Network Security Chp 1-5 Quiz
Ed wants to make sure that his system is designed in a manner that allows tracing actions to an individual. Which phase of access control is Ed concerned about?
Accountability
During which phase of the access control process does the system answer the question,"What can the requestor access?"
Authorization
Which part of the C-I-A triad refers to making sure information is obtainable when needed?
Availability
Which security model does NOT protect the integrity of information?
Bell-LaPadula
Jody would like to find a solution that allows real-time document sharing and editing between teams. Which technology would best suit her needs? Video conferencing Audio conferencing Voice over IP (VoIP) Collaboration
Collaboration
From the LabFiles Properties dialog box, which of the following options is necessary to enable you to specify permissions for each sub-folder?
Disable Inheritance
Gary would like to choose an access control model in which the owner of a resource decides who may modify permissions on that resource. Which model fits that scenario?
Discretionary access control (DAC)
Which one of the following is NOT an area of critical infrastructure where the Internet of Things (IoT) is likely to spur economic development in less developed countries? Water supply management Wastewater treatment Agriculture E-commerce
E-commerce
Which one of the following is an example of a disclosure threat?
Espionage
Barry discovers that an attacker is running an access point in a building adjacent to his company. The access point is broadcasting the security set identifier (SSID) of an open network owned by the coffee shop in his lobby. Which type of attack is likely taking place?
Evil twin
Which type of attack involves the creation of some deception in order to trick unsuspecting users?
Fabrication
A bricks-and-mortar strategy includes marketing and selling goods and services on the Internet. True False
False
A rootkit uses a directed broadcast to create a flood of network traffic for the victim computer.
False
An attacker uses exploit software when wardialing.
False
Connectivity is one of the five critical challenges that the Internet of Things (IoT) has to overcome. False True
False
IoT devices cannot share and communicate your IoT device data to other systems and applications without your authorization or knowledge. True False
False
Regarding the Internet of Things (IoT), a business involved in utilities, critical infrastructure, or environmental services can benefit from traffic-monitoring applications. True False
False
Store-and-forward communications should be used when you need to talk to someone immediately. True False
False
The anti-malware utility is one of the most popular backdoor tools in use today.
False
The auto industry has not yet implemented the Internet of Things (IoT). True False
False
The main difference between a virus and a worm is that a virus does not need a host program to infect.
False
The number of failed logon attempts that trigger an account action is called an audit logon event.
False
You should use easy-to-remember personal information to create secure passwords.
False
Which one of the following is NOT a market driver for the Internet of Things (IoT)? Smaller and faster computing Growth of cloud computing Advancements in data analytics Global adoption of non-IP networking
Global adoption of non-IP networking
You have been asked by your supervisor to create a training plan for the employees to update them about the changes in organizational security policies. What is your role in the organization? Security administrator Network administrator HR person
HR person
Which Internet of Things (IoT) challenge involves the difficulty of developing and implementing protocols that allow devices to communicate in a standard fashion? Interoperability Privacy Compliance Security
Interoperability
What is a single sign-on (SSO) approach that relies upon the use of key distribution centers (KDCs) and ticket-granting servers (TGSs)?
Kerberos
On a Windows network share, if the user can browse a file but cannot copy or modify it, what type of access controls and permissions are probably configured?
List folder contents
Which type of denial of service attack exploits the existence of software flaws to disrupt a service?
Logic attack
Which of the following is NOT a benefit of cloud computing to organizations?
Lower dependence on outside vendors
Which of the following is an example of a hardware security control?
MAC filtering
On a Windows network share, if the user can add, edit, and delete files and folders within the LabFiles folder, what type of access controls and permissions are probably configured?
Modify
During the vulnerability assessment, any known vulnerabilities or bugs will be flagged and identified by:
Nessus
The __________ report summary includes both a bar chart and a pie chart showing the distribution of vulnerability findings for each host.
Nessus
Which of the following interfaces enables you to scan several IP addresses at once or type in an IP address to create a simple scan of any machine?
Nessus
Which of the following performs remote scans and audits of Unix, Windows, and network infrastructures and can perform a network discovery of devices, operating systems, applications, databases, and services running on those devices?
Nessus
Which of the following allows analysts to view and analyze network packet traces?
NetWitness Investigator
Which of the following work together to complete the scanning and vulnerability assessment phase of the ethical hacking process?
Nmap (Zenmap) and Nessus
Which one of the following is NOT an advantage of biometric systems?
Physical characteristics may change.
