Final Exam (Chapter 5-8, 12, and 15)

Réussis tes devoirs et examens dès maintenant avec Quizwiz!

What is the recommended secure setting in Internet Explorer for initializing and scripting ActiveX controls not marked as safe? A. Disable B. Enable C. Forbid D. Prompt

A. Disable

Which of the following templates is used to provide the most security for the domain controllers? A. Hisecdc.inf B. Securedc.inf C. Hisecws.inf D. Sectopdc.inf

A. Hisecdc.inf

Attempting to make your system appear less appealing is referred to as what? A. Intrusion deterrence B. Intrusion deflection C. Anomaly detection D. System deterrence

A. Intrusion deterrence

IDS is an acronym for: A. Intrusion-detection system B. Intrusion-deterrence system C. intrusion-deterrence service D. Intrusion-detection service

A. Intrusion-detection system

Why is the XOR mathematical operation not secure? A. It does not change the letter or word frequency B. The mathematics are flawed C. It does not use a symmetric key system D. The key length is too short

A. It does not change the letter or word frequency

Which of the following is the primary weakness in the caesar cipher? A. It does not disrupt letter frequency B. It does not use complex mathematics C. It does not use a public key system D. There is no significant weakness; the Caesar cipher is adequate for most encryption uses.

A. It does not disrupt letter frequency

Which of the following is an important security feature in CHAP? A. It periodically re-authenticates B. It uses 3DES encryption C. It is immune to IP spoofing D. It uses AES encryption

A. It periodically re-authenticates

Which authentication protocols are available with L2TP that are not available with PPTP? A. MS-CHAP, PAP, and SPAP B. EAP and CHAP C. PAP, EAP, and MS-CHAP D. SPAP and MS-CHAP

A. MS-CHAP, PAP, and SPAP

What account lockout threshold does the NSA recommend? A. 5 tries B. 3 tries C. 4 tires D. 2 tries

B. 3 tries

A series of ICMP packets sent to your ports in sequence might indicate what? A. A DoS attack B. A ping flood C. A packet sniffer D. A port scan

B. A ping flood

What is banishment vigilance?

Blocking all traffic from a suspect IP address (i.e. banishing that address)

What size key does the DES algorithm use? A. 255-bit B. 123-bit C. 56-bit D. 64-bit

C. 56-bit

Who issues certificates? A. The UN encryption authority B. The US Department of Defense C. A private certificate authority D. The ACM

C. A private certificate authority

Which of the following encryption algorithm is a block cipher, and uses the Rijndael algorithm? A. DES B. RSA C. AES D. NSA

C. AES

What OS requires periodic patches? A. Windows B. Linux C. All of these D. Macintosh

C. All of these

Which of the following is the oldest known encryption method? A. PGP B. Multi-alphabet C. Caesar cipher D. Cryptic cipher

C. Caesar cipher

At which layer of the OSI model does PPTP operate? A. Physical B. Network C. Data link D. Transport

C. Data link

What's the max password age that Microsoft recommends? A. 20 days B. 3 months C. 1 year D. 42 days

D. 42 days

What is threshold monitoring?

Monitoring a network or system looking for any activity that exceeds some predefined limit or threshold

What is resource profiling?

Monitoring approach that measures system-wide use of resources and develops a historic usage profile

What is a digital signature?

A cryptographic method of verifying a file or sender. It uses asymmetric cryptography in reverse order. They can verify who sent the message. Some part of the message is encrypted or signed with the user's private key. Any recipient can verify the signature using the sender's public key.

What is a network-based firewall?

A firewall solution that runs on an existing server

What is quantum entanglement?

A phenomena from quantum physics where two subatomic particles are related in such a way that a change to the state of one instantaneously causes a change to the state of the other

What is quantum encryption?

A process that uses quantum physics to encrypt data

What is a service?

A program that runs in the background, often performing some system service

What is a honeypot?

A system or server designed to be very appealing to hackers, when in fact it is a trap to catch them A honeypot is a single machine set up to appear to be an important server All traffic to the machine is suspicious; no legitimate users should connect Honeypots can help track and catch hackers and can be configured to emulate many server services

What is executable profiling?

