IT 230

Réussis tes devoirs et examens dès maintenant avec Quizwiz!

SDLC is an acronym for Security Development Life Cycle

False

A MAC flood is when a person accesses a single port of a switch that was not physically secured.

False - A MAC flood is when numerous packets are sent to a switch, each with a different source MAC address, in an attempt to use up all the memory on the switch.

To protect against malicious attacks, what should you think like? a. Script Kiddie b. Hacker c. Network administrator d. Auditor

Hacker

Of the following, which is a collection of a server that was set up to attract attackers? a. Honeypot b. Honeynet c. VLAN d. DMZ

Honeynet

When you are developing a security plan which one of the following is an example of a physical control? a. Encryption b. DRP c. Password d. ID Card

ID Card

Where would a NIDS sit on a network? a. on the DMZ b. Back to Back c. on the extranet d. Inline

Inline - A NIDS normally sits inline on the network. It could be before or after the firewall but more commonly is on the side closer to the Internet.

What does the "I" stand for in CIA? a. Integrity b. Information c. Individual d. Insurrection

Integrity

Which of the following devices would detect but not read to suspicious behavior on the network ?

NIDS

Which of the following is an inline device that checks all packets? a. Network intrusion detection systemTrue b. Statistical anomaly c. Host-based intrusion detection systemFalse d.Personal software firewall

Network intrusion detection system - A network intrusion detection system (NIDS) is an inline device that checks all the packets that flow through it. It is meant to detect attacks and intrusions for the entire network

When can you declare that a system is completely secure?

Never

Avi sends out many e-mails containing secure information to other companies. What concept should be implemented to prove that Avi did indeed send the e-mails? a. Read receipt b. Integrity c. Non-Repudiation d. Authenticity e. Confidentiality

Non-Repudiation

Which of the following individuals uses code with little knowledge of how it works? a. Insider b. Hacktivist c. Script Kiddie d. APT

Script Kiddie

By checking the CVEs, you can keep informed of the latest attacks on web servers.

True

Full device encryption is one way of protecting a mobile device's data if the device is stolen.

True

Honeynets are one or more computers or servers used to counteract attempts at unauthorized aces to a network.

True

Port 88 is used by Kerberos.

True

Subnetting increases security by compartmentalizing a network.

True

When a group of compromised systems attack a single target, causing a DoS to occur at that host

True

Flashing is a term that describes the updating of the BIOS.

True - Flashing is a term that describes the updating of the BIOS.

In the case of theft, the two best ways to protect against the loss of confidential or sensitive information are encryption and a remote wipe program.

True - In the case of theft, encryption and a remote wipe program are the two best ways to protect against the loss of confidential or sensitive information.

NAT is something also known as IP masquerading

True - NAT, which stands for networks address translation is sometimes also known as IP masquerading.

Personal firewalls are applications that protect an individual computer from unwanted Internet traffic

True - Personal firewalls are applications that protect an individual computer from unwanted Internet traffic. They do so by way of a set of rules and policies.

Storage DLP systems are typically installed in data centers or server rooms as software that inspects data at rest.

True - Personal firewalls are applications that protect an individual computer from unwanted Internet traffic. They do so by way of a set of rules and policies.

A DMZ is a special area of the network accessed by clients of the Internet.

True - The DMZ might include servers such as FTP, e-mail, and web that are accessible to people on the Internet, without enabling those people access t the LAN.

Network access control (NAC) sets rules by which network connection are governed.ork

True - helps control your network in a secure fashion by setting rules by which connections to the network are governed. Example: 802.1X

Input validation is a process that ensures that correct usage of data.

True - if data is not validated correctly, it can lead to security vulnerabilities and data corruption. Input validation ensures the correct usage of data.

What two locations can be a target for DNS poisoning? (Choose all that apply.) a. local database table b. external DNS server c. directory server d. local host table

external DNS server and local host table

Which type of attack below is similar to a passive man-in-the-middle attack? a. buffer overflow b. replay c. denial d. hijacking

replay

Which type of attack broadcasts a network request to multiple computers but changes the address from which the request came to the victim's computer? a. DNS Poisoning b. denial of service c. IP spoofing d. smurf attack

smurf attack

What type of an attack is being executed if an attacker substituted an invalid MAC address for the network gateway so no users can access external networks? a. ARP poisoning b. DNS poisoning c. man-in-the-middle d. denial of service

ARP poisoning

ARP poisoning

An attack that exploits Ethernet networks, and it may enable an attacker to sniff frames of information, modify that information, or stop it from getting to its intended destination.

Which of the following does the A in CIA stand for when it comes to IT security? (Select the best answer.) a. Auditing b. Assessemt c. Accountability d. Availability

Availability

In information security, what are the three main goals?