The __________ confirms that the machine is available, but can't identify ports, operating systems, or services.
Ping scan
Which of the following allows Wireshark to capture packets destined to any host on the same subnet or virtual LAN (VLAN)?
Promiscuous mode
Which tool can capture the packets transmitted between systems over a network?
Protocol analyzer
Identify the type of access control in which the administrator decides who gets access to systems and resources.
RBAC. In RBAC, roles are assigned and managed by the system administrator.
On a Windows network share, if the user can view the folder's contents as well as execute scripts, what type of access controls and permissions are probably configured?
Read and execute
Which group is the most likely target of a social engineering attack?
Receptionists and administrative assistants
During which phase of a hacker's five-step approach does the hacker scan a network to identify IP hosts, open ports, and services enabled on servers and workstations?
Reconnaissance
Which of the following does NOT offer authentication, authorization, and accounting (AAA) services?
Redundant Array of Independent Disks (RAID)
The __________ is a form of TCP scanning that is less intrusive on the target host.
SYN scan
What is an XML-based open standard for exchanging authentication and authorization information and is commonly used for web applications?
Security Assertion Markup Language (SAML)
Which scenario presents a unique challenge for developers of mobile applications? Using checkboxes Applying encryption to network communications Selecting multiple items from a list Obtaining Internet Protocol (IP) addresses
Selecting multiple items from a list
In which type of attack does the attacker attempt to take over an existing connection between two systems?
Session hijacking
Which one of the following is an example of two-factor authentication?
Smart card and personal identification number (PIN). Authentication using smart cards and PINs is two-factor authentication because it combines ownership (something you own) and knowledge (something you know).
Kaira's company recently switched to a new calendaring system provided by a vendor. Kaira and other users connect to the system, hosted at the vendor's site, using a web browser. Which service delivery model is Kaira's company using? Software as a Service (SaaS) Communications as a Service (CaaS) Platform as a Service (PaaS) Infrastructure as a Service (IaaS)
Software as a Service (SaaS)
Users throughout Alison's organization have been receiving unwanted commercial messages over the organization's instant messaging program. What type of attack is taking place?
Spim (unwanted IM chats)
Which one of the following principles is NOT a component of the Biba integrity model?
Subjects cannot change objects that have a lower integrity level.
Which one of the following is an advantage that the Internet of Things (IoT) brings to economic development for countries? Broadband capacity Technical and industry development Network security devices Confidentiality of personal information
Technical and industry development
Which one of the following is NOT an example of store-and-forward messaging? Email Telephone call Voicemail Unified messaging
Telephone call
Which of the following tools is used to modify permissions on the TargetWindowsDC01 server to allow new users to use the remote desktop services?
The Group Policy Object Editor
Who is responsible for hosting the CVE database listing web site, under contract with the Department of Homeland Security and the U.S. National Cyber Security Division?
The Mitre Corporation
Which of the following does PuTTY use to securely access a remote computer?
The Secure Shell (SSH) protocol
E-commerce systems and applications demand strict confidentiality, integrity, and availability (CIA) security controls. False True
True
Each 4G device has a unique Internet Protocol (IP) address and appears just like any other wired device on a network. True False
True
Failing to prevent an attack all but invites an attack.
True
Fingerprints, palm prints, and retina scans are types of biometrics.
True
In e-business, secure web applications are one of the critical security controls that each organization must implement to reduce risk. False True
True
IoT technology has a significant impact on developing economies, given that it can transform countries into e-commerce-ready nations. False True
True
Log files are records that detail who logged on to a system, when they logged on, and what information or resources they used.
True
Metadata of Internet of Things (IoT) devices can be sold to companies seeking demographic marketing data about users and their spending habits. True False
True
Some vending machines are equipped with a cellular phone network antenna for secure credit card transaction processing. True False
True
Spyware gathers information about a user through an Internet connection, without his or her knowledge.
True
Using a secure logon and authentication process is one of the six steps used to prevent malware.
True
Yuri is a skilled computer security expert who attempts to break into the systems belonging to his clients. He has permission from the clients to perform this testing as part of a paid contract. What type of person is Yuri
White-hat hacker
Which of the following is the mechanism on a Windows server where you can administer granular policies and permissions on a Windows network using role-based access?
Windows Group Policy
Which of the following is a protocol analyzer tool (sometimes called a "packet sniffer") that is used to capture IP traffic from a variety of sources?
Wireshark
Which of the following is a graphical interface for Nmap that is typically used during the scanning phase of the ethical hacking process?
