Final for PSCS 3111
False
A virtual private network (VPN) is a permanent circuit between two endpoints.
False
Access control strategies allow you to define an access control method that allows you to define controls to support your security policy.
False
Fingerprinting refers to a physical characteristic (biometric), such as a fingerprint, handprint, or retina characteristic.
True
IEEE 802.11 describes a standard for wireless LAN (WLAN) communication protocols.
True
Monitoring configuration settings is a detective control in the LAN-to-WAN Domain.
Intrusion detection system (IDS)/intrusion prevention system (IPS)
Most firewall rules are based on static attributes. They are not effective at protecting a network from all types of attacks, such as a distributed denial of service (DDoS) attack from a trusted server that was compromised. What can be used to help firewalls do a better job?
False
Multiprotocol Label Switching (MPLS) is a local area network protocol.
Service level agreement
Regarding a wide area network (WAN) lease, the SLA states a level of guaranteed uptime. What does SLA stand for?
A user or principle object that requests to access a file, folder, or other resource.
Regarding system access controls, what is meant by the term "subject"?
The process of providing user credentials or claiming to be a specific user
Regarding system access, what is meant by identification?
True
Secure virtual private networks (VPNs) are VPNs in which all traffic is encrypted.
Connection Media
The cables or devices that are used to connect computers and devices to form a network are collectively called ___________.
True
The firewall blocks connections from Internet users to your local area network but allows the Web server to connect.
True
The most common authentication credential is the password.
True
The primary purpose of a safe media storage plan is to protect backup copies.
False
The process of granting rights and permissions to access objects to a subject is called two-factor authentication.
True
The term cloud computing means Internet-based computing.
System connection encryption
There are three main strategies for encrypting data to send to remote users. One strategy does not require any application intervention or changes at all; the connection with the remote user handles the encryption. This is:
access control lists
There are two main approaches for authorizing users to access objects. One method uses _____________, which are lists of access permissions that define what each user or security group can do to each object.
Router
This network device gives you the ability to aggressively control how users and applications use your local area networks.
Use global user accounts whenever possible.
What is a best practice for compliance in the Remote Access Domain?
TCP/IP reference model
What is a generic description for how computers use multiple layers of protocol rules to communicate across a network, and defines four different layers of communication rules?
Software that intercepts and copies traffic passing over a digital network
What is a packet sniffer?
Access permissions based on roles, or groups, that allows object owners and administrators to grant access rights at their discretion
What is meant by discretionary access control (DAC)?
Software that provides connection and communication services for users and devices
What is meant by networking services software?
A network device or software that can analyze current WAN performance and then modify how new traffic is sent across the WAN
What is meant by wide area network (WAN) optimizer?
Procedure
What provides detailed step-by-step instructions for fulfilling a security policy?
The provider's most recent Service Organization Control (SOC) report
What should you ask for from your wide area network (WAN) service provider to determine if its security controls are adequate and if the provider has the ability to protect customer data?
Performing a background check
When researching a prospective employee, for which of the following must you seek prior permission from the subject?
The process of determining the operating system and version of a network node
Which of the following best describes footprinting?
Traffic analysis
Which of the following is primarily a detective control in the Remote Access Domain?
principle of least privilege
Defining access controls where each user has the permission to carry out assigned tasks and nothing else is called the ____________.
Activities to control access to network resources and limit access exclusively to authorized users
FCAPS is a network management functional model. FCAPS is an acronym that represents the focal tasks necessary to effectively manage a network. Security management is:
Policy
I. Weak passwords II. Inappropriate use of the Internet III. Inappropriate use of e-mail IV. Divulging confidential information The above items typically constitute employee security _________________ violations.
Vulnerability identification
In a penetration test, after the testers have all of the available information on operating systems and running software and services, the next step is to explore known vulnerabilities in the target's environment. This is:
A resource to which the user has permission to access
In an access control system in which a user is being identified, authenticated, and authorized, what is the object?
Scanning and enumeration
In one step of a penetration test, detailed information is collected about each node. Testers identify open and active ports, and can query open ports to determine which services are running on a selected node. This is:
Any resource attached to a local computer, the same computer to which the user has logged on
In the LAN Domain, what is meant by local resource?
True
Service Organization Control (SOC) report 2 considers the security, availability, integrity, and confidentiality of the service organization's system and data.
Unclassified, Confidential, Secret, and Top Secret
What are data classifications used by the U.S. government?
Penetration Testing
Which of the following is primarily a detective control in the WAN Domain?
Router
Within the LAN-to-WAN Domain, what connects two or more separate networks?
False
You can implement wide area network (WAN) traffic-monitoring and analysis software and devices in the Workstation Domain of an IT infrastructure or rely on your WAN service provider to supply traffic-flow data.
WAN
You have the least amount of control over who accesses data in the ______ Domain.
Install an uninterruptible power supply (UPS).
Of the following, what is the best method of maximizing availability in the Workstation Domain?
Enforce discretionary access control (DAC).
Of the following, what is the best method of maximizing confidentiality in the Workstation Domain?
Simple Network Management Protocol (SNMP)
You want to configure devices to send an alert to the network manager when remote users connect to your network. Which protocol is the best choice for monitoring network devices?
Top Secret
A U.S. Department of Defense document contains information on a virus developed by a bioterrorism group that easily spreads between humans and can result in widespread deaths. Which mandatory access control (MAC) classification level is most likely assigned to this document?
True
A Web content filter examines Web-based traffic and can block Web content that does not adhere to an organization's Internet or Web acceptable use policy (AUP).
