Exam 1
Which of the following addresses is a class B IP address?
189.77.101.6
Which of the following is the broadcast address for subnet 192.168.10.32 with subnet mask 255.255.255.240
192.168.10.47
Which protocol is responsible for automatic assignment of IP addresses?
DHCP
Which of the following best describes a one-way function?
Easy to compute but difficult and time comsuming in reverse
All devices interpret attack signatures uniformly
False
Fragmentation of IP packets is normal and doesn't present any network problems?
False
Which of the following is an element of the TCP header that can indicate that a connection has been established?
Flags
What is the packet called where a Web browser sends a request to the Web server for Web page data?
HTTP GET
Which of the following is commonly used for verifying message integrity?
Hashing function
Which of the following is NOT one of the three primary goals of information security?
Impartiality
Which type of function is used in cryptography?
Permutation
What is a VPN typically used for?
Secure remote access
What is the TCP portion of a packet called?
Segment
Why might you want your security system to provide nonrepudiation?
So a user can't deny sending or receiving a communication
In which type of scan does an attacker scan only ports that are commonly used by specific programs?
Strobe scan
How are the two parts of an IP address determined?
Subnet mask
Which field in the IP header is an 8-bit value that identifies the maximum amount of time the packet can remain in the network before it dropped?
TTL
Which of the following is a valid IPv6 address?
1080::8:800:200c:417A
How large is the IPv6 address space?
128 bits
Defense in depth can be described as which of the following?
A layered approach to security
Which security layer verifies the identity of a user, service, or computer?
Authentication
What type of attack does a remote-access Trojan attempt to perpetrate?
Back door
Which of the following is described as a 64-bit block cipher composed of a 16-round Feistel network and key-dependent S-box functions?
Blowfish
With which access control method do system administrators establish what information users can share?
Mandatory access control
Which type of firewall policy calls for a firewall to deny all traffic by default?
Restrictive policy
Which of the following is NOT a critical goal of information security?
Scalability
Which of the following is true about encryption algorithms?
Their strength is tied to their key length?
Which of the following is true about PRNGs?
They are not completely random
How does the CVE standard make network security devices and tools more effective?
They can share information about attack signatures
At which layer of the OSI model does IPsec work?
Three
A worm creates files that copy themselves repeatedly and consume disk space
True
Packet fragmentation is not norma, and can only occur if an attack has been initiated.
True
Which of the following is a current standard for PKI that specifies a strict hierarchical system for CAs issuing certificates?
X509
Which type of scan has the FIN,PSH, and URG flags set?
Xmas scan
In which form of authentication does the authenticating device generate a random code and send it to the user who wants to be authenticated?
challenge/response
Which of the following is not a reason for subletting a network?
making larger groups of computers
Which type of attack works by an attacker operating between two computers in a network and impersonating one computer to intercept communications?
man-in-the-middle
Which of the following is true about cryptographic primitives?
primitives are usually not the source of security failures
Under which suspicious traffic signature category would a port scan fall?
reconnaissance
Which of the following is NOT a category of suspicious TCP/IP packet?
suspicious CRC value