MIS 585 CH 6-9 Review Questions
What is the file extension for a Cryptographic Message Syntax Standard based on PKCS#7 that defines a generic syntax for defining digital signature and encryption? a. .P7B b. .cer c. .P12 d. .xdr
a. .P7B
What is a virtual firewall? a. A firewall that runs in the cloud b. A firewall that runs in an endpoint virtual machine c. A firewall that blocks only incoming traffic d. A firewall appliance that runs on a LAN
a. A firewall that runs in the cloud
In which of the following configurations are all the load balancers always active? a. Active-active b. Active-passive c. Passive-active-passive d. Active-load-passive-load
a. Active-active
What is the name of the device protected by a digital certificate? a. CN b. TLXS c. RCR d. V2X2
a. CN
Which block cipher mode of operating requires that both the message sender and receiver access a counter that computes a new value whenever a ciphertext block is exchanged? a. CTR b. CN c. CD d. CXL
a. CTR
Which of the following is not to be decrypted but is only used for comparison purposes? a. Digest b. Key c. Stream d. Algorithm
a. Digest
What is the strongest technology that would assure Alice that Bob is the sender of a message? a. Digital signature b. Encrypted signature c. Digest d. Digital certificate
a. Digital signature
How is confidentiality achieved through IPsec? a. ESP b. AHA c. ISAKMP d. AuthX
a. ESP
Which of the following functions does a network hardware security module NOT perform? a. Fingerprint authentication b. Key management c. Key exchange d. Random number generator
a. Fingerprint authentication
Which device intercepts internal user requests and then processes those requests on behalf of the users? a. Forward proxy server b. Reverse proxy server c. Host detection server d. Intrusion prevention device
a. Forward proxy server
Which of the following contains honeyfiles and fake telemetry? a. High-interaction honeypot b. Attacker-interaction honeypot c. Honeypotnet d. Honeyserver
a. High-interaction honeypot
How does BPDU guard provide protection? a. It detects when a BPDU is received from an endpoint. b. It sends BPDU updates to all routers. c. BPDUs are encrypted so that attackers cannot see their contents. d. All firewalls are configured to let BPDUs pass to the external network.
a. It detects when a BPDU is received from an endpoint.
Which of the following is NOT a characteristic of the Trusted Platform Module (TPM)? a. It provides cryptographic services in hardware instead of software. b. It can generate asymmetric cryptographic public and private keys. c. It can easily be transported to another computer. d. It includes a pseudorandom number generator (PRNG).
a. It provides cryptographic services in hardware instead of software.
Hanna has received a request for a data set of actual data for testing a new app that is being developed. She does not want the sensitive elements of the data to be exposed. What technology should she use? a. Masking b. Tokenization c. Data Object Obfuscation (DOO) d. PII Hiding
a. Masking
Theo uses the Python programming language and does not want his code to contain vulnerabilities. Which of the following best practices would Theo NOT use? a. Only use compiled and not interpreted Python code. b. Use the latest version of Python. c. Use caution when formatting strings. d. Download only vetted libraries.
a. Only use compiled and not interpreted Python code.
Which of the following sensors can detect an object that enters the sensor's field? a. Proximity b. Field detection c. IR verification d. Object recognition
a. Proximity
Emilie is reviewing a log file of a new firewall. She notes that the log indicates packets are being dropped for incoming packets for which the internal endpoint did not initially create the request. What kind of firewall is this? a. Stateful packet filtering b. Connection-aware firewall c. Proxy firewall d. Packet filtering firewall
a. Stateful packet filtering
Which of the following is a tool for editing packets and then putting the packets back onto the network to observe their behavior? a. Tcpreplay b. Tcpdump c. Wireshark d. Packetdump
a. Tcpreplay
What is the result of an ARP poisoning attack? a. The ARP cache is compromised. b. Users cannot reach a DNS server. c. MAC addresses are altered. d. An internal DNS must be used instead of an external DNS.
a. The ARP cache is compromised.
Which is the first step in a key exchange? a. The browser generates a random value ("pre-master secret"). b. The web server sends a message ("ServerHello") to the client. c. The web browser verifies the server certificate. d. The web browser sends a message ("ClientHello") to the server.
a. The browser generates a random value("pre-master secret").
