Wednesday, February 20, 2019
Introduction of Information Security Systems Cis4385
1. Which if the avocation IPv6 take eccentric somebody is assigned to multiple interfaces exclusively big buckss leave al superstar wholly be delivered to one? a. Multicast b. Anycast c. Unicast d. Broadcast cross out1 exerciser Responsesb. Anycast Feedbacka. An anycast calculate is assigned to a host of interfaces on multiple nodes. Packets atomic topic 18 delivered to the first interface only.2. Routers drop dead at which OSI layer? a. Physical b. assault c. Ne devilrk d. academic posing distinguish1 drug officer Responsesc. mesh topology Feedbacka. Routers operate at the intercommunicate layer making routing decisions based on IP addresses.3. Which of the side by side(p) is non a privy IPv4 address? direct alone that apply. a. 192. 168. 5. 60 b. 172. 25. 6. 4 c. 10. 0. 6. 5 d. 26. 68. 6. 1 clan1 substance absubstance abuser Responsesd. 26. 68. 6. 1 Feedbacka. The private IP address ranges ar as follows. IP Class Assigned Range Class A 10. 0. 0. 0-10 . 255. 255. 255 Class B 172. 16. 0. 0-172. 31. 255. 255 Class C 192. 168. 0. 0-192. 168. 255. 2554. What is a legion that evaluates profit requests from local bea engagement widgets against a objurgate c each(prenominal)(a)ed? a. Proxy b. Firew every(prenominal) c. Load balancer d. NAT innkeeper word embodiment1 user Responsesa. Proxy Feedbacka. A server that evaluates Internet requests from LAN devices against a compulsive of rules is called a proxy server. NAT servers per frame private to macrocosm address translation load balancers manage craft between cluster hosts and a firewall purees employment based on find envision lists.5. Which token of device maintains aw atomic number 18ness of the status of confederacys, thereby holding IP spoofing efforts? a. Stateless packet filtering firewall b. Stateful packet filtering firewall c. NAT filter d. Application-level gateway tramp1 drug user Responsesb. Stateful packet filtering firewall Feedbacka. A stateful pac ket filtering firewall is one that monitors the state of each connection by examining the caput of each packet. Read thisChapter 2 Why hostage is NeededA stateless packet filtering firewall does non do this. NAT filters perform only private-to- cosmos address translation. An application-level gateway provides defendion to a specific application such as transfer.6. Which of the sp be-time activity firewall services works at the session layer of the OSI mold? a. Application layer gateway b. Stateful filtering c. NAT d. Circuit-level gateway ground floor0 substance abuser Responsesc. NAT Feedbacka. Circuit-level gateways work at the school term form of the OSI influence and apply earnest mechanisms when a transmission control communications protocol or UDP connection is established they act as a go between for the Trans style and Application levels in TCP/IP.After the connection has been made, packets locoweed flow between the hosts without further stop consonanting. C ircuit-level gateways hide info about the private lucre, exactly they do non filter several(prenominal) packets.7. Which of the pursuit argon the two main functions of a proxy server? a. Caching of sack up pages b. NAT c. Domain trademark d. DHCP punctuate1 croper Responsesa. Caching of web pages,c. Domain au be featuretication Feedbacka. A proxy server unafraid(p)s a net income by keeping machines behind it anonymous it does this through and through the use of NAT. It in any case improves web performance by caching web pages from servers on the Internet for a set amount of fourth dimension. b. A proxy server proficients a interlock by keeping machines behind it anonymous it does this through the use of NAT. It in any case improves web performance by caching web pages from servers on the Internet for a set amount of time.8. Which of the followers devices arouse detect only if non foresee outpourings across the completed network? a. NIDS b. Host-based IDS c. NIPS d. Protocol analyser year1 user Responsesa. NIDS Feedbacka. network Intrusion staining Systems (NIDS) detect but do not prevent gusts across the entire network. Host-based IDS can nurture only the host on which it is installed. Network Intrusion Protection Systems (NIPS) can detect and prevent eruptions across the entire network. A Protocol Analyzer can capture traffic but not act upon it.9. When a NIPs blocks reliable traffic, what is it cognize as? a. False damaging b. True negative c. False optimistic d. True positive run1 user Responsesc. False positive Feedbacka. A blocking of traffic is a positive exertion, and when it is in response to reliable traffic, it is considered a false action indeed it is a false positive. A false negative would be when an action is NOT taken on traffic that is not legitimate. The other two options are modal(prenominal) actions a unbent negative is the allowing of legitimate traffic, whereas a true positive is the blocking of illegitimate traffic.10. Which of the following graphic symbols of NIPS reacts to actions that deviate from a baseline? a. Signature-based b. Heuristic c. Anomaly-based d. Bit blocker association1 user Responsesc. Anomaly-based Feedbacka. Anomaly-based NIPS recognizes traffic that is unusual and re demeanors it. Signature-based NIPs are configured with the signatures of rapes. Heuristics looks for patterns in the traffic, whereas bit blocker is a not a type of NIPs.11. Which of the following systems attempt to complete the natural springage of confidential information, very much concentrating on communications? a. DHCP b. DNS c. DLP d. STP mannikin1 user Responsesc. DLP Feedbacka. selective information loss prevention (DLP) systems are knowing to protect entropy by way of theme direction. They are meant to remain the leakage of confidential info, oft concentrating on communications. As such, they are a great deal also referred to as data leak prevention (DLP) de vices, information leak prevention (ILP) devices, and extrusion prevention systems.Regardless, they are intended to be apply to keep data from leaking past a data processor system or network and into unwanted hands.12. When a company buys fire insurance they are ____________ chance. a. accepting b. avoiding c. channelizering d. reducing score1 substance abuser Responsesc. transferring Feedbacka. It is possible to transfer some risk to a ordinal-party. An deterrent