A type of intrusion detection strategy that seeks to profile the behavior of legitimate executables and compare that against the activity of any running program

What is blowfish?

A well-known symmetric block cipher created by Bruce Schneier

What is Snort?

A widely used, open source, intrusion-detection system

What is a digital signature? A. A piece of encrypted data added to other data to verify the sender B. A scanned-in version of your signature, often in .jpg format C. A signature that is entered via a digital pad or any other device D. A method for verifying the recipient of a document

A. A piece of encrypted data added to other data to verify the sender

Which of the following has 3 different key sizes that it can use? A. AES B. DES C. Triple DES D. IDEA

A. AES

What protocols make up IPSec? A. AH, IKE, ESP, and ISAKMP B. AH, PAP, CHAP, and ISAKMP C. ISAKMP, MS-CHAP, PAP, and AH D. AH, SPAP, CHAP, and ISAKMP

A. AH, IKE, ESP, and ISAKMP

Which type of IDS is the Cisco Sensor? A. Anomaly detection B. Intrusion deflection C. Intrusion deterrence D. Anomaly deterrence

A. Anomaly detection

What does disabling the default admin account and setting up an alternative account accomplish? A. Makes it more difficult for someone to guess the log-on information B. Keeps admin conscious of security C. Allows closer management of admin access D. Makes the password stronger

A. Makes it more difficult for someone to guess the log-on information

Why is encryption an important part of security? A. No matter how secure your network is, the data being transmitted is still vulnerable without encryption B. Encrypted transmissions will help stop denial of service attacks C. A packet that is encrypted will travel faster across networks D. Encrypted transmission are only necessary with VPNs

A. No matter how secure your network is, the data being transmitted is still vulnerable without encryption

What is the difference between voluntary and compulsory tunneling in PPTP? A. Only voluntary tunneling allows the user to choose encryption B. Only compulsory tunneling forces the user to send his password C. Only voluntary tunneling allows a standard PPP/non-VPN connection D. Only compulsory tunneling forces 3DES encryption

A. Only voluntary tunneling allows the user to choose encryption

Which of the following is generally considered the least secure? A. PAP B. SPAP C. MS-CHAP D. X-PAP

A. PAP

What is changing the TCP/Settings in the registry called? A. Stack tweaking B. Stack altering C. Stack compression D. Stack building

A. Stack tweaking

Setting up parameters for acceptable us, such as the number of login attempts, and watching to see if those levels are exceeded is referred to as what? A. Threshold monitoring B. Resource profiling C. System monitoring D. Executable profiling

A. Threshold monitoring

What is the purpose of IKE? A. Key exchange B. Packet encryption C. Header protection D. Authentication

A. key exchange

What is AES?

Advanced Encryption Standard. A modern symmetric cipher that is widely used. Uses Rijndael algorithm and specifies three key sizes: 128, 192, and 256 bits

What is a encrypting file system?

Also known as EFS, this is Microsoft's file system that allows users to encrypt individual file. It was first introduced in Windows 2000

What is intrusion deterrence?

An IDS strategy that attempts to deter intruders by making the system seem formidable perhaps more formidable than it is

What is intrusion deflection?

An IDS strategy that is dependent upon making the system seem less attractive to intruders. It seeks to deflect attention away from the system

What are discretionary access controls?

An admin's option either to control access to a given resource or simply allow unrestricted access

What is the primary vulnerability in SPAP? A. Weak encryption B. Playback attacks C. Clear text passwords D. No hash code

B. Playback attacks

PPTP is an an acronym for which of the following? A. Point-to-Point Transmission Protocol B. Point-to-Point Tunneling Protocol C. Point-to-Point Transmission Procedure D. Point-to-Point Tunneling Procedure

B. Point-to-Point Tunneling Protocol

What type of encryption uses a different key to encrypt the message than it uses to decrypt message? A. Private key B. Public key C. Symmetric D. Secure

