Final Exam for Network Security Basics

Pataasin ang iyong marka sa homework at exams ngayon gamit ang Quizwiz!

This organization takes care of tracking and reporting of common computer and network security problems.

CERT

In order to run "sniffer" software property, the NIC in the computer running the software must be set to this.

10/100 Mode

Which of the following is NOT one of the cloud delivery models recognized by NIST?

Unlisted

If you wanted to connect 2 networks securely over the internet, what type of technology could you use?

VPN

This is the security layer for wireless 802.11 connections using WAP.

WTLS

The hashing algorithm which uses a 160-bit hash value.

SHA

Which authentication method uses a Key Distribution Center (KCD)?

Kerberos

According to the TCP/IP model, HTTP functions at which layer?

Application

Which RAID level provides for no fault tolerance?

RAID 0

Which access control method model grants rights or privileges based on their job function or position held?

RBAC

Which port should be closed on systems to prevent the unauthorized running of programs?

111

The U.S. regulation which dictates the standards for storage, use, and transmission of personal medical information.

HIPPA

The process of making a computing environment more secure from attacks and intruders is known as this.

Hardening

This is an internal threat.

System failure

The P K C S standard that is the standard for password-based cryptography.

PKCS 5

These are not necessary to back up.

applications

The area of an application that is available to users (those who are authenticated as well as those who are not) is known as what?

attack surface

A firewall operating as _______ firewall will pass or block packets based on their application or TCP port number.

packet filter

Locking the door(s) to the server room involves what kind of security?

physical

Security attack that is the result of the trusting nature of human beings.

social engineering

"Full disclosure testing" is often referred to as this.

white box

What TCP port does Telnet use?

23

Computer room humidity should ideally be kept above what percent?

50%

What TCP port does HTTP use?

80

Which of the following is an attack where a program or service is placed on a server to bypass normal security procedures?

Back door

The encryption algorithm which uses a 40 to 128-bit key and is used on many products from Microsoft to IBM.

CAST

The individuals who specialize in the making of codes.

Cryptographers

Which access control method model allows the owner of a resource to grant privileges to information they own?

DAC

You are the administrator of a website. Suddenly web server & network utilization spikes to 100%. Users start reporting "Server not available" errors. You may have been the victim of what kind of attack?

DoS

Servers or computers that have two NIC cards, each connected to separate networks, are known as what type of computers?

Dual-homed

Which of the following Evaluation Assurance Levels (EAL) specifies that the user wants assurance that the system will operate correctly, but threats to security are not viewed as serious?

EAL 1

Which of the following Evaluation Assurance Levels (EAL) is the common security benchmark for commercial systems?

EAL 4

Which type of attack is one in which a rogue wireless access point poses as a legitimate wireless service provider to intercept information that users transmit?

Evil twin

Which of the following devices are the first line of defense for networks connected to the internet?

Firewalls

This is a system designed to fool attackers into thinking a system is unsecured so they will attack it. Then the "victim" will learn their attack methods without compromising a live system.

Honey Pot

The TCP protocol functions at which layer of the TCP/IP model?

Host-to-Host

This is a backup location that can provide services within hours of complete system failure.

Hot site

This is a repair made while the system is being repaired remains in operation.

Hotfix

Which of the following is NOT a routing protocol?

ICMP

Tasked with developing standards for, and tries to improve, the Internet.

IETF

This is used to monitor a network for suspect activity.

Intrusion detection system

Which access control model is a static model that uses preddefined access privileges for resources that are assigned by the administrator?

MAC

Which type of strategy is undertaken when you attempt to reduce the risk?

Mitigation

Government agency responsible for creating and breaking codes.

NSA

Term for an area in a building where access is individually monitored and controlled.

Security Zone

The type of cryptographic method which replaces one character with another from a "match-up list" to produce the ciphertext.

Substitution

Which remote access protoco is a central server providing remote access usernames that dial-up users can use for authentication.

TAC ACS+

You have taken out an insurance policy on your data/systems to share some of the risk with another entity. What type of risk strategy is this?

Transference

Which fire extinguisher type is the best to be used on computer equipment in the case of a computer fire?

Type C

Which hypervisor model needs the operating system to be up and cannot boot until it is?

Type II

The X standard that defines certificate formats and fields for public keys.

X.509

Which of the following is NOT one of the three cloud service models recognized by the NIST?

XaaS

Security device that uses some biological characteristic of human beings to uniquely identify a person for authentication.

biometric

Leaving a client's files on your desk where the cleaning staff could see and browse through them is a violation of this type of policy.

due care

Which of the following is a passive method of threat response?

Logging the event

This type of policy determines if information is secret, top-secret or public.

information classification policies

An End User LIcense Agreement for software would be considered this type of classification of information.

limited distribution

The method of code breaking which tries every possible combination of characters in an attempt to "guess" the password or key.

Brute Force

What would the Annualized Loss Occurrence be for the asset in Question 6 if a fire that might damage the press in that manner occurred once every 15 years?

Less than $1000

To prevent files from being copied on a workstation to removable media, you should disable which ports?

USB


Kaugnay na mga set ng pag-aaral

Business Policy & Strategy - Exam 2

View Set

Determining and Controlling Body Composition FVS

View Set

GEN Exam 3-Oct 28- Regulation of Transcription in Prokaryotes (lac operon)

View Set

American Gov. & Politics - all units

View Set

Exam Simulator FL-LH - FL Health and Life and Annuity

View Set