141 Ex 3 Quizzes
Norm recently joined a new organization. He noticed the firewall technology opens separate connections between the devices on both ends of the firewall. What type of technology is being used? A. Packet filtering B. Application proxying C. Network address translation D. Stateful inspection
Application proxying
The __ settings inform the system which items should be llogged for future review A. Audit policy B. domain controllers C. Max PW age D. account lockout policy
Audit policy
T/F Retro viruses counter the ability of antivirus programs to detect changes in infected files
False
T/F System infectors are viruses that attack doc files containing embedded macro programming capabilities
False
T/F The National Institute of Standards and Technology (NIST) is the main UN agency responsible for managing + promoting info and tech issues
False
T/F The term certificate authority (CA) refers to a trusted repository of all public keys
False
T/F The transport Layer of the OSI creates, maintains, disconnects comms that take place between the processes over the network
False
T/F You must always use the same algorithm to encrypt info and decrypt the same info
False
T/F a product cipher is an encryption algorithm that has no corresponding decryption algorithm
False
Yolanda would like to prevent attackers from using her network as a relay point for a smurf attack. What protocol should she block? A. Internet Control Message Protocol (ICMP) B. Transmission Control Protocol (TCP) C. HTTP D. User Datagram Protocol
ICMP
Bill is conducting an analysis of a new IT service. He'd like to assess it using the Open Systems Interconnection (OSI) model and would like to learn more about this framework. What organization should he turn to for the official definition of OSI? A. IS Audit and Control Association (ISACA) B. National Institute of Standards and Technology (NIST) C. Ocean Surveillance IS (OSIS) D. Intl Organization for Standardization (ISO)
ISO
When is the company under additional compliance laws + standards to ensure the confidentiality of cust data? A. If e-commerce or privacy data is entered into the web app B. During penetration testing C. If there's cross-site scripting D. During a SQL injection attack
If e-commerce or privacy data is entered into the web app
In the lab (lab 6) after opening the Windows Backup Admin (wbadmin) GUI from the server manager menu, an amber caution symbol indicated that there was: A. No backup scheduled B. A post-install task remaining to configure the Windows Server Essentials role that was just installed C. An issue w/ the PW that had been entered and that future attempt to sue it would result in you being locked out D. A problem with the install process and that it would have to be performed again in its entirety
No backup currently schedule
Which of the following should be performed on a regular schedule + whenever the we app + service is modified? A. SQL injection B. Penetration testing C. XSS D. JavaScript testing
Penetration testing
Bob is developing a web app that depends upon a DB backend. What type of attack could a malicious indiv use to send command though his web app to the DB? A. SQL injection B. XSS C. XML injection D. LDAP injection
SQL injection
Gwen is investigating an attack. An intruder managed to take over the identity of a person who was legit logged in to Gwen's company's site by manipulating HTTP headers. What type of attack likely took place? A. SQL injection B. Session hijacking C. Cross-site scripting D. XML injection
Session hijacking
Barbara is investing an attack against he network. She notices the ICMP echo replies coming into her network far exceed ICMP echo requests leaving her network. What type of attack is likely taking place? A. Teardrop B. Smurf C. Cross-site scripting (XSS) D.Land
Smurf
Breanne's system was infected by malicious code after she installed an innocent-looking solitaire game from the Internet. What type of malware did she likely encounter? A. Virus B. Worm C. Trojan horse D. Logic bomb
Trojan horse
T/F A computer virus is an executable program that attaches to, or infects, other executable programs
True
T/F A keyword mixed alphabet uses a cipher alphabet that consists of a keyword, minus duplicates, followed by the remaining letters of the alphabet
True
T/F A network attacker wants to know IP addresses used on a network, remote access procedures, and weaknesses in network systems
True
T/F A person demonstrates anonymity when posting info to a web discussion site w/o authorities knowing who they are
True
T/F A salt value is a set of random chars you can combine w an actual input key to create the encryption key
True
T/F A substitution cipher replaces bits, chars, or blocks of info w/ other bits, chars, or blocks
True
T/F A successful DoS attack may create so much network congestion that authorized users can't access network resources
True
T/F American National Standards Institute (ANSI) was formed in 1918 through the merger of 5 engineering societies and 3 gov agencies
True
T/F An algorithm is a repeatable process that produces the same result when it receives the same input
True
T/F Attacks against C and privacy, data I, and A of services are all ways malicious code can threaten businesses
True
T/F Because people inside an org generally have more detailed knowledge of the IT infrastructure than outsiders, they can place logic bombs more easily
True
T/F Digital signatures require asymmetric key cryptography
True
T/F TCP/IP is a suite of protocols that operate at Network + Transport layers of the OSI model
True
