Quiz1_Answers Flashcards
- A subject can identify itself by providing (check all that apply) …
a. A username
b. A process id
c. A password
d. A biometric factor
a. A username
b. A process id
d. A biometric factor
- In mandatory access control, access is granted or denied based on
a. The discretion of the object’s owner
b. The subject’s clearance
c. The subject’s identity
b. The subject’s clearance
- At which layer of the OSI protocol stack does the Internet Protocol (IP) operate?
a. Transport Layer
b. Network Layer
c. Data Link Layer
d. Session Layer
e. Application Layer
b. Network Layer
- Which one of the following statements about a network-based IDS is false?
a. Is installed on dedicated hardware
b. Monitors a single network host
c. Can operate in stealth mode
d. May not work well on switched networks
e. Has little negative impact on overall network performance
b. Monitors a single network host
- The accounting branch of a large organization requires an application to process expense vouchers. Each voucher must be input by one a of the many accounting clerks, verified by the clerk’s applicable supervisor, then reconciled by an auditor before the reimbursement check is produced. What access control techniques should be built into the application to meet the information protection needs?
a. Mandatory Access Control
b. Password Security
c. Role Based Access Control
d. Terminated Access Controller Access System
c. Role Based Access Control
- To which form of access control is a rule-based control access mechanism usually related?
a. Discretionary Access Control
b. Non-Discretionary Access Control
c. Token Based Access Control
d. Subject Dependent Access Control
b. Non-Discretionary Access Control
- A major disadvantage of SSO is:
a. Consistent time out enforcement across platforms
b. A compromised password exposes all authorized applications
c. Use of multiple passwords is hard to remember
d. Password change control
b. A compromised password exposes all authorized applications
You are troubleshooting some anomalies with network communication on your network. You notice that some communication isn’t taking the expected or most efficient route to the destination. Which layer of the OSI model you should troubleshoot?2
a. Layer 1
b. Layer 2
c. Layer 3
d. Layer 4
e. Layer 5
c. Layer 3
You are performing a security audit for a customer. During the audit, you find several instances of users gaining access to data without going through a formal access approval process. As part of the remediation, you recommend establishing a formal access approval process. Which role should you list to approve policies that dictate which users can gain access to data?
a. Data Creator
b. Data Processor
c. Data Owner
d. Data Custodian
e. System Owner
c. Data Owner
- You are a security consultant. A large enterprise customer hires you to ensure that their security operations are following industry standard control frameworks. For this project, the customer wants you to focus on technology solutions that will discourage malicious activities. Which type of control framework should you focus on?
a. Preventive
b. Deterrent
c. Detective
d. Assessment
e. Corrective
b. Deterrent
- You are implementing a multi-factor authentication solution. As part of the design, you are capturing the three authentication factors. What are they?3
a. Something you make
b. Something you know
c. Something you have
d. Something you need
e. Something you are
f. Something you do
b. Something you know
c. Something you have
e. Something you are
- Segments are packaged into frames at which layer of the OSI model?2
a. Layer 1
b. Layer 2
c. Layer 3
d. Layer 4
e. Layer 5
c. Layer 3 (Network)
Responsible for adding routing and addressing information to the data
Accepts segments from the Transport layer and adds information to it to create a packet
The packet includes the source and destination IP addresses
13. Which of the following operate at the application layer?2 A . MIDI B . IMAP C . SMTP D . TFTP E . JPEG
B . IMAP
C . SMTP
D . TFTP
- Which of the following are transport layer protocols?2 a. TCP and UDP
b. IP
c. FTAM
d. IP and TFTP
e. TFTP
a. TCP and UDP
- Flow control takes place at which layer?2
a. Physical
b. Transport
c. Network
d. MAC sublayer of the data link layer
e. Session
b. Transport Layer 4
Establishes a logical connection between two devices and provides end-to-end transport services to ensure data delivery
Accepts PDUs from the Session layer and converts them into segments
Includes mechanisms for segmentation, sequencing, error checking, controlling the flow of data, error correction
- Encryption takes place at which layer?
a. Physical
b. Presentation
c. Network
d. Application
e. Session
b. Presentation Layer 6
Responsible for transforming data received from the Application layer into a standard format that any system following the OSI model can understand
Responsible for encryption and compression
- True or False: The network layer uses physical addresses to route data to destination hosts
a. True
b. False
False:
Network Layer 3
Responsible for adding routing and addressing information to the data
Accepts segments from the Transport layer and adds information to it to create a packet
The packet includes the source and destination IP addresses
- Error detection and recovery takes place at which layer?
a. Physical
b. Presentation
c. Network
d. Transport
e. Session
d. Transport Layer 4
Establishes a logical connection between two devices and provides end-to-end transport services to ensure data delivery
Accepts PDUs from the Session layer and converts them into segments
Includes mechanisms for segmentation, sequencing, error checking, controlling the flow of data, error correction
- In decentralized environments device drivers that enable the OS to control and communicate with hardware need to be securely designed, developed and deployed because they are2
a. Typically installed by end users and granted access to the supervisor state
b. Typically installed by administrators and granted access to user mode state
c. Typically installed by software without human interaction
d. Integrated as part of the operating system
a. Typically installed by end users and granted access to the supervisor state
- Decoy servers or systems setup to gather information regarding an cyberattacker or intruder into your system:2
a. SIEM
b. Honeypot
c. IDS
d. Honey Farm
b. Honeypot
- What are the drawbacks of Host-based Intrusion Detection systems (HIDS)?
HIDSs consume resources on the computer being monitored
o May not be able to examine every detail if the host system is overloaded
o HIDS are limited by the auditing capabilities of the host operating system and applications
o HIDSs are more costly to manage than network-based IDSs
o Require that an installation on each server be monitored
o Attackers can discover and disable the IDS software to hide their tracks
Why would anomaly detection IDSs often generate a large number of false positives?
Unpredictability of behaviors
What is the key difference between IPV4 and IPV6?
IPv4 is the version of Internet Protocol that is most widely used around the world. However, a version known as
IPv6 is primed to take over and improve network addressing and routing. IPv4 uses a 32-bit addressing scheme, while IPv6 uses 128 bits for addressing. IPv6 offers many new features that are not available in IPv4. Some of IPv6’s new features are scoped addresses, autoconfiguration, and Quality of Service (QoS) priority values.
- Name at least three types of attacks used to discover passwords.
o Dictionary Attacks, Brute-Force Attacks, Rainbow Table Attacks
Name 3 LAN technologies.
Ethernet, Token Ring, FIBER DISTRIBUTED DATA INTERFACE (FDDI)
What is the difference between baseband and broadband technology?
o Baseband technology can support only a single communication channel. It uses a direct current applied to the cable. A current that is at a higher level represents the binary signal of 1, and a current that is at a lower level represents the binary signal of 0. Baseband is a form of digital signal. Ethernet is a baseband technology.
o Broadband technology can support multiple simultaneous signals. Broadband uses frequency modulation to support numerous channels, each supporting a distinct communication session. Broadband is suitable for high throughput rates, especially when several channels are multiplexed. Broadband is a form of analog signal. Cable television and cable modems, ISDN, DSL, T1, and T3 are examples of broadband technologies.
What devices are used in data link layer?
Switches and bridges
Define the difference between need to know and principle of least privilege.
The only difference is that least privilege will also include rights to take action on a system.
A financial organization commonly has employees switch duty responsibilities every six months. What security principle are they employing?
Job rotation
- What is a spoofing attack?
Spoofing (also known as masquerading) is pretending to be something or someone else. There is a wide variety of spoofing attacks.