ideal of risk transference (also known as risk sharing) would be an organization that purchases insurance for a aggroup of servers in a datacenter.The organization still takes on the risk of losing data in the case of server failure, theft, and disaster, but transfers the risk of losing the money those servers are worth in the case they are scattered.13. Which of the following borderes block immaterial files that use JavaScript or images from loading into the browser? a. URL filtering b. subject matter filteri ng c. Malware inspection d. Blacklists circle1 exploiter Responsesb. Content filtering Feedbacka. Content filtering is a process that blocks external files that use JavaScript or images from loading into the browser. URL filtering blocks pages based on the URL.Malware inspection looks for malware based on a signature file, and blacklists are items to be denied by spam filters.14. Which of the following actions should NOT be taken for the non requital account on a network device? a. Delete it. b. stir the news. c. Disable it. d. conduce it as is. regularise1 substance abuser Responsesd. Leave it as is. Feedbacka. The default account has a well-known username and watchword, so it should be either deleted or disabled, or at a minimum its password should be changed.15. Firewall rules are typically based in all but which of the following? a. IP addresses b. mackintosh addresses c. expression poetry . Content type pit1 user Responsesd. Content type Feedbacka. Firewall rules are typically based on IP addresses, MAC addresses, or larboard numbers, but they cannot filter for content.16. Which of the following is the target of a replicate tagging advance? a. VPNs b. VLANs c. shock domains d. DMZs figure1 substance abuser Responsesb. VLANs Feedbacka. A double tagging attack can enable the attacker to view traffic from multiple VLANs.17. A network created to allow gravel to resources from the Internet, while maintaining separation from the internal network is called a ______? a. VPN b. VLAN c. Honeypot d. DMZ Grade1 user Responsesd. DMZ Feedbacka. When talking about ready reckoner auspices, a Demilitarized Zone (DMZ) is a special area of the network (sometimes referred to as a subnetwork) that houses servers which host information entreeed by nodes or other networks on the Internet, but which does not allow attack to the internal network.18. How can adit to the remote management of a router be protected? a. Content filtering b. ACLs c. Firewalls d. IPS Grade0 substance abuser Responsesc. Firewalls Feedbacka. Remote gateway to a router is usually make via Telnet or SSH. The port apply (vty line) can be seriousd employ an access control list. The other options can all be use to support protect routers but not access the remote management function.19. You require to allow access from your network to all web sites. What port numbers should be pass oned in the firewall? Choose all that apply. a. 25 b. 443 c. 80 d. 119 e. 22 f. 23 Grade1 substance abuser Responsesc. 80 Feedbacka. HTTP and HTTPS are the two services you need to allow access to use ports 80 and 443 respectively.20. Which of the following mitigation techniques can prevent MAC flooding? a. furbish up VLANs b. Prevent ICMP responses c. 802. 1x d. 802. 1q Grade1 substance abuser Responsesc. 802. 1x Feedbacka.MAC flooding, which involves everywherewhelming the memory of the reposition with MAC frames sourced from unlike MAC addresses, can be prevented by requiri ng enfranchisement on each port through 802. 1x. Secure VLANs cannot prevent this be make out the frames acceptt need to enter a VLAN to cause the problem. ICMP is at Layer 3, these frames are at Layer 2, and 802. 1q is a VLAN tagging protocol that does not prevent frames from entering the switch through access ports.21. Which of the following attacks cannot be rationalise with a flood support? a. Smurf attack b. Fraggle c. Teardrop attack d. Session theft Grade1 drug user Responsesd.Session theft Feedbacka. The smurf, fraggle, and teardrop attacks all involve sending a flood of packets to a device, use different types of malformed packets. A session theft attack is when a session cookie is stolen and use to authenticate to a server.22. Loop protection is designed to address problems that occur with which device? a. Switch b. Hub c. Router d. Firewall Grade0 substance abuser Responsesb. Hub Feedbacka. Loops occur when switches have redundant connections causing a loop. Loop gu ard (or loop protection) can prevent loops on the switch.23. When creating an ACL which of the following statements is NOT true? a.The order of the rules is grievous for beseeming functioning b. You must entangle a deny all statement at the end of the rule set for proper functioning c. The more specific rules should be dictated at the beginning of the rule list d. Once created, the ACL must be utilize to an interface Grade1 drug user Responsesb. You must include a deny all statement at the end of the rule set for proper functioning Feedbacka. There is an implied deny all statement at the end of each ACL and it is not needed to include one.24. Which of the following is an example of insecure network bridging in a LAN? a. Laptop machine-accessible to a hotspot and an ad hoc network . Laptop connected to a radio set network and the wired LAN at the homogeneous time c. Router connected to two subnets d. PC connected with two NIC to the same LAN Grade1 exploiter Responsesb. La ptop connected to a wireless network and the wired LAN at the same time Feedbacka. When a laptop connects to a wireless network and the wired LAN at the same time, it can create a bridge between the two allowing access to the LAN. The other scenarios do not create a guarantor problem for the LAN.25. When the administrator creates a rule on the firewall to prevent FTP traffic, this is a type of __________rule. . implicit deny b. implicit allow c. expressed deny d. expressed allow Grade1 User Responsesc. explicit deny Feedbacka. When traffic is specified to be prevented, it is an explicit deny. When it is denied simply because it was not specifically allowed, that is an implicit deny.26. Network entrance fee Control (NAC) is an example of_______________. a. role-based management b. rules-based management c. port-based access d. application layer filtering Grade1 User Responsesb. rules-based management Feedbacka. Network Access Control (NAC) uses rules by which connections to a net work are governed.Computers attempting to connect to a network are denied access unless they accompany with rules including levels of antivirus protection, system updates, and so oneffectively weeding out those who would perpetuate cattish attacks.27. What type of device is essential for communication between VLANs? a. Hub b. Switch c. Router d. Firewall Grade1 User Responsesc. Router Feedbacka. Hosts in different VLANs are also in different subnets and routing must be performed for them to communicate.28. Which of the following would be least probable to be placed in the DMZ? a. Web server b. DNS server c. Domain mastery d. FTP serverGrade1 User Responsesc. Domain controller Feedbacka. All the options however a domain controller are often placed in the DMZ so they are accessible to the distant earthly concern. A DC however is sensitive and should NOT be placed in the DMZ.29. Subnetting a network creates segmentation at which layer of the OSI model? a. Layer 1 b. Layer 2 c. Layer 3 d. Layer 4 Grade1 User Responsesc. Layer 3 Feedbacka. Subnetting a network creates segmentation using IP addresses, which is Layer 3.30. What service is required to represent multiple private IP addresses with a single public IP address? a. NAT b. DHCP c. DNS d. DLP Grade0User Responsesa. NAT Feedbacka. Network Address Translation (NAT) is required to represent multiple private IP addresses with a single public IP address. The specific form of NAT required to represent multiple private IP addresses with a single public IP address is called Port Address Translation ( foxy).31. Which of the following is NOT a remote access protocol? a. MS-CHAP b. CHAP c. LDAP d. PAP Grade1 User Responsesc. LDAP Feedbacka. light Directory Access Protocol is used for accessing directory services such as dynamic Directory. It is not used in remote access. All other options are remote access protocols.32. Which of the following devices are susceptible to war dialing? a. Modems b. Firewalls c. Co ntent filters d. Load balancers Grade0 User Responsesa. Modems Feedbacka. Any devices that accept cry calls such as modems or PBX systems with remote phone access are susceptible to war dialing.33. When computers are not allowed to connect to the network without proper protective covering patches and virus updates, the network is using a form of _____________. a. PAT b. DAC c. NAC d. DMZ Grade0 User Responsesd. DMZ Feedbacka. Network Access Control (NAC) uses rules by which connections to a network are governed.Computers attempting to connect to a network are denied access unless they comply with rules including levels of antivirus protection, system updates, and so oneffectively weeding out those who would perpetuate malicious attacks.34. Which of the following items do not need to be changed on a new router to ensure secure router management? a. IP address b. Administrator name c. Administrator password d. IOS version Grade1 User Responsesd. IOS version Feedbacka. All the optio ns except the IOS version can be set to defaults from the factory and should be changed because they are well known.35. Which of the following is NOT an example of demoralize computing? a. SaaS b. IaaS c. PaaS d. baa Grade1 User Responsesd. BaaS Feedbacka. Software as a function (SaaS), al-Qaida as a Service (IaaS), and programme as a Service (PaaS) are all forms of bribe computing.36. On which sentiment is sully computing based? a. load balancing b. virtualization c. RAID d. DLP Grade1 User Responsesb. virtualization Feedbacka. All forms of cloud computing use virtualization.37. A three legged border is a form of ______________. a. VPN b. DMZ c. NAT d. ACL Grade1 User Responsesb. DMZ Feedbacka. A three-legged perimeter is a firewall or server with three NICs one pointed to the LAN, one to the Internet, and one to the DMZ.38. Which of the following is NOT a benefit provided by subnetting? a. It increases guarantor by compartmentalizing the network. b. It is a more efficien t use of IP address space. c. It reduces send off traffic and collisions. d. It eases administration of the network. Grade1 User Responsesd. It eases administration of the network. Feedbacka. Subnetting provides a number of benefits but easing administration is not one of them.39. Which of the following is the get out of implementing VLANs? . commodious broadcast domains b. Smaller collision domains c. Smaller broadcast domains d. Larger collision domains Grade1 User Responsesc. Smaller broadcast domains Feedbacka. VLANs pop off up the network into subnets and as such result in little broadcast domains.40. Which of the following services assistances conserve public IP addresses? a. NAT b. DHCP c. DNS d. pillowcase Grade0 User Responsesc. DNS Feedbacka. By allowing the use of private IP addresses inside each network and by representing those groups of private IP addresses with a single public IP address, public IP addresses are maintain by NAT.41. Which of the following remo te access protocols are used with VPNs? Choose all that apply. a. PPTP b. uvulopalatopharyngoplasty c. L2TP d. unload Grade1 User Responsesc. L2TP,d. SLIP Feedbacka. Point-to-Point Tunneling Protocol (PPTP) and Layer Two Tunneling protocol (L2TP) are used with VPNs. uvulopalatopharyngoplasty and SLIP are used for dial-up. /b. Point-to-Point Tunneling Protocol (PPTP) and Layer Two Tunneling protocol (L2TP) are used with VPNs. PPP and SLIP are used for dial-up.42. Which of the following credentials protocols operates at the network layer of the OSI model? a. IPSec b. SSH c. SSL d. TLS Grade1 User Responsesa. IPSec Feedbacka.One of the come across features of IPSec is its operation at the network layer modify it to protect any type of communication operating at the pep pill layers of the OSI model.43. Which of the following are components of SNMP? Choose all that apply. a. NMS b. IPSec c. Agent d. CARP Grade1 User Responsesb. IPSec,c. Agent Feedbacka. The three components of SNMP are a network management system (NMS), agent bundle system, and the managed device, where the agent software operates. /b. The three components of SNMP are a network management system (NMS), agent software, and the managed device, where the agent software operates.44. SSL is designed as a secure replacement for which of the following? a. PPP b. Telnet c. TLS d. SSH Grade0 User Responsesd. SSH Feedbacka. SSL is designed as a secure replacement for Telnet, which transmits in clear text.45. Which of the following protocols supersedes SSL? a. SSH b. TLS c. S/MIME d. EAP Grade0 User Responsesa. SSH Feedbacka. TLS 1. 