CISS 320 Final
Which of the following is described as a 64-bit block cipher composed of a 16-round Feistel network and key-dependent S-box functions?
Blowfish
Which layer does wireless communication rely heavily upon?
MAC sublayer of the Data Link layer
Encrypted files can be transmitted in both electronic form and as written messages.
True
In wireless networks, infrared signals are used most often for data communications.
True
RF signals can pass through walls and other objects while IR cannot.
True
The signature of a normal FTP connection includes a three-way handshake.
True
The standardization of cryptographic protocols discourages attackers from trying to break them.
True
With discretionary access control, network users can share information with other users, making it more risky than MAC.
True
Which element of an ICMP header would indicate that the packet is an ICMP echo request message.
Type
Which of the following is a current standard for PKI that specifies a strict hierarchical system for CAs issuing certificates?
X.509
Which type of scan has the FIN, PSH, and URG flags set?
Xmas scan
What can an attacker use a port scanner to test for on a target computer?
open sockets
Which type of function is used in cryptography?
permutation
Which of the following is true about cryptographic primitives?
primitives are usually not the source of security failures
Which of the following is NOT an advantage of IPv6 versus IPv4?
supports static configuration
Under which attack category does a UNIX Sendmail exploitation fall?
suspicious data payload
Which of the following is true about infrared transmissions?
the intensity of the light pulse indicates the on or off status of each bit
Which of the following is true about asymmetric cryptography?
the public key is used to encrypt a message sent to the private key owner
What is the most likely weak link when using asymmetric encryption for verifying message integrity and nonrepudiation?
the source of the public keys
Which of the following is true about encryption algorithms?
their strength is tied to their key length
Which of the following is true about extended IP ACLs?
they should be applied to an interface close to the traffic source
Why might you want to allow extra time for setting up the database in an anomaly-based system?
to allow a baseline of data to be compiled
A hactivist can best be described as which of the following?
use DoS attacks on Web sites with which they disagree
Which of the following is true about MAC addresses in a wireless network?
you can change a WNICs MAC address with software
Which of the following is a valid IPv6 address?
1080::8:800:200C:417A
Which of the following addresses is a Class B IP address?
189.77.101.6
If you are subnetting a class B network, what subnet mask will yield 64 subnets?
255.255.252.0
Which of the following pairs represents a medium frequency band and its common use?
300 KHz-3MHz, AM radio
Which wireless networking standard uses the 2.4 GHz band and has a maximum bandwidth of 54 MBps?
802.11g
Which feature of a router provides traffic flow and enhances network security?
ACLs
Which RF transmission method uses an expanded redundant chipping code to transmit each bit?
DSSS
Which approach to stateful protocol analysis involves detection of the protocol in use, followed by activation of analyzers that can identify applications not using standard ports?
Dynamic Application layer protocol analysis
Which EAP protocol requires digital certificates to validate supplicants?
EAP-TLS
Which wireless transmission method uses a hopping code?
FHSS
Which digital signal modulation method is a binary modulation technique in which the carrier signal's frequency is changed to represent a 1 or 0 bit?
FSK
What is the packet called where a Web browser sends a request to the Web server for Web page data?
HTTP GET
Which component of IPsec enables computers to exchange keys to make an SA?
IKE
What is contained in ARP tables?
IP address, MAC address
Which of the following is an accurate set of characteristics you would find in an attack signature?
IP address, TCP flags, port numbers
Which of the following makes a single pass on data and generates a 128-bit hash value displayed as a 32-character hexadecimal number and is used in VPNs?
Message Digest 5
Which binary signaling technique uses a scheme in which zero voltage represents a 0 bit and the voltage for a 1 bit does not drop back to zero before the end of the bit period?
NRZ
What feature in ICMPv6 replaces ARP in IPv4?
Neighbor Discovery
In which OSI model layer will you find the OSPF protocol?
Network
Which type of control frame does a station send to let the AP know is can transmit buffered frames?
PS-Poll
Which of the following is an open standard used for authentication on Cisco routers?
RADIUS
Which TCP flag can be the default response to a probe on a closed port?
RST
Which of the following is the first packet sent in the TCP three-way handshake?
SYN
Which of the following is NOT a field in a control frame?
Sequence control
Which of the following was developed as a way of enabling Web servers and browsers to exchange encrypted information and uses a hashed message authentication code to increase security?
