System Security (CINS-220) UNIT II (Chapter 5-8) EXAM practice
What is mutual authentication?
A process by which each party in an online communication verifies the identity of the other party.
What is the process of controlling access to resources such as computers, files, or printers called?
Authorization
Which of the following applies the appropriate policies in order to provide a device with the access it's defined to receive?
Authorization
For users on your network, you want to automatically lock user accounts if four incorrect passwords are used within ten minutes.
Configure account lockout policies in Group Policy
A salesperson in your organization spends most of her time traveling between customer sites. After a customer visit, she must complete various managerial tasks, such as updating your organization's order database. Because she rarely comes back to your home office, she usually accesses the network from her notebook computer using Wi-Fi access provided by hotels, restaurants, and airports. Many of these locations provide unencrypted public Wi-Fi access, and you are concerned that sensitive data could be exposed. To remedy this situation, you decide to configure her notebook to use a VPN when accessing the home network over an open wireless connection. Which key steps should you take when implementing this configuration? (Select two.)
Configure the VPN connection to use IPsec Configure the browser to send HTTPS requests through the VPN connection
Which of the following NAC agent types creates a temporary connection?
Dissolvable
Which type of interference is caused by motors, heavy machinery, and fluorescent lights?
EMI
KWalletManager is a Linux-based credential management system that stores encrypted account credentials for network resources. Which encryption methods can KWalletManager use to secure account credentials? (Select two.)
GPG Blowfish
Which type of attack is WEP extremely vulnerable to?
IV Attack
At which layer of the OSI model do NAT routers operate?
Layer 3 (Network layer)
Which of the following principles is implemented in a mandatory access control model to determine object access by classification level?
Need to Know
Which of the following is the MOST likely to happen if the firewall managing traffic into the DMZ fails?
Only the servers in the DMZ are compromised, but the LAN will stay protected.
Which of the following NAC agent types is the most convenient agent type?
Permanent
What is the primary purpose of separation of duties?
Prevent conflicts of interest
Which of the following are methods for providing centralized authentication, authorization, and accounting for remote access? (Select two.)
RADIUS TACACS+
Which of the following can be classified as a stream cipher?
RC4
Which of the following is used by Microsoft for auditing in order to identify past actions performed by users on an object?
SACL
Which of the following is used on a wireless network to identify the network name?
SSID
As the security analyst for your organization, you have noticed an increase in user computers being infected with malware. Which two solutions should you implement and configure to remedy this problem? (Select two.)
Spam filters Virus scanner
You have configured your ACL to block outgoing traffic from a device with the IP address 192.168.1.52. Which type of ACL have you configured?
Standard
You have a small network at home that is connected to the internet. On your home network, you have a server with the IP address of 192.168.55.199/16. You have a single public address that is shared by all hosts on your private network. You want to configure the server as a web server and allow internet hosts to contact the server to browse a personal website. What should you use to allow access?
Static NAT
Which of the following are features of an application-level gateway? (Select two.)
Stops each packet at the firewall for inspection Reassembles entire messages
A virtual LAN can be created using which of the following?
Switch
When configuring VLANs on a switch, what is used to identify which VLAN a device belongs to?
Switch port
Which of the following would require that a certificate be placed on the CRL?
The private key is compromised.
You are deploying a brand new router. After you change the factory default settings, what should you do next?
Update the firmware.
Your organization has started receiving phishing emails. You suspect that an attacker is attempting to find an employee workstation they can compromise. You know that a workstation can be used as a pivot point to gain access to more sensitive systems. Which of the following is the MOST important aspect of maintaining network security against this type of attack?
User education and training
You have just configured the password policy and set the minimum password age to 10. What is the effect of this configuration?
Users cannot change the password for 10 days.
Which of the following is commonly created to segment a network into different zones?
VLANs
You have a group named Research on your system that needs a new password because a member of the group has left the company. Which of the following commands should you use?
gpasswd Research
