CYBR1100 Spring 2018 Ch 11 Quiz
A password policy for a 90- or 180-day replacement schedule is called password ________.
Age
The process to make a system as secure as it can be without adding on specialized software or equipment is _______________
Hardening
Which of the following is a common way to establish security between a web server and a network?
Put a firewall between the web server and the network.
The rule that packets not originating from inside your LAN should not be forwarded relates to ___________.
Routers
Which of the following is a good reason to check dependencies before shutting down a service?
To determine whether shutting down this service will affect other services
CNE, MCITP, CISSP, and CCNA are examples of industry certifications.
True
Every open port on a router is a possible avenue of entry for a malware or intruder.
True
Experience is the most important factor when looking for a security professional.
True
Microsoft Baseline Security Analyzer (MBSA) checks one or more Windows machines to see if they have basic security in place.
True
Nessus is the premiere network vulnerability scanner.
True
There should be a firewall between your network and the outside world.
True
How might you ensure that system patches are kept up to date?
Use an automated patching system.
Windows has a built in firewall, but Linux does not.
False
Any _________ you do not explicitly need should be shut down.
Ports
What are the six Ps of security?
Ports, patch, protect, probe, policies, physical
A _________ involves setting up two firewalls: an outer and an inner firewall.
DMZ (Demilitarized Zone)
You would set a ___________ to prevent users from immediately changing their password several times in one day to return to the current password. This is particularly important if your password policy has a history depth of five.
Minimum password age
On a server, you should create your own accounts with ________ that do not reflect their level of permission.
Names
For an individual machine that is not running firewall software, you do not directly close ports. You shut down the _________ using that port.
None of the Above ("Service" is the correct answer)
Probing your network for security flaws should occur once a quarter, and a complete audit of your security should be completed ________ per year.
Once
The first rule of computer security is to check ___________.
Patches