Zenmap
Which of the following is used to perform a scan of the network and create a network topology chart?
Zenmap
The PuTTY security alert gives you an opportunity to:
abandon a connection to an unknown, or unsafe, machine.
Zenmap's Topology tab displays a __________ that shows the relative size and connection type of all discovered IP hosts.
bubble chart
Within the virtual environment, a Remote Desktop Connection and PuTTY are the two ways to:
connect to the Linux terminal.
Based on your interpretation of the Zenmap Intense Scan, the purpose/results of the ARP Ping Scan was to:
discover how many hosts are alive.
Based on your interpretation of the Zenmap Intense Scan, the purpose/results of the Traceroute was to:
discover the IP path to the remote system.
Most Linux interactions take place:
from the command line.
Based on your interpretation of the Zenmap Intense Scan, the purpose/results of the TCP Port Scan was to:
identify open TCP ports.
Once connected, PuTTY displays a terminal shell:
in which Linux commands can be executed.
By default, Windows will:
inherit the permissions of the parent folder so that all subfolders will have the same permissions as the parent.
Conducting a vulnerability scan on entire subnets:
is time consuming and noisy (making them easily detected).
Windows Group Policy can be used __________ to control access to many local computer and network resources such as drives, Internet access, kiosk mode, etc.
on either a local or domain level
The raw data from the Nmap Output tab is grouped into a more readable form:
on the Ports/Hosts and Host Details tab for each host in the scan.
To be effective, hackers and cybercriminals:
only need to know one vulnerability, or how to use one automated tool that attacks that vulnerability.?
A successful __________ assessment of a network is all about using the right tools to map the network and identify any vulnerabilities that can be the opening for a future attack.
scanning and vulnerability
The ___________ is the central part of a computing environment's hardware, software, and firmware that enforces access control.
security kernel
If it is impractical to place guest users in a secure network, isolated from the production network by firewall barriers, then:
specific areas of access should be determined and they should be as restrictive as possible.
The availability of commands in the Cisco IOS (Internetwork Operating System) is based on:
the privilege level of the user.
You can limit the breadth and scope of a vulnerability scan by:
using a text file, which lists only the hosts you want to scan.
Ethical hackers must obtain __________ prior to performing a scanning and vulnerability assessment on a live production network.
written authorization from the client
Maria's company recently experienced a major system outage due to the failure of a critical component. During that time period, the company did not register any sales through its online site. Which type of loss did the company experience as a result of lost sales?
Opportunity cost
Which type of authentication includes smart cards?
Ownership
One of the first industries to adopt and widely use mobile applications was the healthcare industry. False True
True
Which of the following is a port scanning tool that can quickly identify hosts and detect what operating system and services are running on them?
Zenmap
Which type of attack against a web application uses a newly discovered vulnerability that is not patchable?
Zero-day attack
The CVE listing is a database of:
known software vulnerabilities and exposures as well as how to mitigate them with software patches and updates.
Based on your interpretation of the Zenmap Intense Scan, the purpose/results of the Service Scan was to:
look for fingerprints of known services by testing responses to certain types of packets.
You have learned about gap analysis and related activities. Which of the following is true of gap analysis? - Gap analysis activities are always formal investigations or surveys. - The difference between established security controls and controls needed to address all vulnerabilities is called the security gap. - The fact that a gap exists means there are adequate security controls.
- The difference between established security controls and controls needed to address all vulnerabilities is called the security gap.
Unified messaging allows you to download both voice and email messages to a smartphone or tablet. True False
True
Denial of service (DoS) attacks are larger in scope than distributed denial of service (DDoS) attacks.
False
Which control is not designed to combat malware?
Firewalls
Within Zenmap, which command is used to begin the OS fingerprinting scan and determine which operating systems are running on the network hosts?
The -O command
A man-in-the-middle attack takes advantage of the multihop process used by many types of networks.
True
Bob is using a port scanner to identify open ports on a server in his environment. He is scanning a web server that uses Hypertext Transfer Protocol (HTTP). Which port should Bob expect to be open to support this service?
80
Alan is evaluating different biometric systems and is concerned that users might not want to subject themselves to retinal scans due to privacy concerns. Which characteristic of a biometric system is he considering?
Acceptability
By creating users, assigning those users to groups, and then applying groups to resources in the domain, the administrator sets up both authentication using the Active Directory Domain authentication policies, and builds a series of nested __________ to control the access to domain resources.
Access Control Lists
A phishing attack "poisons" a domain name on a domain name server.
