MIDTERM

Which of the following are examples of virtualization? (three answers) a.Hyper-V b.VirtualBox c.VMware Workstation d.Microsoft Visio

Hyper-V VirtualBox VWware Workstation

Which of the following devices should you use to keep machines behind it anonymous? (Select the best answer.) a.Caching proxy b.IP proxy c.Circuit-level gateway d.UTM

IP proxy

Of the following, which can be a security benefit when using virtualization? a.Patching a computer patches all virtual machines running on the computer. b.If one virtual machine is compromised, none of the other virtual machines can be compromised. c.If a virtual machine is compromised, the adverse effects can be compartmentalized. d.Virtual machines cannot be affected by hacking techniques.

If a virtual machine is compromised, the adverse effects can be compartmentalized.

For information security, what is the "I" in "CIA"? a.Insurrection b.Information c.Identification d.Integrity

Integrity

Which of the following should be used to filter out activities such as instant messaging? a.IP proxy b.Application-level gateway c.Internet content filter d.Honeypot

Internet content filter

Which of the following is the most secure form of authentication? a.PAP b.CHAP c.MS-CHAP d.MS-CHAP v2

MS-CHAP v2

Which type of firewall filter can match incoming traffic to the corresponding outbound IP address connection by way of IP address and port? a.Packet filtering b.NAT filtering c.Application-level gateway d.Circuit-level gateway

NAT filtering

Snort and Bro are examples of which of the following? Select one: a.Firewalls b.Proxy servers c.NIDS d.SPI

NIDS

Which of the following can detect malicious packets and discard them? a.Proxy server b.NIDS c.NIPS d.PAT

NIPS (network intrusion prevention system)

Which of the following is the best file system to use in Windows? a.FAT32 b.FAT c.NTFS d.FAT16

NTFS

Which of the following is an inline device that checks all packets? a. Host-based intrusion detection system b. Statistical anomaly c. Network intrusion detection system d. Personal software firewall

Network Intrusion Detection System

In which of the following Windows locations would you turn off file sharing? a.Firewall properties b.Network and Sharing Center c.System and Security d.Local Area Connection

Network and Sharing Center

Tom sends out many emails containing secure information to other companies. What concept should be implemented to prove that Tom did indeed send the emails? A. authenticity B. nonrepudiation C. confidentiality D. integrity

Nonrepudation

Which of the following are commonly used in VPN tunneling protocols? (two answers) a.PPP b.PPTP c.TACACS+ d.L2TP

PPTP L2TP

Which of the following cloud computing services would be in use if an organization were using Gmail? a.SaaS b.IaaS c.PaaS d.Private cloud

SaaS (software as a service)

Which of the following refers to a cloud computing service where a large service provider integrates its security services into a customer's existing infrastructure? a.PaaS b.SECaaS c.IaaS d.SaaS

Security as a service (SECaaS)

Which of the following remote authentication methods was developed by Cisco? Select one: a.802.1X b.TACACS+ c.RADIUS d.Kerberos

TACACS+ (Terminal Access Controller Access Control System Plus)

What is the best option to use to isolate an operating system? a.Host-based intrusion detection system b.Network-based intrusion detection system c.Antivirus software d.Virtualization software

Virtualization software

Which of the following should be modified because it is weak by default? a.Default account b.NAT firewall c.Wireless encryption d.PNAC

default account

Which of the following should be done to maintain and harden a hard disk? (two answers) a.Defragment the drive. b.Consider a whole disk encryption. c.Install third-party applications. d.Sanitize the drive.

defragment the drive consider a whole disk encryption

Which of the following is not an example of good cloud security? a.Strong data access policies b.Powerful authentication methods c.Eight-character passwords d.Encryption

eight-character passwords

A MAC flood is when a person accesses a single port of a switch that was not physically secured. True False

false

A NIDS can inspect traffic and possibly remove, detain, or redirect malicious traffic. True False

false

A honeypot is a device that caches information for hackers. True False

false

A smart card is an example of something a user knows. True False

false

A system can be easily secure A. True B. False

false

Active interception is the act of exploiting a bug or design flaw in software. a. true b. false

false

ActiveX controls can run on any browser platform. True False

false

Alt+F8 is the key combination that closes pop-up windows. a. true b. false

false

An IP proxy serves client requests by caching HTTP information. True False

false

An example of a Windows firewall is iptables. a. true b. false

false

An intranet enables multiple companies to access a secure area of a company's network. True False