Availability Confidentiality Integrity

Which one of the following is placed in an application by programmers either knowingly or inadvertently to bypass normal authentication a. Backdoor b. Virus c. Input validation d. Sandbox

Backdoor

Which of the following best describes IPS? a. A system that stops attacks in progress b. A system that identifies attacks c. A system that is designed to attract and trap attackers d. A system that logs attacks for later analysis

Both: a. A System that stops attacks in progress. d. A system that logs attacks for later analysis

Which of the following ways can help secure a modem? (select the two best answers) a. Use Telnet b. Mount the modem to the floor c. Use strong passwords d. Use the callback feature

Both: c. Use strong passwords d. Use the callback feature

Which of the following should you include as general browser security practices? a. Train your users b. Use a proxy server c. Use multiple web browsers d. Use the latest browser

Both: a. Train your users b. Use a proxy server

A proxy server acts as a go-between for the clients on the network and the internet

False

Replay attack

A network attack in which a valid data transmission is maliciously or fraudulently repeated or delayed.

Where are MAC addresses stored for future reference?

ARP cache

Cloud environments often reuse the same physical hardware (such as hard drives) for multiple customers. These hard drives are used and reused when customer virtual machines are created and deleted over time. What security concern does this bring up implications for? a. Availability of virtual machines b. Confidentiality of data c. Integrity of data d. Hardware integrity

Confidentiality of data

Which one of the following posses the greatest risk when it comes to removable storage? a. Integrity of data b. Confidentiality of data c. Availability of data d. Accountability of data

Confidentiality of data

Which of the following is used to house FTP servers, mail servers, and web servers so that people on the internet can access them but cannot access any other of the organizations servers? a. Subnet b. VLAN c. Intranet d. DMZ

DMZ

When TCP/IP was developed, the host table concept was expanded into a hierarchical name system for matching computer names and numbers using this service:

DNS

Which of the following is not an example of good cloud security? a. 2FA b. Powerful authentication methods c. Eight-character passwords d. Strong data access policies

Eight-character passwords

A NIDS can inspect traffic and possibly remove, detain, or redirect malicious traffic and react to it.

False - A NIDS attempts to detect malicious network activities by monitoring network traffic and alerts the administrator in the case that it finds any. > NIPS on the other can inspect traffic and possibly remove, detain, or redirect malicious traffic and react to it.

Bluejacking is the unauthorized access of information from a wireless device through a Bluetooth connection.

False - Bluejacking is the sending of unsolicited messages to Bluetooth-enabled devices such as mobile phones. Bluesnarfing is the unauthorized access of information from a wireless device through a Bluetooth connection.

AN IP proxy serves client requests by caching HTTP information

False - IP proxies secure networks by keeping the machines behind them anonymous

Botnets do not affect mobile devices.

False - Mobile devices can be part of botnets—just like desktop computers.

An intranet enables multiple companies to access a secure area of a company's network.

False - an Intranet is usually for remote employees of an organization. Multiple or partner companies would usually connect to an extranet.

An example of a Windows firewall is iptables.

False - iptables is a firewall used in Linux systems, not Windows systems.

Which of the following occurs when an IDS identifies legitimate activity as something malicious? a. False negative b. Statistical anomaly c. False positive

False Positive

Which one should be your primary defense in the Network? a. Protocol Analyzer b. Proxy server c. NIPS d. Firewall

Firewall

Which tool would you use if you want to view the contents of a packet? a. Protocol Analyzer b. Port Server c. Loopback Adapter d. TDR

Protocol Analyzer - has the capability to "drill" down through a packet and show the contents of that packet as they correspond to the OSI model.

Which of the following is not a denial-of-service attack? a. Smurf Attack b. Fork Bomb c. Teardrop Attack d. replay Attack

Replay attack - is a network attack in which a valid data transmission is maliciously or fraudulently repeated or delayed. It is not within the realm of denial-of-service attacks. All the other answers are types of denial-of-service attacks.

DNS poisoning

The modification of name resolution information that should be in a DNS server's cache.

Black-box testing uses testers with no advanced knowledge of the system.

True

Spoofing

When an attacker masquerades as a another person by falsifying information

Which of the following is NOT a common safeguard for Microsoft Excel? a. Use encryption b. Setting macro security levels c. Using a digital certificate d. Using password protection

c. Using a digital certificate


Ensembles d'études connexes

The Civil War Study Island Answers

View Set

Experiment 1: UV Analysis of Sunscreens

View Set

ACC201 Chapter 11 (wileyplus) Plattsburgh

View Set

16.3 The Holocaust (Based on PPT)

View Set

SAMPLE MARKETING CLUSTER EXAM #1

View Set

life & health missed test questions

View Set