False
Bricks-and-mortar stores are completely obsolete now. False True
False
Which compliance obligation includes security requirements that apply specifically to federal government agencies in the United States? Federal Information Security Management Act (FISMA) Health Insurance Portability and Accountability Act (HIPAA) Gramm-Leach-Bliley Act (GLBA) Family Educational Rights and Privacy Act (FERPA)
Federal Information Security Management Act (FISMA)
Which of the following is used to transfer files using the File Transfer Protocol (FTP) to and from the vWorkstation?
Filezilla
Which of the following is NOT one of the four fundamental principles outlined by the Internet Society that will drive the success of Internet of Things (IoT) innovation? Share Connect Speak Secure
Secure
Application service providers (ASPs) are software companies that build applications hosted in the cloud and on the Internet. False True
True
Bring Your Own Device (BYOD) opens the door to considerable security issues. True False
True
Cars that have Wi-Fi access and onboard computers require software patches and upgrades from the manufacturer. True False
True
Common methods used to identify a user to a system include username, smart card, and biometrics.
True
Microsoft Windows Active Directory provides capabilities in all three of the C-I-A areas, and the domain administrator will be called upon to implement:
the roles of Confidentiality and Integrity most frequently.
Which of the following is the database that provides a centrally controlled and managed access and security management system for an organization's Windows computer systems?
Active Directory
Brian notices an attack taking place on his network. When he digs deeper, he realizes that the attacker has a physical presence on the local network and is forging Media Access Control (MAC) addresses. Which type of attack is most likely taking place?
Address Resolution Protocol (ARP) poisoning
Which password attack is typically used specifically against password files that contain cryptographic hashes?
Birthday attacks
Ron is the IT director at a medium-sized company and is constantly bombarded by requests from users who want to select customized mobile devices. He decides to allow users to purchase their own devices. Which type of policy should Ron implement to include the requirements and security controls for this arrangement? Privacy Acceptable use Bring Your Own Device (BYOD) Data classification
Bring Your Own Device (BYOD
Which type of password attack attempts all possible combinations of a password in an attempt to guess the correct value?
Brute-force attack
Members of the __________ group called Remote Desktop Users are allowed to use the remote desktop services to connect to remote machines.
Builtin (built-in)
Which of the following statements is true regarding the rules for password selection?
Change your passwords frequently.
Which part of the C-I-A triad refers to preventing the disclosure of secure information to unauthorized individuals or systems?
Confidentiality
In Mobile IP, what term describes a device that would like to communicate with a mobile node (MN)? Correspondent node (CN) Foreign agent (FA) Home agent (HA) Care of address (COA)
Correspondent node (CN)
Which characteristic of a biometric system measures the system's accuracy using a balance of different error types?
Crossover error rate (CER)
A dictionary password attack is a type of attack in which one person, program, or computer disguises itself as another person, program, or computer to gain access to some resource.
False
Terminal Access Controller Access Control System Plus (TACACS+) is an authentication server that uses client and user configuration files.
False
Wardialers are becoming more frequently used given the rise of Voice over IP (VoIP).
False
Passphrases are less secure than passwords.
False A passphrase is longer and generally harder to guess, so it's considered more secure than a password.
Voice pattern biometrics are accurate for authentication because voices can't easily be replicated by computer software.
False Voice pattern is NOT accurate for authentication because voices can be too easily replicated by computer software
Spam is some act intended to deceive or trick the receiver, normally in email messages.
False (Spam - unwanted emails)
Vishing is a type of wireless network attack.
False (phishing attack by telephone)
Temporal isolation is commonly used in combination with rule-based access control.
False, Temporal isolation restricts access to specific times and is commonly used in combination with role-based access control, not rule-based access control.
DIAMETER is a research and development project funded by the European Commission.
False. A popular centralized access control protocol that succeeded RADIUS and provides access control for stable and static workforces.
An RBAC policy bases access control approvals on passwords that users provide.
False. An RBAC policy bases access control approvals on the jobs the user is assigned.
The four central components of access control are users, resources, actions, and features.
False. The four central components of access control are users, resources, actions, and relationships, not features.
User-based permission levels limit a person to executing certain functions and often enforces mutual exclusivity.
False. The permissions granted to a user are often specific to that user. In this case, the rules are set according to a user ID or other unique identifier.
