MIDTERM
Which of the following are examples of virtualization? (three answers) a.Hyper-V b.VirtualBox c.VMware Workstation d.Microsoft Visio
Hyper-V VirtualBox VWware Workstation
Which of the following devices should you use to keep machines behind it anonymous? (Select the best answer.) a.Caching proxy b.IP proxy c.Circuit-level gateway d.UTM
IP proxy
Of the following, which can be a security benefit when using virtualization? a.Patching a computer patches all virtual machines running on the computer. b.If one virtual machine is compromised, none of the other virtual machines can be compromised. c.If a virtual machine is compromised, the adverse effects can be compartmentalized. d.Virtual machines cannot be affected by hacking techniques.
If a virtual machine is compromised, the adverse effects can be compartmentalized.
For information security, what is the "I" in "CIA"? a.Insurrection b.Information c.Identification d.Integrity
Integrity
Which of the following should be used to filter out activities such as instant messaging? a.IP proxy b.Application-level gateway c.Internet content filter d.Honeypot
Internet content filter
Which of the following is the most secure form of authentication? a.PAP b.CHAP c.MS-CHAP d.MS-CHAP v2
MS-CHAP v2
Which type of firewall filter can match incoming traffic to the corresponding outbound IP address connection by way of IP address and port? a.Packet filtering b.NAT filtering c.Application-level gateway d.Circuit-level gateway
NAT filtering
Snort and Bro are examples of which of the following? Select one: a.Firewalls b.Proxy servers c.NIDS d.SPI
NIDS
Which of the following can detect malicious packets and discard them? a.Proxy server b.NIDS c.NIPS d.PAT
NIPS (network intrusion prevention system)
Which of the following is the best file system to use in Windows? a.FAT32 b.FAT c.NTFS d.FAT16
NTFS
Which of the following is an inline device that checks all packets? a. Host-based intrusion detection system b. Statistical anomaly c. Network intrusion detection system d. Personal software firewall
Network Intrusion Detection System
In which of the following Windows locations would you turn off file sharing? a.Firewall properties b.Network and Sharing Center c.System and Security d.Local Area Connection
Network and Sharing Center
Tom sends out many emails containing secure information to other companies. What concept should be implemented to prove that Tom did indeed send the emails? A. authenticity B. nonrepudiation C. confidentiality D. integrity
Nonrepudation
Which of the following are commonly used in VPN tunneling protocols? (two answers) a.PPP b.PPTP c.TACACS+ d.L2TP
PPTP L2TP
Which of the following cloud computing services would be in use if an organization were using Gmail? a.SaaS b.IaaS c.PaaS d.Private cloud
SaaS (software as a service)
Which of the following refers to a cloud computing service where a large service provider integrates its security services into a customer's existing infrastructure? a.PaaS b.SECaaS c.IaaS d.SaaS
Security as a service (SECaaS)
Which of the following remote authentication methods was developed by Cisco? Select one: a.802.1X b.TACACS+ c.RADIUS d.Kerberos
TACACS+ (Terminal Access Controller Access Control System Plus)
What is the best option to use to isolate an operating system? a.Host-based intrusion detection system b.Network-based intrusion detection system c.Antivirus software d.Virtualization software
Virtualization software
Which of the following should be modified because it is weak by default? a.Default account b.NAT firewall c.Wireless encryption d.PNAC
default account
Which of the following should be done to maintain and harden a hard disk? (two answers) a.Defragment the drive. b.Consider a whole disk encryption. c.Install third-party applications. d.Sanitize the drive.
