InfoSec Ch2
Which of the following applications can eliminate the need for in- person training? A. Audio conferencing and video conferencing B. Social media C. IM chat D. Presence/availability E. All of the above
A. Audio conferencing and video conferencing
With the use of Mobile IP, which device is responsible for keeping track of mobile nodes (MNs) and forwarding packets to the MN's current network? A. Home agent (HA) B. Correspondent node (CN) C. Care of address (COA) D. Foreign agent (FA)
A. Home agent (HA)
Which organization pursues standards for Internet of Things (IoT) devices and is widely recognized as the authority for creating standards on the Internet? A. Internet Engineering Task Force (IETF) B. Internet Association C. Internet Authority D. Internet Society
A. Internet Engineering Task Force (IETF)
Which phenomenon helped drive near real-time, high-speed broadband connectivity to the endpoint device? A. Internet connectivity B. Email C. VoIP D. Social media sharing E. All of the above
A. Internet connectivity
In OpenVAS, the ________ measures how reliable a vulnerability's severity score is. A. QoD score B. CVE value C. GSM D. CVSS score
A. QoD score
The Internet is an open, public network shared by the entire planet. Anyone can connect to the Internet with a computer and a valid Internet connection and browser. A. True B. False
A. True
Unified messaging provides what functionality for users on the go? A. Voice messages that are converted to audio files and emailed to the user's inbox for playback while on the road B. One-to-many communications C. Automatic secure connections, regardless of location D. VoIP communications and messaging E. Transparent connection between cellular and wireless endpoints
A. Voice messages that are converted to audio files and emailed to the user's inbox for playback while on the road
The ________ allows you to tailor the thoroughness of a vulnerability scan and can affect whether a scan is quick or longer. A. assessment option in Nessus B. discovery option in Zenmap C. SYN scan in Zenmap D. basic network scan in Nessus
A. assessment option in Nessus
Which Nmap command would you run to execute a Ping scan on all hosts on the 172.30.0.0/24 subnet? A. nmap -T4 -A -v 172.30.0.0/24 B. nmap -Pn 172.30.0.0/24 C. Nmap doesn't Ping hosts. D. nmap -sL 172.30.0.0/24
A. nmap -T4 -A -v 172.30.0.0/24
Which of the following is not a challenge that must be overcome by IoT deployments? A. Security B. Availability C. Legal and regulatory D. E-commerce and economic development E. Privacy
B. Availability
What is a security challenge that IoT deployments must overcome? A. Congestion of mobile IP traffic B. Secure communication with other IoT devices C. Liability of an IoT device failing to send an update message D. Pricing for software licensing in the IoT device E. Privacy data use sharing agreement
B. Secure communication with other IoT devices
Which Nmap switch would attempt to guess a target host's operating system? A. Nmap doesn't detect a host's operating system. B. -sV C. -O D. -sS
C. -O
Typically, data must be _____________ to be shared or used for research purposes. A. Encrypted B. Hashed C. De-identified D. Masked out E. In cleartext
C. De-identified
Which of the following is an example of a business-to-consumer (B2C) application of the Internet of Things (IoT)? A. Video conferencing B. Infrastructure monitoring C. Health monitoring D. Traffic monitoring
C. Health monitoring
Which term best describes how a wide variety of objects, devices, sensors, and everyday items can connect and be accessed? A. Unified messaging (UM) B. Radio frequency identification (RFID) C. Internet of Things (IoT) D. Software as a Service (SaaS)
C. Internet of Things (IoT)
What is key to implementing a consistent Internet of Things (IoT) device, connectivity, and communications environment? A. Proprietary solutions B. Privacy laws C. Interoperability and standards D. Broadband capacity
C. Interoperability and standards
Which of the following is not a market driver for the Internet of Things (IoT)? A. Smaller and faster computing B. Advancements in data analytics C. Global adoption of Internet Protocol (IP) networking D. A decline in cloud computing
D. A decline in cloud computing
Which of the following enables businesses to transform themselves into an Internet of Things (IoT) service offering? A. Store-and-forward communications B. Remote sensoring C. Real-time tracking and monitoring D. Anything as a Service (AaaS) delivery model
D. Anything as a Service (AaaS) delivery model
You should enumerate recommended mitigations or next steps in this section of a formal Penetration Test Report. A. Summary of Findings section B. Scope section C. Target(s) section D. Conclusion section
D. Conclusion section
The Common Vulnerabilities and Exposures (CVE) list is maintained by the ________ and, together with the NVD, provides information about vulnerabilities and how to ________ them with software patches and updates. A. MITRE Corporation; assess B. NIST; mitigate C. NIST; assess D. MITRE Corporation; mitigate