What is Bash? a. The command-language interpreter for Linux/ UNIX OSs b. The open source scripting language that contains many vulnerabilities c. A substitute for SSH d. The underlying platform on which macOS is built
a. The command-language interpreter for Linux/ UNIX OSs
What is a collision? a. Two files produce the same digest. b. Two ciphertexts have the same length. c. Two algorithms have the same key. d. Two keys are the same length.
a. Two files produce the same digest.
Which of the following is NOT a firewall rule parameter? a. Visibility b. Time c. Context d. Action
a. Visibility
What is data called that is to be encrypted by inputting it into a cryptographic algorithm? a. Plaintext b. Byte-text c. Cleartext d. Ciphertext
a. plaintext
Which of these is the strongest symmetric cryptographic algorithm? a. Data Encryption Standard b. Advanced Encryption Standard c. Triple Data Encryption Standard d. RC 1
b. Advanced Encryption Standard
If Bob wants to send a secure message to Alice using an asymmetric cryptographic algorithm, which key does he use to encrypt the message? a. Alice's private key b. Alice's public key c. Bob's public key d. Bob's private key
b. Alice's public key
Deo has been asked to explain RSA to his colleague. After his explanation, Deo is asked what, if any, weaknesses RSA has. How would Deo respond? a. RSA has no known weaknesses. b. As computers become more powerful, the ability to compute factoring has increased. c. RSA weaknesses are based on ECC. d. The digest produced by the RSA algorithm is too short to be secure.
b. As computers become more powerful, the ability to compute factoring has increased.
What is the name of the fields in an X.509 digital certificate that are used when the parties negotiate a secure connection? a. Electronic Code Book (ECB) repositories b. Certificate attributes c. CTR d. PFX
b. Certificate attributes
12. Which of these is NOT a characteristic of a secure hash algorithm? a. The results of a hash function should not be reversed. b. Collisions should occur no more than 15 percent of the time. c. A message cannot be produced from a predefined hash. d. The hash should always be the same fixed size.
b. Collisions should occur no more than 15 percent of the time.
What entity calls in crypto modules to perform cryptographic tasks? a. Certificate Authority (CA) b. Crypto service provider c. Intermediate CA d. OCSP
b. Crypto service provider
Tomaso is explaining to a colleague the different types of DNS attacks. Which DNS attack would only impact a single user? a. DNS hijack attack b. DNS poisoning attack c. DNS overflow attack d. DNS resource attack
b. DNS poisoning attack
Maja has been asked to investigate DDoS mitigations. Which of the following should Maja consider? a. DDoS Prevention System (DPS) b. DNS sinkhole c. MAC pit d. IP denier
b. DNS sinkhole
Which of these is NOT used in scheduling a load balancer? a. The IP address of the destination packet b. Data within the application message itself c. Round-robin d. Affinity
b. Data within the application message itself
What is the difference between a DoS and a DDoS attack? a. DoS attacks are faster than DDoS attacks. b. DoS attacks use fewer computers than DDoS attacks. c. DoS attacks do not use DNS servers as DDoS attacks do. d. DoS attacks use more memory than DDoS attacks.
b. DoS attacks use fewer computers than DDoS attacks.
Which of these provides cryptographic services and is external to the device? a. Trusted Platform Module (TPM) b. Hardware Security Module (HSM) c. Self-encrypting hard disk drives (SED) d. Encrypted hardware-based USB devices
b. Hardware Security Module (HSM)
Which of the following is FALSE about "security through obscurity"? a. It attempts to hide its existence from outsiders. b. It can only provide limited security. c. It is essentially impossible. d. Proprietary cryptographic algorithms are an example.
b. It can only provide limited security
Which of the following is NOT correct about L2TP? a. It is used as a VPN protocol. b. It must be used on HTML 5 compliant devices. c. It does not offer encryption. d. It is paired with IPsec.
b. It must be used on HTML 5 compliant devices.