false

Authorization is when a person is in a state of being identified. True False

false

Biometrics is an example of a logical authentication system. True False

false

Botnets do not affect mobile devices. a. true b. false

false

In an 802.1X connection, the authenticator is software running on a workstation. True False

false

Microsoft's disk defragmenter can be used to revert to a previous restore point. a. true b. false

false

Multifactor authentication is when a user can log in once and gain access to multiple systems. True False

false

NAT filtering accepts or rejects packets based on rules. True False

false

One example of PaaS is a Gmail email account. True False

false

One way of protecting Microsoft Outlook is to use a passwords for opening or modifying documents. a. true b. false

false

One way to defend against a double-tagging attack is to put unplugged ports on the switch into an unused VLAN. True False

false

One way to protect a WAN is to place all the computers behind a router. True False

false

One way to secure the administration interface of a WAP is to turn it off when not in use. True False

false

Opening mail relays can decrease the amount of spam that an organization receives on its e-mail server. A. true B. false

false

Port 443 is used by Ms-sql-s. True False

false

Port 53 is used by the DoS protocol. True False

false

Privilege escalation is used in computer programs to bypass normal authentication. True False

false

RFI is a disturbance that can affect electrical circuits, devices, and cables due to electromagnetic conduction or radiation. True False

false

SDLC is an acronym for Security Development Life Cycle. a. true b.false

false

Six characters or more constitutes a strong password. True False

false

Social engineering includes viruses, worms, and Trojan horses. A. true B. false

false

Syslog uses port 161. true false

false

The convert command converts an NTFS drive to FAT32. a. true b. false

false

The net stop command disables services in Windows. a. true b. false

false

The network 10.0.0.0 is a Class B private IP network. True False

false

To accept fewer cookies, you would add them to the Restricted Sites zone. True False

false

To open the Local Group Policy Editor console window, a user should type MMC at the Run prompt. a. true b. false

false

To turn off services, you would access the Programs and Features section of the Control Panel. a. true b. false

false

Viruses self-replicate, whereas worms do not. a. true b. false

false

WPA2 has a typical key size of 128 bits. True False

false

Bluejacking is the unauthorized access of information from a wireless device through a Bluetooth connection. a. true b. false

false (sending of information)

Which of the following occurs when an IDS identifies legitimate activity as something malicious? a.False negative b.False positive c.Monitoring positive d.Statistical anomaly

false POSITIVE

If a server has inbound port 21 open, what service is it running? Select one: a.File Transfer Protocol b.Simple Mail Transfer Protocol c.Hypertext Transfer Protocol d.Kerberos

file transfer protocol (port 21)

Which of the following should be your primary line of defense in network security? a.Proxy server b.NIPS c.Firewall d.Protocol analyzer

firewall

James has detected a network intrusion in his company. What should he check first? Select one: a.DNS logs b.Firewall logs c.Event Viewer d.Performance logs

firewall logs

Where would a NIDS sit on a network? (Select the best answer.) a.Inline b.On the extranet c.On the DMZ d.Back to back

inline

Which of the following would protect against an attacker entering malicious code into a web form? a.White-box testing b.Fuzzing c.Black-box testing d.Input validation

input validation

Which of the following is an example of spyware? a.Internet Optimizer b.CryptoLocker c.Nimda d.Evil Maid Attack

internet optimizer

Which of the following can run on any platform? a.ActiveX controls b.Java applets c.Internet Explorer d.Sandbox

java applets

Which of the following uses a two-way authentication system known as mutual authentication? Select one: a.LDAP b.Kerberos c.RADIUS d.802.1X

kerberos

Which of the following is when two or more types of authentication are used when dealing with access control? a.Single sign-on b.False positive c.Multifactor authentication d.Username and password

multifactor authentication

Which of the following commands can be used to turn off a service? a.net stop b.net start c.sc config d.chkconfig off

net stop

Which of the following commands enables you to synchronize a client's time to a domain controller? a.net time b.netstat -an c.net stop d.sc config

net time

Of the following, what are three ways to increase the security of Microsoft Outlook? (three answers) a.Password protect .PST files. b.Increase the junk e-mail security level. c.Set macro security levels. d.Install the latest Office update or service pack.

