141 Ex 3 Quizzes

Norm recently joined a new organization. He noticed the firewall technology opens separate connections between the devices on both ends of the firewall. What type of technology is being used? A. Packet filtering B. Application proxying C. Network address translation D. Stateful inspection

Application proxying

The __ settings inform the system which items should be llogged for future review A. Audit policy B. domain controllers C. Max PW age D. account lockout policy

Audit policy

T/F Retro viruses counter the ability of antivirus programs to detect changes in infected files

False

T/F System infectors are viruses that attack doc files containing embedded macro programming capabilities

False

T/F The National Institute of Standards and Technology (NIST) is the main UN agency responsible for managing + promoting info and tech issues

False

T/F The term certificate authority (CA) refers to a trusted repository of all public keys

False

T/F The transport Layer of the OSI creates, maintains, disconnects comms that take place between the processes over the network

False

T/F You must always use the same algorithm to encrypt info and decrypt the same info

False

T/F a product cipher is an encryption algorithm that has no corresponding decryption algorithm

False

Yolanda would like to prevent attackers from using her network as a relay point for a smurf attack. What protocol should she block? A. Internet Control Message Protocol (ICMP) B. Transmission Control Protocol (TCP) C. HTTP D. User Datagram Protocol

ICMP

Bill is conducting an analysis of a new IT service. He'd like to assess it using the Open Systems Interconnection (OSI) model and would like to learn more about this framework. What organization should he turn to for the official definition of OSI? A. IS Audit and Control Association (ISACA) B. National Institute of Standards and Technology (NIST) C. Ocean Surveillance IS (OSIS) D. Intl Organization for Standardization (ISO)

ISO

When is the company under additional compliance laws + standards to ensure the confidentiality of cust data? A. If e-commerce or privacy data is entered into the web app B. During penetration testing C. If there's cross-site scripting D. During a SQL injection attack

If e-commerce or privacy data is entered into the web app

In the lab (lab 6) after opening the Windows Backup Admin (wbadmin) GUI from the server manager menu, an amber caution symbol indicated that there was: A. No backup scheduled B. A post-install task remaining to configure the Windows Server Essentials role that was just installed C. An issue w/ the PW that had been entered and that future attempt to sue it would result in you being locked out D. A problem with the install process and that it would have to be performed again in its entirety

No backup currently schedule

Which of the following should be performed on a regular schedule + whenever the we app + service is modified? A. SQL injection B. Penetration testing C. XSS D. JavaScript testing

Penetration testing

Bob is developing a web app that depends upon a DB backend. What type of attack could a malicious indiv use to send command though his web app to the DB? A. SQL injection B. XSS C. XML injection D. LDAP injection

SQL injection

Gwen is investigating an attack. An intruder managed to take over the identity of a person who was legit logged in to Gwen's company's site by manipulating HTTP headers. What type of attack likely took place? A. SQL injection B. Session hijacking C. Cross-site scripting D. XML injection

Session hijacking

Barbara is investing an attack against he network. She notices the ICMP echo replies coming into her network far exceed ICMP echo requests leaving her network. What type of attack is likely taking place? A. Teardrop B. Smurf C. Cross-site scripting (XSS) D.Land

Smurf

Breanne's system was infected by malicious code after she installed an innocent-looking solitaire game from the Internet. What type of malware did she likely encounter? A. Virus B. Worm C. Trojan horse D. Logic bomb

Trojan horse

T/F A computer virus is an executable program that attaches to, or infects, other executable programs

True

T/F A keyword mixed alphabet uses a cipher alphabet that consists of a keyword, minus duplicates, followed by the remaining letters of the alphabet

True

T/F A network attacker wants to know IP addresses used on a network, remote access procedures, and weaknesses in network systems

True

T/F A person demonstrates anonymity when posting info to a web discussion site w/o authorities knowing who they are

True

T/F A salt value is a set of random chars you can combine w an actual input key to create the encryption key

True

T/F A substitution cipher replaces bits, chars, or blocks of info w/ other bits, chars, or blocks

True

T/F A successful DoS attack may create so much network congestion that authorized users can't access network resources

True

T/F American National Standards Institute (ANSI) was formed in 1918 through the merger of 5 engineering societies and 3 gov agencies

True

T/F An algorithm is a repeatable process that produces the same result when it receives the same input

True

T/F Attacks against C and privacy, data I, and A of services are all ways malicious code can threaten businesses

True

T/F Because people inside an org generally have more detailed knowledge of the IT infrastructure than outsiders, they can place logic bombs more easily

True

T/F Digital signatures require asymmetric key cryptography

True

T/F TCP/IP is a suite of protocols that operate at Network + Transport layers of the OSI model

True

T/F The Diffie-Hellman (DHE) algorithm is the basis for several common key exchange protocols, including Diffie-Hellman in Ephermeral mode (DHE) and Elliptic curve DHE (ECDHE)

