Quiz3_Answers

Question 1

For a given desired strength of a cryptographic system, which one of the following will provide it with the smallest key?

A. ECC

B. RSA

Answer 1

A. ECC (Elliptic curve)- 160 bits

Size comparable with others with equal protection: RSA is 1088bits DSA is 1025 bits

Question 2

Which of the following functions provides an output which cannot be reversed and converts data into a string of characters?

A. Stream ciphers

B. Hashing

C. Steganography

D. Block ciphers

Answer 2

B. Hashing

Question 3

A software developer wants to prevent stored passwords from being easily decrypted. When the password is stored by the application, additional text is added to each password before the password is hashed. This technique is known as:

A. Symmetric cryptography

B. Salting

C. Private key cryptography

D. Sessionizing

Answer 3

B. Salting

Question 4

An achievement in providing worldwide Internet security was the signing of certificates associated with which of the following protocols?

A. TCP/IP

B. SET

C. SSL

D. SSH

Answer 4

C. SSL

Question 5

Which of the following provides the strongest authentication security on a wireless network?

A. WPA2

B. HMAC

C. Disable SSID broadcast

D. WEP

Answer 5

A. WPA2

Question 6

Which of the following is used to verify data integrity?

A. RSA

B. AES

C. RC4

D. SHA

Answer 6

D. SHA

Question 7

Which of the following can be implemented with multiple bit strength?

A. MD4

B. AES

C. DES

D. SHA1

Answer 7

B. AES

AES uses key lengths and block sizes of 128, 192, and 256 bits

Question 8

Which of the following would provide the STRONGEST encryption?

A. ECC

B. RSA

C. One Time Pad

D. AES

Answer 8

C. One Time Pad

Question 9

Which of the following components MUST be trusted by all parties in PKI?

A. CA

B. Key escrow

C. Private key

D. Recovery key

Answer 9

A. CA

Question 10

Pete, an employee, needs a certificate to encrypt data. Which of the following would issue Pete a certificate?

A. Certificate Authority

B. Registration Authority

C. Certificate Revocation List

D. Key Escrow

Answer 10

A. Certificate Authority

Question 11

Which of the following MUST be updated immediately when an employee is terminated to prevent unauthorized access?

A. CA

B. RA

C. CRL

D. Private key

Answer 11

C. CRL

Certificate Revocation List

Question 12

Which of the following malware types may require user interaction, does not hide itself, and is commonly identied by marketing pop-ups based on browsing habits?

A. Virus

B. Adware

C. Rootkit

D. Botnet

Answer 12

B. Adware

Question 13

A program has been discovered that infects a critical Windows system executable and stays dormant in memory. When a Windows mobile phone is connected to the host, the program infects the phone’s boot loader and continues to target additional Windows PCs or phones. Which of the following malware categories BEST describes this program?

A. Trojan

B. Virus

C. Rootkit

D. Zero-Day

Answer 13

B. Virus

Question 14

A user casually browsing the Internet is redirected to a warez site where a number of pop-ups appear. After clicking on a pop-up to complete a survey, a drive-by download occurs. Which of the following is MOST likely to be contained in the download?

A. Smurf

B. Backdoor

C. Logic Bomb

D. Spyware

Answer 14

D. Spyware

Question 15

During a server audit, a security administrator does not notice abnormal activity. However, a network security analyst notices connections to unauthorized ports from outside the corporate network. Using specialized tools, the network security analyst also notices hidden processes running. Which of the following has MOST likely been installed on the server?

A. Logic bomb

B. Rootkit

C. Backdoor

D. SPIM

Answer 15

B. Rootkit

Question 16

Ann, a software developer, has installed some code to reactivate her account one week after her account has been disabled. Which of the following is this an example of? (Select TWO).

A. Logic Bomb

B. Botnet

C. Backdoor

D. Rootkit

Answer 16

A. Logic Bomb

C. Backdoor

Question 17

A server with the IP address of 10.10.2.4 has been having intermittent connection issues. The logs show repeated connection attempts from the following IPs:

10. 10.3.16
11. 10.3.23
12. 178.24.26
13. 24.94.83

These attempts are overloading the server to the point that it cannot respond to traffic. Which of the following attacks is occurring?

A. XMAS

B. DOS

C. DDOS

D. XSS

Answer 17

C. DDOS

Question 18

An administrator is assigned to monitor servers in a data center. A web server connected to the Internet suddenly experiences a large spike in CPU activity. Which of the following is the MOST likely cause?

A. DoS

B. Trojan

C. Spyware

D. Priviliage Escalation

Answer 18

A. DoS

Question 19

Which of the following attacks could be used to initiate a subsequent man-in-the- middle attack?

A. Dos

B. Replay

C. Brute Force

D. ARP poisoning

Answer 19

B. Replay

Question 20

A security administrator notices large amounts of traffic within the network heading out to an external website. The website seems to be a fake bank site with a phone number that when called, asks for sensitive information. After further investigation, the security administrator notices that a fake link was sent to several users. This is an example of which of the following attacks?

A. Vishing

B. Phishing

C. Whaling

D. SPAM

Answer 20

B. Phishing

Question 21

A company’s employees were victims of a spear phishing campaign impersonating the CEO. The company would now like to implement a solution to improve the overall security posture by assuring their employees that email originated from the CEO. Which of the following controls could they implement to BEST meet this goal?

A. Digital Signatures

B. Digital Certificates

C. AntiVirus Software

D. Spam Filter

Answer 21

A. Digital Signatures

Question 22

A security administrator develops a web page and limits input into the fields on the web page as well as filters special characters in output. The administrator is trying to prevent which of the following attacks?

A. Fuzzing

B. Spooffing

C. XSS

D. Pharming

Answer 22

C. XSS

Question 23

Which of the following types of application attacks would be used to specifically gain unauthorized information from databases that did not have any input validation implemented?

A. Session hijacking and XML injection

B. Buffer overflow and XSS

C. Cookies and attachments

D. SQL injection

Answer 23

D. SQL injection

Question 24

A malicious individual is attempting to write too much data to an application’s memory. Which of the following describes this type of attack?

A. Buffer overflow

B. XSRF

C. SQL injection

D. Zero day

Answer 24

A. Buffer overflow

Question 25

Which of the following was launched against a company based on the following IDS log? 122.41.15.252 - - [21/May/2012:00:17:20 +1200] “GET /index.php? username=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA A AAA HTTP/1.1” 200 2731 “http://www.company.com/cgibin/ forum/commentary.pl/noframes/read/209” “Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; Hotbar 4.4.7.0)”

A. SQL injection

B. Online password attack

C. XSS attack

D. Buffer overflow attack

Answer 25

D. Buffer overflow attack