T/F The Diffie-Hellman (DHE) algorithm is the basis for several common key exchange protocols, including Diffie-Hellman in Ephermeral mode (DHE) and Elliptic curve DHE (ECDHE)
True
T/F The International Telecommunication Union (ITU) was formed in 1865 as the Intl Telegraph Union to develop intl standards for the emerging telegraph communications industry
True
T/F The Intl Electrotechnical Commission (IEC) is the predominant org for developing + publishing intl standards for tech related to electrical + electronic devices + processes
True
T/F The OSI model is a theoretical model of networking w/ interchangeable layers
True
T/F The hash message authentication code (HMAC) I a hash function that uses a key to create a hash, or message digest
True
T/F Unlike viruses, worms do NOT require a host program to survive and duplicate
True
T/F a wireless access point (WAP) is the connection between a wired + wireless network
True
T/F defense in depth is the practice of layering defenses to increase overall security + provide more reaction time to respond to incidents
True
T/F standards provide guidelines to ensure that products in today's computing environments work together
True
Val would like to limit the sites her users visit to those on an approved list of pre-cleared sites. What type of approach is Val advocating? A. Whitelisting B. Context-based screening C. Packet filtering D. Blacklisting
Whitelisting
What is NOT a service commonly offered by unified threat mgt (UTM) devices? A. URL filtering B. Malware inspection C. Content inspect D. Wireless network access
Wireless network access
Val would like to isolate several systems belonging to the product development group from other systems on the network, without adding new HW. What can she use? A. Transportation Layer Security (TLS) B. Virtual LAN (VLAN) C. Firewall D. Virtual Private Network
B. VLAN
T/F The Finance industry created the ANSI X9.17 standard to define key mgt procedures
True
Which statement is true regarding an org's PW policy? A. Setting a strong PW policy is one of the first steps in implementing a comprehensive security program B. Strong PWs are likely to allow unauthorized access to a network C. A Strong PW policy by itself is enough to protect info on a network D. Continuous monitoring for login success/failure is not effective in detecting mischief on the network
Setting strong PW is 1 of the first steps
T/F A firewall is a basic network security defense tool
True
Henry is creating a firewall rule that'll allow inbound mail to the organization. What TCP port must he allow through the firewall? A. 53 B. 22 C. 25 D. 80
25
To complete the creation of a key, what do you need to enter in the pinentry dialog box? A. A certificate number B. A comment C. Your E-mail address D. A Passphrase or PW
A passphrase/PW
Which of the following clearly defines responsibilities and support structures (e.g., facilities, personnel ,equipment, SW, data files, vital records, etc.) to carry on the business after an event? A. Risk analysis B. Risk assessment C. BCP D. DRP
BCP
Which of the following determines the impact to an organization in the event that key processes and technology are not available? A. Risk Analysis B. Risk Assessment C. BCP D. BIA
BIA
How can you verify that the integrity of encrypted files is maintained during transmission to another user's computer? A. Import the file into Kleopatra + select the Integrity Check option B.. Right-click the file + select Integrity Check from the context menu C. Right-click the file + select Verify from the context menu D. Compare the decrypted file's contents w/ the contents of the original file
Compare the decrypted and original contents
Alison discovers a system under her control has been infected with malware, which is using a keylogger to report user keystrokes to a 3p. What infosec property is this malware attacking? A. Accounting B. Confidentiality C. Availability D. Integrity
Confidentiality
T/F ANSI produces standards that affect nearly all aspects of IT
True
T/F ISO/IEC 27002 provides the orgs w/ best-practice recommendations on infosec mgt
True
T/F In a chosen-ciphertext attack, cryptanalysts submit data coded w/ the same cipher and key they're trying to break to the decryption device to see either the plaintext output or the effect the decrypted message has on some system
True
T/F Integrity-checking tools use cryptographic method to make sure nothing and no one has modified the software
True
T/F Its common for rootkits to modify parts of the OS to conceal traces of their presence
True
T/F Message authentication confirms the identity of the person who started a correspondence
True
T/F Network Access Control (NAC) works on wired and wireless networks
True
Bob has a high-vol VPN. HE would like to use a device that would best handle the required processing power. What type of device should he use? A. VPN concentrator B. Unified threat mgt (UTM) C. Firewall D. Router
VPN concentrator
What wireless security tech contains significant flaws and should never be used? A. Remote Authentication Dial-In User Service (RADIUS) B. Wi-FI Protected Access (WPA) C. WPA2 D. Wired Equivalent Privacy (WEP)
WEP
What tool might be used by an attacker during the reconnaissance phase of an attack to glean info about domain registrations? A. Domain Name System B. Simple Network Mgt Protocol (SNMP) C. Whois D. Ping
Whois
In the lab, you installed the __ feature on a remote Domain Controller (Lab 6) A. Windows Server Backup B. Disaster Event Backup C. Active Directory D. BIA
Windows Server Backup