Which one of the following governs the use of Internet of Things (IoT) by healthcare providers, such as physicians and hospitals? Federal Information Security Management Act (FISMA) Health Insurance Portability and Accountability Act (HIPAA) Federal Financial Institutions Examination Council (FFIEC) Payment Card Industry Data Security Standard (PCI DSS)
Health Insurance Portability and Accountability Act (HIPAA)
Which one of the following is an example of a business-to-consumer (B2C) application of the Internet of Things (IoT)? Virtual workplace Health monitoring Infrastructure monitoring Supply chain management
Health monitoring
Which part of the C-I-A triad refers to maintaining and assuring the accuracy of data over its life-cycle?
Integrity
Which organization pursues standards for Internet of Things (IoT) devices and is widely recognized as the authority for creating standards on the Internet? Internet Authority Internet Engineering Task Force Internet Society Internet Association
Internet Engineering Task Force
Tony is working with a law enforcement agency to place a wiretap pursuant to a legitimate court order. The wiretap will monitor communications without making any modifications. What type of wiretap is Tony placing?
Passive wiretap
Which one of the following is an example of a logical access control?
Password
Gwen's company is planning to accept credit cards over the Internet. Which one of the following governs this type of activity and includes provisions that Gwen should implement before accepting credit card transactions? Family Educational Rights and Privacy Act (FERPA) Communications Assistance for Law Enforcement Act (CALEA) Payment Card Industry Data Security Standard (PCI DSS) Health Insurance Portability and Accountability Act (HIPAA)
Payment Card Industry Data Security Standard (PCI DSS)
The __________ can identify the services using the TCP protocol, but not the versions of these applications
SYN scan
Tomahawk Industries develops weapons control systems for the military. The company designed a system that requires two different officers to enter their access codes before allowing the system to engage. Which principle of security is this following?
Separation of duties
Within Zenmap, which command is used to discover the versions of the software on open TCP ports?
The -sV command
Which of the following is a key function in the Cisco IOS (Internetwork Operating System)?
The show command
Which of the following statements is true regarding guest users who require a higher degree of access?
These guest users can be issued local, self-signed certificates that expire on a specific date and limit the guest's access.
Which term describes an action that can damage or compromise an asset?
Threat
What type of malicious software masquerades as legitimate software to entice the user to run it?
Trojan horse
A Chinese wall security policy defines a barrier and develops a set of rules that makes sure no subject gets to objects on the other side.
True
A DoS attack is a coordinated attempt to deny service by occupying a computer to perform large amounts of unnecessary tasks.
True
A birthday attack is a type of cryptographic attack that is used to make brute-force attack of one-way hashes easier.
True
A degausser creates a magnetic field that erases data from magnetic storage media.
True
A dictionary attack works by hashing all the words in a dictionary and then comparing the hashed value with the system password file to discover a match.
True
A phishing email is a fake or bogus email intended to trick the recipient into clicking on an embedded URL link or opening an email attachment.
True
A smart card is a token shaped like a credit card that contains one or more microprocessor chips that accept, store, and send information through a reader.
True
A trusted operating system (TOS) provides features that satisfy specific government requirements for security.
True
An alteration threat violates information integrity.
True
An example of a threat to access control is in a peer-to-peer (P2P) arrangement in which users share their My Documents folder with each other by accident.
True
Content-dependent access control requires the access control mechanism to look at the data to decide who should get to see it.
True
Devices that combine the capabilities of mobile phones and personal digital assistants (PDAs) are commonly called smartphones. False True
True
Rootkits are malicious software programs designed to be hidden from normal methods of detection.
True
Single sign-on (SSO) can provide for stronger passwords because with only one password to remember, users are generally willing to use stronger passwords.
True
Using Mobile IP, users can move between segments on a local area network (LAN) and stay connected without interruption. False True
True
When servers need operating system upgrades or patches, administrators take them offline intentionally so they can perform the necessary work without risking malicious attacks.
True
Which of the following combines something you know (e.g. password) with something you are (e.g. fingerprint) or something you possess (e.g. USB stick) and can also employ a certificate system that adds a distinct third layer to the authentication process?
Two-factor authentication
Florian recently purchased a set of domain names that are similar to those of legitimate websites and used the newly purchased sites to host malware. Which type of attack is Florian using?
Typosquatting
An attacker attempting to break into a facility pulls the fire alarm to distract the security guard manning an entry point. Which type of social engineering attack is the attacker using?
Urgency
Which one of the following is NOT a commonly accepted best practice for password security?
Use at least six alphanumeric characters. Best practice is at least 8 alphanumeric characters
Active Directory:
makes the process of accessing machines that are not on the domain much easier.