defragment the drive consider a whole disk encryption
Which of the following is not an example of good cloud security? a.Strong data access policies b.Powerful authentication methods c.Eight-character passwords d.Encryption
eight-character passwords
A MAC flood is when a person accesses a single port of a switch that was not physically secured. True False
false
A NIDS can inspect traffic and possibly remove, detain, or redirect malicious traffic. True False
false
A honeypot is a device that caches information for hackers. True False
false
A smart card is an example of something a user knows. True False
false
A system can be easily secure A. True B. False
false
Active interception is the act of exploiting a bug or design flaw in software. a. true b. false
false
ActiveX controls can run on any browser platform. True False
false
Alt+F8 is the key combination that closes pop-up windows. a. true b. false
false
An IP proxy serves client requests by caching HTTP information. True False
false
An example of a Windows firewall is iptables. a. true b. false
false
An intranet enables multiple companies to access a secure area of a company's network. True False
false
Authorization is when a person is in a state of being identified. True False
false
Biometrics is an example of a logical authentication system. True False
false
Botnets do not affect mobile devices. a. true b. false
false
In an 802.1X connection, the authenticator is software running on a workstation. True False
false
Microsoft's disk defragmenter can be used to revert to a previous restore point. a. true b. false
false
Multifactor authentication is when a user can log in once and gain access to multiple systems. True False
false
NAT filtering accepts or rejects packets based on rules. True False
false
One example of PaaS is a Gmail email account. True False
false
One way of protecting Microsoft Outlook is to use a passwords for opening or modifying documents. a. true b. false
false
One way to defend against a double-tagging attack is to put unplugged ports on the switch into an unused VLAN. True False
false
One way to protect a WAN is to place all the computers behind a router. True False
false
One way to secure the administration interface of a WAP is to turn it off when not in use. True False
false
Opening mail relays can decrease the amount of spam that an organization receives on its e-mail server. A. true B. false
false
Port 443 is used by Ms-sql-s. True False
false
Port 53 is used by the DoS protocol. True False
false
Privilege escalation is used in computer programs to bypass normal authentication. True False
false
RFI is a disturbance that can affect electrical circuits, devices, and cables due to electromagnetic conduction or radiation. True False
false
SDLC is an acronym for Security Development Life Cycle. a. true b.false
false
Six characters or more constitutes a strong password. True False
false
Social engineering includes viruses, worms, and Trojan horses. A. true B. false
false
Syslog uses port 161. true false
false
The convert command converts an NTFS drive to FAT32. a. true b. false
false
The net stop command disables services in Windows. a. true b. false
false
The network 10.0.0.0 is a Class B private IP network. True False
false
To accept fewer cookies, you would add them to the Restricted Sites zone. True False
false
To open the Local Group Policy Editor console window, a user should type MMC at the Run prompt. a. true b. false
false
To turn off services, you would access the Programs and Features section of the Control Panel. a. true b. false
false
Viruses self-replicate, whereas worms do not. a. true b. false
false
WPA2 has a typical key size of 128 bits. True False
false
Bluejacking is the unauthorized access of information from a wireless device through a Bluetooth connection. a. true b. false
false (sending of information)
Which of the following occurs when an IDS identifies legitimate activity as something malicious? a.False negative b.False positive c.Monitoring positive d.Statistical anomaly
false POSITIVE
If a server has inbound port 21 open, what service is it running? Select one: a.File Transfer Protocol b.Simple Mail Transfer Protocol c.Hypertext Transfer Protocol d.Kerberos
file transfer protocol (port 21)
Which of the following should be your primary line of defense in network security? a.Proxy server b.NIPS c.Firewall d.Protocol analyzer
firewall
James has detected a network intrusion in his company. What should he check first? Select one: a.DNS logs b.Firewall logs c.Event Viewer d.Performance logs
firewall logs
Where would a NIDS sit on a network? (Select the best answer.) a.Inline b.On the extranet c.On the DMZ d.Back to back
inline
Which of the following would protect against an attacker entering malicious code into a web form? a.White-box testing b.Fuzzing c.Black-box testing d.Input validation
input validation
Which of the following is an example of spyware? a.Internet Optimizer b.CryptoLocker c.Nimda d.Evil Maid Attack
internet optimizer
Which of the following can run on any platform? a.ActiveX controls b.Java applets c.Internet Explorer d.Sandbox
java applets
Which of the following uses a two-way authentication system known as mutual authentication? Select one: a.LDAP b.Kerberos c.RADIUS d.802.1X
kerberos
Which of the following is when two or more types of authentication are used when dealing with access control? a.Single sign-on b.False positive c.Multifactor authentication d.Username and password
multifactor authentication
Which of the following commands can be used to turn off a service? a.net stop b.net start c.sc config d.chkconfig off
net stop
Which of the following commands enables you to synchronize a client's time to a domain controller? a.net time b.netstat -an c.net stop d.sc config
net time
Of the following, what are three ways to increase the security of Microsoft Outlook? (three answers) a.Password protect .PST files. b.Increase the junk e-mail security level. c.Set macro security levels. d.Install the latest Office update or service pack.