2, the latest version, is used when establishing an HTTPS connection and supersedes SSLv3.46. The operation of which of the following protocols makes the SYN flood attack possible? a. IPX/SPX b. AppleTalk c. TCP/IP d. RIP Grade1 User Responsesc. TCP/IP Feedbacka.TCP/IP uses a many-sided handshake for its connection, and the SYN flood attack attempts to take advantage of th e operation of this connection operation.47. Which of the following provides secure web access? a. SFTP b. HTTP c. HTTPS d. SSH Grade1 User Responsesc. HTTPS Feedbacka. HTTPS uses port 443 and is the precedent for secure web access.48. SCP is a secure feign protocol that uses the port of which other protocol for transfers? a. HTTPS b. SSH c. SSL d. FTPS Grade0 User Responsesd. FTPS Feedbacka. Secure copy (SCP) is some other example of a protocol that uses other protocol (and its corresponding port). It uses SSH and ultimately uses port 22 to transfer data.49. Which of the following protocols is abused when a ping flood occurs? a. SNMP b. IGMP c. ICMP d. EIGRP Grade0 User Responsesa. SNMP Feedbacka. Ping floods use ICMP echo request packets aimed at the target.50. Which of the following credentials mechanisms are build into IPv6? a. IPSec b. SSL c. HTTPS d. EAP Grade1 User Responsesa. IPSec Feedbacka. IPv6 has IPSec support built in.51. What method is used by SSL to curb and v alidate certificates? a. SPI b. PKI c. TLS d. EAP Grade1 User Responsesb. PKI Feedbacka.SSL and TLS use a public Key Infrastructure (PKI) to obtain and validate certificates.52. What port number does FTPS use to protect the transmission? a. 21 b. 88 c. 443 d. 445 Grade0 User Responsesa. 21 Feedbacka. FTPS uses SSL or TLS over port 443 to make a secure connection.53. Which of the following protocols uses port 22, usually used by SSH, to make a secure connection? a. FTPS b. SCP c. SFTP d. SSL Grade0 User Responsesb. SCP Feedbacka. Secure FTP (SFTP) uses port 22, the port for SSH, which is why it is also sometimes called SSH FTP.54. Which protocol uses ports 161 and 162? a. SMTP b. IMAP4 . SNMP d. IGMP Grade0 User Responsesa. SMTP Feedbacka. SNMP is used to collect information about and make changes to devices on the network. It uses ports 161 and 162.55. Which protocol uses the same port as HTTPS? a. SCP b. FTPS c. SFTP d. IMAP4 Grade0 User Responsesc. SFTP Feedbacka. FTP secure (FTP S) uses port 443, which is also used by HTTPS.56. Which protocol uses port 69? a. SCP b. FTPS c. TFTP d. IMAP4 Grade1 User Responsesc. TFTP Feedbacka. TFTP uses port 69.57. What port number is used by Telnet? a. 80 b. 443 c. 21 d. 23 Grade1 User Responsesd. 23 Feedbacka. Port 23 is used by Telnet.58. Which port does HTTP use? a. 80 b. 443 c. 21 d. 23 Grade0 User Responsesb. 443 Feedbacka. HTTP uses port 80.59. Which port does SCP use to transfer data? a. 80 b. 22 c. 21 d. 23 Grade0 User Responsesc. 21 Feedbacka. SCP uses SSH and thus port 22 to transfer data.60. Which protocol uses port 443? a. HTTPS b. FTPS c. TFTP d. IMAP4 Grade1 User Responsesa. HTTPS Feedbacka. HTTPS uses port 443.61. Which two protocols use port 22? a. HTTPS b. FTPS c. SSH d. SCP Grade2 User Responsesc. SSH,d. SCP Feedbacka. SCP uses SSH and thus port 22 to transfer data, so two protocols use this port. b. SCP uses SSH and thus port 22 to transfer data, so both protocols use this port.62. Which ports does the NetBIOS protocol uses? Choose all that apply. a. 138 b. 139 c. 137 d. 140 Grade3 User Responsesa. 138,b. 139,c. 137 Feedbacka. The NetBIOS protocol uses ports 137 through 139. /b. The NetBIOS protocol uses ports 137 through 139. /c. The NetBIOS protocol uses ports 137 through 139.63. What protocol uses port 53? a. HTTPS b. FTPS c. SSH d. DNS Grade0 User Responsesb. FTPS Feedbacka. DNS uses port 53.64. Which port number does RDP use? a. 3389 b. 1723 c. 1701 d. 140 Grade1 User Responsesa. 3389 Feedbacka. Port 3389 is used for Remote Desktop (RDP).65. What protocol uses port 25? a. HTTPS b. SMTP c. SSH d. DNS Grade1 User Responsesb. SMTP Feedbacka. SMTP uses port 25.66. Which of the following statements is true attentivenessing WPA and WPA2? (Choose all that apply. ) a. WPA uses 256-bit encoding. b. WPA2 uses 128-bit encoding. c. WPA uses TKIP. d. WPA2 uses AES. Grade2 User Responsesc. WPA uses TKIP. ,d. WPA2 uses AES. Feedbacka. WPA uses TKIP 128-bit encryption, whereas WPA2 uses 2 56-bit AES. /b. WPA uses TKIP 128-bit encryption, whereas WPA2 uses 256-bit AES.67. Which statement is NOT true with regard to WPA2? a. Uses AES encryption b. Meets requirements of 802. 11i c. Uses TKIP encryption d. Uses 256 bit encryption Grade1 User Responsesc. Uses TKIP encryption Feedbacka. WPA uses TKIP but WPA2 uses AES.68. Which of the following is the warrantor provided in the original 802. 11 standard? a. WPA b. WPA2 c. WEP d. CCMP Grade1 User Responsesc. WEP Feedbacka. Wired Equivalent concealment (WEP) is the security provided in the original 802. 11 standard.69. What is the authentication system that calls for a supplicant, authenticator, and authentication server called? . EAP b. WPA c. WPA2 d. WEP Grade1 User Responsesa. EAP Feedbacka. Extensible authentication Protocol (EAP) is an authentication system that calls for a supplicant, authenticator, and authentication server.70. Which of the following implementations of EAP requires certificates on the client and the server? a. EAP-FAST b. EAP-TTLS c. PEAP d. EAP-TLS Grade1 User Responsesd. EAP-TLS Feedbacka. EAP-TLS requires certificates on the client and the server.71. Which of the following versions of EAP is Cisco proprietary? a. LEAP b. EAP-TTLS c. PEAP d. EAP-TLS Grade1 User Responsesa. LEAP Feedbacka. Lightweight EAP is a version that works only on Cisco devices unless the device is from a partner that participates in the Cisco congenial Extensions program.72. Why are MAC filters not effective in preventing access to the WLAN? a. The MAC addresses of allowed devices are contained in the beacon frames sent by the AP. b. The MAC addresses of allowed devices are contained in any frames sent by the allowed device. c. The administrative effort to maintain the MAC list is prohibitive. d. If the user changes his MAC address, the filter will