Security + Test 2 Correct Answers

Which port does terminal services use? A. 1812 B. 389 C. 3389 D. 1813

3389

What are Snort and Bro examples of? A. Firewalls B. Proxy servers C. IDS D. SPI

IDS

Which of the following devices should you use to keep machines behind it anonymous? (Select the best answer.) A. Caching proxy B. IP proxy C. Circuit-level gateway D. Firewall

IP proxy

When conducting a risk assessment, which of the following should you do after identifying threats and threat likelihood? A. Identify the organization's assets. B. Identify vulnerabilities. C. Identify a potential impact on suppliers D. Identify the impact assessment.

Identify the impact assessment

Where would a NIDS sit on a network? A. Inline B. On the extranet C. On the DMZ D. Back to back

Inline

Which of the following uses a two-way authentication system known as mutual authentication? A. LDAP B. Kerberos C. RADIUS D. 802.1X

Kerberos

Which of the following are commonly used in VPN tunneling protocols? A. PPP B. HTTPS C. TACACS D. L2TP

L2TP

Lattice-based access control is an example of what type of access control policy? A. DAC B. RBAC C. MAC D. Rule-based access control

MAC

Which of the following is an access control policy determined by a computer system and not by a user or owner? A. DAC B. MAC C. RBAC D. Discretionary security policy

MAC

What should you configure to improve wireless security? A. Enable the SSID. B. IP spoofing. C. Remove repeaters. D. MAC filtering.

MAC Filtering

Which of the following is the most secure? A. PAP B. CHAP C. MS-CHAP D. MS-CHAP2

MS-CHAP2

Which of the following is when two or more types of authentication are used when dealing with access control? A. Single sign-on B. False positive C. Multifactor authentication D. Username and password

Multifactor authentication

Which type of firewall filter can match incoming traffic to the corresponding outbound IP address connection by way of IP address and port? A. Packet filtering B. NAT filtering C. Application-level gateway D. Circuit-level gateway

NAT Filtering

Which of the following can detect malicious packets and discard them? A. Proxy server B. NIDS C. NIPS D. PAT

NIPS

Which of the following authentication methods is used more commonly on UNIX networks? A. 802.1X B. TACACS C. RADIUS D. Kerberos

TACACS

What do hackers use malicious port scanning to accomplish? A. The "fingerprint" of the operating system B. The topology of the network C. All the computer names on the network D. All the usernames and passwords

The "fingerprint" of the operating system

Which of the following is the strongest password? A. |ocrian# B. Marqu1sD3S0d C. This1sV#ryS3cure D. Thisisverysecure

This1sV#ryS3cure

Which of the following would fall into the category of something the user is? A. Password B. Smartcard C. Signature D. Thumbprint

Thumbprint

You are contracted to conduct a forensics analysis of the computer. What should you do first? A. Back up the system. B. Analyze the files. C. Scan for viruses. D. Make changes to the operating system.

Back up the system

Which of the following is the unauthorized access of information from a wireless device through a Bluetooth connection? A. Bluejacking B. Bluesnarfing C. Bluebeard D. The blues

Bluesnarfing

You are installing a video monitoring system for your organization. You do not want any outside people to view the video. What is the best solution? A. CCTV B. IP-based video cameras C. Motion detectors D. WebCam

CCTV

What key combination helps to secure the logon process? A. Windows+R B. Ctrl+Shift+Esc C. Ctrl+Alt+Del D. Alt+F4

Ctrl+Alt+Del

Which of the following cable types can be susceptible to crosstalk? A. Fiber-optic B. Twisted-pair C. STP D. Data emanation

Twisted-pair

Which of the following keeps every user in a standard user mode instead of as an administrator, even if the user is a member of the administrators group? A. Password policy B. Administrator policy C. Vista access control D. User account control

User account control

Which of the following has the strongest level of encryption? A. WEP B. WAP C. WPA D. WPA2

WPA2

A person searches for wireless networks from their car. What is this an example of? A. Wardriving B. DDoS C. Replay attack D. Bluejacking

Wardriving

Which of the following is a protocol analyzer? A. Nessus B. Cain and Abel C. Wireshark D. John the Ripper

Wireshark

The act of splitting the wires of a twisted-pair cable connection would be an example of which of the following? A. Wardriving B. Data emanation C. Wiretapping D. Spectral analyzing

Wiretapping

Which of the following should be your primary line of defense? A. Proxy server B. NIPS C. Firewall D. Protocol analyzer

Firewall

James has detected an intrusion in his company. What should he check first? A. DNS logs B. Firewall logs C. Event Viewer D. Performance logs

Firewall Logs

Which of the following is the amount of times per year that a specific incident occurs? A. SLE B. ARO C. ALE D. MAC

ARO

Which of the following is described as "when a person's identity is confirmed or verified through the use of a specific system"? A. Identification B. Authorization C. Authentication D. Access control

Authentication

A client computer uses the IP address 10.254.254.189. It has made a connection to a web server by opening the outbound port 1589. The server uses the IP address 65.19.28.154. You want to filter out any HTTP packets coming from the server. Which IP address and port should you specify to be filtered on the firewall? A. 10.254.254.189:1589 B. 10.254.254.189:80 C. 65.19.28.154: 1589 D. 65.19.28.154:80

65.19.28.164:80

Which of the following should be modified because it is weak by default? A. Default account B. NAT firewall C. Wireless encryption D. PNAC

Default account

Which of the following is when a prearranged list of likely words is attempted one at a time? A. Brute force attack B. Dictionary attack C. Cryptanalysis attack D. Guessing

Dictionary attack

Which of the following is a vulnerability assessment tool? A. John the Ripper B. AirSnort C. Nessus D. Cain & Abel

Nessus

Which of the following are examples of protocol analyzers? A. Port filter B. HTTP proxy C. NAT filter D. Network Monitor

Network Monitor

Which of the following should be included in a password to make it complex? A. Configure the BIOS to use complex passwords B. Numbers C. Special acronyms D. Function keys

Numbers

In a discretionary access control model, who is in charge of setting permissions to a resource? A. Owner of the resource B. Administrator C. Any user of the computer D. Administrator and the owner

Owner of the resource

"Maximum and minimum password age" is part of which of the following? A. Organizational unit B. Group policy editor C. Password policy D. Registry

Password policy

Which of the following is not a good strategy for securing a WAP? A. NAT filtering B. Turn off the SSID C. Place it in a Faraday cage D. Use PNAC

Place it in a Faraday cage

Which of the following uses the equation SLE X ARO = ALE? A. Qualitative risk assessment B. Passive security analysis C. Quantitative risk assessment D. Active security analysis

Quantitative risk assessment

Which of the following access control policies is based on sets of permissions involved in an operation? A. DAC B. RBAC C. MAC D. Rule-based access control

RBAC

You find a rogue access point on your network. What should you do with it? (Select the best answer.) A. Remove it. B. Disable the SSID. C. Use strong encryption. D. Use PNAC.

Remove It

Of the following, what is the best way to protect the computer? A. Verify that the user account is disabled. B. Rename and password protect the administrator account. C. Delete the administrator account. D. Remove password policies.

Rename and password protect the administrator account

Which of the following can be defined as the loss of value in dollars based on a single incident? A. SLE B. ARO C. ALE D. MAC

SLE

Which of the following commands enables you to synchronize a client's time to a domain controller? A. net time B. netstat -an C. net stop D. sc config

net time