Final Exam

¡Supera tus tareas y exámenes ahora con Quizwiz!

Password Policy

"Maximum and minimum password age" is part of which of the following?

Owner of the resource

In a discretionary access control model, who is in charge of setting permissions to a resource?

Firewall logs

James has detected a network intrusion in his company. What should he check first?

MAC

Lattice-based access control is an example of what type of access control policy?

time of day restriction

when a user's logon hours are configured to restrict access to the network during certain times of the day and week

Port 514

Syslog uses what port?

Port 636

To use the lightweight directory access protocol (LDAP) in a secure fasion what port should be used?

Black-box testing

when people test a system but have no specific knowledge of the system

create and use a template

your boss wants you to make changes to 20 computers' internet explorer programs. to do this quickly, what is the best solution.

False

True or False: If you move a folder to a different location on the same volume, that folder will lose its permissions.

False

True or False: A honeypot is a device that caches information for hackers.

True

True or False: A stateless packet filter is vulnerable to IP spoofing attacks.

True

True or False: Active Directory Users and Computers can be used to add organizational units to a domain.

False

True or False: An intranet enables multiple companies to access a secure area of a company's network.

True

True or False: By checking CVEs, you can keep informed of the latest attacks to web servers.

True

True or False: If a child folder is inheriting its permissions from a parent folder, it could be said that the parent is propagating those permissions to the child.

False

True or False: Lattice-based access control is an example of role-based access control.

False

True or False: NAT filtering accepts or rejects packets based on rules.

True

True or False: NAT filtering matches incoming traffic to corresponding outbound IP connections by matching the IP address and port.

True

True or False: Nat is sometimes also known as IP masquerading

True

True or False: Network access control (NAC) sets rules by which network connections are governed.

False

True or False: One way to protect a WAN is to place all the computers behind a router.

NIDS

True or False: Snort and Bro are examples of which of the following?

True

True or False: Subnetting increases security by compartmentalizing a network.

True

True or False: To change permissions on a file in Linux, you would use the chmod command.

true

True or False: a service pack is a group of updates, bug fixes, updated drivers, and security fixes.

False

True or False: one way of protecting Microsoft outlook is to use a password for opening or modifying documents

false

True or False: to open the local group policy editor console window, a user should type MMC at the run prompt

True

True or false: WEP is deprecated; it should be replaced with a more secure protocol such as WPA2.

place it in a faraday cage

What is not a good strategy for securing a WAP

using Port 20

What is not an example of good FTP server security?

Ctrl+alt+del c

What key combination helps to secure the logon process?

Port 7

What port does Echo use?

Port 21

What port does FTP use?

Port 25

What port does SMTP use?

Port 1433

What port is used by Ms-sql-s

Port 389

What port is used by the standard lightweight directory access protocol?

Firewall

What should be your primary line of defense in network security?

MAC

Which of the following is an access control policy determined by a computer system and not by a user or owner?

User account control

Which of the following keeps every user in a standard user mode instead of as an administrator, even if the user is a member of the administrators group?

EMI

a disturbance that can affect electrical circuits, devices, and cables due to electromagnetic conduction or radiation.

black hat

a hacker that breaks into computer systems without permission with the express purpose of theft, piracy, credit card fraud, or other illegal activities.

null pointer dereference

a memory dereference that can result in a memory fault error

hardware security module (HSM)

a physical device that deals with the encryption of authentication processes, digital signings, and payment processes

trusted operating system (TOS)

a system that adheres to criteria for multilevel security and meets government regulations

White hat

a type of hacker that is contracted to break into a company's system

Ransomware

a type of malware that restricts access to a computer system and demands a random be paid to restore access

open mail relay

also known as an SMTP open relay, enables anyone on the internet to send e-mail through an SMTP server

hacktivist

an attacker who has an agenda that may or may not be benign

secure code review

an in-depth code inspection procedure

True

Full control is a type of NTFS permission that might be enabled within an access control list.

65.19.28.154.80

A client computer uses the IP address 10.254.254.189. It has made a connection to a web server by opening the outbound port 1589. The server uses the IP address 65.19.28.154. You want to filter out any HTTP packets coming from the server. Which IP address and port should you specify to be filtered on the firewall?