True

T/F The International Telecommunication Union (ITU) was formed in 1865 as the Intl Telegraph Union to develop intl standards for the emerging telegraph communications industry

True

T/F The Intl Electrotechnical Commission (IEC) is the predominant org for developing + publishing intl standards for tech related to electrical + electronic devices + processes

True

T/F The OSI model is a theoretical model of networking w/ interchangeable layers

True

T/F The hash message authentication code (HMAC) I a hash function that uses a key to create a hash, or message digest

True

T/F Unlike viruses, worms do NOT require a host program to survive and duplicate

True

T/F a wireless access point (WAP) is the connection between a wired + wireless network

True

T/F defense in depth is the practice of layering defenses to increase overall security + provide more reaction time to respond to incidents

True

T/F standards provide guidelines to ensure that products in today's computing environments work together

True

Val would like to limit the sites her users visit to those on an approved list of pre-cleared sites. What type of approach is Val advocating? A. Whitelisting B. Context-based screening C. Packet filtering D. Blacklisting

Whitelisting

What is NOT a service commonly offered by unified threat mgt (UTM) devices? A. URL filtering B. Malware inspection C. Content inspect D. Wireless network access

Wireless network access

Val would like to isolate several systems belonging to the product development group from other systems on the network, without adding new HW. What can she use? A. Transportation Layer Security (TLS) B. Virtual LAN (VLAN) C. Firewall D. Virtual Private Network

B. VLAN

T/F The Finance industry created the ANSI X9.17 standard to define key mgt procedures

True

Which statement is true regarding an org's PW policy? A. Setting a strong PW policy is one of the first steps in implementing a comprehensive security program B. Strong PWs are likely to allow unauthorized access to a network C. A Strong PW policy by itself is enough to protect info on a network D. Continuous monitoring for login success/failure is not effective in detecting mischief on the network

Setting strong PW is 1 of the first steps

T/F A firewall is a basic network security defense tool

True

Henry is creating a firewall rule that'll allow inbound mail to the organization. What TCP port must he allow through the firewall? A. 53 B. 22 C. 25 D. 80

25

To complete the creation of a key, what do you need to enter in the pinentry dialog box? A. A certificate number B. A comment C. Your E-mail address D. A Passphrase or PW

A passphrase/PW

Which of the following clearly defines responsibilities and support structures (e.g., facilities, personnel ,equipment, SW, data files, vital records, etc.) to carry on the business after an event? A. Risk analysis B. Risk assessment C. BCP D. DRP

BCP

Which of the following determines the impact to an organization in the event that key processes and technology are not available? A. Risk Analysis B. Risk Assessment C. BCP D. BIA

BIA

How can you verify that the integrity of encrypted files is maintained during transmission to another user's computer? A. Import the file into Kleopatra + select the Integrity Check option B.. Right-click the file + select Integrity Check from the context menu C. Right-click the file + select Verify from the context menu D. Compare the decrypted file's contents w/ the contents of the original file

Compare the decrypted and original contents

Alison discovers a system under her control has been infected with malware, which is using a keylogger to report user keystrokes to a 3p. What infosec property is this malware attacking? A. Accounting B. Confidentiality C. Availability D. Integrity

Confidentiality

T/F ANSI produces standards that affect nearly all aspects of IT

True

T/F ISO/IEC 27002 provides the orgs w/ best-practice recommendations on infosec mgt

True

T/F In a chosen-ciphertext attack, cryptanalysts submit data coded w/ the same cipher and key they're trying to break to the decryption device to see either the plaintext output or the effect the decrypted message has on some system

True

T/F Integrity-checking tools use cryptographic method to make sure nothing and no one has modified the software

True

T/F Its common for rootkits to modify parts of the OS to conceal traces of their presence

True

T/F Message authentication confirms the identity of the person who started a correspondence

True

T/F Network Access Control (NAC) works on wired and wireless networks

True

Bob has a high-vol VPN. HE would like to use a device that would best handle the required processing power. What type of device should he use? A. VPN concentrator B. Unified threat mgt (UTM) C. Firewall D. Router

VPN concentrator

What wireless security tech contains significant flaws and should never be used? A. Remote Authentication Dial-In User Service (RADIUS) B. Wi-FI Protected Access (WPA) C. WPA2 D. Wired Equivalent Privacy (WEP)

WEP

What tool might be used by an attacker during the reconnaissance phase of an attack to glean info about domain registrations? A. Domain Name System B. Simple Network Mgt Protocol (SNMP) C. Whois D. Ping

Whois

In the lab, you installed the __ feature on a remote Domain Controller (Lab 6) A. Windows Server Backup B. Disaster Event Backup C. Active Directory D. BIA