False
A best practice for compliance in the WAN Domain is to establish a single wide area network (WAN) connection to avoid conflicts with multiple connections.
True
A distributed application is an environment in which the components that make up an application reside on different computers
True
A fiber optic cable has a glass core surrounded by several layers of protective materials.
In, User, Service
RADIUS is a network protocol that supports remote connections by centralizing the management tasks. What do I, U, and S stand for?
Need to Know
Regarding user security clearances, in addition to possessing a clearance level that matches or exceeds the classification label of an object, a subject must have the ___________ for the object as well.
False
Shielded twisted pair (STP) cabling is immune to radio and electrical interference and transfers data at extremely high speeds.
True
The FCAPS security management component includes activities to control access to network resources and limit access exclusively to authorized users.
The process of providing additional credentials that match the user ID or user name
Which of the following best describes authentication in the Remote Access Domain?
The adapters and wires, or wireless media, that connect components together in the LAN Domain
Which of the following best describes connection media?
A subject that has a need to access an object to complete a task
Which of the following best describes need to know?
An IT domain that covers the equipment and activities outside of the LAN and beyond the LAN-to-WAN Domain
Which of the following best describes the WAN Domain?
Proxy Server
Which of the following is NOT typically a LAN Domain component?
Internet Protocol Security (IPSec)
Which of the following is a protocol suite designed to secure Internet Protocol (IP) traffic using authentication and encryption for each packet?
Generic Routing Encapsulation (GRE
Which of the following is a tunneling protocol developed by Cisco Systems as an encapsulating protocol that can transport a variety of other protocols inside IP tunnels?
Background Check
Which of the following is the best tool for uncovering evidence of past behavior that might indicate a potential employee is a security risk?
A separate network, or portion of a network, that is connected to a wide area network (WAN) and at least one local area network (LAN), with at least one firewall between itself and the LAN
Which of the following is the definition of demilitarized zone (DMZ)?
A network hardware device or software that detects unusual network activity that might represent an intrusion, and takes action to stop the attack
Which of the following is the definition of intrusion prevention system (IPS)?
Dedicated line/leased line
Which of the following wide area network (WAN) types is the most secure and gives a subscriber exclusive access to all bandwidth?
To prevent an attacker from capturing and reading the data
Why should you verify that all data flowing through your virtual private network (VPN) is encrypted?
False
A service level agreement (SLA) signifies that a service organization has had its control objectives and control activities examined by an independent auditing firm.
Virus
A software program that attaches itself to, or copies itself into, another program for the purpose of causing the computer to follow instructions that were not intended by the original program developer is known as a:
True
A substantial difference between file servers and data storage products is that data storage products generally provide far greater control over access authorization.
Least Privilege
A systems administrator sets permissions to prevent unauthorized data access by certain users. Each user can perform his or her job but not access data that their job doesn't require. This is known as the principle of:
False
A wide area network (WAN) optimizer is the device or computer you use to physically connect to a WAN.
True
A wide area network (WAN) service provider provides WAN bandwidth and network access leases.
Multiprotocol Label Switching (MPLS) networks
Although __________ are not optimal for high bandwidth, large-volume network transfers, they work very well in most environments where you need to maintain connections between several other networks.
False
An intrusion detection system (IDS) is a server deliberately set up as insecure in an effort to trap or track attackers.
2
At which layer of the OSI reference model do most wide area network (WAN) protocols operate?
True
Availability is the assurance that information is available to authorized users in an acceptable time frame when the information is requested.
True
C-I-A is the confidentiality, integrity, and availability properties that describe a secure object.
True
Conditioned power means that any voltage surges are removed before providing power to devices.
False
Unshielded twisted pair (UTP) is not susceptible to interference.
False
Encryption is a type of detective control in the LAN-to-WAN Domain.
True
Encryption takes cleartext data and turns it into ciphertext through the use of an algorithm and a key.
reduces liability
Ensuring compliance in the Workstation Domain satisfies two main purposes: increases information security and ____________.
True
A LAN is a network that covers a small physical area, such as an office or building.
Switch
A __________ is a hardware device that forwards input it receives only to the appropriate output port.
only validates the existence of a vulnerability
A nonintrusive penetration test ____________.
True
A physical server on a LAN requires a hard disk, a network interface, and software to provide network access to files and folders on the attached disks.
True
A proxy server forwards packets for authorized requests to a remote server, using its own Internet Protocol (IP) address as the source address to hide the true source's identity.
False
A rootkit covertly collects information without the user's knowledge or permission.
True
A security control in the LAN Domain is anti-malware software.
False
Switches tend to contribute to network congestion because all nodes receive all network traffic.
True
Internet-facing components are network components in an organization's IT infrastructure that users can access via the Internet.
Network Monitoring Platform
Many networks have dedicated computers on the LAN running network management software. These dedicated servers are called:
True
Network access control (NAC) enables you to check a client computer for compliance with security policies and either grant or deny its access to the internal network.
Accounting
The following are the basic steps required to establish a remote connection EXCEPT:
Server computers and services devices
The hardware that provides one or more services to users, such as server computers, printers, and network storage devices, are known as:
True
The term "permission" refers to the definition of what object access actions are permitted for a specific user or group.
internal-to-external attacks on another organization
The two main types of attacks that may originate from within an organization are internal attacks on the organization and _______________.
corrective controls
______________ are mechanisms that repair damage caused by an undesired action and limit further damage, such as the procedure to remove viruses or using a firewall to block an attacking system.