includes the source and destination IP addresses

Question 13

13. Which of the following operate at the application layer?2 
A . MIDI 
B . IMAP 
C . SMTP 
D . TFTP 
E . JPEG

Answer 13

B . IMAP
C . SMTP
D . TFTP

Question 14

14. Which of the following are transport layer protocols?2 a. TCP and UDP
    b. IP
    c. FTAM
    d. IP and TFTP
    e. TFTP

Answer 14

a. TCP and UDP

Question 15

15. Flow control takes place at which layer?2
    a. Physical
    b. Transport
    c. Network
    d. MAC sublayer of the data link layer
    e. Session

Answer 15

b. Transport Layer 4

Establishes a logical connection between two devices and provides end-to-end transport services to ensure data delivery

Accepts PDUs from the Session layer and converts them into segments

Includes mechanisms for segmentation, sequencing, error checking, controlling the flow of data, error correction

Question 16

16. Encryption takes place at which layer?
    a. Physical
    b. Presentation
    c. Network
    d. Application
    e. Session

Answer 16

b. Presentation Layer 6
Responsible for transforming data received from the Application layer into a standard format that any system following the OSI model can understand

Responsible for encryption and compression

Question 17

17. True or False: The network layer uses physical addresses to route data to destination hosts
    a. True
    b. False

Answer 17

False:
Network Layer 3

Responsible for adding routing and addressing information to the data

Accepts segments from the Transport layer and adds information to it to create a packet

The packet includes the source and destination IP addresses

Question 18

18. Error detection and recovery takes place at which layer?
    a. Physical
    b. Presentation
    c. Network
    d. Transport
    e. Session

Answer 18

d. Transport Layer 4

Establishes a logical connection between two devices and provides end-to-end transport services to ensure data delivery

Accepts PDUs from the Session layer and converts them into segments

Includes mechanisms for segmentation, sequencing, error checking, controlling the flow of data, error correction

Question 19

19. In decentralized environments device drivers that enable the OS to control and communicate with hardware need to be securely designed, developed and deployed because they are2
    a. Typically installed by end users and granted access to the supervisor state
    b. Typically installed by administrators and granted access to user mode state
    c. Typically installed by software without human interaction
    d. Integrated as part of the operating system

Answer 19

a. Typically installed by end users and granted access to the supervisor state

Question 20

20. Decoy servers or systems setup to gather information regarding an cyberattacker or intruder into your system:2
    a. SIEM
    b. Honeypot
    c. IDS
    d. Honey Farm

Answer 20

b. Honeypot

Question 21

1. What are the drawbacks of Host-based Intrusion Detection systems (HIDS)?

Answer 21

HIDSs consume resources on the computer being monitored

o May not be able to examine every detail if the host system is overloaded
o HIDS are limited by the auditing capabilities of the host operating system and applications
o HIDSs are more costly to manage than network-based IDSs
o Require that an installation on each server be monitored
o Attackers can discover and disable the IDS software to hide their tracks

Question 22

Why would anomaly detection IDSs often generate a large number of false positives?

Answer 22

Unpredictability of behaviors

Question 23

What is the key difference between IPV4 and IPV6?

Answer 23

IPv4 is the version of Internet Protocol that is most widely used around the world. However, a version known as
IPv6 is primed to take over and improve network addressing and routing. IPv4 uses a 32-bit addressing scheme, while IPv6 uses 128 bits for addressing. IPv6 offers many new features that are not available in IPv4. Some of IPv6’s new features are scoped addresses, autoconfiguration, and Quality of Service (QoS) priority values.

Question 24

4. Name at least three types of attacks used to discover passwords.

Answer 24

o Dictionary Attacks, Brute-Force Attacks, Rainbow Table Attacks

Question 25

Name 3 LAN technologies.

Answer 25

Ethernet, Token Ring, FIBER DISTRIBUTED DATA INTERFACE (FDDI)

Question 26

What is the difference between baseband and broadband technology?

Answer 26

o Baseband technology can support only a single communication channel. It uses a direct current applied to the cable. A current that is at a higher level represents the binary signal of 1, and a current that is at a lower level represents the binary signal of 0. Baseband is a form of digital signal. Ethernet is a baseband technology.

o Broadband technology can support multiple simultaneous signals. Broadband uses frequency modulation to support numerous channels, each supporting a distinct communication session. Broadband is suitable for high throughput rates, especially when several channels are multiplexed. Broadband is a form of analog signal. Cable television and cable modems, ISDN, DSL, T1, and T3 are examples of broadband technologies.

Question 27

What devices are used in data link layer?

Answer 27

Switches and bridges

Question 28

Define the difference between need to know and principle of least privilege.

Answer 28

The only difference is that least privilege will also include rights to take action on a system.

Question 29

A financial organization commonly has employees switch duty responsibilities every six months. What security principle are they employing?

Answer 29

Job rotation

Question 30

10. What is a spoofing attack?

Answer 30

Spoofing (also known as masquerading) is pretending to be something or someone else. There is a wide variety of spoofing attacks.