ITN 261 Final Exam (Chapter 15-19)

Pataasin ang iyong marka sa homework at exams ngayon gamit ang Quizwiz!

What is a type of combination lock?

Cipher lock

An anomaly-based NIDS is designed to look for what?

Deviations from known traffic patterns

Which technology can provide protection against session hijacking?

IPsec

An SSID is used to do which of the following?

Identify a network

Which of the following is a detective control when not used in real time?

Alarms

Firewalking is done to accomplish which of the following?

Analyze a firewall

A man-in-the-browser attack delivered by a piece of malware can be prevented by which of the following?

Anti-virus

In practice a honeypot will be configured how?

As a duplicate of a real system

AirPcap is used to do which of the following?

Assist in the sniffing of wireless traffic

A honeypot is designed to do what?

Attract victim to connect to it.

What system is used as a choked point for traffic and could be offered through IaaS?

Bastion Host

Monitor mode is used by wireless cards to do what?

Capture information about wireless networks

Which of the following can be used to protect data stored in the cloud?

Drive encryption

Jennifer has captured the following URL:www.snaz22enu.com/&w25/session=22525. She realizes that she can perform a session hijack. Which utility would she use?

DroidSheep

Which of the following is a characteristic of USB flash driver that makes security a problem?

Easily hidden

Altering a checksum of a packet can be used to do what?

Evade a NIDS

An HIDS is used to monitor activity on which of the following?

Host

A closed network is typically which of the following?

Private network

What type of firewall analyzes the status of traffic?

Stateful inspection

Physical security can prevent which of the following?

Tailgating

NetCut is used to do what?

Test firewalls & Craft packets

Who has legal responsibility for data hosted in the cloud?

The client

In the field of IT security, the concept of defense in depth is the layering of more than one control on another. Why is this?

To provide better protection

Which feature makes WPA easy to defeat?

WPS support

Which of the following is a device used to perform a DoS on a wireless network?

Wi-Fi jammer

Remote wipes do what?

Wipe all data off a device. & Remove sensitive information such as contracts from a remote system

Which ports does SNMP use to function?

161 and 162

HTTPS is typically open on which port in a cloud based firewall?

443

For a fence to deter a determined intruder, it should be at least how many feet tall?

8 feet

HTTP is a typically open on which port in a firewall?

80

Which of the following operates at 5 GHz?

802.11 a

Which of the following specifies security standards for wireless?

802.11 i

What is a drop-ceiling?

A false ceiling

What is a PSK?

A key entered into each client

A DMZ is created with which of the following?

A multihomed firewall

Lock-pick sets typically contain which of the following at a minimum?

A pick and tension wrench

Which of the following could be considered required components of an alarm system?

A visual alerting method & An audio alerting method

Jailbreaking a phone refers to what?

Acquiring root access on a device

What is a client-to-client wireless connection called?

Ad Hoc

What is a rogue access point?

An access point not managed by a company

What is a system used as a chokepoint for traffic?

Bastion host

A ______ is used to prevent cars from ramming a building?

Bollard

Which of the following options shows the protocols in order from strongest to weakest?

WPA2, WPA, WEP, Open

A utility for auditing WordPress from Android is ______?

WPScan

Altering a checksum of a packet can be used to do what?

Evade an NIDS

Which type of biometric system to frequently found on laptops but can be used on entry-ways as well?

Fingerprint

When a device is rooted, what is the effect on security?

Lowered

Warchalking is used to do which of the following?

Make other aware of a wireless network

Which of the following would be hosted as SaaS?

Email

Which of the following can be used to evade an IDS?

Encryption

A denial of service application of Android is _____?

LOIC

A cloud-based firewall is used to separate which of the following?

Networks

A firewall is used to separate which of the following?

Networks

iOS is based on which operating system?

OS X

During an assessment you discovered that the target company was using a fax machine. Which of the following is the least important?

The phone number is publicity available

Multihomed firewall has a minimum of how many network connections?

Three

There are how many different types of cloud hosting environment?

Three

Why wouldn't someone create a private cloud?

To reduce costs

WEP is designed to offer security comparable to which of the following?

Wire networks

A session hijack can be used against a mobile device all of the following except?

Worms

Which intrusion prevention system can be used in conjunction with fences?

Bollards

Which of the following is a wall that is less than full height?

False wall

What is the first defense that a physical intruder typically encounters?

Fences

The wardriving process involves which of the following?

Locating wireless networks

What is another word for portals?

Mantraps

Which of the following is a good defense against tailgating and piggybacking?

Mantraps

Which of the following can be used to identify a firewall?

Port Scanning

What is the benefit of encryption on mobile devices?

Protection of data on lost or stolen devices

What does rooting a device do?

Provide root-level access to a user on a system

Session hijacking can be thwarted with which of the following?

Psiphon

Bluesnarfing is used to perform what type of attack?

Read information from a device

Which of the following issues would be a good reason for moving to a cloud based?

Reduced costs & Improved performance & Increased redundancy

Frequency of type 2 error is also known as what?

False rejection rate

What can be used instead of a URL to evade some firewall used to protect a cloud based wed application?

IP address

What can be used instead of a URL to evade some traffic?

IP address

A method for overwhelming an IDS using packets with incorrect TTL values or flags is known as what?

Insertion

Which attack alters data in transit within the cloud?

MitM

What utility could be used to avoid sniffing of traffic?

Psiphon

Which of the following uses a database of known attacks?

Signature file

What type of firewall analyzes the status of traffic and would be part of a IaaS solution?

Stateful inspection

Android is based on which operating system?

Linux

How does a fragmentation attack, which takes a packet, breaks it into fragments, and sends only some of the fragment to the target, cause a DoS?

By exhausting memory by caching the fragments

SOAP is used to perform what function?

Enable communication between applications

An attack that can be performed using FaceNiff is _____?

Inserting oneself into an active session

A cloud environment can be in which of the following configuration except?

LaaS

An application would be developed on what type of cloud service?

PaaS

An NIDS is bases following can be used to evade an IDS?

Packet sniffing

When is wireless client is attached to an access point, it is known as which of the following?

Infrastructure

At which layer of the OSI model does a packet-filtering firewall work?

Layer 3

At which layer of the OSI model would you expect a cloud based solution to operate at?

Layer 3 & Layer 4

While guards and dogs are both good for physical security, which of the following is a concern with dogs?

Liability

What option would you use to install software that's not from the Google Play Store?

Install form unknown sources

What could a company do to protect itself from a loss of data when a phone is stolen?

Password, Encryption, Remote wipe

SaaS is a cloud hosting environment that offers what?

Software hosting

Cloud technologies are used to accomplish which of the following?

Increase management options & Offload operations onto third party & Cut Costs

Which of the following is designed to locate wireless access points?

Site Survey

What type of cloud service would provide email hosting and associated security service?

SaaS

Jennifer is concerned about her scan being tracked back to her tablet. What could she use to hide the source of the scans?

SandofProxy

Bluejacking is a means of which of the following?

Sending unsolicited messages

What mechanism is intended to deter theft of hard drivers?

Encryption


Kaugnay na mga set ng pag-aaral

(5) Improved communication Systems

View Set

N88-Chapter 25: Structure and Function of the Cardiovascular System

View Set

Data Analysis Chapter 3 Study Guide

View Set

Nursing Critical Thinking Attitudes

View Set

Chp 15: Health & Physical Assessment of the Adult Client

View Set