D. MITRE Corporation; mitigate
Zenmap and Nessus can identify devices, operating systems, applications, database servers, and services on those devices. Which of the two applications can also identify known vulnerabilities or bugs on the devices being scanned? A. Neither B. Both C. Zenmap D. Nessus
D. Nessus
A Nessus scan report identifies vulnerabilities by a ________. A. CVE value B. NASL C. CVSS score D. Plugin ID
D. Plugin ID
This section of a formal Penetration Test Report defines the restrictions on the aggressiveness of a penetration test, describes the methods that a pen tester will use to reach a target, and provides a list of the planned/executed tests. A. Conclusion section B. Summary of Findings section C. Target(s) section D. Scope section
D. Scope section
From a security perspective, what should organizations expect will occur as they become more dependent on the Internet of Things (IoT)? A. Security risks will be eliminated. B. Security risks will stay the same. C. Security risks will decrease. D. Security risks will increase.
D. Security risks will increase.
A ________ is limited to the scanning and enumeration phase of the cyber kill chain, while a ________ encompasses the full kill chain. A. penetration test; vulnerability assessment B. port scan in Zenmap; basic network scan in Nessus C. basic network scan in Nessus; port scan in Zenmap D. vulnerability assessment; penetration test
D. vulnerability assessment; penetration test
Which of the following are challenges that the IoT industry must overcome? A. Security and privacy B. Interoperability and standards C. Legal and regulatory compliance D. E-commerce and economic development E. All of the above
E. All of the above
Which of the following are impacts of the IoT on our business lives? A. E-commerce B. Integrated supply chain with front-end sales order entry C. Companies now offering delivery services for products and services with real-time updates D. Customer reviews providing consumers with product and service reviews online and with more information about customer satisfaction E. All of the above
E. All of the above
Which of the following helps support remote teleworking? A. Presence/availability B. IM chat C. Video conferencing D. Collaboration E. All of the above
E. All of the above
Why do e-commerce systems need the utmost in security controls? A. It is a PCI DSS standard. B. Private customer data is entered into websites. C. Credit card data is entered into websites. D. Customer retention requires confidence in secure online purchases. E. All of the above
E. All of the above
Which of the following requires an IoT-connected automobile? A. Near real-time access to household controls and systems B. Ability to track the whereabouts of your children through location-finder GPS applications C. Real-time alerts regarding reminders to pay bills on time D. Online e-commerce and online shopping with direct delivery E. Traffic monitoring sensors that provide real-time updates for traffic conditions
E. Traffic monitoring sensors that provide real-time updates for traffic conditions
True or False? Facility automation uses Internet of Things (IoT) to integrate automation into business functions to reduce reliance on machinery.
False
True or False? Internet of Things (IoT) devices are typically physically secure.
False
True or False? Internet of Things (IoT) devices cannot share and communicate your IoT device data to other systems and applications without your authorization or knowledge.
False
True or False? A challenge created by the Internet of Things (IoT) is how to protect personal identity and private data from theft or unauthorized access.
True
True or False? Bring Your Own Device (BYOD) opens the door to considerable security issues.
True
True or False? Each 5G device has a unique Internet Protocol (IP) address and appears just like any other wired device on a network.
True
True or False? Internet of Things (IoT) upgrades can be difficult to distribute and deploy, leaving gaps in the remediation of IoT devices or endpoints.
True
True or False? Metadata of Internet of Things (IoT) devices is sometimes sold to companies seeking demographic marketing data about users and their spending habits.
True
True or False? Smart cities can monitor and report on real-time traffic conditions using Internet of Things (IoT) technology
True
True or False? Using Mobile IP, users can move between segments on a local area network (LAN) and stay connected without interruption.
True
True or False? Vehicles that have Wi-Fi access and onboard computers require software patches and upgrades from the manufacturer.
True
True or False? Vendors or service providers that have remote access to an Internet of Things (IoT) device may be able to pull information or data from your device without your permission.
True