UDP flood attack

A similar attack to the Fraggle. It uses the connectionless User Datagram Protocol. It is enticing to attackers because it does not require a synchronization process

eight-character passwords

what is not an example of good cloud security

windows defender

what is the best option to use to prevent spyware?

Session hijacking

what is the exploitation of a computer session in an attempt to gain unauthorized access to data?

DMZ

what is used to house FTP servers, mail servers, and web servers so that people on the internet can access them but not access any other of the organization's servers

Port 53

what port does DNS use?

Port 80

what port does HTTP run on

Port 88

what port does Kerberos use?

Port 3389

what port does Remote desktop protocol use?

Port 443

what port is used by HTTPS?

port 19

what port number is used by character generator

Script Kiddie

An individual with little technical skill that reuses code and scripts that are freely available on the internet

virtual machine (VM)

An operating system (or application) created by virtual machine software that runs within a hosting operating system

Coaxial cable

Data emanation occurs most commonly on what type of cable

Verify that the guest Rename and password protect

Of the following, what are two good ways to protect the computer? (Select the two best answers.)

Port 1812

RADIUS uses what port?

security log files

files that log activity of users. they show who did what and when, plus whether they succeeded or failed in their attempt

integrity

for information security what is the I in CIA

FTP

if a server has inbound port 21 open what service is running?

RFI

interference that can come from AM/FM transmissions and cell towers.

Privilege escalation

the act of exploiting a bug or design flaw in an operating system or application to gain access to resources that normally would be protected from an application or user

False

the convert command converts an NTFS drive to FAT32

virtualization

the creation of a virtual entity as opposed to a true or actual entity

baselining

the process of measuring changes in networking, hardware, software, and so on.

Bluejacking

the sending of unsolicited messages to bluetooth-enabled devices such as mobile phones

accounting

the tracking of data, computer usage, and network resources. often it means monitoring of the data and resources

bluesnarfing

the unauthorized access of information from a wireless device through a bluetooth connection

false

true or false: Blue jacking is the unauthorized access of information from a wireless device through a bluetooth connection?

true

true or false: Malware is software designed to infiltrate a computer system without the user's consent

False

true or false: a system can easily be completely secure

false

true or false: an example of a windows firewall is iptables

true

true or false: in the case of theft, the two best ways to protect against the loss of confidential or sensitive information are encryption and a remote wipe program

False

true or false: opening mail relays can decrease the amount of spam that and organizaation receives on its e-mail server.

true

true or false: personal firewalls are applications that protect an individual computer from unwanted internet traffic

False

true or false: social engineering includes viruses, worms, and trojan horses

True

true or false: the concept of least functionality is when an organization configures computers and other information systems to provide only the essential functions

Group Policy

used in Microsoft environments to govern user and computer accounts through a set of rules

ad filtering

ways of blocking and filtering out unwanted advertisements; pop-up blockers and content filters are considered to be ad filtering methods

Wireshark Network Monitor

what are examples of protocol analyzers?

smurf attack teardrop attack fork bomb

what are three denial of service attacks?

1. password protect (.pst files) 2. install the latest office update or service pack 3. increase the junk e-mail security level

what are three ways to increase the security of microsoft outlook?

callback feature

what can help secure a modem?

Java applets

what can run on any platform?

Net stop

what commands can be used to turn off a service?

microsoft manaagement console

what does MMC open?

local group policy editor

what does gpedit.msc open when types in on the run prompt?

availability

what does the A in CIA stand for when relating to IT security

internet optimizer

what is an example of a spyware?


Conjuntos de estudio relacionados

Chapter 1: Private Land-Use Controls. Explain how the bundle of rights interacts with deed restrictions and covenants Describe what deed restrictions and restrictive covenants are and how they function Explain how deed restrictions and covenants

View Set

Incorrect answers in Must Be True questions

View Set

Ionic Bonding and Ionic Compounds Study Guide

View Set

Chapter 1 : External vs. Internal Users

View Set

Chapter 7 Social Psychology : Persuasive Communication

View Set

Ch 27 fire and life safety initiative

View Set