disallow entry. Grade1 User Responsesb.The MAC addresses of allowed devices are contained in any frames sent by the allowed device. Feedbacka. The MAC addre sses of allowed devices are contained in any frames sent by the allowed device and can be seen by those using wireless protocol analyzers. The MAC address can then be spoofed for entry.73. Which of the following frame types contain the SSID? (Choose all that apply. ) a. Beacon frames b. Data frames c. affiliation frames d. enfranchisement frames Grade3 User Responsesb. Data frames,c. Association frames,d. Authentication frames Feedbacka. The SSID is contained in all frames.If the SSID is hidden, it is withdraw only from the beacon frames. /b. The SSID is contained in all frames. If the SSID is hidden, it is removed only from the beacon frames. /c. The SSID is contained in all frames. If the SSID is hidden, it is removed only from the beacon frames.74. TKIP was designed to correct the shortcomings of which of the following? a. EAP b. WPA c. WEP d. WPA2 Grade1 User Responsesc. WEP Feedbacka. TKIP was designed to correct the shortcomings of WEP. It was a temporary theme for use unt il the 802. 1x standard was completed.75. Which of the following encryption protocols is used with WPA2? . TKIP b. CCMP c. WEP d. DES Grade1 User Responsesb. CCMP Feedbacka. Counter Mode with reckon Block Chaining Message Authentication Code Protocol (CCMP) is the encryption protocol used with WPA2. It addresses the vulnerabilities of TKIP and meets requirements of IEEE 802. 11i.76. Which advance types would be best for shaping the signal away from the front of the build for security offers while still providing coverage in the other part of the building? (Choose all that apply. ) a. Yagi b. Omni c. Parabolic dish d. Semidirectional Grade2 User Responsesa. Yagi,d. Semidirectional Feedbacka.You can use a yagi antenna, which is a type of semidirectional antenna, to tempt the coverage area as called for in the scenario. /b. You can use a yagi antenna, which is a type of semidirectional antenna, to shape the coverage area as called for in the scenario.77. How can you keep the exist ing beam of light pattern of the antenna while reducing the coverage area? a. Increase the power of the transmitter. b. belittle the power of the transmitter. c. Change the polarity of the antenna. d. Remove one of the attenuators from the line. Grade1 User Responsesb. Decrease the power of the transmitter.Feedbacka. Reducing the power level maintains the radiation pattern while making the area of radiation smaller.78. What organization created WPA? a. FCC b. Wi-Fi coalescency c. IEEE d. ISO Grade1 User Responsesb. Wi-Fi Alliance Feedbacka. The Wi-Fi Alliance created WPA to address the weaknesses of WEP.79. To which standard is WPA2 designed to adhere? a. 802. 16 b. 802. 11f c. 802. 11i d. 802. 11e Grade1 User Responsesc. 802. 11i Feedbacka. WPA2 is designed to adhere to the 802. 11i security standard.80. Which of the following is the weakest form of security? a. TKIP b. WPA c. WEP d. EAP Grade1User Responsesc. WEP Feedbacka. WEP is the weakest form of security. It has been crack ed and is not suitable for Enterprise WLANs.81. A ______________ attack intercepts all data between a client and a server. a. DDoS b. Man-in-the- gist c. play back d. Smurf Grade1 User Responsesb. Man-in-the-middle Feedbacka. Man-in-the-middle is a type of active interception. If successful, all communications now go through the MITM attacking computer.82. When a group of compromised systems attack a single target it is a called a _______________ attack. a. DDoS b. Man-in-the middle c. Replay d. Smurf Grade1User Responsesa. DDoS Feedbacka. A distributed denial-of-service attack occurs when a group of compromised systems launches a DDoS attack on a single target.83. When valid data transmissions are maliciously or fraudulently repeated, it is called a _______________ attack. a. DDoS b. man-in-the middle c. replay d. smurf Grade1 User Responsesc. replay Feedbacka. When valid data transmissions are maliciously or fraudulently repeated, it is a called a replay attack.84. What attack se nds large amounts of ICMP echoes, air the ICMP echo requests to every computer on its network or subnetwork? a.DDoS b. Man-in-the middle c. Replay d. Smurf Grade1 User Responsesd. Smurf Feedbacka. A smurf attack sends large amounts of ICMP echoes, broadcasting the ICMP echo requests to every computer on its network or subnetwork. The ICMP request is sent to a broadcast address. When all hosts receive the ICMP broadcast request, these host send ICMP replies to the source address, which has been set to the address of the target.85. Changing your MAC address to that of another host is called ___________________. a. spear phishing b. spoofing c. pharming d. vishing Grade1 User Responsesb. spoofing Feedbacka.Spoofing is when an attacker tails the IP or MAC address of another computer.86. Which of the following is more an aggravation than an attack? a. barb phishing b. Spoofing c. Spam d. Vishing Grade1 User Responsesc. Spam Feedbacka. Spam or unwanted email is more an aggravation than an attack.87. Which of the following uses instant messaging as its vehicle? a. Spim b. Spoofing c. Phishing d. Vishing Grade1 User Responsesa. Spim Feedbacka. Spam Over Instant messaging (SPIM) uses IM to deliver the spam.88. When VoIP phone calls are used in the pursuit of favorable engineering, it is called__________. a. spim b. poofing c. phishing d. vishing Grade1 User Responsesd. vishing Feedbacka. Vishing is phishing performed with VoIP calls, which are unuttereder to trace than regular calls.89. What type of attack is an advanced scan that tries to get around firewalls and look for clear-cut ports? a. DDoS b. Man-in-the-middle c. Xmas attack d. Smurf Grade1 User Responsesc. Xmas attack Feedbacka. Usually using Nmap, the Xmas attack is an advanced scan that tries to get around firewalls and look for open ports.90. __________________ is when an attacker redirects one websites traffic to another bogus and mayhap malicious website. a.DDoS b. Pharming c. Xmas attack d. Smurf Grade1 User Responsesb. Pharming Feedbacka. Host files and conquerable DNS software can also be victims of pharming attacks. Pharming is when an attacker redirects one websites traffic to another bogus and possibly malicious website. Pharming can be prevented by carefully supervise