Midterm Exam
What vendor neutral protocol implements support for VLAN tagging?
802.1Q
In the data Encryption lab you were assigned a task to encrypt a disk using
BitLocker
A bridge works at what layer of the OSI model
Data Link Layer
The OSI model breaks networking steps down into a series of six layers.
False
Trivial File Transfer Protocol (TFTP) uses a more memory when compared to FTP.
False
_________ silently captures and stores each keystroke that a user types on the computer's keyboard
Keylogger
__________ is computer code that is typically added to a legitimate program but lies dormant until a specific logical event triggers it.
Logic bomb
Which items can a switch be vulnerable to (choose all that are appropriate)
MAC flooding trunk port Port mirroring
Which of the following is true regarding cloud storage?
One may not have control over how exactly the data is safeguarded.
Which of the following protocols is used to manage network equipment and is supported by most network equipment manufacturers?
SNMP
_______ is tracking software that is deployed without the consent or control of the user
Spyware
Behavior-based monitoring attempts to overcome the limitations of both anomaly-based monitoring and signature-based monitoring by being more adaptive and proactive instead of reactive.
True
When considering Key strength: On average, half the key space must be searched to discover the key.
True
Delivers advertising content in a manner that is unexpected and unwanted by the user
adware
What type of system is designed to collect and consolidate logs from multiple sources for easy analysis?
centralized device log analyzer
Choose the traits of malware described in Chapter 2 (Multiple Answers)
concealment Prodiscovery infection circulation Zed Attack Proxy payload capabilities Partial
Match the following Configuration Issues default configurations. weak configuration misconfiguration improperly configured accounts
default configurations.-Almost all devices come with out of the box configuration settings weak configuration-Some devices have options that provide limited security choices. misconfiguration-User devices have option that provide limited security choices. improperly configured accounts-Misconfiguration is commonly seen in accounts that are set up for a user that provide more access then is necessary, such as providing total access over the entire device when the access should be more limited.
Match the following certificate chaining The end-point of the certificate chain user digital certificate type of certificate requires more extensive verification of the legitimacy of the business. root digital certificate Linking several certificates together to establish trust between all the certificates involved self-signed is used to validate a main domain along with all subdomains.
incorrect
Match the Difficulties in Defending Against Attacks Universally connected devices Attackers from anywhere in the world can send attacks. Increased speed of attacks Attackers use thousands of computers in an attach against a single cvomputer or network Greater sophistication of attacks Increased speed of attacks Availability and simplicity of attack tools Attack tools vary their behavior so the same attack appears differently each time. Faster detection of vulnerabilities Attackers can discover security holes in hardware or software more quickly. Delays in security updating Vendors are overwhelmed trying to keep pace updating their products against the latest attacks. Weak security update distribution Many software products lack a means to distribute security updates in a timely fashion. Distributed attacks Vendors are overwhelmed trying to keep pace updating their products against the latest attacks.
partial
Can hide its presence or the presence of other malware
rootkit
Match the following forms of malware virus worm Trojan Ransomware
virus is malicious computer code that, reproduces itself on the same computer worm is a malicious program that uses a computer network to replicate Trojan is an executable program that masquerades as performing a benign activity but also does something malicious. Ransomware prevents a user's device from properly and fully functioning until a fee is paid