MIS 585 CH 6-9 Review Questions

Pataasin ang iyong marka sa homework at exams ngayon gamit ang Quizwiz!

What is the file extension for a Cryptographic Message Syntax Standard based on PKCS#7 that defines a generic syntax for defining digital signature and encryption? a. .P7B b. .cer c. .P12 d. .xdr

a. .P7B

What is a virtual firewall? a. A firewall that runs in the cloud b. A firewall that runs in an endpoint virtual machine c. A firewall that blocks only incoming traffic d. A firewall appliance that runs on a LAN

a. A firewall that runs in the cloud

In which of the following configurations are all the load balancers always active? a. Active-active b. Active-passive c. Passive-active-passive d. Active-load-passive-load

a. Active-active

What is the name of the device protected by a digital certificate? a. CN b. TLXS c. RCR d. V2X2

a. CN

Which block cipher mode of operating requires that both the message sender and receiver access a counter that computes a new value whenever a ciphertext block is exchanged? a. CTR b. CN c. CD d. CXL

a. CTR

Which of the following is not to be decrypted but is only used for comparison purposes? a. Digest b. Key c. Stream d. Algorithm

a. Digest

What is the strongest technology that would assure Alice that Bob is the sender of a message? a. Digital signature b. Encrypted signature c. Digest d. Digital certificate

a. Digital signature

How is confidentiality achieved through IPsec? a. ESP b. AHA c. ISAKMP d. AuthX

a. ESP

Which of the following functions does a network hardware security module NOT perform? a. Fingerprint authentication b. Key management c. Key exchange d. Random number generator

a. Fingerprint authentication

Which device intercepts internal user requests and then processes those requests on behalf of the users? a. Forward proxy server b. Reverse proxy server c. Host detection server d. Intrusion prevention device

a. Forward proxy server

Which of the following contains honeyfiles and fake telemetry? a. High-interaction honeypot b. Attacker-interaction honeypot c. Honeypotnet d. Honeyserver

a. High-interaction honeypot

How does BPDU guard provide protection? a. It detects when a BPDU is received from an endpoint. b. It sends BPDU updates to all routers. c. BPDUs are encrypted so that attackers cannot see their contents. d. All firewalls are configured to let BPDUs pass to the external network.

a. It detects when a BPDU is received from an endpoint.

Which of the following is NOT a characteristic of the Trusted Platform Module (TPM)? a. It provides cryptographic services in hardware instead of software. b. It can generate asymmetric cryptographic public and private keys. c. It can easily be transported to another computer. d. It includes a pseudorandom number generator (PRNG).

a. It provides cryptographic services in hardware instead of software.

Hanna has received a request for a data set of actual data for testing a new app that is being developed. She does not want the sensitive elements of the data to be exposed. What technology should she use? a. Masking b. Tokenization c. Data Object Obfuscation (DOO) d. PII Hiding

a. Masking

Theo uses the Python programming language and does not want his code to contain vulnerabilities. Which of the following best practices would Theo NOT use? a. Only use compiled and not interpreted Python code. b. Use the latest version of Python. c. Use caution when formatting strings. d. Download only vetted libraries.

a. Only use compiled and not interpreted Python code.

Which of the following sensors can detect an object that enters the sensor's field? a. Proximity b. Field detection c. IR verification d. Object recognition

a. Proximity

Emilie is reviewing a log file of a new firewall. She notes that the log indicates packets are being dropped for incoming packets for which the internal endpoint did not initially create the request. What kind of firewall is this? a. Stateful packet filtering b. Connection-aware firewall c. Proxy firewall d. Packet filtering firewall

a. Stateful packet filtering

Which of the following is a tool for editing packets and then putting the packets back onto the network to observe their behavior? a. Tcpreplay b. Tcpdump c. Wireshark d. Packetdump

a. Tcpreplay

What is the result of an ARP poisoning attack? a. The ARP cache is compromised. b. Users cannot reach a DNS server. c. MAC addresses are altered. d. An internal DNS must be used instead of an external DNS.

a. The ARP cache is compromised.

Which is the first step in a key exchange? a. The browser generates a random value ("pre-master secret"). b. The web server sends a message ("ServerHello") to the client. c. The web browser verifies the server certificate. d. The web browser sends a message ("ClientHello") to the server.

a. The browser generates a random value("pre-master secret").

