Security + Test 2 Correct Answers
Which port does terminal services use? A. 1812 B. 389 C. 3389 D. 1813
3389
What are Snort and Bro examples of? A. Firewalls B. Proxy servers C. IDS D. SPI
IDS
Which of the following devices should you use to keep machines behind it anonymous? (Select the best answer.) A. Caching proxy B. IP proxy C. Circuit-level gateway D. Firewall
IP proxy
When conducting a risk assessment, which of the following should you do after identifying threats and threat likelihood? A. Identify the organization's assets. B. Identify vulnerabilities. C. Identify a potential impact on suppliers D. Identify the impact assessment.
Identify the impact assessment
Where would a NIDS sit on a network? A. Inline B. On the extranet C. On the DMZ D. Back to back
Inline
Which of the following uses a two-way authentication system known as mutual authentication? A. LDAP B. Kerberos C. RADIUS D. 802.1X
Kerberos
Which of the following are commonly used in VPN tunneling protocols? A. PPP B. HTTPS C. TACACS D. L2TP
L2TP
Lattice-based access control is an example of what type of access control policy? A. DAC B. RBAC C. MAC D. Rule-based access control
MAC
Which of the following is an access control policy determined by a computer system and not by a user or owner? A. DAC B. MAC C. RBAC D. Discretionary security policy
MAC
What should you configure to improve wireless security? A. Enable the SSID. B. IP spoofing. C. Remove repeaters. D. MAC filtering.
MAC Filtering
Which of the following is the most secure? A. PAP B. CHAP C. MS-CHAP D. MS-CHAP2
MS-CHAP2
Which of the following is when two or more types of authentication are used when dealing with access control? A. Single sign-on B. False positive C. Multifactor authentication D. Username and password
Multifactor authentication
Which type of firewall filter can match incoming traffic to the corresponding outbound IP address connection by way of IP address and port? A. Packet filtering B. NAT filtering C. Application-level gateway D. Circuit-level gateway
NAT Filtering
Which of the following can detect malicious packets and discard them? A. Proxy server B. NIDS C. NIPS D. PAT
NIPS
Which of the following authentication methods is used more commonly on UNIX networks? A. 802.1X B. TACACS C. RADIUS D. Kerberos
TACACS
What do hackers use malicious port scanning to accomplish? A. The "fingerprint" of the operating system B. The topology of the network C. All the computer names on the network D. All the usernames and passwords
The "fingerprint" of the operating system
Which of the following is the strongest password? A. |ocrian# B. Marqu1sD3S0d C. This1sV#ryS3cure D. Thisisverysecure
This1sV#ryS3cure
Which of the following would fall into the category of something the user is? A. Password B. Smartcard C. Signature D. Thumbprint
Thumbprint
You are contracted to conduct a forensics analysis of the computer. What should you do first? A. Back up the system. B. Analyze the files. C. Scan for viruses. D. Make changes to the operating system.
Back up the system
Which of the following is the unauthorized access of information from a wireless device through a Bluetooth connection? A. Bluejacking B. Bluesnarfing C. Bluebeard D. The blues
Bluesnarfing
You are installing a video monitoring system for your organization. You do not want any outside people to view the video. What is the best solution? A. CCTV B. IP-based video cameras C. Motion detectors D. WebCam
CCTV
What key combination helps to secure the logon process? A. Windows+R B. Ctrl+Shift+Esc C. Ctrl+Alt+Del D. Alt+F4
Ctrl+Alt+Del
Which of the following cable types can be susceptible to crosstalk? A. Fiber-optic B. Twisted-pair C. STP D. Data emanation
Twisted-pair
Which of the following keeps every user in a standard user mode instead of as an administrator, even if the user is a member of the administrators group? A. Password policy B. Administrator policy C. Vista access control D. User account control
User account control
Which of the following has the strongest level of encryption? A. WEP B. WAP C. WPA D. WPA2
WPA2
A person searches for wireless networks from their car. What is this an example of? A. Wardriving B. DDoS C. Replay attack D. Bluejacking
Wardriving
Which of the following is a protocol analyzer? A. Nessus B. Cain and Abel C. Wireshark D. John the Ripper
Wireshark
The act of splitting the wires of a twisted-pair cable connection would be an example of which of the following? A. Wardriving B. Data emanation C. Wiretapping D. Spectral analyzing
Wiretapping
Which of the following should be your primary line of defense? A. Proxy server B. NIPS C. Firewall D. Protocol analyzer
Firewall
James has detected an intrusion in his company. What should he check first? A. DNS logs B. Firewall logs C. Event Viewer D. Performance logs
Firewall Logs
Which of the following is the amount of times per year that a specific incident occurs? A. SLE B. ARO C. ALE D. MAC
ARO
Which of the following is described as "when a person's identity is confirmed or verified through the use of a specific system"? A. Identification B. Authorization C. Authentication D. Access control
Authentication
A client computer uses the IP address 10.254.254.189. It has made a connection to a web server by opening the outbound port 1589. The server uses the IP address 65.19.28.154. You want to filter out any HTTP packets coming from the server. Which IP address and port should you specify to be filtered on the firewall? A. 10.254.254.189:1589 B. 10.254.254.189:80 C. 65.19.28.154: 1589 D. 65.19.28.154:80
65.19.28.164:80
Which of the following should be modified because it is weak by default? A. Default account B. NAT firewall C. Wireless encryption D. PNAC
Default account
Which of the following is when a prearranged list of likely words is attempted one at a time? A. Brute force attack B. Dictionary attack C. Cryptanalysis attack D. Guessing
Dictionary attack
Which of the following is a vulnerability assessment tool? A. John the Ripper B. AirSnort C. Nessus D. Cain & Abel
Nessus
Which of the following are examples of protocol analyzers? A. Port filter B. HTTP proxy C. NAT filter D. Network Monitor
Network Monitor
Which of the following should be included in a password to make it complex? A. Configure the BIOS to use complex passwords B. Numbers C. Special acronyms D. Function keys
Numbers
In a discretionary access control model, who is in charge of setting permissions to a resource? A. Owner of the resource B. Administrator C. Any user of the computer D. Administrator and the owner
Owner of the resource
"Maximum and minimum password age" is part of which of the following? A. Organizational unit B. Group policy editor C. Password policy D. Registry
Password policy
Which of the following is not a good strategy for securing a WAP? A. NAT filtering B. Turn off the SSID C. Place it in a Faraday cage D. Use PNAC
Place it in a Faraday cage
Which of the following uses the equation SLE X ARO = ALE? A. Qualitative risk assessment B. Passive security analysis C. Quantitative risk assessment D. Active security analysis
Quantitative risk assessment
Which of the following access control policies is based on sets of permissions involved in an operation? A. DAC B. RBAC C. MAC D. Rule-based access control
RBAC
You find a rogue access point on your network. What should you do with it? (Select the best answer.) A. Remove it. B. Disable the SSID. C. Use strong encryption. D. Use PNAC.
Remove It
Of the following, what is the best way to protect the computer? A. Verify that the user account is disabled. B. Rename and password protect the administrator account. C. Delete the administrator account. D. Remove password policies.
Rename and password protect the administrator account
Which of the following can be defined as the loss of value in dollars based on a single incident? A. SLE B. ARO C. ALE D. MAC
SLE
Which of the following commands enables you to synchronize a client's time to a domain controller? A. net time B. netstat -an C. net stop D. sc config
net time