What is the correct command syntax to force GPO settings? A./force GPO B. gpupdate /now C. gpupdate /force D. policyupdate /force
gpupdate /force
No production web application, whether it resides inside/outside of firewall, should be implemented without: A. SQL injection + security hardening B. Penetration testing + security hardening C. Cross-site scripting + security hardening D. JavaScript testing + security hardening'
penetration testing + security hardening
Which file is used to config the DNS? A. resolve.conf B. hosts.conf C. domain.conf D. name.conf
resolve.conf
What protocol is responsible for assigning IP addresses to hosts on most networks? A. Simple Mail Transfer Protocol (SMTP) B. Dynamic Host Config Protocol (DHCP) C. Virtual LAN (VLAN) D. Transport Layer Security (TLS)
DHCP
To ensure you have coverage on the most recent malware + malicious SW, it's recommended you update your anti-virus signature files __ prior to performing a system scan A. quarterly B. Monthly C. weekly D. Daily
Daily
Which of the following is a tool left intentionally vulnerable to aid security professionals in learning about web security? A. Internet Explorer B. Damn Vulnerable Web Application C. Mozilla Firefox D. JavaScript
Damn vulnerable web app
David would like to connect a fibre channel storage device to systems over a standard data network. What protocol can he use? A. Secure Shell (SSH) B. Fibre Channel over Etherenet (FCoE) C. Internet Small Computer System INterdace (iSCSI) D. Fibre Channel (FC)
FCoE
T/F A digital signature is a combo of a strong hash of a message and a secret key
False
T/F A packet-filtering firewall remembers info about the status of a network communication
False
T/F A physical courier delivering an asymmetric key is an example of an in-band key exchange
False
T/F A private key cipher is also called an asymmetric key cipher
False
T/F A subnet mask is a partition of a network based on IP addresses
False
T/F A worm is a self-contained program that has to trick users into running it
False
T/F Cryptographic key distribution is typically done by phone
False
T/F In a known-plaintext attack (KPA), the cryptanalyst has access to only a segment of encrypted data, and has no choice as to what that data might be
False
What is NOT a common motivation for attackers? A. Money B. Fear C. Revenge D. Fame
Fear
In the lab (Lab 10) you use d _ to implement the org's PW policy A. Domain controller B. PowerBroker C. Group Policy D. FileZilla
Group Policy
What type of system is intentionally exposed to attackers in an attempt to lure them out? A. Web server B. Bastion host C. DB server D. Honeypot
Honeypot
Some of the more important __ include anti-virus (anti-malware), host-based firewall, syst hardening (removing unwanted services), change control, and log management A. Damn vulnerable web apps B. Host-based security measures C. SQL injections D. XSS
Host-based security measures
Which of the following helps secure the perimeter of a network? A. SQL intrusion B. Damn vulnerable web application C. intrusion prevention systems D. JavaScript
IPS
Which org promotes technology issues as an agency of the UN? A. Institute of Electrical and Electronics Engineers (IEEE) B. Intl Telecommunication Union (ITU) C. American National Standards Institute (ANSI) D. Internet Assigned Numbers Authority (IANA)
ITU
When malware is able to steal + mod data, which tenets of IS security is impacted? A. Confidentiality B. Integrity C. Availability D. Control
Integrity
When the key is successfully created, which option sends a copy of your private key to your computer? A. Save your Key Pair B. Upload Certificate to Directory Service C. Send certificate by Email D. Make a backup of your key pair
Make a backup of your key pair
Which of the following is used to make remote folders appear as part of the local file system on Linux and Windows systems? A. NFS B. GUI C. Windows Backup Admin D. Active Directory
NFS
Cryptography takes human readable info and makes it unreadable "cipher text" which can only be read if: A. It's broadcast over a public network B. A digital device is "always on" C. It's asymmetric D. One possesses the correct key
One possesses the correct key
Web application firewalls, security info, and event mgt systems, ACs, network security monitoring, and change controls help to keep the "soft center" from becoming an easy target when the __ fails A. Network B. Redundant layer C. Defense in depth D. Perimeter
Perimeter
Hilda is troubleshooting a problem w/ the encryption of data. At which layer of the OSI Reference Model is she working? A. Session B. Presentation C. Data Link D. Application
Presentation
Which of the following allows valid SQL commands to run within a webform? A. HTML coding B. JavaScript Coding C. SQL injection D. XSS
SQL injection
What firewall approach is shown? A. Multilayered firewall B. Bastion host C. Screened subnet D. Border firewall
Screened subnet
The CEO of Kelly's company recently fell victim to attack. The attackers sent the CEO an email informing him that his company was being used and he needed to view a subpoena at a court website. When visiting the website, malicious code was downloaded onto the CEO's computer. What type of attack took place? A. Spear phishing B. Command injection C. Adware D. Pharming
Spear phishing
Keys are also referred to as;; A. Secret messages B. Pairs C. Certificates D. senders
Certificates
Maya is creating a computing infrastructure compliant with the PCI DSS. What type of info is she most likely trying to protect? A. Educational records B. Trade secrets C. Credit card info D. Health records
Credit card info