password protect .PST files increase the junk email security install the latest Office update or service pack

Which of the following is NOT a good strategy for securing a WAP? Select one: a.Use NAT filtering. b.Disable the SSID. c.Place it in a Faraday cage. d.Use PNAC.

place it in a faraday cage

Which type of virus can change every time it is executed a.Macro b.Polymorphic c.Armored d.Boot sector

polymorphic

Which of the following port numbers is used by the Character Generator (CHARGEN)? Select one: a.21 b.7 c.19 d.53

port 19

Which port does Remote Desktop Protocol use? a.1812 b.389 c.3389 d.1813

port 3389

To use the Lightweight Directory Access Protocol (LDAP) in a secure fashion, what port should be used? Select one: a.443 b.3389 c.636 d.389

port 636

What is the most common port used when connecting an Internet Explorer browser to a proxy server for use with HTTP connections? a.53 b.80 c.443 d.21

port 80

Which of the following is the act of exploiting a bug or design flaw in an operating system or application to gain access to resources that normally would be protected from an application or user? a.Backdoor b.Privilege escalation c.Weak password d.DDoS

privilege escalation

Which of the following is not a denial-of-service attack? Select one: a.Smurf attack b.Teardrop attack c.Replay attack d.Fork bomb

replay attack

Which command disables a service in the command line? a.net stop b.net start c.net disable d.sc config

sc config

What are two ways of discouraging bluesnarfing? (two answers) a.Select a pairing key that is not easy to guess. b.Turn off the device. c.Use infrared. d.Set the device to undiscoverable.

select a pairing key that is not easy to guess set the device to undiscoverable

Which of the following can best be described as the exploitation of a computer session in an attempt to gain unauthorized access to data? a.DoS b.Session hijacking c.Null session d.Domain name kiting

session hijacking

Which of the following are ways to help defend against distributed denial-of-service attacks? (three answers) a.Update firewalls. b.Carefully select applications. c.Use intrusion prevention systems. d.Use a "clean pipe."

update firewalls use intrusion prevention systems use a "clean pipe"

A client computer uses the IP address 10.254.254.189. It has made a connection to a web server by opening the outbound port 1589. The server uses the IP address 65.19.28.154. You want to filter out any HTTP packets coming from the server. Which IP address and port should you specify to be filtered on the firewall? a.10.254.254.189:1589 b.10.254.254.189:80 c.65.19.28.154:1589 d.65.19.28.154:80

65.19.28.154:80

In information security, the three core principles are known as confidentiality, integrity, and availability. A. True B. False

true

In the case of theft, the two best ways to protect against the loss of confidential or sensitive information are encryption and a remote wipe program. a. true b. false

true

Individuals who hack into systems at an organization's request, but are not employed by the organization are known as blue hats. A. true B. false

true

Input validation is a process that ensures the correct usage of data. True False

true

Locally shared objects (LSOs), also called Flash cookies, collect information about users' browsing habits. a. true b. false

true

Malware is software designed to infiltrate a computer system without the user's consent. a. true b. false

true

NAT filtering matches incoming traffic to corresponding outbound IP connections by matching the IP address and port. True False

true

NAT is sometimes also known as IP masquerading. True False

true

Network access control (NAC) sets rules by which network connections are governed. True False

true

Timothy complains about a lot of pop-up windows when he uses Internet Explorer. Which key combination should you tell him to use to close the pop-up windows? a.Ctrl+Alt+Del b.Alt+F4 c.Ctrl+Shift+Esc d.Windows key

Alt+F4

Which of the following does the "A" in "CIA" stand for when relating to IT security? Accountability Availability Assessment Auditing