TLS
Which field in the IP header is an 8-bit value that identifies the maximum amount of time the packet can remain in the network before it is dropped?
TTL
At which layer of the OSI model does IPsec work?
Three
What is a program that appears to do something useful but is actually malware?
Trojan
A RTS frame is the first step of the two-way handshake before sending a data frame.
True
A hash value is a variable-length string of symbols and numbers representing the original input's contents.
True
A packet monkey is an unskilled programmer who spreads viruses and other malicious scripts to exploit computer weaknesses.
True
A worm creates files that copy themselves repeatedly and consume disk space.
True
An IDPS consists of a single device that you install between your firewall and the Internet.
True
Cisco routers support both numbered and named ACLs, starting with IOS version 11.2.
True
Which of the following is true about standard IP ACLs?
a 0.0.0.0 inverse mask means all bits are significant
Which of the following is the first step in the digital signature process where Mike sends a message to Sophie?
a message digest of Mike's message is calculated using a hashing algorithm
Which of the following best describes a CRL?
a published listing of invalid certificates
Which of the following is defined as the maximum departure of a wave from the undisturbed state?
amplitude
What function does a RADIUS server provide to a wireless network?
authentication
Which security layer verifies the identity of a user, service, or computer?
authentication
Which of the following is NOT a primary detection methodology?
baseline detection
Which of the following tasks does an AP typically perform?
bridges between the wired and wireless network
In which form of authentication does the authenticating device generate a random code and send it to the user who wants to be authenticated?
challenge/response
What can an IDPS check to try to determine whether a packet has been tampered with or damaged in transit?
checksum
Which of the following is NOT information that a packet filter uses to determine whether to block a packet?
checksum
Which of the following is an IDPS security best practice?
communication between IDPS components should be encrypted
Which of the following is a command you would find in an antispoofing ACL for network 172.31.0.0/16?
deny ip 172.31.0.0 0.0.255.255 any log
Which of the following is a type of cryptanalysis that applies primarily to block ciphers but can also be used against stream ciphers and hashing functions and works by examining how differences in input affect the output?
differential
What uses mathematical calculations to compare routes based on some measurement of distance?
distance-vector routing protocols
What does a measurement of +3 dB equal in power measured in mW?
double the power
Which of the following is an advantage of a signature-based detection system?
each signature is assigned a number and name
Which of the following best describes a one-way function?
easy to compute but difficult and time consuming to reverse
Which of the following types of password prevents a user from accessing privileged exec mode on a Cisco router?
enable
What is the term used when an IDPS doesn't recognize that an attack is underway?
false negative
Which of the following is true about the steps in setting up and using an IDPS?
false positives do not compromise network security
Which of the following is true about RF transmissions?
frequency has an inverse relationship with wavelength
Which of the following is defined as the positive difference in amplitude between two signals?
gain
Which of the following is commonly used for verifying message integrity?
hashing function
Which type of IDPS can have the problem of getting disparate systems to work in a coordinated fashion?
hybrid
Which of the following is true about IEEE 802.11i?
it uses a symmetric block cipher for encryption
Which of the following is performed by the MAC sublayer?
joining the wireless network
Which of the following is a type of script that automates repetitive tasks in an application such as a word processor but can also be programmed to be a virus?
macro
Which type of attack works by an attacker operating between two computers in a network and impersonating one computer to intercept communications?
man-in-the-middle
With which access control method do system administrators establish what information users can share?
mandatory access control
What is used to convert an analog RF signal into digital format?
modulator
What does a sliding window do in a TCP packet?
provides flow control
What is the name of a storage area where viruses are placed by antivirus software so they cannot replicate or do harm to other files?
quarantine
Which of the following causes of signal loss is defined as differences in density between air masses over distance?
refraction
What is a downside to using Triple DES?
requires more processing time
Which of the following makes routing tables more efficient?
route summarization
Which of the following is NOT a critical goal of information security?
scalability
What is a VPN typically used for?
secure remote access
What is the TCP portion of a packet called?
segment
In which type of wireless attack does the attacker cause valid users to lose their connections by sending a forged deauthentication frame to their stations?
session hijacking
Why might you want your security system to provide nonrepudiation?
so a user can't deny sending or receiving a communication
Which of the following is the description of a land attack?
source and destination IP address/port are the same
