Info Tech Security Final Exam Review

Pataasin ang iyong marka sa homework at exams ngayon gamit ang Quizwiz!

This type of access control gives control of every resource to an owner. For example, it allows one user that owns a resource to allow access to another user. -ABAC -DAC -MAC -RBAC

-DAC

Your network uses the subnet mask 255.255.255.224. Which two of the following IPv4 addresses are able to communicate with each other? -10.10.10.62 -10.10.10.97 -10.10.10.2 -10.10.10.33 -10.10.10.68

10.10.10.33, 10.10.10.62

SNMP uses which of the following ports? Select one or more: a. 160 b. 163 c. 162 d. 161

161 162

Select all private IPv4 addresses -172.31.10.99 -10.0.0.1 -192.168.255.254 -191.168.1.1 -10.255.255.255

192.168.255.254, 172.31.10.99, 10.0.0.1, 10.255.255.255

WPA2 has a _____-bit encryption key size.

256

What port does Remote Desktop Protocol use?

3389

Which port does LDAP use?

389

What is the most common port used when connecting an Internet Explorer browser to a proxy server for use with HTTPS connections?

443

To use the Lightweight Directory Access Protocol (LDAP) in a secure fashion, what port should be used?

636

WEP most commonly has a _____-bit encryption key size.

64

This device masquerades as an important target on the network to encourage attackers to waste time trying to break in.

Honeypot

Which of the following are examples of physical security? -IP cameras -Security lighting -Door locks -Security guards

IP cameras, Security guards, Door locks, Security lighting

A system that stops attacks in progress is a(n)

IPS

You see a network address in the command-line that is composed of a long string of letters and numbers. What protocol is being used?

IPv6

This practice is really a blacklist. It prevents access unless otherwise configured. -Implicit deny -Least privilege -Separation of duties -Job rotation

Implicit deny

Which of the following can run on any platform? -Group Policy -ActiveX controls -Internet Explorer -Java applets

Java applets

This practice has more than one user working on a single task. It focuses on cross-training to make it easier to detect mistakes or improper use. - Separation of duties - Job rotation - Implicit deny - Least privilege

Job rotation

Active Directory uses what type of authentication protocol?

Kerberos

This practice gives the user only the access needed to complete a task and no more. It would prevent a accounting user from accessing the HR files in the file share. - Least privilege - Separation of duties - Implicit deny - Job rotation

Least privilege

A complex password would contain which of the following? Select one or more: -Lowercase characters - A character length of 8 or greater - Uppercase characters - Special characters - Number characters

Lowercase characters A character length of 8 or greater Uppercase characters Special characters Number characters

This type of access control is the most restrictive. It can be based on labels that allow or reject the "subject's" attempt to access an "object". -ABAC -DAC -RBAC -MAC

MAC

Snort and Bro are examples of what type of device?

NIDS

This device sits near a firewall and inspects every packet for unwanted activity and generates an alert for every instance of this activity.

NIDS

This device detects unwanted activity on a network and actively stops or redirects the traffic.

NIPS

These are groups of policies that can be loaded in one procedure.

Security Templates

A patch to fix ETERNALBLUE, an SMB version 1 exploit, would be considered a

Security update

What is the purpose of AP isolation?

Segments each wireless user from every other wireless user

This practice has more than one person or user account involved to complete a task. For example, a standard user account would be used to browse the web, but an administrator account would be used to write to system files. - Least privilege - Separation of duties - Implicit deny - Job rotation

Separation of duties

Which of the following can best be described as the exploitation of a computer session in an attempt to gain unauthorized access to data -Session hijacking -DoS -Domain name kitting -Null session

Session hijacking

This type of malware collects information from a user's computer without his or her consent.

Spyware

The act of identifying assets to the system, uncovering vulnerabilities, and identifying, documenting and rating threats is

Threat modeling

This type of malware appears to be legitimate software, but is actually malicious.

Trojan

A RAT is an example of a Trojan.

True

A master computer controls a botnet.

True

NAT is sometimes also known as IP masquerading.

True

Port 88 is used by Kerberos

True

Social engineering is the act of manipulating users into revealing confidential information.

True

To protect against threats such as malware, social engineering, and so on, an IT person can implement encryption, authentication, anti-malware, and user awareness.

True

When performing forensic analysis of a computer, what should you do first? Select one: a. Scan for viruses b. Analyze the files c. Back up the system d. Make changes to the operating system

Back up the system

The process of measuring changes in hardware and software is called

Baselining

A finger-swipe would be what type of authentication?

Biometric

The testing of functionality of a system by people who do not know the system beforehand is called

Black-box testing

Malware can be delivered in which of the following ways? -Privilege Escalation -Botnets -Backdoors -Logic Bombs -Active Onterception

Botnets, Active Interception, Privilege Escalation, Backdoors, Logic Bombs

Which of the following uses every possible password instance? - Guessing - Cryptanalysis attack - Brute-force attack - Dictionary attack

Brute-force attack

When a process stores data outside the memory that the developer intended, this is a

Buffer overflow

This device will store a local copy of a website to save bandwidth and speed up internet requests.

Caching proxy

When using a USB flash drive, which of the following is most concerning? -Availability -Integrity -Authorization -Confidentiality

Confidentiality

The CIA of Computer Security stands for

Confidentiality, Integrity, Availability

Text files that are used by websites to remember information about the user are called

Cookies

Which of the following uses a massive lookup table, known as a rainbow table? - Cryptanalysis attack - Guessing - Brute-force attack - Dictionary attack

Cryptanalysis attack

This service is used to keep all Windows users in Standard User mode instead of Administrator mode.