Availability

Personal firewalls are applications that protect an individual computer from unwanted internet traffic. a. true b. false

true

Port 88 is used by Kerberos. a. true b. false

true

RADIUS uses port 1812. True False

true

RCE is when an attacker takes control of a server from a remote location using shell code. a. true b. false

true

Ransomware holds a user's files for ransom by encrypting them. A. true B. false

true

Storage DLP systems are typically installed in data centers or server rooms as software that inspects data at rest. a. true b. false

true

Subnetting increases security by compartmentalizing a network. True False

true

The concept of least functionality is when an organization configures computers and other information systems to provide only the essential functions. a. true b. false

true

The second step in a patch management strategy is testing. a. true b. false

true

The systeminfo command displays the version number, build number, and the patch level of the operating system. a. true b. false

true

To make changes to Microsoft Edge or Internet Explorer policies that correspond to an OU, you need a domain controller. a. true b. false

true

UAC keeps every user in standard mode instead of in administrator mode by default. a. true b. false

true

WEP is deprecated; it should be replaced with a more secure protocol such as WPA2. True False

true

Which of the following is an example of whole disk encryption? a.Windows Vista Ultimate b.AES c.Bluesnarfing d.BitLocker

BitLocker

Which of the following cable types can be susceptible to crosstalk? (two answers) a.Fiber-optic b.Twisted-pair c.Coaxial d.Data emanation

twisted-pair coaxial

You are installing a video monitoring system for your organization. You do not want any outside people to view the video. What is the best solution? a.CCTV b.Proximity reader c.Motion detectors d.Webcam

CCTV (closed circuit television)

Which pf the following is the greatest risk for removable storage? a. Integrity of data b. Availability of data c. Confidentiality of data d. accountability of data

Confidentiality

Which of the following is used to house FTP servers, mail servers, and web servers so that people on the Internet can access them but cannot access any other of the organization's servers? a.DMZ b.Intranet c.Subnet d.VLAN

DMZ (demilitarized zone)

Which of the following is NOT a typical symptom of a virus? a. A computer runs slower than usual. b. Excessive pop-up windows appear. c. You receive unusual error messages. d. Multiple files have been corrupted.

Excessive popup windows appear

Which type of hacker has no affiliation with an organization yet will hack systems without malicious intent? A. gray hat B. blue hat C. white hat D. black hat

Gray hats

Your boss wants you to secure your web server's transactions. Which protocol and port number should you use to accomplish this? a.POP3 - port 110 b.LDAP - port 389 c.RDP - port 3389 d.HTTPS - port 443

HTTPS - port 443

You find a rogue access point on your network. What should you do with it? (Select the best answer.) a.Remove it b.Disable the SSID. c.Use strong encryption. d.Use PNAC.

Remove it

What is baselining? a.The act of securing an operating system and updating it b.A group of updates, bug fixes, and security fixes c.The process of measuring changes in networking, hardware, and software d.A type of patch management

The process of measuring changes in networking, hardware, and software

Which of the following has the strongest level of encryption? a.WEP b.WAP c.WPA d.WPA2

WPA2 = good :)

Which of the following are examples of protocol analyzers? (two answers) a.Wireshark b.HTTP proxy c.NAT filter d.Network Monitor

Wireshark network monitor

Which of the following is an example of a personal software firewall? a.Proxy server b.ZoneAlarm c.Microsoft ISA Server d.Antivirus software

ZoneAlarm

Which of the following is described as "when a person's identity is confirmed or verified through the use of a specific system"? Select one: a.Identification b.Authorization c.Authentication d.Access control

authentication

Which of the following is placed in an application by programmers either knowingly or inadvertently to bypass normal authentication? a.Input validation b.Sandbox c.Backdoor d.Virus

backdoor

Which of the following methods of malware delivery is used in computer programs to bypass normal authentication? a.Privilege escalation b.Active interception c.Backdoor d.Rootkit

backdoor

Which of the following refers to the unauthorized access of information from a wireless device through a Bluetooth connection? a.Bluejacking b.Bluesnarfing c.RFID d.NFC

bluesnarfing

How can Internet Explorer be centrally managed for several computers? a.On the Advanced tab of the Internet Properties dialog box b.By way of a Group Policy c.By creating an organizational unit d.In the Registry

by way of a group policy

Which of the following might include syntax errors in the code and type-checking errors? a.Runtime error b.Buffer overflow c.Memory leak d.Compile-time error

compile-time error

Your boss wants you to make changes to 20 computers' Internet Explorer programs. To do this quickly, what is the best solution? a.Use a proxy server. b.Create an organizational unit. c.Create a script. d.Create and use a template.

