CYBR 3200 Final

Réussis tes devoirs et examens dès maintenant avec Quizwiz!

Physical security protects a system from theft, fire, or environmental disaster. True False

True

Which of the following is true about Message Authentication Code. it uses asymmetric encryption the key is sent to the receiver securely is uses PKI and certificates it uses a private and public key

the key is sent to the receiver securely

A hactivist can best be described as which of the following? -an unskilled programmer that spreads malicious scripts -consider themselves seekers of knowledge -use DoS attacks on Web sites with which they disagree -deface Web sites by leaving messages for their friends to read

use DoS attacks on Web sites with which they disagree

Which of the following correctly represents the port used by FTP control traffic and FTP file transfer traffic respectively? 20, 25 21, 23 20, 23 21, 20

21, 20

What is a dynamic route?

Dynamic routing allows routers to select their own path based on current data, as opposed to static routing.

Which wireless transmission method uses a hopping code? infrared OFDM narrowband FHSS

FHSS

IPv4 and IPv6 headers are interoperable. True False

False

Which component of IPsec enables computers to exchange keys to make an SA? IKE ISAKMP Oakley IPsec driver

IKE

Which of the following is an accurate set of characteristics you would find in an attack signature? IP address, attacker's alias, UDP options protocol options, TCP ports, region of origin IP address, TCP flags, port numbers IP number, MAC address, TCP options

IP address, TCP flags, port numbers

An ARP broadcast is sent to the local subnet in an attempt to discover the destination computer's ______________ address.

MAC

What is the TCP portion of a packet called? frame data segment header

segment

The standardization of cryptographic protocols discourages attackers from trying to break them. True False

False

To determine best path, routers use metrics such as the value of the first octet of the destination IP address. True False

False

Wireless networks are essentially the same as wired networks when it comes to the security threats each faces. True False

False

What is contained in ARP tables? IP address, MAC address DNS name, IP address NetBIOS name, IP address MAC address, TCP port

IP address, MAC address

A worm creates files that copy themselves repeatedly and consume disk space. True False

True

In a passive attack, cryptanalysts eavesdrop on transmissions but don't interact with parties exchanging information. True False

True

Packet fragmentation is not normal, and can only occur if an attack has been initiated. True False

True

RF signals can pass through walls and other objects while IR cannot. True False

True

SNMP requires the installation of an SNMP agent on the device you want to monitor. True False

True

The 802.11i standard maps to the WPA2 security protocol. True False

True

The IP address 172.20.1.5 is a private IP address. True False

True

The TCP protocol uses a three-way handshake to create a connection. True False

True

With discretionary access control, network users can share information with other users, making it more risky than MAC. True False

True

Which element of an ICMP header would indicate that the packet is an ICMP echo request message. Code Type Identifier Data

Type

What tool do you use to secure remote access by users who utilize the Internet? -VPN -IDS -DMZ -DiD

VPN

In which type of scan does an attacker scan only ports that are commonly used by specific programs? random scan vanilla scan ping sweep strobe scan

strobe scan

Which of the following is NOT an advantage of IPv6 versus IPv4? larger address space built-in security supports static configuration NAT is unnecessary

supports static configuration

Describe how a computer uses its ARP table and the ARP protocol when preparing to transmit a packet to the local network.

The ARP protocol uses ARP tables to tie the destination IP address of incoming traffic to a MAC address on that network.

The Transport layer of the OSI model includes the RIP protocol. True False

False

Which protocol is responsible for automatic assignment of IP addresses? DNS DHCP FTP SNMP

DHCP

Which RF transmission method uses an expanded redundant chipping code to transmit each bit? FHSS OFDM CDMA DSSS

DSSS

Which management frame type is sent by a station wanting to terminate the connection? Deauthentication Disassociation Reassociation request Probe response

Disassociation

What is the packet called where a Web browser sends a request to the Web server for Web page data? HTML SEND HTTP XFER HTTP GET HTML RELAY

HTTP GET

Which of the following makes a single pass on data and generates a 128-bit hash value displayed as a 32-character hexadecimal number and is used in VPNs? RSA Message Digest 5 RC4 Twofish

Message Digest 5

What feature in ICMPv6 replaces ARP in IPv4? Multicast Listener Discovery Neighbor Discovery Echo Request Authentication Header

Neighbor Discovery

What is a program that appears to do something useful but is actually malware? virus logic bomb Trojan back door

