CTC 452 quiz 1,2,3,5
Which of the following makes a single pass on data and generates a 128-bit hash value displayed as a 32-character hexadecimal number and is used in VPNs? Message Digest 5 Twosh RC4 RSA
Message Digest 5
Which type of function is used in cryptography? Not AND NOR permutation X-box
Permutation
What does a sliding window do in a TCP packet? ensures transmission reliability provides flow control ensures all packets are delivered provides packet security
Provides flow control
Which of the following is the rst packet sent in the TCP three-way handshake? SYN ACK RST PSH
SYN
What is the sequence of packets for a successful three-way handshake? SYN, ACK, ACK SYN, ACK, FIN SYN, SYN-ACK, ACK SYN, SYN-ACK, RST
SYN, SYN ACK, ACK
Which type of scan has the FIN, PSH, and URG flags set? Null scan FIN scan SYN Scan Xmas scan
Xmas scan
Defense in depth can best be described as which of the following? antivirus software and firewalls a layered approach to security a firewall that protects the network and the servers an authentication and encryption
a layered approach to security
What is the TCP portion of a packet called? frame segment data header
segment
Why might you want your security system to provide nonrepudiation? A)to prevent a user from capturing packets and viewing sensitive information B)to prevent an unauthorized user from logging into the system C)so a user can't deny sending or receiving a communication D)to trace the origin of a worm spread through email
so a user can't deny sending or receiving a communication
Which term is best described as an attack that relies on the gullibility of people? malicious code social engineering script kiddie back door
social engineering
In which type of scan does an attacker scan only ports that are commonly used by specific programs? vanilla scan random scan strobe scan ping sweep
strobe scan
How are the two parts of an IP address determined? subnet mask routing table network identifier host identifier
subnet mask
Under which attack category does a UNIX Sendmail exploitation fall? multiple-packet attack suspicious data payload single-packet attack bad header information
suspicious data payload
How large is the IPv6 address space? 168 bits 128 bits 64 bits 32 bits
128 bits
Which of the following is the broadcast address for subnet 192.168.10.32 with subnet mask 255.255.255.240 192.168.10.23 192.168.10.95 192.168.10.47 192.168.10.63
192.168.10.47
Which of the following is considered a flooded broadcast IP address? 10.255.255.255 255.255.255.255 200.15.6.255 FFFF.FFFF.FFFF
255.255.255.255
Which protocol is responsible for automatic assignment of IP addresses? DHCP FTP SNMP DNS
DHCP
Which security tool works by recognizing signs of a possible attack and sending notication to an administrator? DMZ DiD IDPS VPN
IDPS
Which of the following was developed as a way of enabling Web servers and browsers to exchange encrypted information and uses a hashed message authentication code to increase security? SSL SSH IPsec TLS
TLS
At which layer of the OSI model does IPsec work? Three Two Four Six
Three
What tool do you use to secure remote access by users who utilize the Internet? DMZ IDS VPN DiD
VPN
Which of the following is NOT among the items of information that a CVE reference reports? attack signature reference in other databases description of vulnerability name of the vulnerability
attack signature
Which security layer verifies the identity of a user, service, or computer? authorization authentication repudiation physical security
authentication
What type of attack does a remote-access Trojan attempt to perpetrate? back door remote denial of service composite attack worm
back door
Which of the following is described as a 64-bit block cipher composed of a 16-round Feistel network and key-dependent S-box functions? Twosh Rijndael RC4 Blowfish
blowfish
Malware that creates networks of infected computers that can be controlled from a central station is referred to as which of the following? packet monkey Trojan botnet logic bomb
botnet
In which form of authentication does the authenticating device generate a random code and send it to the user who wants to be authenticated? biometrics basic challenge/response signature
challenge/response
Which of the following is a type of crypt-analysis that applies primarily to block ciphers but can also be used against stream ciphers and hashing functions and works by examining how differences in input affect the output? integral related key dierential XSL
dierential
What should you do when conguring DNS servers that are connected to the Internet in order to improve security? delete the DNS cache disable zone transfers setup DNS proxy disable DNS buers
disable zone transfers
What is the term used when an IDPS doesn't recognize that an attack is underway? false negative negative activity true positive positive signature
false negative
Which of the following is an element of the TCP header that can indicate that a connection has been established? A)Sequence number B)Flags C)SEQ/ACK analysis D)Stream index
flags
Which of the following is a reason that UDP is faster than TCP? it doesn't use port numbers the header is smaller it has a higher priority on the network it doesn't guarantee delivery
it doesn't guarantee delivery
Which of the following is a type of script that automates repetitive tasks in an application such as a word processor but can also be programmed to be a virus? worm Trojan back door macro
macro
With which access control method do system administrators establish what information users can share? discretionary access control administrative access control role-based access control mandatory access control
mandatory access control
Of what category of attack is a DoS attack an example? bad header information suspicious data payload multiple-packet attack single-packet attack
multiple-packet attack
Which of the following is true about cryptographic primitives? A)a single primitive makes up an entire cryptographic protocol B)a primitive that provides confidentiality usually also provides authentication C)each performs several tasks D)primitives are usually not the source of security failures
primitives are usually not the source of security failures
Which of the following is true about Message Authentication Code it uses a private and public key the key is sent to the receiver securely it uses PKI and certicates it uses asymmetric encryption
the key is sent to the receiver securely
What is the most likely weak link when using asymmetric encryption for verifying message integrity and nonrepudiation? The hashing algorithm used to generate a message digest The use of the sender's private key The source of the public keys The integrity of the private keys
the source of the public keys
How does the CVE standard make network security devices and tools more effective? A) it warns an attacker that your site is being monitored B) it requires you to use compatible devices from one vendor C) they can share information about attack signatures D) the layered approach makes attacks nearly impossible
they can share information about attack signatures