password protect .PST files increase the junk email security install the latest Office update or service pack
Which of the following is NOT a good strategy for securing a WAP? Select one: a.Use NAT filtering. b.Disable the SSID. c.Place it in a Faraday cage. d.Use PNAC.
place it in a faraday cage
Which type of virus can change every time it is executed a.Macro b.Polymorphic c.Armored d.Boot sector
polymorphic
Which of the following port numbers is used by the Character Generator (CHARGEN)? Select one: a.21 b.7 c.19 d.53
port 19
Which port does Remote Desktop Protocol use? a.1812 b.389 c.3389 d.1813
port 3389
To use the Lightweight Directory Access Protocol (LDAP) in a secure fashion, what port should be used? Select one: a.443 b.3389 c.636 d.389
port 636
What is the most common port used when connecting an Internet Explorer browser to a proxy server for use with HTTP connections? a.53 b.80 c.443 d.21
port 80
Which of the following is the act of exploiting a bug or design flaw in an operating system or application to gain access to resources that normally would be protected from an application or user? a.Backdoor b.Privilege escalation c.Weak password d.DDoS
privilege escalation
Which of the following is not a denial-of-service attack? Select one: a.Smurf attack b.Teardrop attack c.Replay attack d.Fork bomb
replay attack
Which command disables a service in the command line? a.net stop b.net start c.net disable d.sc config
sc config
What are two ways of discouraging bluesnarfing? (two answers) a.Select a pairing key that is not easy to guess. b.Turn off the device. c.Use infrared. d.Set the device to undiscoverable.
select a pairing key that is not easy to guess set the device to undiscoverable
Which of the following can best be described as the exploitation of a computer session in an attempt to gain unauthorized access to data? a.DoS b.Session hijacking c.Null session d.Domain name kiting
session hijacking
Which of the following are ways to help defend against distributed denial-of-service attacks? (three answers) a.Update firewalls. b.Carefully select applications. c.Use intrusion prevention systems. d.Use a "clean pipe."
update firewalls use intrusion prevention systems use a "clean pipe"
A client computer uses the IP address 10.254.254.189. It has made a connection to a web server by opening the outbound port 1589. The server uses the IP address 65.19.28.154. You want to filter out any HTTP packets coming from the server. Which IP address and port should you specify to be filtered on the firewall? a.10.254.254.189:1589 b.10.254.254.189:80 c.65.19.28.154:1589 d.65.19.28.154:80
65.19.28.154:80
In information security, the three core principles are known as confidentiality, integrity, and availability. A. True B. False
true
In the case of theft, the two best ways to protect against the loss of confidential or sensitive information are encryption and a remote wipe program. a. true b. false
true
Individuals who hack into systems at an organization's request, but are not employed by the organization are known as blue hats. A. true B. false
true
Input validation is a process that ensures the correct usage of data. True False
true
Locally shared objects (LSOs), also called Flash cookies, collect information about users' browsing habits. a. true b. false
true
Malware is software designed to infiltrate a computer system without the user's consent. a. true b. false
true
NAT filtering matches incoming traffic to corresponding outbound IP connections by matching the IP address and port. True False
true
NAT is sometimes also known as IP masquerading. True False
true
Network access control (NAC) sets rules by which network connections are governed. True False
true
Timothy complains about a lot of pop-up windows when he uses Internet Explorer. Which key combination should you tell him to use to close the pop-up windows? a.Ctrl+Alt+Del b.Alt+F4 c.Ctrl+Shift+Esc d.Windows key
Alt+F4
Which of the following does the "A" in "CIA" stand for when relating to IT security? Accountability Availability Assessment Auditing
Availability
Personal firewalls are applications that protect an individual computer from unwanted internet traffic. a. true b. false
true
Port 88 is used by Kerberos. a. true b. false
true
RADIUS uses port 1812. True False
true
RCE is when an attacker takes control of a server from a remote location using shell code. a. true b. false
true
Ransomware holds a user's files for ransom by encrypting them. A. true B. false
true
Storage DLP systems are typically installed in data centers or server rooms as software that inspects data at rest. a. true b. false
true
Subnetting increases security by compartmentalizing a network. True False