DNS configurations and host files.91. ___________ is when a someone that is not normally authorized to a server manages to get administrative permissions to resources. a. Whaling b. Pharming c. Spear phishing d. Privilege escalation Grade1 User Responsesd. Privilege escalation Feedbacka.Privilege escalation is when a person that is not normally authorized to a server manages to get administrative permissions to resources.92. Which problem is the nigh ticklish to contend with? a. Malicious insider threat b. Fraggle attack c. Distributed denial-of-service d. Whaling Grade1 User Responsesa. Malicious insider threat Feedbacka. Because the attacker already is inside the network with company knowledge, a m alicious insider threat is the most difficult to contend with.93. What type of attack can DNS poisoning fill to? a. Whaling b. Pharming c. Spear phishing d. Privilege escalation Grade0User Responsesc. Spear phishing Feedbacka. Pharming attacks lead users from a legitimate website to a malicious mate. The easiest way to do this is to poison the DNS cache so that the DNS server sends them to the malicious site.94. Strong scuttlebutt validation can help prevent ____________________. a. bluesnarfing b. SQL injection c. session highjacking d. header manipulation Grade0 User Responsesc. session highjacking Feedbacka. SQL injection attacks user introduce in web forms that is not correctly filtered. This can be prevented with input validations.95. LDAP injection is an attack on __________________servers. . SQL b. directory c. web d. email Grade1 User Responsesb. directory Feedbacka. Lightweight Directory Access Protocol is a protocol used to maintain a directory of information such as user accounts or other types of objects.96. XML injection can be prevented with __________________. a. IDS b. IPS c. input validation d. tangled passwords Grade0 User Responsesd. complex passwords Feedbacka. The best way to protect against this (and all code injection techniques for that matter) is to incorporate strong input validation.97. The .. / attack is also known as ________________. a. irectory traversal b. SQL injection c. session highjacking d. header manipulation Grade1 User Responsesa. directory traversal Feedbacka. Directory traversal, or the .. / (dot dot slash) attack is a method to access unauthorised refer (or worse, root) directories.98. _____________ is when commands and command phrase structure are entered into an application or OS. a. Directory traversal b. assertion injection c. Command highjacking d. Code manipulation Grade1 User Responsesb. Command injection Feedbacka. Command injection is when commands and command syntax are entered into an application o r OS.99. Buffer overflows operate against the _________ of the computer. a. NIC b. disc c. processor d. memory Grade1 User Responsesd. memory Feedbacka. A original overflow is when a process stores data outside of the memory that the developer intended.100. What is the disagreement between an XSS and XSRF attack? a. The XSS attack exploits the trust a users browser has in a website, whereas the XSFR attack exploits the trust that a website has in a users browser. b. The XSFR attack exploits the trust a users browser has in a website, whereas the XSS attack exploits the trust that a website has in a users browser. . The XSS attack creates a pilot film overflow on the website, whereas the XSFR attack creates a buffer overflow on the client. d. The XSS attack creates a buffer overflow on the client, whereas the XSFR attack creates a buffer overflow on the website. Grade1 User Responsesa. The XSS attack exploits the trust a users browser has in a website, whereas the XSFR attack e xploits the trust that a website has in a users browser. Feedbacka. The XSS attack exploits the trust a users browser has in a website. The converse of this the XSRF attack exploits the trust that a website has in a users browser. In this attack (also known as a one-click attack), the users browser is compromised and transmits unauthorized commands to the website.101. _______________ are placed by programmers, knowingly or unknowingly, to bypass normal authentication and other security mechanisms in place. a. Landing spots b. Backdoors c. Hotspots d. Code heels Grade1 User Responsesb. Backdoors Feedbacka. Backdoors are placed by programmers, knowingly or inadvertently, to bypass normal authentication and other security mechanisms in place.102. An XSS attack is also called a(n) __________________ attack. a. aught day b. Command injection . Xmas d. Cross site scripting Grade1 User Responsesd. Cross site scripting Feedbacka. XSS attacks, also called cross site scripting attacks, explo it the trust a users browser has in a website through code injection, often in webforms.103. ______________can be used by spyware and can track people without their permission. a. MAC addresses b. Cookies c. IP addresses d. Attachments Grade1 User Responsesb. Cookies Feedbacka. Cookies are text files placed on the client computer that store information about it, which could include your computers shop habits and possibly user credentials.104. Which of the following attachments is the riskiest to open? a.. exe b.. pdf c.. doc d.. txt Grade1 User Responsesa.. exe Feedbacka. A . exe or executable file is one that contains a program that will do something, perhaps malicious to the computer.105. Stolen cookies can be used to launch a(n) ____________________. a. XSS attack b. SQL injection c. session highjack d. header manipulation Grade1 User Responsesc. session highjack Feedbacka. Session cookies authenticate you to a server and can be used to highjack your session.106. Header manipula tion alters information in ______________ headers. a. LDAP b. file c. HTTP . SQL Grade1 User Responsesc. HTTP Feedbacka. Header manipulation alters information in HTTP headers and falsifies access.107. An ActiveX control is an example of a(n) _________________. a. cookie b. add-on c. cipher d. virus Grade1 User Responsesb. add-on Feedbacka. You can enable and disable add-on programs such as ActiveX controls in the Programs tab by clicking the Manage add-ons button in Internet Explorer.108. When an attack targets an operating system vulnerability that is still mystic to the world in general, it is called a __________. a. P2P attack b. vigor day attack c. whaling attack d. DDoS attack Grade1User Responsesb. zero