Which refers to a situation in which keys are managed by a third party, such as a trusted CA? a. Key authorization b. Key escrow c. Remote key administration d. Trusted key authority
b. Key escrow
Which attack intercepts communications between a web browser and the underlying OS? a. Interception b. Man-in-the-browser (MITB) c. DIG d. ARP poisoning
b. Man-in-the-browser (MITB)
Cryptography can prevent an individual from fraudulently reneging on an action. What is this known as? a. Repudiation b. Nonrepudiation c. Obfuscation d. Integrity
b. Nonrepudiation
Leah is researching information on firewalls. She needs a firewall that allows for more generic statements instead of creating specific rules. What type of firewall should Leah consider purchasing that supports her need? a. Content/URL filtering firewall b. Policy-based firewall c. Hardware firewall d. Proprietary firewall
b. Policy-based firewall
Which of the following is NOT a symmetric cryptographic algorithm? a. DES b. SHA c. Blowfish d. 3DES
b. SHA
Which is a protocol for securely accessing a remote computer in order to issue a command? a. Transport Layer Security (TLS) b. Secure Shell (SSH) c. Secure Sockets Layer (SSL) d. Secure Hypertext Transport Protocol (SHTTP)
b. Secure Shell (SSH)
Sofie needs to configure the VPN to preserve bandwidth. Which configuration would she choose? a. Narrow tunnel b. Split tunnel c. Full tunnel d. Wide tunnel
b. Split tunnel
What is low latency? a. A low-power source requirement of a sensor. b. The time between when a byte is input into a cryptographic cipher and when the output is obtained. c. The requirements for an IoT device that is using a specific network. d. The delay between when a substitution cipher decrypts the first block and when it finishes with the last block.
b. The time between when a byte is input into a cryptographic cipher and when the output is obtained.
Egor wanted to use a digital signature. Which of the following benefits will the digital signature NOT provide? a. Verify the sender b. Verify the receiver c. Prove the integrity of the message d. Enforce nonrepudiation
b. Verify the receiver
Which utility sends custom TCP/IP packets? a. curl b. hping c. shape d. Pingpacket
b. hping
What are public key systems that generate different random public keys for each session? a. Public Key Exchange (PKE) b. perfect forward secrecy c. Elliptic Curve Diffie-Hellman (ECDH) d. Diffie-Hellman (DH)
b. perfect forward secrecy
Which type of monitoring methodology looks for statistical deviations from a baseline? a. Behavioral monitoring b. Signature-based monitoring c. Anomaly monitoring d. Heuristic monitoring
c. Anomaly monitoring
Which of the following is NOT a means by which a newly approved root digital certificate is distributed? a. Pinning b. OS updates c. Application updates d. Web browser updates
c. Application updates
Who verifies the authenticity of a CSR? a. Certificate signatory b. Registration authority c. Certificate authority d. Signature authority
c. Certificate authority
Basil was reading about a new attack that forces the system to abandon a higher cryptographic security mode of operation and instead fall back to an older and less secure mode. What type of attack is this? a. Deprecation attack b. Pullback attack c. Downgrade attack d. Obfuscation attack
c. Downgrade attack
Which of the following is NOT a reason that threat actors use PowerShell for attacks? a. It cannot be detected by antimalware running on the computer. b. It leaves behind no evidence on a hard drive. c. It can be invoked prior to system boot. d. Most applications flag it as a trusted application.
c. It can be invoked prior to system boot.