create and use a template

Which command lists the hotfixes installed to Windows? a.systeminfo b.gpedit.msc c.cmd.exe d.sc config

systeminfo

Which of the following is the phase of the SDLC where a system is checked thoroughly for bugs? a.Implementation b.Deployment c.Testing d.Maintenance

testing

Which of the following would fall into the category of something the user is? a.Password b.Smart card c.Signature d.Thumbprint

thumbprint

A DMZ is a special area of the network accessed by clients on the Internet. True False

true

A RAT is an example of a Trojan horse. A. true B. false

true

A false positive is when a system authenticates a user who should not be allowed to access that system. True False

true

A firewall can use NAT and packet filters. True False

true

A master computer controls a botnet. A. true B. false

true

A proxy server acts as a go-between for the clients on the network and the Internet. True False

true

A service pack is a group of updates, bug fixes, updated drivers, and security fixes. a. true b. false

true

A stateless packet filter is vulnerable to IP spoofing attacks. True False

true

Access control lists enable or deny traffic and can be configured to help secure a router. True False

true

An IP proxy can be the victim of denial-of-service attacks. True False

true

An older type of door access system might use a proximity sensor. True False

true

Authentication is when a person's identity is confirmed through the use of a specific system. True False

true

Back orifice is an example of a backdoor. A. true B. false

true

Black-box testing uses testers with no advanced knowledge of the system. a. true b. false

true

By checking CVEs, you can keep informed of the latest attacks to web servers. True False

true

Circuit-level gateways work at the session layer of the OSI model. True False

true

Cisco created a proprietary version of EAP called LEAP. True False

true

Crosstalk is when a signal transmitted on one copper wire creates an unwanted effect on another wire; the signal "bleeds" over, so to speak. True False

true

Data emanation occurs most commonly on coaxial cable. True False

true

Default accounts often have weak passwords. True False

true

Encryption, authentication, and anti-malware are all ways to protect against malicious threats. A. True B. False

true

Fiber-optic cable is not susceptible to data emanations. True False

true

Flashing is a term that describes the updating of the BIOS. a. true b. false

true

Full device encryption is one wat of protecting a mobile device's data is the device is stolen. a. true b. false

true

Hardening is the act of configuring an OS securely, updating it, and removing unnecessary applications. a. true b. false

true

Honeynets are one or more computers or servers used to counteract attempts at unauthorized access to a network. True False

true

Identity proofing is an initial validation of an identity. True False

true

Which of the following should you implement to keep a well-maintained computer? (multiple answers) a.Update the firewall. b.Update the BIOS and/or UEFI. c.Use a surge protector. d.Remove the unnecessary firewall.

update the firewall update the BIOS and/or UEFI use a surge protector remove the unnecessary firewall

What should you configure to improve wireless security? a.Enable the SSID. b.IP spoofing. c.Remove repeaters. d.Use MAC filtering.

use MAC filtering

Which of the following can help secure the BIOS of a computer? (two answers) a.Use a case lock. b.Use a BIOS supervisor password. c.Configure a user password. d.Disable USB ports.

use a case lock use a BIOS supervisor password

Which of the following should you include as general browser security practices? (two answers) a.Use the latest browser. b.Use a proxy server. c.Train your users. d.Use multiple web browsers.

use a proxy server train your users

Which of the following can help prevent spam? (two answers) a.Use a spam filter. b.Run a Trojan scan. c.Close open mail relays. d.Consider technologies that discourage spyware.

use a spam filter close open mail relays

Which of the following is not an example of good FTP server security? Select one: a.Disable the anonymous FTP account. b.Use port 20. c.Change passwords regularly. d.Scan PHP files.

use port 20

Which of the following ways can help secure a modem? (Select the two best answers.) Select one or more: a.Use the callback feature. b.Mount the modem to the floor. c.Use telnet. d.Use strong passwords.

use the callback feature use strong passwords

Which of the following is NOT a common safeguard for Microsoft Excel? a.Using a digital certificate b.Using password protection c.Setting macro security levels d.Using encryption

using a digital certificate

A person searches for wireless networks from his car. This is an example of which of the following? a.Wardriving b.DDoS c.Replay attack d.Bluejacking

wardriving

Which of the following is the best option to use to prevent spyware? a.Personal software firewall b.Whitelists c.Blacklists d.Windows Defender

windows defender

he act of splitting the wires of a twisted-pair cable connection would be an example of which of the following? a.Wardriving b.Data emanation c.Wiretapping d.Spectral analyzing

wiretapping