What is Bash? a. The command-language interpreter for Linux/ UNIX OSs b. The open source scripting language that contains many vulnerabilities c. A substitute for SSH d. The underlying platform on which macOS is built

a. The command-language interpreter for Linux/ UNIX OSs

What is a collision? a. Two files produce the same digest. b. Two ciphertexts have the same length. c. Two algorithms have the same key. d. Two keys are the same length.

a. Two files produce the same digest.

Which of the following is NOT a firewall rule parameter? a. Visibility b. Time c. Context d. Action

a. Visibility

What is data called that is to be encrypted by inputting it into a cryptographic algorithm? a. Plaintext b. Byte-text c. Cleartext d. Ciphertext

a. plaintext

Which of these is the strongest symmetric cryptographic algorithm? a. Data Encryption Standard b. Advanced Encryption Standard c. Triple Data Encryption Standard d. RC 1

b. Advanced Encryption Standard

If Bob wants to send a secure message to Alice using an asymmetric cryptographic algorithm, which key does he use to encrypt the message? a. Alice's private key b. Alice's public key c. Bob's public key d. Bob's private key

b. Alice's public key

Deo has been asked to explain RSA to his colleague. After his explanation, Deo is asked what, if any, weaknesses RSA has. How would Deo respond? a. RSA has no known weaknesses. b. As computers become more powerful, the ability to compute factoring has increased. c. RSA weaknesses are based on ECC. d. The digest produced by the RSA algorithm is too short to be secure.

b. As computers become more powerful, the ability to compute factoring has increased.

What is the name of the fields in an X.509 digital certificate that are used when the parties negotiate a secure connection? a. Electronic Code Book (ECB) repositories b. Certificate attributes c. CTR d. PFX

b. Certificate attributes

12. Which of these is NOT a characteristic of a secure hash algorithm? a. The results of a hash function should not be reversed. b. Collisions should occur no more than 15 percent of the time. c. A message cannot be produced from a predefined hash. d. The hash should always be the same fixed size.

b. Collisions should occur no more than 15 percent of the time.

What entity calls in crypto modules to perform cryptographic tasks? a. Certificate Authority (CA) b. Crypto service provider c. Intermediate CA d. OCSP

b. Crypto service provider

Tomaso is explaining to a colleague the different types of DNS attacks. Which DNS attack would only impact a single user? a. DNS hijack attack b. DNS poisoning attack c. DNS overflow attack d. DNS resource attack

b. DNS poisoning attack

Maja has been asked to investigate DDoS mitigations. Which of the following should Maja consider? a. DDoS Prevention System (DPS) b. DNS sinkhole c. MAC pit d. IP denier

b. DNS sinkhole

Which of these is NOT used in scheduling a load balancer? a. The IP address of the destination packet b. Data within the application message itself c. Round-robin d. Affinity

b. Data within the application message itself

What is the difference between a DoS and a DDoS attack? a. DoS attacks are faster than DDoS attacks. b. DoS attacks use fewer computers than DDoS attacks. c. DoS attacks do not use DNS servers as DDoS attacks do. d. DoS attacks use more memory than DDoS attacks.

b. DoS attacks use fewer computers than DDoS attacks.

Which of these provides cryptographic services and is external to the device? a. Trusted Platform Module (TPM) b. Hardware Security Module (HSM) c. Self-encrypting hard disk drives (SED) d. Encrypted hardware-based USB devices

b. Hardware Security Module (HSM)

Which of the following is FALSE about "security through obscurity"? a. It attempts to hide its existence from outsiders. b. It can only provide limited security. c. It is essentially impossible. d. Proprietary cryptographic algorithms are an example.

b. It can only provide limited security

Which of the following is NOT correct about L2TP? a. It is used as a VPN protocol. b. It must be used on HTML 5 compliant devices. c. It does not offer encryption. d. It is paired with IPsec.

b. It must be used on HTML 5 compliant devices.