Deacon has observed that the switch is broadcasting all packets to all devices. He suspects it is the result of an attack that has overflowed the switch MAC address table. Which type of attack is this? a. MAC spoofing attack b. MAC cloning attack c. MAC flooding attack d. MAC overflow attack
c. MAC flooding attack
Elton needs his application to perform a real-time lookup of a digital certificate's status. Which technology would he use? a. Certificate Revocation List (CRL) b. Real-Time CA Verification (RTCAV) c. Online Certificate Status Protocol (OCSP) d. Staple
c. Online Certificate Status Protocol (OCSP)
Brielle is researching substitution ciphers. She came across a cipher in which the entire alphabet was rotated 13 steps. What type of cipher is this? a. XOR b. XAND13 c. ROT13 d. Alphabetic
c. ROT13
Cicero is researching hash algorithms. Which algorithm would produce the longest and most secure digest? a. SHA-256 b. MD5 c. SHA3-512 d. SHA6-6
c. SHA3-512
_________________ are symmetric keys to encrypt and decrypt information exchanged during the session and to verify its integrity. a. Digital digests b. Encrypted signatures c. Session keys d. Digital certificates
c. Session Keys
Which of the following hides the existence of information? a. Encryption b. Decryption c. Steganography d. Ciphering
c. Steganography
Olivia is explaining to a friend about digital certificates. Her friend asks what two entities a digital certificate associates or binds together. What would Olivia say? a. The users' symmetric key with the public key b. The users' public key with their private key c. The users' identity with their public key d. A private key with a digital signature
c. The users' identity with their public key
What is the purpose of certificate chaining? a. To ensure that a web browser has the latest root certificate updates b. To look up the name of intermediate RA c. To group and verify digital certificates d. To hash the private key
c. To group and verify digital certificates
Which of the following can a digital certificate NOT be used for? a. To encrypt messages for secure email communications b. To encrypt channels to provide secure communication between clients and servers c. To verify the authenticity of the CA d. To verify the identity of clients and servers on the web
c. To verify the authenticity of the CA
Which of the following is NOT a Microsoft defense against macros? a. Protected View b. Trusted documents c. Trusted domain d. Trusted location
c. Trusted domain
Estevan has recommended that the organization hire and deploy two security guards in the control room to limit the effect if one of the guards has been compromised. What is Estevan proposing? a. Dual observation protocol (DOP) b. Compromise mitigation assessment (CMA) c. Two-person integrity/control d. Multiplayer recognition
c. Two-person integrity/control
Which of these appliances provides the broadest protection by combining several security functions? a. NAT b. WAF c. UTM d. NGFW
c. UTM
Which of the following is NOT a NAC option when it detects a vulnerable endpoint? a. Deny access to the network. b. Give restricted access to the network. c. Update Active Directory to indicate the device is vulnerable. d. Connect to a quarantine network.
c. Update Active Directory to indicate the device is vulnerable.
Which of these is NOT a basic security protection for information that cryptography can provide? a. Integrity b. Authenticity c. Risk d. Confidentiality
c. risk
Which is an IPsec protocol that authenticates that packets received were sent from the source? a. PXP b. DER c. CER d. AH
d. AH
Which firewall rule action implicitly denies all other traffic unless explicitly allowed? a. Force Allow b. Force Deny c. Bypass d. Allow
d. Allow
A centralized directory of digital certificates is called a(n) _________________. a. Digital signature permitted authorization (DSPA) b. Authorized digital signature (ADS) c. Digital signature approval list (DSAP) d. Certificate repository (CR)
d. Certificate repository (CR)
Juan needs a certificate that must only authenticate that a specific organization has the right to use a particular domain name. What type of certificate does he need? a. Website validation b. Root c. Extended validation d. Domain validation
d. Domain validation
Calix was asked to protect a system from a potential attack on DNS. What are the locations he would need to protect? a. Web server buffer and host DNS server b. Reply referrer and domain buffer c. Web browser and browser add-on d. Host table and external DNS server
d. Host table and external DNS server
Which statement regarding a demilitarized zone (DMZ) is NOT true? a. It can be configured to have one or two firewalls. b. It typically includes an email or web server. c. It provides an extra degree of security. d. It contains servers that are used only by internal network users.
d. It contains servers that are used only by internal network users.
Which of the following is NOT true about VBA? a. It is commonly used to create macros. b. It is built into most Microsoft Office applications. c. It is included in select non-Microsoft products. d. It is being phased out and replaced by PowerShell.
d. It is being phased out and replaced by PowerShell.
Which of the following is not a basic configuration management tool? a. Baseline configuration b. Standard naming convention c. Diagrams d. MAC address schema
d. MAC address schema
Proteus has been asked to secure endpoints that can be programmed and have an IP address so that they cannot be used in a DDoS attack. What is the name for this source of DDoS attack? a. Network b. Application c. IoT d. Operational Technology
d. Operational Technology
Which of the following is a third-party OS penetration testing tool? a. theHarvester b. scanless c. Nessus d. Sn1per
d. Sn1per
Eros wants to change a configuration file on his Linux computer. He first wants to display the entire file contents. Which tool would he use? a. head b. show c. display d. Cat
d. cat
Which of the following does NOT describe an area that separates threat actors from defenders? a. DMZ b. Air gap c. Secure area d. Containment space
d. containment space
Gregory wants to look at the details about the patch a packet takes from his Linux computer to another device. Which Linux command-line utility will he use? a. tracepacket b. trace c. tracert d. Traceroute
d. traceroute