true
The concept of least functionality is when an organization configures computers and other information systems to provide only the essential functions. a. true b. false
true
The second step in a patch management strategy is testing. a. true b. false
true
The systeminfo command displays the version number, build number, and the patch level of the operating system. a. true b. false
true
To make changes to Microsoft Edge or Internet Explorer policies that correspond to an OU, you need a domain controller. a. true b. false
true
UAC keeps every user in standard mode instead of in administrator mode by default. a. true b. false
true
WEP is deprecated; it should be replaced with a more secure protocol such as WPA2. True False
true
Which of the following is an example of whole disk encryption? a.Windows Vista Ultimate b.AES c.Bluesnarfing d.BitLocker
BitLocker
Which of the following cable types can be susceptible to crosstalk? (two answers) a.Fiber-optic b.Twisted-pair c.Coaxial d.Data emanation
twisted-pair coaxial
You are installing a video monitoring system for your organization. You do not want any outside people to view the video. What is the best solution? a.CCTV b.Proximity reader c.Motion detectors d.Webcam
CCTV (closed circuit television)
Which pf the following is the greatest risk for removable storage? a. Integrity of data b. Availability of data c. Confidentiality of data d. accountability of data
Confidentiality
Which of the following is used to house FTP servers, mail servers, and web servers so that people on the Internet can access them but cannot access any other of the organization's servers? a.DMZ b.Intranet c.Subnet d.VLAN
DMZ (demilitarized zone)
Which of the following is NOT a typical symptom of a virus? a. A computer runs slower than usual. b. Excessive pop-up windows appear. c. You receive unusual error messages. d. Multiple files have been corrupted.
Excessive popup windows appear
Which type of hacker has no affiliation with an organization yet will hack systems without malicious intent? A. gray hat B. blue hat C. white hat D. black hat
Gray hats
Your boss wants you to secure your web server's transactions. Which protocol and port number should you use to accomplish this? a.POP3 - port 110 b.LDAP - port 389 c.RDP - port 3389 d.HTTPS - port 443
HTTPS - port 443
You find a rogue access point on your network. What should you do with it? (Select the best answer.) a.Remove it b.Disable the SSID. c.Use strong encryption. d.Use PNAC.
Remove it
What is baselining? a.The act of securing an operating system and updating it b.A group of updates, bug fixes, and security fixes c.The process of measuring changes in networking, hardware, and software d.A type of patch management
The process of measuring changes in networking, hardware, and software
Which of the following has the strongest level of encryption? a.WEP b.WAP c.WPA d.WPA2
WPA2 = good :)
Which of the following are examples of protocol analyzers? (two answers) a.Wireshark b.HTTP proxy c.NAT filter d.Network Monitor
Wireshark network monitor
Which of the following is an example of a personal software firewall? a.Proxy server b.ZoneAlarm c.Microsoft ISA Server d.Antivirus software
ZoneAlarm
Which of the following is described as "when a person's identity is confirmed or verified through the use of a specific system"? Select one: a.Identification b.Authorization c.Authentication d.Access control
authentication
Which of the following is placed in an application by programmers either knowingly or inadvertently to bypass normal authentication? a.Input validation b.Sandbox c.Backdoor d.Virus
backdoor
Which of the following methods of malware delivery is used in computer programs to bypass normal authentication? a.Privilege escalation b.Active interception c.Backdoor d.Rootkit
backdoor
Which of the following refers to the unauthorized access of information from a wireless device through a Bluetooth connection? a.Bluejacking b.Bluesnarfing c.RFID d.NFC
bluesnarfing
How can Internet Explorer be centrally managed for several computers? a.On the Advanced tab of the Internet Properties dialog box b.By way of a Group Policy c.By creating an organizational unit d.In the Registry
by way of a group policy
Which of the following might include syntax errors in the code and type-checking errors? a.Runtime error b.Buffer overflow c.Memory leak d.Compile-time error
compile-time error
Your boss wants you to make changes to 20 computers' Internet Explorer programs. To do this quickly, what is the best solution? a.Use a proxy server. b.Create an organizational unit. c.Create a script. d.Create and use a template.
