Chapter 11 - Info & Network Security
A good password has at least ______ characters.
8
A password policy for a 90- or 180-day replacement schedule is called password ________.
Age
Jerod is setting up security for a server room for a university. Which of the following is true of the room in which the server is located? - It should be in the most fire-resistant room in the building. - It should have a strong lock with a strong door - It should be accessible only to those who have a need for access - All of the above
All of the above
The process to make a system as secure as it can be without adding on specialized software or equipment is _______________
Hardening
What is password age?
How long a user has had a password.
Elizabeth is responsible for security policies at her policies. She is trying to implement sound end user security policies. What would be most important to block end users from doing on their own machine?
Installing software or changing system settings
Which of the following is a common way to establish security between a web server and a network?
Put a firewall between the web server and the network
The rule that packets not originating from inside your LAN should not be forwarded relates to ___________.
Routers
Which of the following is a step you might take for large networks but not for smaller networks?
Segment the network with firewalls between the segments
Miguel is trying to secure a web server. He has decided to shut down any services that are not needed. His supervisor has told him to check dependencies first. Which of the following is a good reason to check dependencies before shutting down a service?
To determine whether shutting down this service will affect other services
A good rule of thumb for a password history policy is a history depth of five.
True
CNE, MCITP, CISSP, and CCNA are examples of industry certifications.
True
Every open port on a router is a possible avenue of entry for a malware or intruder.
True
Experience is the most important factor when looking for a security professional.
True
Microsoft Baseline Security Analyzer (MBSA) checks one or more Windows machines to see if they have basic security in place.
True
Nessus is the premiere network vulnerability scanner.
True
There should be a firewall between your network and the outside world.
True
Which of the following is a step you would definitely take with any server but might not be required for a workstation?
Uninstall all unneeded programs/software
You work in the network security department of a large bank. One of your jobs is to keep all systems patched. How might you ensure that system patches are kept up to date?
Use an automated patching system.
A good password should contain only letters and numbers.
False
For individual computers not running firewall software, you should directly close ports.
False
Windows has a built in firewall, but Linux does not.
False
An audit should check what areas?
Perform system patches, probe for flaws, check logs, and review policies
Any _________ you do not explicitly need should be shut down.
Ports
What are the six Ps of security?
Ports, patch, protect, probe, policies, physical.
You are trying to implement good fundamental security for a small company. Which of the following is the least essential device for protecting your network?
Proxy server
If your machine is not used as a server and is not on a local network, what packet-filtering strategy should you use?
Block all ports that you don't need
Teresa is explaining basic security to a new technician. She is teaching him how to secure ports on any server or workstation. What is the rule about ports?
Block all unused ports
Which of the following certifications is the most prestigious?
CISSP
A _________ involves setting up two firewalls: an outer and an inner firewall.
DMZ (demilitarized zone)
John is now responsible for system security at a small bookkeeping firm. He wants to ensure he implements good fundamental security. According to the textbook, what is the first rule of computer security?
Keep systems patched.
You would set a ___________ to prevent users from immediately changing their password several times in one day to return to the current password. This is particularly important if your password policy has a history depth of five.
Minimum password age
On a server, you should create your own accounts with ________ that reflect their level of permission.
Names
What is the preferred method for storing backups?
Offsite in a secure location
Probing your network for security flaws should occur once a quarter, and a complete audit of your security should be completed ________ per year
Once
What is the minimum frequency for system probing and audits?
Once per year
What is the rule on downloading from the Internet?
Only download from well-known, reputable sites
Mohammed is responsible for security policies at a university. He is trying to ensure proper access policies. What is the rule of thumb on data access?
Only those with a need for the specific data should have access
The first rule of computer security is to check ___________.
Patches
For an individual machine that is not running firewall software, you do not directly close ports. You shut down the _________ using that port.
Service
Which of the following set of credentials would be best for a security consultant?
Ten years of experience as a hacker and cracker, MCSE/CIW and Security+, Ph.D in computer science.