B. Public key

If you are using a block cipher to encrypt large amounts of data, which of the following would be the most important consideration when deciding which cipher to use (assuming all of your possible choices are well known and secure)? A. Size of the keys used B. Speed of the algorithm C. Whether or not it has been used by any military group D. Number of keys used

B. Speed of the algorithm

What is the rule for unused services on any computer? A. Turn them off only if they are critical B. Turn them off C. Monitor them carefully D. Configure them for minimal privileges

B. Turn them off

A system that is set up for attracting and monitoring intruders is called what? A. Fly paper B. Trap door C. Honeypot D. Hacker cage

C. Honeypot

Snort is which type of IDS? A. Router-based B. OS-based C. Host-based D. Client-based

C. Host-based

Why might you run Specter in strange mode? A. It may confuse and deter them from your systems B. It will be difficult to determine the system is a honeypot C. It might fascinate hackers and keep them online long enough to catch them D. It will deter novice hackers

C. It might fascinate hackers and keep them online long enough to catch them

Which of the following is a problem with the threshold monitoring approach? A. It is difficult to configure B. It misses many attacks C. It yields many false positives D. It is resource-intensive

C. It yields many false positives

What type of encryption does EFS utilize? A. Single key B. Multi-alphabet C. Public key encryption D. A secret algorithm proprietary to Microsoft

C. Public key encryption

Which of the following is the most common legitimate use for a password cracker? A. There is no legitimate use for a password cracker B. Military intelligence agents using it to break enemy communications C. Testing the encryption of your own network D. Trying the break the communications of criminal organizations in order to gather evidence

C. Testing the encryption of you own network

What is the purpose of a certificate? A. To verify that software is virus-free B. To guarantee that a signature is valid C. To validate the sender of a digital signature or software D. To validate the recipient of a document

C. To validate the sender of a digital signature or software

What binary mathematical operation can be used for a simple encryption method? A. Bit shift B. OR C. XOR D. Bit swap

C. XOR

What's the min password length that the NSA recommends? A. 6 characters B. 8 characters C. 10 characters D. 12 characters

D. 12 characters

Which of the following is a security recommendation for Linux not common to Windows? A. Shut down all services that you are not using (called daemons in Linux) B. Configure the browser securely C. Routinely patch the OS D. Disable all console-equivalent access for regular users

D. Disable all console-equivalent access for regular users

A profiling technique that monitors how applications use resources is called what? A. System monitoring B. Resource profiling C. Application monitoring D. Executable profiling

D. Executable profiling

What is primary advantage of the DES encryption algorithm? A. It is complex B. It is unbreakable C. It uses asymmetric keys D. It is relatively fast

D. It is relatively fast

What level of privileges should all users have? A. Admin B. Guest C. Most privileges possible D. Lest possible

D. Least possible

What is the difference between the transport mode and the tunnel mode in IPSec? A. only transport mode is unencrypted B. Only tunneling mode is unencrypted C. Only tunneling mode does not encrypt the header D. Only transport mode does not encrypt the header

D. Only transport mode does not encrypt the header

PPTP is based on what earlier protocol? A. SLIP B. L2TP C. IPSec D. PPP

D. PPP

Which of the following is NOT one of Snort's modes? A. Sniffer B. Packet logger C. Network intrusion-detection D. Packet filtering

D. Packet filtering

What is the min secure setting in Internet Explorer for Run components not signed with Authenticode? A. Disable B. Enable C. Forbid D. Prompt

D. Prompt

Which of the following is an encryption method developed by 3 mathematicians in the 1970s? A. PGP B. DES C. DSA D. RSA

D. RSA

Which of the following is NOT a profiling strategy used in anomaly detection? A. Threshold monitoring B. Resource profiling C. Executable profiling D. System monitoring

D. System monitoring

What is DES?

Data Encryption Standard. A symmetric cryptography algorithm fist published in 1977, no longer considered secure due to the small key size Uses a symmetric key system. Data is divided and transposed. Data is then sent through a series of steps Further scrambled with a swapping algorithm

What is network intrusion detection?

Detecting any attempted intrusion throughout the network, as opposed to intrusion detection that only works on a single machine or server

What is a null session?