Which refers to a situation in which keys are managed by a third party, such as a trusted CA? a. Key authorization b. Key escrow c. Remote key administration d. Trusted key authority

b. Key escrow

Which attack intercepts communications between a web browser and the underlying OS? a. Interception b. Man-in-the-browser (MITB) c. DIG d. ARP poisoning

b. Man-in-the-browser (MITB)

Cryptography can prevent an individual from fraudulently reneging on an action. What is this known as? a. Repudiation b. Nonrepudiation c. Obfuscation d. Integrity

b. Nonrepudiation

Leah is researching information on firewalls. She needs a firewall that allows for more generic statements instead of creating specific rules. What type of firewall should Leah consider purchasing that supports her need? a. Content/URL filtering firewall b. Policy-based firewall c. Hardware firewall d. Proprietary firewall

b. Policy-based firewall

Which of the following is NOT a symmetric cryptographic algorithm? a. DES b. SHA c. Blowfish d. 3DES

b. SHA

Which is a protocol for securely accessing a remote computer in order to issue a command? a. Transport Layer Security (TLS) b. Secure Shell (SSH) c. Secure Sockets Layer (SSL) d. Secure Hypertext Transport Protocol (SHTTP)

b. Secure Shell (SSH)

Sofie needs to configure the VPN to preserve bandwidth. Which configuration would she choose? a. Narrow tunnel b. Split tunnel c. Full tunnel d. Wide tunnel

b. Split tunnel

What is low latency? a. A low-power source requirement of a sensor. b. The time between when a byte is input into a cryptographic cipher and when the output is obtained. c. The requirements for an IoT device that is using a specific network. d. The delay between when a substitution cipher decrypts the first block and when it finishes with the last block.

b. The time between when a byte is input into a cryptographic cipher and when the output is obtained.

Egor wanted to use a digital signature. Which of the following benefits will the digital signature NOT provide? a. Verify the sender b. Verify the receiver c. Prove the integrity of the message d. Enforce nonrepudiation

b. Verify the receiver

Which utility sends custom TCP/IP packets? a. curl b. hping c. shape d. Pingpacket

b. hping

What are public key systems that generate different random public keys for each session? a. Public Key Exchange (PKE) b. perfect forward secrecy c. Elliptic Curve Diffie-Hellman (ECDH) d. Diffie-Hellman (DH)

b. perfect forward secrecy

Which type of monitoring methodology looks for statistical deviations from a baseline? a. Behavioral monitoring b. Signature-based monitoring c. Anomaly monitoring d. Heuristic monitoring

c. Anomaly monitoring

Which of the following is NOT a means by which a newly approved root digital certificate is distributed? a. Pinning b. OS updates c. Application updates d. Web browser updates

c. Application updates

Who verifies the authenticity of a CSR? a. Certificate signatory b. Registration authority c. Certificate authority d. Signature authority

c. Certificate authority

Basil was reading about a new attack that forces the system to abandon a higher cryptographic security mode of operation and instead fall back to an older and less secure mode. What type of attack is this? a. Deprecation attack b. Pullback attack c. Downgrade attack d. Obfuscation attack

c. Downgrade attack

Which of the following is NOT a reason that threat actors use PowerShell for attacks? a. It cannot be detected by antimalware running on the computer. b. It leaves behind no evidence on a hard drive. c. It can be invoked prior to system boot. d. Most applications flag it as a trusted application.

c. It can be invoked prior to system boot.

Deacon has observed that the switch is broadcasting all packets to all devices. He suspects it is the result of an attack that has overflowed the switch MAC address table. Which type of attack is this? a. MAC spoofing attack b. MAC cloning attack c. MAC flooding attack d. MAC overflow attack

c. MAC flooding attack

Elton needs his application to perform a real-time lookup of a digital certificate's status. Which technology would he use? a. Certificate Revocation List (CRL) b. Real-Time CA Verification (RTCAV) c. Online Certificate Status Protocol (OCSP) d. Staple

c. Online Certificate Status Protocol (OCSP)

Brielle is researching substitution ciphers. She came across a cipher in which the entire alphabet was rotated 13 steps. What type of cipher is this? a. XOR b. XAND13 c. ROT13 d. Alphabetic

c. ROT13

Cicero is researching hash algorithms. Which algorithm would produce the longest and most secure digest? a. SHA-256 b. MD5 c. SHA3-512 d. SHA6-6

c. SHA3-512

_________________ are symmetric keys to encrypt and decrypt information exchanged during the session and to verify its integrity. a. Digital digests b. Encrypted signatures c. Session keys d. Digital certificates

c. Session Keys

Which of the following hides the existence of information? a. Encryption b. Decryption c. Steganography d. Ciphering

c. Steganography

Olivia is explaining to a friend about digital certificates. Her friend asks what two entities a digital certificate associates or binds together. What would Olivia say? a. The users' symmetric key with the public key b. The users' public key with their private key c. The users' identity with their public key d. A private key with a digital signature