day attack Feedbacka. A zero day attack targets an operating system vulnerability that is still unknown to the world in general.109. __________________is a concept that refers to the monitoring of data in use, data in motion, and data at rest. a. DLP b. DHCP c. DEP d. DMS Gr ade1 User Responsesa. DLP Feedbacka. Data Loss Prevention (DLP) is a concept that refers to the monitoring of data in use, data in motion, and data at rest. It does this through content inspection and is designed to prevent unauthorized use of data as well as prevent the leakage of data outside the computer (or network) that it resides.110. Which form of DLP is typically installed in data centers or server retinue? a. Endpoint DLP b. Network DLP c. Storage DLP d. large DLP Grade1 User Responsesc. Storage DLP Feedbacka. Storage DLP systems are typically installed in data centers or server rooms as software that inspect data at rest.111. Which of the following is an example of have encryption? a. AppLocker b. BitLocker c. Windows defender d. Trusted Platform Module Grade1 User Responsesb. BitLocker Feedbacka. To encrypt an entire hard disk, you need some kind of full disk encryption software.Several are currently available on the market one developed by Microsoft is called BitLocke r.112. The beauty of hardware-based encryption devices such as HSM (and TPM) is that it is ____________ than software encryption. a. more difficult to crack b. easier to use than software encryption c. faster than software encryption d. can be used to calculate data other than encryption keys Grade1 User Responsesc. faster than software encryption Feedbacka. ironware security modules (HSMs) are physical devices that act as secure cryptoprocessors.This government agency that they are used for encryption during secure login/authentication processes, during digital signings of data, and for payment security systems. The beauty of hardware-based encryption devices such as HSM (and TPM) is that it is faster than software encryption.113. A _________________ is a chip residing on the motherboard that actually stores the encrypted keys. a. DLP b. DHCP c. DEP d. TPM Grade1 User Responsesd. TPM Feedbacka. A Trusted Platform Module (TPM) chip is one residing on the motherboard that actually stores the encrypted keys.114. Which of the following is NOT required to encrypt the entire disk in Windows?Choose all that apply. a. TPM chip or USB key b. A hard tote with two volumes c. HSM Module d. Cryptoprocessor Grade2 User Responsesc. HSM Module,d. Cryptoprocessor Feedbacka. Hardware security modules (HSMs) are physical devices that act as secure cryptoprocessors however, they are NOT a part of encrypting the entire disk in Windows. /b. Hardware security modules (HSMs) are physical devices that act as secure cryptoprocessors however, they are NOT a part of encrypting the entire disk in Windows.115. Probably the most important security concern with cloud computing is _______________. . less secure connections b. loss of physical control of data c. weak authentication d. bug exploitation Grade1 User Responsesb. loss of physical control of data Feedbacka. Probably the most important security control concern is the physical control of data that is lost when an organization mak es use of cloud computing.116. Which of the following is NOT a solution to security issues surrounding cloud computing? a. Complex passwords b. Strong authentication methods c. Standardization of programming d. ninefold firewalls Grade1 User Responsesd. Multiple firewalls Feedbacka. Solutions to these security issues include complex passwords, strong authentication methods, encryption, and standardization of programming.117. Which form of DLP is typically installed on one-on-one computers? a. Endpoint DLP b. Network DLP c. Storage DLP d. Comprehensive DLP Grade1 User Responsesa. Endpoint DLP Feedbacka. Endpoint DLP systems run on an individual computer and are usually software-based. They monitor data in use such as email communications and can control what information flows between various users.118. Where could you disable the use of removable media on a computer? a. Device manager . BIOS c. Control panel d. Programs and features Grade1 User Responsesb. BIOS Feedbacka. BIOS sett ings can be used to reduce the risk of infiltration including disabling removable media including the floppy coerces and eSATA and USB ports.119. What are two shortcomings of using BitLocker drive encryption? a. Weak encryption b. Expensive c. Performance suffers d. Shorter drive spiritedness Grade2 User Responsesc. Performance suffers,d. Shorter drive life Feedbacka. A drive encrypted with BitLocker usually suffers in performance compared to a nonencrypted drive and could have a shorter shelf life as well. /b. A drive encrypted with BitLocker usually suffers in performance compared to a nonencrypted drive and could have a shorter shelf life as well.120. Which form of DLP is typically installed on the perimeter of the network? a. Endpoint DLP b. Network DLP c. Storage DLP d. Comprehensive DLP Grade1 User Responsesb. Network DLP Feedbacka. Network DLP systems can be software or hardware solutions that are often installed on the perimeter of the network. They inspect data that is in motion.121. Software as a service (SaaS) is a type of _____________ computing. a. HSM b. cloud c. role-based d. TPM Grade1 User Responsesb. cloudFeedbacka. Software as a Service (SaaS) is the most commonly used and recognized example of cloud computing. SaaS is when users access applications over the Internet that are provided by a third party.122. Which form of DLP inspects ONLY data in motion? a. Endpoint DLP b. Network DLP c. Storage DLP d. Comprehensive DLP Grade1 User Responsesb. Network DLP Feedbacka. Network DLP systems can be software or hardware solutions that are often installed on the perimeter of the network. They inspect data that is in motion.123. Which of the following is NOT an example of cloud services? a. SaaS b. IaaS c. PaaS d. BaaS Grade1User Responsesd. BaaS Feedbacka. Examples of cloud services include Software as a Service (SaaS), Infrastructure as a Service (IaaS), and Platform as a Service (PaaS).124. When an electronic control suffers an error, reports the error, and shuts down, it is called_____________. a. Failopen b. Failsafe c. Failclose d. Failshut Grade1 User Responsesb. Failsafe Feedbacka. When the