computer security 328

Malware that creates networks of infected computers that can be controlled from a central station is referred to as which of the following?

botnet

Reviewing log files is a time-consuming task and therefore should only be done when an attack on the network has occurred.

False

The Transport layer of the OSI model includes the RIP protocol.

False

Which of the following is an element of the TCP header that can indicate that a connection has been established?

Flags

What is the packet called where a Web browser sends a request to the Web server for Web page data?

HTTP GET

What is contained in ARP tables?

IP address, MAC address

Which of the following is the first packet sent in the TCP three-way handshake?

SYN

Which of the following was developed as a way of enabling Web servers and browsers to exchange encrypted information and uses a hashed message authentication code to increase security?

TLS

Which field in the IP header is an 8-bit value that identifies the maximum amount of time the packet can remain in the network before it is dropped?

TTL

Which of the following is a reason that UDP is faster than TCP?

it doesn't guarantee delivery

service password-encryption

link state

Which of the following is a type of script that automates repetitive tasks in an application such as a word processor but can also be programmed to be a virus?

macro

Which of the following is true about asymmetric cryptography?

the public key is used to encrypt a message sent to the private key owner

Which of the following is true about ACLs on Cisco routers?

there is an implicit deny any statement at the end of the ACL

Which security tool works by recognizing signs of a possible attack and sending notification to an administrator?

IDPS

Which of the following is an accurate set of characteristics you would find in an attack signature?

IP address, TCP flags, port numbers

Which of the following is a valid IPv6 address?

1080::8:800:200C:417A

How large is the IPv6 address space?

128 bits

If you are subnetting a class B network, what subnet mask will yield 64 subnets?

255.255.252.0

Which of the following is considered a flooded broadcast IP address?

255.255.255.255

deny ip 172.31.0.0 0.0.255.255 any log

ARP requests

Which of the following is described as a 64-bit block cipher composed of a 16-round Feistel network and key-dependent S-box functions?

Blowfish

Which protocol that runs on Cisco routers shares information between Cisco devices?

CDP

Which protocol is responsible for automatic assignment of IP addresses?

DHCP

Which of the following makes a single pass on data and generates a 128-bit hash value displayed as a 32-character hexadecimal number and is used in VPNs?

Message Digest 5

Which type of attack causes the operating system to crash because it is unable to handle arbitrary data sent to a port?

RPC attacks

Which TCP flag can be the default response to a probe on a closed port?

RST

Which of the following is a current standard for PKI that specifies a strict hierarchical system for CAs issuing certificates?

X.509

Which type of scan has the FIN, PSH, and URG flags set?

Xmas scan

Which of the following is the first step in the digital signature process where Mike sends a message to Sophie?

a message digest of Mike's message is calculated using a hashing algorithm

Which of the following is NOT among the items of information that a CVE reference reports?

attack signature

Which security layer verifies the identity of a user, service, or computer?

authentication

What type of attack does a remote-access Trojan attempt to perpetrate?

back door

Which of the following is NOT information that a packet filter uses to determine whether to block a packet?

checksum

To what type of port on a Cisco router do you connect a rollover cable?

console

What is the term used when an IDPS doesn't recognize that an attack is underway?

false negative

Which of the following is a command you would find in an antispoofing ACL for network 172.31.0.0/16?

deny ip 172.31.0.0 0.0.255.255 any log

What uses mathematical calculations to compare routes based on some measurement of distance?

distance-vector routing protocols

With which access control method do system administrators establish what information users can share?

mandatory access control

Of what category of attack is a DoS attack an example?

multiple-packet attack

Which type of function is used in cryptography?

permutation

What is a VPN typically used for?

secure remote access

What Cisco router command encrypts all passwords on the router?

service password-encryption

What remote shell program should you use if security is a consideration?

ssh

How are the two parts of an IP address determined?

subnet mask

Under which attack category does a UNIX Sendmail exploitation fall?

suspicious data payload

Which of the following is true about Message Authentication Code.

the key is sent to the receiver securely

Which type of firewall policy calls for a firewall to deny all traffic by default?

restrictive policy

What is the most likely weak link when using asymmetric encryption for verifying message integrity and nonrepudiation?

the source of the public keys

Which of the following is true about PRNGs?

they are not completely random