c. The users' identity with their public key

What is the purpose of certificate chaining? a. To ensure that a web browser has the latest root certificate updates b. To look up the name of intermediate RA c. To group and verify digital certificates d. To hash the private key

c. To group and verify digital certificates

Which of the following can a digital certificate NOT be used for? a. To encrypt messages for secure email communications b. To encrypt channels to provide secure communication between clients and servers c. To verify the authenticity of the CA d. To verify the identity of clients and servers on the web

c. To verify the authenticity of the CA

Which of the following is NOT a Microsoft defense against macros? a. Protected View b. Trusted documents c. Trusted domain d. Trusted location

c. Trusted domain

Estevan has recommended that the organization hire and deploy two security guards in the control room to limit the effect if one of the guards has been compromised. What is Estevan proposing? a. Dual observation protocol (DOP) b. Compromise mitigation assessment (CMA) c. Two-person integrity/control d. Multiplayer recognition

c. Two-person integrity/control

Which of these appliances provides the broadest protection by combining several security functions? a. NAT b. WAF c. UTM d. NGFW

c. UTM

Which of the following is NOT a NAC option when it detects a vulnerable endpoint? a. Deny access to the network. b. Give restricted access to the network. c. Update Active Directory to indicate the device is vulnerable. d. Connect to a quarantine network.

c. Update Active Directory to indicate the device is vulnerable.

Which of these is NOT a basic security protection for information that cryptography can provide? a. Integrity b. Authenticity c. Risk d. Confidentiality

c. risk

Which is an IPsec protocol that authenticates that packets received were sent from the source? a. PXP b. DER c. CER d. AH

d. AH

Which firewall rule action implicitly denies all other traffic unless explicitly allowed? a. Force Allow b. Force Deny c. Bypass d. Allow

d. Allow

A centralized directory of digital certificates is called a(n) _________________. a. Digital signature permitted authorization (DSPA) b. Authorized digital signature (ADS) c. Digital signature approval list (DSAP) d. Certificate repository (CR)

d. Certificate repository (CR)

Juan needs a certificate that must only authenticate that a specific organization has the right to use a particular domain name. What type of certificate does he need? a. Website validation b. Root c. Extended validation d. Domain validation

d. Domain validation

Calix was asked to protect a system from a potential attack on DNS. What are the locations he would need to protect? a. Web server buffer and host DNS server b. Reply referrer and domain buffer c. Web browser and browser add-on d. Host table and external DNS server

d. Host table and external DNS server

Which statement regarding a demilitarized zone (DMZ) is NOT true? a. It can be configured to have one or two firewalls. b. It typically includes an email or web server. c. It provides an extra degree of security. d. It contains servers that are used only by internal network users.

d. It contains servers that are used only by internal network users.

Which of the following is NOT true about VBA? a. It is commonly used to create macros. b. It is built into most Microsoft Office applications. c. It is included in select non-Microsoft products. d. It is being phased out and replaced by PowerShell.

d. It is being phased out and replaced by PowerShell.

Which of the following is not a basic configuration management tool? a. Baseline configuration b. Standard naming convention c. Diagrams d. MAC address schema

d. MAC address schema

Proteus has been asked to secure endpoints that can be programmed and have an IP address so that they cannot be used in a DDoS attack. What is the name for this source of DDoS attack? a. Network b. Application c. IoT d. Operational Technology

d. Operational Technology

Which of the following is a third-party OS penetration testing tool? a. theHarvester b. scanless c. Nessus d. Sn1per

d. Sn1per

Eros wants to change a configuration file on his Linux computer. He first wants to display the entire file contents. Which tool would he use? a. head b. show c. display d. Cat

d. cat

Which of the following does NOT describe an area that separates threat actors from defenders? a. DMZ b. Air gap c. Secure area d. Containment space

d. containment space

Gregory wants to look at the details about the patch a packet takes from his Linux computer to another device. Which Linux command-line utility will he use? a. tracepacket b. trace c. tracert d. Traceroute

d. traceroute


Kaugnay na mga set ng pag-aaral

N 3320: Test #3 Exam Review, N3320: Test #2 Review, N3320 Test #1 Review

View Set

Chapter 34: Caring for Clients with Immune-Mediated Disorders

View Set

HIST Ch.5 The American Revolution

View Set

BABOK V2 CHAPTER 9 - Techniques Part 2

View Set

REL 1004 - FINAL EXAM STUDY GUIDE

View Set

Classroom Assessment Mid-term (ch1-5 questions)

View Set