Wireless Networking Part 2 Chp 8
Apple's security-based decision to restrict downloading of apps to those in its app store is one of the reasons people jailbreak phones, which is one of the biggest security problems in ios. a. true b. false
a. true
Assignment to a VLAN can be determined through the authentication process when joining a network. a. true b. false
a. true
Discovery protocols are great for IT personnel, but are also useful to hackers; for this reason they should be limited and carefully controlled. a. true b. false
a. true
For larger networks or campuses, centralized control greatly simplifies design and tends to work better due the time savings offered with regard to maintenance. a. trueb. false
a. true
Google play displays all the permissions required by an application before it is installed. This warns users of all the services the app will use before installation. a. true b. false
a. true
IPSec is a very secure protocol suite that's easy to implement with a shared secret. a. true b. false
a. true
MAM plays an important role in providing application provenance for custom enterprise apps on Apple iOS or Windows Phone devices. a. true b. false
a. true
Most security issues with Apple iOS are the result of jailbreaking, which circumvents Apple's ability to secure applications. a. true b. false
a. true
Password management systems are a great way to implement many strong passwords without having to remember them all. a. true b. false
a. true
Risk analysis results can be calculated using both quantitative and qualitative methods. a. true b. false
a. true
Session hijacking works because client devices tend to connect to a known ssid with the highest signal strength a. true b. false
a. true
Windows phone's sandboxing approach does not allow apps to directly interact with each other. a. true b. false
a. true
Windows secure boot and application integrity ensure the authenticity and integrity of apps, making it very difficult for cyber criminals to target windows phone devices with effective malware. a. true b. false
a. true
Vulnerabilities can be categorized into which of the following three groups. b. Interception, availability, and access
b. Interception, availability, and access
what is the main difference between MDM and MAM? b. MDM handles the device activation, enrollment, and provisioning, whereas MAM assists in the delivery of software.
b. MDM handles the device activation, enrollment, and provisioning, whereas MAM assists in the delivery of software.
Why are the windows phones less likely to be jailbroken? b. The OS is offered on a wide variety of devices, giving people more options.
b. The OS is offered on a wide variety of devices, giving people more options.
#7 chapter 11 Which of the following is the key difference between the android and apple iOS security apporaches? b. apple uses a walled garden approach, requiring all apps to go through its system.
b. apple uses a walled garden approach, requiring all apps to go through its system.
Risk can be calculated as which of the following? b. asses * vulnerability * threat
b. asses * vulnerability * threat
Chap 11 The Android OS is less susceptible to attacks than Apple iOS and Windows phone because it is based on an open source model. a. true b. false
b. false
Chp10 Risk assessment on wireless networks is signifficantly different from risk assessment on wired networks. a. true b. false
b. false
SNMP traps are a common attack used by hackers to fool users. a. true b. false
b. false
The RADIUS server is a central repository for all the authentication data and can issue the success or fail notifications. However, the access point still needs to know the clients authentication credentials. a. true b. false
b. false
Which of the following is not a vulnerability of http carriage return line feed or http response splitting. b. it allows attackers to break encryption in the second packet.
b. it allows attackers to break encryption in the second packet.
Compared to PCs, mobile devices have which of the following? b. more risk, because they are subject to all the same exploits and many of their own issues
b. more risk, because they are subject to all the same exploits and many of their own issues
Which of the following versions of SNMP offer protection in the form of encryption. a. snmpv2 b. snmpv3 c. both snmpv2 and snmpv3 d. neither snmpv2 nor snmpv3
b. snmpv3
In what way is the windows phone 8 policy control different from Android's b. the windows phone 8 policy control can be enforced on any windows phone device, whreas android is fragmented across many devices
b. the windows phone 8 policy control can be enforced on any windows phone device, whreas android is fragmented across many devices
Potentially unwanted applications (PUAs) are used for which of the following purposes? b. to monetize applications through connections to aggressive third-party advertising networks.
b. to monetize applications through connections to aggressive third-party advertising networks.
Chap 9 Network discovery tools are a set of tools made specifically for hackers. a. true b. false
b.false
In what way does Apple's sandbox differ form Android's ? c. Apple allows applications free access to system resources and features.
c. Apple allows applications free access to system resources and features.