create and use a template
Which command lists the hotfixes installed to Windows? a.systeminfo b.gpedit.msc c.cmd.exe d.sc config
systeminfo
Which of the following is the phase of the SDLC where a system is checked thoroughly for bugs? a.Implementation b.Deployment c.Testing d.Maintenance
testing
Which of the following would fall into the category of something the user is? a.Password b.Smart card c.Signature d.Thumbprint
thumbprint
A DMZ is a special area of the network accessed by clients on the Internet. True False
true
A RAT is an example of a Trojan horse. A. true B. false
true
A false positive is when a system authenticates a user who should not be allowed to access that system. True False
true
A firewall can use NAT and packet filters. True False
true
A master computer controls a botnet. A. true B. false
true
A proxy server acts as a go-between for the clients on the network and the Internet. True False
true
A service pack is a group of updates, bug fixes, updated drivers, and security fixes. a. true b. false
true
A stateless packet filter is vulnerable to IP spoofing attacks. True False
true
Access control lists enable or deny traffic and can be configured to help secure a router. True False
true
An IP proxy can be the victim of denial-of-service attacks. True False
true
An older type of door access system might use a proximity sensor. True False
true
Authentication is when a person's identity is confirmed through the use of a specific system. True False
true
Back orifice is an example of a backdoor. A. true B. false
true
Black-box testing uses testers with no advanced knowledge of the system. a. true b. false
true
By checking CVEs, you can keep informed of the latest attacks to web servers. True False
true
Circuit-level gateways work at the session layer of the OSI model. True False
true
Cisco created a proprietary version of EAP called LEAP. True False
true
Crosstalk is when a signal transmitted on one copper wire creates an unwanted effect on another wire; the signal "bleeds" over, so to speak. True False
true
Data emanation occurs most commonly on coaxial cable. True False
true
Default accounts often have weak passwords. True False
true
Encryption, authentication, and anti-malware are all ways to protect against malicious threats. A. True B. False
true
Fiber-optic cable is not susceptible to data emanations. True False
true
Flashing is a term that describes the updating of the BIOS. a. true b. false
true
Full device encryption is one wat of protecting a mobile device's data is the device is stolen. a. true b. false
true
Hardening is the act of configuring an OS securely, updating it, and removing unnecessary applications. a. true b. false
true
Honeynets are one or more computers or servers used to counteract attempts at unauthorized access to a network. True False
true
Identity proofing is an initial validation of an identity. True False
true
Which of the following should you implement to keep a well-maintained computer? (multiple answers) a.Update the firewall. b.Update the BIOS and/or UEFI. c.Use a surge protector. d.Remove the unnecessary firewall.
update the firewall update the BIOS and/or UEFI use a surge protector remove the unnecessary firewall
What should you configure to improve wireless security? a.Enable the SSID. b.IP spoofing. c.Remove repeaters. d.Use MAC filtering.
use MAC filtering
Which of the following can help secure the BIOS of a computer? (two answers) a.Use a case lock. b.Use a BIOS supervisor password. c.Configure a user password. d.Disable USB ports.
use a case lock use a BIOS supervisor password
Which of the following should you include as general browser security practices? (two answers) a.Use the latest browser. b.Use a proxy server. c.Train your users. d.Use multiple web browsers.
use a proxy server train your users
Which of the following can help prevent spam? (two answers) a.Use a spam filter. b.Run a Trojan scan. c.Close open mail relays. d.Consider technologies that discourage spyware.
use a spam filter close open mail relays
Which of the following is not an example of good FTP server security? Select one: a.Disable the anonymous FTP account. b.Use port 20. c.Change passwords regularly. d.Scan PHP files.
use port 20
Which of the following ways can help secure a modem? (Select the two best answers.) Select one or more: a.Use the callback feature. b.Mount the modem to the floor. c.Use telnet. d.Use strong passwords.
use the callback feature use strong passwords
Which of the following is NOT a common safeguard for Microsoft Excel? a.Using a digital certificate b.Using password protection c.Setting macro security levels d.Using encryption
using a digital certificate
A person searches for wireless networks from his car. This is an example of which of the following? a.Wardriving b.DDoS c.Replay attack d.Bluejacking
wardriving
Which of the following is the best option to use to prevent spyware? a.Personal software firewall b.Whitelists c.Blacklists d.Windows Defender
windows defender
he act of splitting the wires of a twisted-pair cable connection would be an example of which of the following? a.Wardriving b.Data emanation c.Wiretapping d.Spectral analyzing
wiretapping