Information Security Chp 7
True
A correlation engine aggregates and correlates content from different sources to uncover an attack.
It can prevent a DNS transfer attack.
Aideen sent an email to her supervisor explaining the Domain Name System Security Extensions (DNSSEC). Which of the following statements would Aideen have NOT included in her email? It is fully supported in BIND9. It adds additional resource records. It adds message header information. It can prevent a DNS transfer attack.
21
An administrator needs to examine FTP commands that are being passed to a server. What port should the administrator be monitoring? 19 20 21 22
Port mirroring
Catriona needed to monitor network traffic. She did not have the resources to install an additional device on the network. Which of the following solutions would meet her needs? Network tap Port mirroring Aggregation switch Correlation engine
BIND
DNS poisoning can be prevented using the latest edition of what software below? BIND DHCP WINS finger
resource records
DNSSEC adds additional and message header information, which can be used to verify that the requested data has not been altered in transmission. resource records field flags hash sequences zone transfers
Successful logins
Eachna is showing a new security intern the log file from a firewall. Which of the following entries would she tell him do not need to be investigated? Suspicious outbound connections IP addresses that are being rejected and dropped Successful logins IP addresses that are being rejected and dropped
port mirroring
If a network administrator needs to configure a switch to copy traffic that occurs on some or all ports to a designated monitoring port on the switch, what switch technology will need to be supported? interface capture port identity port snooping port mirroring
On-premises
Kyle asked his supervisor which type of computing model was used when the enterprise first started. She explained that the organization purchased all the hardware and software necessary to run the company. What type of model was she describing to Kyle? Virtual services Off-premises On-premises Hosted services
False
S/MIME can be used when mail is accessed through a web browser.
application whitelist
Select the security tool that is an inventory of applications and associated components that have been pre-approved and authorized to be active and present on the device? malware management inventory permissions application whitelist application control
True
TCP/IP uses its own four-layer architecture that includes the Network Interface, Internet, Transport, and Application layers.
Data Execution Prevention (DEP)
What Microsoft Windows feature prevents attackers from using buffer overflows to execute malware?
Control plane and physical plane
What functions of a switch does a software defined network separate? Host and virtual Control plane and physical plane RAM and hard drive Network level and resource level
network tap
What hardware device can be inserted into a network to allow an administrator to monitor traffic? network tap network mirror shark box shark tap
Secure Real-time Transport Protocol (SRTP)
What is the recommended secure protocol for voice and video applications? Secure Real-time Transport Protocol (SRTP) Hypertext Transport Protocol Secure (HTTPS) Network Time Protocol (NTP) Secure/Multipurpose Internet Mail Extensions (S/MIME)
IPsec
What secure protocol is recommended for Network address translation? SRTP S/MIME IMAP IPsec
NP
What secure protocol is recommended for time synchronization? SRTP S/MIME NTP POP
SRTP
What secure protocol is recommended for voice and video? SRTP S/MIME IMAP IPsec
The multiple devices generating logs. The different log formats. The large volume of data that needs to be logged
What specific issues are associated with log management? (Choose all that apply.) The multiple devices generating logs. The different log formats. The fast network transfer speeds. The large volume of data that needs to be logged
hosted services
What type of computing environment allows servers, storage, and the supporting networking infrastructure to be shared by multiple enterprises over a remote network connection that had been contracted for a specific period? virtual services hosted services cloud services volume computing
aggregation switch
What type of switch is used to combine multiple network connections into a single link? core switch gateway switch aggregation switch access switch
Software as a Service
Which Cloud computing service model uses the cloud computing vendor to provide access to the vendor's software applications running on a cloud infrastructure? Application as a Service Infrastructure as a Service Software as a Service System as a Service
DNS poisoning
Which Domain Name System (DNS) attack replaces a fraudulent IP address for a symbolic name? DNS replay DNS masking DNS poisoning DNS forwarding
VDI
Which application stores the user's desktop inside a virtual machine that resides on a server and is accessible from multiple locations? Application cell Container VDE VDI
Transport Layer
Which layer of the OSI model contains the TCP protocol, which is used for establishing connections and reliable data transport between devices? Application Layer Presentation Layer Network Layer Transport Layer
IP
Which of the following TCP/IP protocols do not relate to security? IP SNMP HTTPS FTP
DEP
Which of the following can be used to prevent a buffer overflow attack? DEP FIM VPN DNS
Virtual servers are less expensive than their physical counterparts.
Which of the following is NOT a security concern of virtualized environments? Virtual machines must be protected from both the outside world and from other virtual machines on the same physical computer. Physical security appliances are not always designed to protect virtual systems. Virtual servers are less expensive than their physical counterparts. Live migration can immediately move one virtualized server to another hypervisor.
Hardware as a Service (HaaS)
Which of the following is NOT a service model in cloud computing? Software as a Service (SaaS) Hardware as a Service (HaaS) Platform as a Service (PaaS) Infrastructure as a Service (IaaS)
VDI
Which of the following is the process of running a user desktop inside a virtual machine that resides on a server? PaaS SDN VDI SaaS
FTP
Which of the following protocols is unsecured? HTTPS TLS SSL FTP
SNMP
Which of the following protocols is used to manage network equipment and is supported by most network equipment manufacturers? TCP/IP FTP SNMP SRTP
It can only handle the SSL protocol.
Which of these is NOT correct about an SSL accelerator? It can be a separate hardware card that inserts into a web server. It can be a separate hardware module. It should reside between the user's device and the web servers. It can only handle the SSL protocol.
SFTP
Which of these is the most secure protocol for transferring files? FTPS SFTP TCP FTP
virtualization
Which technology is a means of managing and presenting computer resources by function without regard to their physical layout or location? IaaS cloud computing virtualization PaaS
Community cloud
Which type of cloud is offered to specific organizations that have common concerns? Public cloud Hybrid cloud Private cloud Community cloud
Firewall log
Which type of device log contains the most beneficial security data? Firewall log Email log Switch log Router log
Type I
Which type of hypervisor does not run on an underlying operating system? Type I Type II Type III Type IV
Access log
Which type of log can provide details regarding requests for specific files on a system? Audit log Event log Access log SysFile log
SNMPv3
Which version of Simple Network Management Protocol (SNMP) is considered the most secure? SNMPv2 SNMPv3 SNMPv4 SNMPv5