UAC

You have been tasked with segmenting internal traffic between layer 2 devices on the LAN. Which of the following network design elements would most likely be used? -DMZ -Routing -NAT -VLAN

VLAN

A malicious user or malware capable of breaking out of a VM would cause a

Virtual machine escape

Which is the most secure form of wireless encryption?

WPA2

Which option best prevents spyware infections? -Blacklists -Windows Defender -Whitelists -Host-based firewall

Windows Defender

Which of the following is a protocol analyzer? Select one: a. Cain & Abel b. Nessus c. Wireshark d. John the Ripper

Wireshark

Which of the following is an example of an ethical hacker?

With the owner's consent, this hacker will use penetration testing and intrusion testing techniques to gain access to a system.

This type of malware takes uses security flaws in an operating system to self-replicate to other computers.

Worm

Which type of cable offers the most security?

Fiber-optic

If a server has inbound port 21 open, what service is it running?

File Transfer Protocol

This device blocks and allows data in and out of a network based on IP addresses and ports.

Firewall

Your boss wants you to secure your web servers transactions. Which protocol and port number should you use to accomplish this?

HTTPS

This type of access control uses if-then statements. For example, if a user is part of the security team, then allow the user access to the server room. -DAC -RBAC -MAC -ABAC

ABAC

WPA2 uses the stronger _____ protocol to encrypt data.

AES

Which of the following best describes the proper method and reason to implement port security?

Apply a security control that ties specific ports to end-device MAC addresses, and prevents additional devices from being connected to the network.

Which of the following verifies who a person is? -Authorization -Confidentiality -Integrity -Authentication

Authentication

The AAA of Computer Security stands for

Authentication, Authorization and Accounting

A client computer uses the IP address 10.254.254.189. It has made a connection to a web server by opening the outbound port 1589. The server uses the IP address 65.19.28.154. You want to filter out any HTTP packets coming from the server. Which IP address and port should you specify to be filtered on the firewall? - 10.254.254.189:1589 - 10.254.254.189:80 - 65.19.28.154: 1589 - 65.19.28.154:80

65.19.28.154:80

Which port does Kerberos use?

88

This router technology allows a host to be fully visible to the internet while physically behind the router.

DMZ

What type of attack would be in effect if there is a WAP with an identical SSID to a legitimate WAP being used for phishing purposes.

Evil twin

After auditing and patching flaws, a computer system can be completely secure.

False

HTTPS uses port 80

False

One way to protect a WAN is to place all the computers behind a router.

False

True or False: In qualitative risk assessment: SLE * ARO = ALE

False

True or False: In quantitative risk assessment: SLE * ALE = ARO

False

True or False: Wireshark is a type of vulnerability scanner.

False

WEP should be replaced with WPA.

False

Which of the following tools works best to create a topology of a network? Select one: a. John the Ripper b. NMap c. netstat d. Wireshark

NMap

Which of the following are Hypervisors? -VMWare VSphere -Microsoft Hyper-V -Citrix XenServer -Oracle Virtualbox

Oracle Virtualbox, Microsoft Hyper-V, VMWare VSphere, Citrix XenServer

Which of the following authentication protocols sends credentials in clear-text? -CHAP -PAP -MS-CHAP v2 -MS-CHAP

PAP

Which of the following is a VPN tunneling protocol? -RADIUS -Kerberos -802.11X -PPTP

PPTP

You are working on a server and are busy implementing a network intrusion detection system on the network. You need to monitor the network traffic from the server. What mode should you configure the network adapter to work in?

Promiscuous mode

If a password is sent in clear text, which of the following could view it? Select one: a. John the Ripper b. Rainbow table c. Protocol analyzer d. Port scanner

Protocol analyzer

This type of server acts as a middle man between the client and the internet caching information to speed up browsing.

Proxy

Which of the following technologies will prioritize traffic, like VOIP? -DMZ -QoS -SOHO -NAT

QoS

This type of access control automatically allows access to resources when a user is associated with a function. For example, adding a user to the Accounting group gives that user permission to edit the budget.xlsx file. -MAC -RBAC -DAC -ABAC

RBAC

This type of malware encrypts files and prompts the user to pay to retrieve the encryption key.

Ransomware

When an attacker has the ability to execute commands on a remote server, this is called

Remote Code Execution

When an attacker injects "shellcode" to allow commands to be run on a remote computer, this is called

Remote code execution

When a company accepts some risk, but transfers some of that risk to another company by purchasing insurance, this is known as Select one: a. Risk sharing b. Risk avoidance c. Risk acceptance d. Risk reduction

Risk sharing

This type of malware loads before the operating system and grants admin-level access to the system.

Rootkit

Which of the following should be removed to increase security? -SSID -MAC filtering -Firewall -WPA

SSID

Which of the following firewall rules only denies DNS zone transfers? -deny TCP any any port 53 -deny IP any any -deny UDP any any port 53 -deny all dns packets

deny TCP any any port 53

To access the Group Policy Editor directly, type

gpedit.msc

The availability of data means

having data obtainable regardless of how it is stored.

The command to manually stop the gupdate service in Windows is

net stop gupdate

Having indisputable proof that someone did something on company systems is called -Integrity -Authorization -Advanced persistent threat -Non-repudiation

non-repudiation

A static NAT uses a

one-to-one mapping

The command to manually stop the Maria DB service in Linux is

systemctl mariadb stop


Kaugnay na mga set ng pag-aaral

APUSH Unit 7 The Civil War and Its Aftermath

View Set

Chapter 6: The Nature of Management

View Set

Religion final: CH 4,5,6 and Tests

View Set

Joining Data from Multiple Tables

View Set