The annualized loss expectancy (ALE) is which of the following. c. The product of the ARO and the SLE, which idicates the likely loss for a specific year.
c. The product of the ARO and the SLE, which idicates the likely loss for a specific year.
Which of the following describes brute-force attacks? c. They are fairly inefficient
c. They are fairly inefficient
The heartbleed vulnerability, which existed for years before it was discovered and publicl disclosed, illustrated which of the following? c. bugs will always exist in complex code, no matter how diligent developers are.
c. bugs will always exist in complex code, no matter how diligent developers are.
In what way does Android take advantage of Linux's multi-user environment? c. by adapting the multi-user-based protection of isolating android applications.
c. by adapting the multi-user-based protection of isolating android applications.
Regular audits with a protocol analyzer can do which of the following? a. prevent rogue aps from being established b. eliminate potential viruses c. help find and isolate misconfigured clients and rogue access points d. all of the above
c. help find and isolate misconfigured clients and rogue access points
Although the apple handoff feature can increase productivity, it may also do which of the following? c. it could undermine the benefits of sandboxing.
c. it could undermine the benefits of sandboxing.
Which of the following most accurately describes penetration testing, or pentesting? c. pentesting is an important aspect of identifying vulnerabilities and hardening defenses.
c. pentesting is an important aspect of identifying vulnerabilities and hardening defenses.
Which of the following is not a point of emphasis when auditing security on a wireless network? a radio frequency (RF) leakage beyond the physical perimeter. b. the use of weak encryption protocols such as wep or wpa c. the completeness of the existing security policy d. the wireless network's conformity to the company's security policy.
c. the completeness of the existing security policy
Which of the following describes preproduction vulnerability assessments? c. they are performed on new solutions/devices before these are added to the production network.
c. they are performed on new solutions/devices before these are added to the production network.
The open source nature of Android results in which of the following? d. Rapid, multi-threaded development driven by customer demand.
d. Rapid, multi-threaded development driven by customer demand.
Which of the following describes dictionary attacks? a. they take advantage of people's tendency to use actual words for passwords. b. they can be done offline and used against captured packets to test without detection c. they can check millions of passwords per second. d. all of the above
d. all of the above
Extensible Authentication Protocol does which of the following? a. protects authentication credentials b. can be used over a LAN to securely connect to a RADIUS server c. Is independent of the authentication method used d. All of the above
D. all of the above
Which of the following best describes application provenance? a. it helps ensure that users can trust the authenticity and integrity of the applications in the app store.
a. it helps ensure that users can trust the authenticity and integrity of the applications in the app store.
The implementation of barriers, hardening, and monitoring are examples of which of the following. a. security controls b. protocols c. security regulations d. assessment techniques e. all of the above
a. security controls
#6 Chap 10 Vulnerability analysis is the task of identifying, evaluating, and documenting the existence of possible asset vulnerabilities. a. true b. false
a. true
Android permissions are the key to ensuring that one application cannot access other applications or application resources. a. true b. false
a. true
Which of the following are true about SSO? a. users need to remember only one password. b. it makes a network more secure. c. it makes a network less secure. d. it reduces the management burden of IT. e. It can enhance security on a well-run network or worsen security on a poorly run network.
d. it reduces the management burden of IT. e. It can enhance security on a well-run network or worsen security on a poorly run network. a. users need to remember only one password.
Which of the following KPIs is unaffected by the use of VOIP or Voice over WLAN(VoWLAN)? a. packet loss b. latency c. jitter d. security e. availability
d. security
Programs such as Kismet can perform which of the following functions? a. wardriving wlan discovery b. rogue ap detection c. low-cost intrusion detection system d. ssid decloaking e. all of the above
e. all of the above
Wi-Fi guest access can include which of the following typer of access? a. open access b. common password c. provisioned password d. no guest access allowed. e. all of the above
e. all of the above
Common risks on WLANs in a business network include which of the following? a. exposure of critical information to wireless sniffers and eavesdroppers. b. data leakage of critical information c. theft of data d. loss,theft, or hijacking of a mobile device e. fraud caused by diruption eavesdropping, or the copying of data f. all of the above
f. all of the above