Trojan

Defense in depth can best be described as which of the following? a firewall that protects the network and the servers a layered approach to security antivirus software and firewalls authentication and encryption

a layered approach to security

Which of the following best describes a CRL? a published listing of invalid certificates serve as a front end to users for revoking certificates a file that contains information about the user and public key keeps track of issued credentials and manages revocation of certificates

a published listing of invalid certificates

Which of the following is defined as the maximum departure of a wave from the undisturbed state? amplitude spectrum frequency wavelength

amplitude

Which of the following is NOT among the items of information that a CVE reference reports? attack signature name of the vulnerability description of vulnerability reference in other databases

attack signature

Which of the following is true about wardriving? attackers use RF monitor mode the hardware is very expensive the software is very expensive their goal is simply to hijack a connection

attackers use RF monitor mode

What function does a RADIUS server provide to a wireless network? association encryption decryption authentication

authentication

What type of attack does a remote-access Trojan attempt to perpetrate? worm back door remote denial of service composite attack

back door

Which of the following is NOT a type of entry found in a routing table? default routes static routes dynamic routes backup routes

backup routes

What is used to convert an analog RF signal into digital format? spectrum EIRP modulator carrier

modulator

In which form of authentication does the authenticating device generate a random code and send it to the user who wants to be authenticated? basic challenge/response biometrics signature

challenge/response

What can an IDPS check to try to determine whether a packet has been tampered with or damaged in transit? parity bit CRC value checksum fragment offset

checksum

Which of the following is an IDPS security best practice? to prevent false positives, only test the IDPS at initial configuration communication between IDPS components should be encrypted all sensors should be assigned IP addresses log files for HIDPSs should be kept local

communication between IDPS components should be encrypted

What remote shell program should you use if security is a consideration? rlogin ssh rcp rsh

ssh

During the routing process, the router strips off ______________________ layer header information and then examines the Network layer address.

data link

Which term is the measurement of the difference between two signals? watt decibel amp volt

decibel

What should you do when configuring DNS servers that are connected to the Internet in order to improve security? disable zone transfers delete the DNS cache disable DNS buffers setup DNS proxy

disable zone transfers

What uses mathematical calculations to compare routes based on some measurement of distance? route summarization link-state routing protocols routing metrics distance-vector routing protocols

distance-vector routing protocols

Which of the following is true about RF transmissions? EM radiation is measured in volts frequency has an inverse relationship with wavelength frequency is the distance between waves cooler objects produce higher-frequency radiation than hotter objects

frequency has an inverse relationship with wavelength

Which type of IDPS can have the problem of getting disparate systems to work in a coordinated fashion? inline host-based hybrid network-based

hybrid

Which of the following is NOT a network defense function found in intrusion detection and prevention systems? prevention response identification detection

identification

Which of the following is true about cryptographic primitives? each performs several tasks a single primitive makes up an entire cryptographic protocol primitives are usually not the source of security failures a primitive that provides confidentiality usually also provides authentication

primitives are usually not the source of security failures

Which of the following causes of signal loss is defined as differences in density between air masses over distance? reflection absorption scattering refraction

refraction

What is a downside to using Triple DES? uses only a 56-bit key goes through three rounds of encryption using three keys decreases security requires more processing time

requires more processing time

The enable ___________ password uses type 5 encryption and overrides the enable password.

secret

Which feature of a router provides traffic flow and enhances network security? VLSMs ACLs TCP CIDR

ACLs

Which type of frame advertises services or information on a wireless network? Probe request Association response Beacon Probe response

Beacon

Which layer does wireless communication rely heavily upon? MAC sublayer of the Network layer MAC sublayer of the Data Link layer LLC sublayer of the Data Link layer LLC sublayer of the Transport layer

MAC sublayer of the Data Link layer

Which TCP flag can be the default response to a probe on a closed port? RST URG PSH SYN

RST

Define metric and give three examples of common metrics that routers use.

Routing metrics are simply the values of the cost it takes routers to establish a link. Metrics could be measured hop count, bandwidth, or delay.

Which of the following is the first packet sent in the TCP three-way handshake? RST SYN ACK PSH

SYN

What is the sequence of packets for a successful three-way handshake? SYN, ACK, ACK SYN, SYN ACK, RST SYN, SYN ACK, ACK SYN, ACK, FIN

SYN, SYN ACK, ACK

A RTS frame is the first step of the two-way handshake before sending a data frame. True False

True

A hybrid IDPS combines aspects of NIDPS and HIDPS configurations. True False

True

Which of the following is NOT one of the three primary goals of information security? confidentiality integrity impartiality availability

impartiality

What term is given to a device that is designed to generate radio signals, not including those from the antenna? oscillator conductive medium intentional radiator EIRP

intentional radiator

Which type of attack works by an attacker operating between two computers in a network and impersonating one computer to intercept communications? malicious port scanning man-in-the-middle denial of service remote procedure call

man-in-the-middle

Of what category of attack is a DoS attack an example? bad header information single-packet attack multiple-packet attack suspicious data payload

multiple-packet attack

In which type of wireless attack does the attacker cause valid users to lose their connections by sending a forged deauthentication frame to their stations? association flood jamming session hijacking MAC address spoofing

session hijacking

Why might you want your security system to provide nonrepudiation? -to prevent a user from capturing packets and viewing sensitive information -to prevent an unauthorized user from logging into the system -to trace the origin of a worm spread through email -so a user can't deny sending or receiving a communication

so a user can't deny sending or receiving a communication

Which of the following is true about encryption algorithms? their strength is tied to their key length not vulnerable to brute force attacks block ciphers encrypt one bit at a time asymmetric algorithms use a single key

their strength is tied to their key length

Which of the following is a valid IPv6 address? 5BA4:2391:0:0:4C3E 1080::8:800:200C:417A 24::5B1A::346C 5510:ABCD::34:1::2

1080::8:800:200C:417A

Which of the following addresses is a Class B IP address? 126.14.1.7 224.14.9.11 189.77.101.6 211.55.119.7

189.77.101.6

Which of the following is the broadcast address for subnet 192.168.10.32 with subnet mask 255.255.255.240 192.168.10.63 192.168.10.47 192.168.10.23 192.168.10.95

192.168.10.47

Which of the following pairs represents a medium frequency band and its common use? 300 KHz-3MHz, AM radio 144-174 MHz, TV channels 30-300 KHz, cordless phones 3-30 MHz, CB and shortwave radio

300 KHz-3MHz, AM radio

The Fresnel zone is the dispersal pattern of waves as they travel from sending to receiving antennas. True False

False

All devices interpret attack signatures uniformly. True False

False

An NIDPS can tell you whether an attack attempt on the host was successful. True False

False

In wireless networks, infrared signals are used most often for data communications. True False

False

Newer Trojans listen at a predetermined port on the target computer so that detection is more difficult. True False

False

Reviewing log files is a time-consuming task and therefore should only be done when an attack on the network has occurred. True False

False

What does a measurement of +3 dB equal in power measured in mW? double the power 3 times the power one third the power one half the power

double the power

Which of the following best describes a one-way function? a bit string that prevents generation of the same ciphertext random bits used as input for key derivation functions generates secret keys from a secret value easy to compute but difficult and time consuming to reverse

easy to compute but difficult and time consuming to reverse

In which type of attack do attackers intercept the transmissions of two communicating nodes without the user's knowledge? rogue device wardriver man-in-the-middle brute force

man-in-the-middle

What is a VPN typically used for? -secure remote access -detection of security threats -block open ports -filter harmful scripts

secure remote access

Which of the following is true about asymmetric cryptography? the private key can be used to encrypt and decrypt a message a shared key is used to encrypt all messages and the private key decrypts them a single key is used and is transferred using a key management system the public key is used to encrypt a message sent to the private key owner

the public key is used to encrypt a message sent to the private key owner

What is the most likely weak link when using asymmetric encryption for verifying message integrity and nonrepudiation? the use of the sender's private key the hashing algorithm used to generate a message digest the source of the public keys the integrity of the private keys

the source of the public keys

If you see a /16 in the header of a snort rule, what does it mean? a maximum of 16 log entries should be kept the size of the log file is 16 MB the subnet mask is 255.255.0.0 the detected signature is 16 bits in length

the subnet mask is 255.255.0.0

Which of the following is true about PRNGs? they are not completely random their state is measured in bytes the shorter the state, the longer the period they can never produce the same value

they are not completely random

Which of the following is true about static routes? the metric is higher than a dynamic route they are created by routing protocols they are used for stub networks they change automatically as the network changes

they are used for stub networks

Which of the following is true about the SSID? they can be Null they are registered they are not found in beacon frames they are found in control frames

they can be Null

Which of the following is NOT a suggested practice before using a newly configured wireless network? change the administrator password change the manufacturer's default key use the default encryption method alter the default channel

use the default encryption method

Which IDPS customization option is a list of entities known to be harmless? thresholds whitelists blacklists alert settings

whitelists

Which of the following is true about MAC addresses in a wireless network? MAC address filtering will stop a determined attacker MAC addresses are Network layer identities you need to configure the MAC address before you use the WNIC you can change a WNICs MAC address with software

you can change a WNICs MAC address with software


Ensembles d'études connexes

CISCO NetAcad CCNA 1 Chapter 5 Exam

View Set

Chapter 4 Sociology Stereotyping and Roles

View Set

Project Human Resource Management

View Set

The Fetal Face and Neck: Review Questions

View Set

Biology 225 Exam 3 Spring 2020: Endocrinology and Reproduction

View Set