How Windows represents an anonymous user

What is IDEA?

International Data Encryption Algorithm. A block cipher designed as a replacement for DES Uses a subways generated from a 128-bit key Uses the following procedures: 128-bit key split into eight 16 bit keys Digits are shifted 25 bits to left to make a new key and generate the next subkeys Step 2 is repeated until 52 subways are generated

What is IDS?

Intrusion Detection system. A system for detecting attempting intrusion. Related to intrusion prevention systems (IPS) that block suspected attacks

What is ASCII code?

Numeric codes used to represent all standard alphanumeric symbols. There are 255 different ASCII codes

What are group policy objects?

Objects in Microsoft Windows that allow you to assign access rights to entire groups of users or computers

What are account policies?

Policies regarding account settings

What is a security template?

Present security setting that can be applied to a system

What is PGP?

Pretty Good Privacy. A widely used tool that has symmetric and asymmetric algorithms, often used to encrypt e-mail. Uses its own cert format and certs are self-generated, not using a CA.

What is a port scan?

Sequentially pinging ports to see which ones are active

What is encryption?

The act of encrypting a message, usually by altering a message so that is cannot be read without the key and the decryption algorithm

What is the Rijndael algorithm?

The algorithm used by AES

What is a mono-alphabet cipher?

An encryption cipher using only one substitution alphabet

What is a public key system?

An encryption method where the key used to encrypt messages is made public and anyone can use it. A separate, private key is required to decrypt the message

What is a false positive?

An erroneous flagging of legitimate activity as an attempted intrusion by an intrusion detection device

What is anomaly detection?

An intrusion-detection strategy that depends on detecting anomalous activities

Which of the following most accurately describes the registry? A. A relational database containing system settings B. A database containing system settings C. A database where software is registered D. A relational database where software is registered

B. A database containing system settings

What advantage does AH have over SPAP? A. AH a uses stronger encryption B. AH is a stronger authentication C. AH is not susceptible to replay attacks D. None; SPAP is more secure

B. AH is a stronger authentication

What is another term for preemptive blocking? A. Intrusion deflection B. Banishment vigilance C. User deflection D. Intruder blocking

B. Banishment vigilance

Which encryption algorithm uses a variable-length symmetric key? A. RSA B. Blowfish C. DES D. PGP

B. Blowfish

Which of the following is a symmetric key system using blocks? A. RSA B. DES C. PGP D. Diffie-Hellman

B. DES

Which authentication protocols are available under PPTP? A. MS-CHAP, PAP, and SPAP B. EAP and CHAP C. PAP, EAP, and MS-CHAP D. SPAP and MS-CHAP

B. EAP and CHAP

What protects the actual packet data in IPSec? A. AH B. ESP C. SPAP D. CHAP

B. ESP

What does L2TP use for encryption? A. MPPE B. IPSec C. 3DES D. AES

B. IPSec

Attempting to attract intruders to a system set up to monitor them is called what? A. Intrusion deterrence B. Intrusion deflection C. Intrusion banishment D. Intrusion routing

B. Intrusion deflection

What does L2TP stand for? A. Level 2 Transfer Protocol B. Layer 2 Tunneling Protocol C. Level 2 Tunneling Protocol D. Layer 2 Transfer Protocol

B. Layer 2 Tunneling Protocol

An improvement on the Caesar cipher that uses more than one shift is called what? A. DES encryption B. Multi-alphabet substitution C. IDEA D. Triple DES

B. Multi-alphabet substitution

Which of the following is a weakness in PPTP? A. Clear text passwords B. No encryption C. Used only with IP networks D. Not supported on most platforms

B. No encryption


Ensembles d'études connexes

Chapter 6: The Revolution Within

View Set

"There, There" Key Characters and Events

View Set

Kotler|Armstrong Principles of Marketing Chapter 16

View Set

Cellular Respiration C6 H12 O6 + 6O2 -—> 6CO2 + 6H2O

View Set

Ch 3 Genetics, Conception, Fetal Development, and Reproductive Technology

View Set

Chapter 22 - Reproductive System

View Set