control fails and shuts down, it is a failsafe. When it fails and leaves a vulnerable system, it is a failopen.125. What should be the first thing you hold in when an intrusion has been detected? a. Firewall logs b. Server logs c. Work localise logs d. hostage patches Grade1 User Responsesa. Firewall logs Feedbacka. log is also important when it comes to a firewall. Firewall logs should be the first thing you check when an intrusion has been detected. You should know how to access the logs and how to read them.126. Which log on a Windows server is where you could learn if Joe logged in today? a. Applications b. System c. Security d. DNS Grade1 User Responsesc. Security Feedbacka. The security log contains entries about logins and access to resources both successful and unsuccessful.127. Which of the following is NOT an example of p hysical security? a. Mantraps b.Security logs c. boob tube surveillance d. Hardware locks Grade1 User Responsesb. Security logs Feedbacka. Security logs track activities on the network which is logical not physical security.128. Which of the following is NOT a type of door lock? a. Cipher b. Keyed c. Cardkey d. Mantrap Grade1 User Responsesd. Mantrap Feedbacka. A mantrap is a two door system designed to prevent tailgating.129. Which of the following is NOT an example of operating system hardening? a. modify unnecessary services b. Removing the NIC c. Protecting management interfaces d. Password protection Grade1 User Responsesb. Removing the NIC Feedbacka.Hardening the system should not reduce its functionality, and removing the NIC would do that.130. Which of the following standards is often referred to as port-based security? a. 802. 1x b. 802. 11 c. 802. 11n d. 802. 1 Grade1 User Responsesa. 802. 1x Feedbacka. 802. 1x enforces perimeter security by keeping the port of the stati on closed until authentication is complete.131. In which type of monitoring is network traffic analyzed for influence attack patterns? a. Signature-based monitoring b. Anomaly-based monitoring c. Behavior-based monitoring d. Reactive-based monitoring Grade1 User Responsesa. Signature-based monitoringFeedbacka. Network traffic is analyzed for predetermined attack patterns. These attack patterns are known as signatures.132. A(n) __________________ uses baseline insurance coverage and other analyses to discover vulnerabilities and weaknesses in systems. a. NAT b. SPA c. SLA d. PSK Grade1 User Responsesb. SPA Feedbacka. The security posture can be defined as the risk level to which a system, or other technology element, is exposed. Security Posture Assessments (SPA) use baseline reporting and other analyses to discover vulnerabilities and weaknesses in systems.133. Which of the following indicate a problem currently occurring? . Trends b. Baselines c. Alarms d. Averts Grade1 User Resp onsesc. Alarms Feedbacka. Although alerts indicate an issue that MAY need attention, alarms indicate a problem currently occurring.134. Which of the following are detection controls? (Choose all that apply. ) a. IDS b. IPS c. telly cameras d. Security guard Grade2 User Responsesa. IDS,c. Video cameras Feedbacka. Detection controls, such as Intrusion Detection systems and video cameras record only activity they do not prevent it. /b. Detection controls, such as Intrusion Detection systems and video cameras record only activity they do not prevent it.135. Which of the following is designed to prevent tailgating? a. Mantraps b. Security logs c. Video surveillance d. Hardware locks Grade1 User Responsesa. Mantraps Feedbacka. Mantraps use double doors to prevent tailgating.136. Which of the following is a proximity reader? a. a security greenback that transmits the location of the bearer b. a device that tracks how close an individual is c. a security card reader that can read the card from a distance d. a card reader that locks the door when the holder is a certain distance from the door Grade1 User Responsesc. security card reader that can read the card from a distance Feedbacka. These cards use radio waves to transmit to the reader.137. By frequently updating systems and by employing other methods such as group policies and baselining, you _____________ the systems. a. fix b. harden c. virtualize d. hardline Grade1 User Responsesb. harden Feedbacka. By frequently updating systems and by employing other methods such as group policies and baselining, you harden the system.138. Installing service packs is a part of the ___________ process. a. baselining b. hardening c. marking . security templating Grade1 User Responsesb. hardening Feedbacka. Hardening the OS is accomplished through the use of service packs, patch management, hotfixes, group policies, security templates, and configuration baselines.139. ______________ can be described as unauthorized WAPs that inadvertently enable access to secure networks. a. Rogue access points b. disgust couple c. War driver d. Phisher Grade1 User Responsesa. Rogue access points Feedbacka. Rogue access points can be described as unauthorized wireless access points/routers that enable access to secure networks.They differ from an immorality twin in that an horror twin is strategically placed for the purpose of accessing the network or performing a high jacking attack, whereas rogue access points generally may be placed by employees for their convenience.140. Which wireless attacks include the introduction of radio interference? a. Rogue Access Point b. Evil twin c. War driver d. Bluesnarfing Grade1 User Responsesb. Evil twin Feedbacka. The evil twin attack includes jamming the network to cause the stations to associate with the evil twin AP.141. When executing the Evil twin attack, what value must match on the Evil twin and the legitimate AP? . IP address b. SSID c. MAC address d. Admin password Gra de1 User Responsesb. SSID Feedbacka. The Evil twin attack includes jamming the network to cause the stations to associate with the Evil twin AP. The stations will not roam to the Evil twin unless the SSID is the same as the legitimate AP.142. ________________ is when a person attempts to access a wireless network, usually while whimsical in a vehicle. a. War chalking b. Radiophishing c. War driving d. Bluesnarfing Grade1 User Responsesc. War driving Feedbacka. War driving is when a person attempts to access a wireless
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment