ICS 620 Final Exam 2019
CSMA/CD is a method of:
Access control
Term associated with Confidentiality
Advanced Encryption Standard (AES)
What is not a Zero Trust design principle?
Allow internal users to access network services through remote access
What type of malware allows an attacker to bypass authentication to gain access to a compromised system?
Backdoor
Term associated with Authentication
Biometrics
The common type of UTP for installation today is:
Cat 5
What is an easy way to make your WiFi security stronger and make it more difficult for hackers to discover your wireless network?
Change the Service Set Identifier (SSID)
The phone company uses a:
Circuit Switched Network
The first phase of implementing security in virtualized data centers consists of:
Consolidating servers within trust levels
Which of the following are typical mobile device management software capabilities? Select all that apply. Select one or more: - Data Loss Prevention - Policy Enforcement - Personal Firewalls - Malware Prevention
Data Loss Prevention Policy Enforcement Malware Prevention
Which of the following are examples of an endpoint? Select one or more: -Desktop -Smartphone -Point-Of-Sale (POS) Terminal -Mainframe
Desktop Smartphone Point-Of-Sale (POS) Terminal
What type of attack is intended to rapidly cause damage to the victim's network and system infrastructure, as well as their business and reputation?
Distributed Denial of Service (DDoS)
Some important characteristics and capabilities of advanced malware include:
Distributed, fault-tolerant architecture Multi-functionality Hiding techniques such as polymorphism and metamorphism Hiding techniques such as obfuscation
_________ is defined by the Link Budget in designing wireless networks.
ERIP
Intra-VM traffic is also known as:
East-West
Peer-to-peer refers to:
Equality among equipment
A 'rootkit' is usually associated with what?
Escalation of Privilege
A frame goes inside of a packet
False
A packet goes inside of a segment
False
T/F An attacker only needs to successfully execute one step of the Cyber Kill Chain® to infiltrate a network, whereas a defender must "be right every time" and break every step of the chain to prevent an attack.
False
T/F Attacks that result in a Data Breach are most likely performed by internal threat actors (employees).
False
True or False. A vulnerability is a small piece of software code, part of a malformed data file, or a sequence (string) of commands created by an attacker to cause unintended or unanticipated behavior in a system or software.
False
True or False. An attacker only needs to successfully execute one step of the Cyber Kill Chain® to infiltrate a network, whereas a defender must "be right every time" and break every step of the chain to prevent an attack.
False
True or False. An effective security strategy is to deploy Perimeter-Based Network defenses, where countermeasures are defined at a handful of well-defined ingress/egress points to the network. You can then assume that everything on the internal network can be trusted.
False
True or False. Most cyberattacks today are perpetrated by internal threat actors, such as malicious employees engaging in corporate espionage.
False
True or False. The Lockheed Martin Cyber Kill Chain® framework is a five-step process that an attacker goes through in order to attack a network.
False
True or False. Wired Equivalent Privacy (WEP) is the most effective protocol for securing wireless networks.
False
Wireless networks compete effectively in terms of data transfer rates when compared with wired networks.
False
Planning to keep a circuit active is planning for:
Fault Tolerance
The ability to withstand a catastrophic series of events is commonly known as:
Fault Tolerance
Term associated with Proxy
Firewall
__________ defines how much space there should be allocated for the direct path between transmitter and receiver, clear of obstacles.
Fresnel Zone
Term associated with Anti-malware
Heuristics/Signatures
The most significant set of standards defining WLANs are those defined by the ___________ committee
IEEE 802.11
Which of the following is not a phase of implementing security in virtualized data centers: Select one: - Consolidating servers across trust levels - Consolidating servers within trust levels - Selective network security virtualization - Implementing a static and flat computing fabric
Implementing a static and flat computing fabric
WLANs use one of three transmission techniques: spread spectrum, narrowband microwave, and __________.
Infrared
A company-only network is referred to as a:
Intranet
Term associated with Monitoring
Intrusion Detection System
Characteristics of application firewalls include all of the following except: Select one: - Proxies traffic rather than permitting direct communication between hosts - Can be used to implement strong user authentication - Masks the internal network from untrusted networks - Is extremely fast and has no impact on network performance
Is extremely fast and has no impact on network performance
Term associated with IPSec
L2TP VPN
IP exist at what layer of the OSI model?
Layer 3
Which is the newest technology:
Layer 3 switch
What is the name of the international cybercrime group that delivered the 2014 Sony hack and the 2017 HaoBao campaign?
Lazarus
A Zero Trust network security model is based on which of the following security principles? Select one: - Due Diligence - Least privilege - Non-repudiation - Negative Control
Least privilege
What type of malware is triggered by a specific condition, such as a specific date or a particular user account being disabled?
Logic Bomb
Which type of diagram provides IP addresses:
Logical Topology
Single mode fiber is used for:
Long haul
__________ antenna architecture is the most important of the enhancements provided by LTE.
MIMO: multiple input multiple output
Malicious software or code that typically damages, takes control of, or collects information from an infected endpoint is known as:
Malware
Term associated with Trojan
Masquerade
Data that moves in and out of the virtualized environment from the host network or a corresponding traditional data center is also known as:
North-South
PCI DSS is mandated and administered by the:
PCI Security Standards Council (SSC)
What is PoE?
Power over Ethernet
A ________ Cloud allows for access from all users
Public Cloud
Which of the following is not an end device:
Router
A private network that handles only storage needs is a:
SAN
Which VPN technology is currently considered the preferred method for securely connecting a remote endpoint device back to an enterprise network? Select one: - Point-to-point Tunneling protocol (PPTP) - Secure Socket Layer (SSL) - Secure Socket tunneling protocol (SSTP) - Internet Protocol Security (IPSEC)
Secure Socket Layer (SSL)
Which of the following techniques and tools are used by an attacker to hide attack communications traffic? Select one or more: - Secure Socket Layer (SSL) Encryption - Process and Remote Access Tools (RATs) - Port Hopping and Dynamic DNS - Web Browsing
Secure Socket Layer (SSL) Encryption Process and Remote Access Tools (RATs) Port Hopping and Dynamic DNS
Term associated with Phishing
Social Engineering
The cloud computing service model in which a provider's applications run on a cloud infrastructure and the consumer does not manage or control the underlying infrastructure is known as:
Software as a Service (SAAS)
A primary multiple access scheme used in cellular telephony is __________.
TDMA, CDMA, FDMA
The two types of channels that are available between the mobile unit and the base station are designated control and ___________.
Traffic
A basic rule of thumb for radio-based communication is that the higher the frequency, the shorter the transmission distance.
True
Another rule of thumb is that as the frequency increases, the easier it is to disrupt the signal.
True
T/F - Botnets are commonly designed to be managed by a CnC - Command and Control - server.
True
T/F Botnets are commonly designed to be managed by a CnC - Command and Control - server.
True
True or False. Business intelligence (BI) software consists of tools and techniques used to surface large amounts of raw unstructured data to perform a variety of tasks including data mining, event processing, and predictive analytics.
True
True or False. It is possible for an organization to be compliant with all applicable security and privacy regulations for its industry, yet still not be secure.
True
True or False. Most Botnets are designed to withstand the loss of a command and control (CnC) server, meaning that the entire Botnet infrastructure must be disabled almost simultaneously.
True
True or False. Packet-Filtering Firewalls operate at Layer 3 (network layer) of the Open Systems Interconnection (OSI) reference model.
True
True or False. The benefit of moving toward a cloud computing model is that it improves operational efficiencies and lowers capital expenditures.
True
True or False. The process in which end users find personal technology and apps that are more powerful or capable, more convenient, less expensive, quicker to install, and easier to use, than enterprise IT solutions is known as consumerization.
True
When using wireless network, roaming occurs when a mobile stations moves from one cell to another.
True
Wireless networks are more susceptible than wired networks to interference, signal loss, noise, and eavesdropping. Correct!
True
A __________ VLAN line carried all types of VLANs
Trunk Line
Characteristics of unified threat management (UTM) include all of the following except: Select one: - Combines security functions such as firewalls, intrusion detection systems (IDS), anti-malware, and data loss prevention (DLP) in a single appliance. - Enabling all of the security functions in a UTM device can have a significant performance impact. - UTM fully integrates all of the security functions installed on the device. UTM will not effectively manage different device specific functions such as personal firewalls or manufacturer specific tools and resources. - UTM can be a convenient solution for small networks.
UTM fully integrates all of the security functions installed on the device.
A backbone cable runs:
Vertically
Term associated with Cloud
Virtual Environment
Term associated with Reconnaissance
Vulnerability Detection
Which of the following techniques is NOT used to break the command and control (CnC) phase of the Cyber Kill Chain®? Select one: -Blocking outbound traffic to known malicious sites and IP addresses -DNS sinkholing -Vulnerability and Patch Management -DNS poisoning
Vulnerability and Patch Management
_________ was the first security protocol developed to address the limitations of WLAN security for mobile devices.
WAP
Which of the following WLAN standards is the LEAST secure? Pick two. Select one or more: a. Wireless Protected Access (WPA) b. Wired Equivalent Privacy (WEP) c. Wireless Protected Access 2 (WPA2) d. WiFi Protected Setup ( WPS)
WEP, WPS
Term associated with WEP
Weak IV
What type of malware typically targets a computer network by replicating itself in order to spread rapidly?
Worm
Term associated with Least Privilege
Zero Trust
When a mobile unit moves, it may connect with a different base station. This action is called ____________.
a handoff
Platform as a Service - PaaS - is best described as: a. An online space where customers can develop, run, and manage applications without the complexity of building and maintaining the infrastructure typically associated with developing and launching an app. b. An underlying network infrastructure that virtualizes physical computing resources, data partitioning, scaling, security, backup. c. A licensing and delivery model in which software is licensed on a subscription basis and is centrally hosted.
a. An online space where customers can develop, run, and manage applications without the complexity of building and maintaining the infrastructure typically associated with developing and launching an app.
When using cellular networks, __________.
adjacent cells are assigned different frequencies
Which of the following are examples of an 'endpoint'? a. Website b. Desktop c. Point of Sale (Terminal) d. Chat Application e. Mainframe Server f. Mobile Phone
b. Desktop c. Point of Sale (Terminal) f. Mobile Phone
Which of the following WLAN standards is the LEAST secure? Pick two. a. Wireless Protected Access (WPA) b. Wired Equivalent Privacy (WEP) c. Wireless Protected Access 2 (WPA2) d. WiFi Protected Setup ( WPS)
b. Wired Equivalent Privacy (WEP) d. WiFi Protected Setup ( WPS)
With ____________, a cell is divided into a number of wedge shaped sectors, each with its own set of channels, typically three or six sectors per cell.
cell sectoring
The terms 'ingress/egress' best match the following descriptions: a. detection / prevention b. trusted / untrusted c. Patching / updating d. incoming / outgoing
d. incoming / outgoing
Because of the limited frequencies available, a key design element of any cellular system is to ___________.
employ multiple access
What would be the best description of 'polymorphism and metamorphism' ?
hiding techniques
As cells become smaller, antennas move from the tops of tall buildings or hills, to the tops of small buildings or the sides of large buildings, and finally to lamp posts, where they form ___________.
microcells
____ incorporate beam-steered _____ and use signal processing techniques to shape the beam pattern.
smart atennas phased array
The objective of the __________ generation of wireless communication is to provide fairly high-speed wireless communications to support multimedia, data, and video in addition to voice.
third
The ideal design for cells in a cellular network is a hexagonal shape because _____.
this makes all frequencies available to all cells