Windows Server Backup

What is the correct command syntax to force GPO settings? A./force GPO B. gpupdate /now C. gpupdate /force D. policyupdate /force

gpupdate /force

No production web application, whether it resides inside/outside of firewall, should be implemented without: A. SQL injection + security hardening B. Penetration testing + security hardening C. Cross-site scripting + security hardening D. JavaScript testing + security hardening'

penetration testing + security hardening

Which file is used to config the DNS? A. resolve.conf B. hosts.conf C. domain.conf D. name.conf

resolve.conf

What protocol is responsible for assigning IP addresses to hosts on most networks? A. Simple Mail Transfer Protocol (SMTP) B. Dynamic Host Config Protocol (DHCP) C. Virtual LAN (VLAN) D. Transport Layer Security (TLS)

DHCP

To ensure you have coverage on the most recent malware + malicious SW, it's recommended you update your anti-virus signature files __ prior to performing a system scan A. quarterly B. Monthly C. weekly D. Daily

Daily

Which of the following is a tool left intentionally vulnerable to aid security professionals in learning about web security? A. Internet Explorer B. Damn Vulnerable Web Application C. Mozilla Firefox D. JavaScript

Damn vulnerable web app

David would like to connect a fibre channel storage device to systems over a standard data network. What protocol can he use? A. Secure Shell (SSH) B. Fibre Channel over Etherenet (FCoE) C. Internet Small Computer System INterdace (iSCSI) D. Fibre Channel (FC)

FCoE

T/F A digital signature is a combo of a strong hash of a message and a secret key

False

T/F A packet-filtering firewall remembers info about the status of a network communication

False

T/F A physical courier delivering an asymmetric key is an example of an in-band key exchange

False

T/F A private key cipher is also called an asymmetric key cipher

False

T/F A subnet mask is a partition of a network based on IP addresses

False

T/F A worm is a self-contained program that has to trick users into running it

False

T/F Cryptographic key distribution is typically done by phone

False

T/F In a known-plaintext attack (KPA), the cryptanalyst has access to only a segment of encrypted data, and has no choice as to what that data might be

False

What is NOT a common motivation for attackers? A. Money B. Fear C. Revenge D. Fame

Fear

In the lab (Lab 10) you use d _ to implement the org's PW policy A. Domain controller B. PowerBroker C. Group Policy D. FileZilla

Group Policy

What type of system is intentionally exposed to attackers in an attempt to lure them out? A. Web server B. Bastion host C. DB server D. Honeypot

Honeypot

Some of the more important __ include anti-virus (anti-malware), host-based firewall, syst hardening (removing unwanted services), change control, and log management A. Damn vulnerable web apps B. Host-based security measures C. SQL injections D. XSS

Host-based security measures

Which of the following helps secure the perimeter of a network? A. SQL intrusion B. Damn vulnerable web application C. intrusion prevention systems D. JavaScript

IPS

Which org promotes technology issues as an agency of the UN? A. Institute of Electrical and Electronics Engineers (IEEE) B. Intl Telecommunication Union (ITU) C. American National Standards Institute (ANSI) D. Internet Assigned Numbers Authority (IANA)

ITU

When malware is able to steal + mod data, which tenets of IS security is impacted? A. Confidentiality B. Integrity C. Availability D. Control

Integrity

When the key is successfully created, which option sends a copy of your private key to your computer? A. Save your Key Pair B. Upload Certificate to Directory Service C. Send certificate by Email D. Make a backup of your key pair

Make a backup of your key pair

Which of the following is used to make remote folders appear as part of the local file system on Linux and Windows systems? A. NFS B. GUI C. Windows Backup Admin D. Active Directory

NFS

Cryptography takes human readable info and makes it unreadable "cipher text" which can only be read if: A. It's broadcast over a public network B. A digital device is "always on" C. It's asymmetric D. One possesses the correct key

One possesses the correct key

Web application firewalls, security info, and event mgt systems, ACs, network security monitoring, and change controls help to keep the "soft center" from becoming an easy target when the __ fails A. Network B. Redundant layer C. Defense in depth D. Perimeter

Perimeter

Hilda is troubleshooting a problem w/ the encryption of data. At which layer of the OSI Reference Model is she working? A. Session B. Presentation C. Data Link D. Application

Presentation

Which of the following allows valid SQL commands to run within a webform? A. HTML coding B. JavaScript Coding C. SQL injection D. XSS

SQL injection

What firewall approach is shown? A. Multilayered firewall B. Bastion host C. Screened subnet D. Border firewall

Screened subnet

The CEO of Kelly's company recently fell victim to attack. The attackers sent the CEO an email informing him that his company was being used and he needed to view a subpoena at a court website. When visiting the website, malicious code was downloaded onto the CEO's computer. What type of attack took place? A. Spear phishing B. Command injection C. Adware D. Pharming

Spear phishing

Keys are also referred to as;; A. Secret messages B. Pairs C. Certificates D. senders

Certificates

Maya is creating a computing infrastructure compliant with the PCI DSS. What type of info is she most likely trying to protect? A. Educational records B. Trade secrets C. Credit card info D. Health records

Credit card info