IST 220 FINAL (EXAM 4)

Lakukan tugas rumah & ujian kamu dengan baik sekarang menggunakan Quizwiz!

What is the strongest security protocol for 802.11 today? 802.11s WPA 802.11X 802.11i

802.11i

Which type of firewall filtering looks at application-layer content? NGFW Stateful Packet Inspection Both Neither

NGFW

Which type of firewall is more expensive per packet handled?

NGFW

Iris scanning is attractive because of its ________. Precision Low cost Both Neither

Precision

Which phase of the plan-protect-respond cycle takes the largest amount of work?

Protect

Which is less expensive to implement? SSL/TLS IPsec Both cost about the same

SSL/TLS

Traditionally, we have told users that passwords ________. Should be easy to remember Should have a mix of characters (uppercase and lowercase letters, digits, other keyboard characters) Both Neither

Should have a mix of characters (uppercase and lowercase letters, digits, other keyboard characters)

For sensitive assets, reusable passwords ________. Should not be used Should be especially long Should contain a truly complex mixture of characters Should be difficult to remember

Should not be used

Which of the following secures communication between the wireless computer and the server it wishes to use against evil twin attacks? VPNs 802.1X mode VLANs None of the above

VPNs

Which of the following attach themselves to other programs? Viruses Worms Both Neither

Viruses

The Wi-Fi Alliance calls 802.11i ________.

WPA2

Using encryption, you make it impossible for attackers to read your messages even if they intercept them. This is ________.

confidentiality

In SPI firewalls, ACLs are used for packets in the ________ state.

connection-opening state

802.11i 802.1X initial authentication mode was created for ________.

corporations with multiple access points

In authentication, ________ are the general name for proofs of identity.

credentials

________ attackers are often well-funded.

cybercriminal

In transport mode, ESP fields surround an IPv4 packet's ________.

data field

A spear phishing attack is usually aimed at ________.

an individual

A specific encryption method is called a ________.

cipher

In most encryption, keys must be at least ________ long to be considered safe.

128 bits

In 802.11i PSK mode, the pass phrase should be at least ________ characters long.

20

________ is a program that can capture passwords as you enter them. A keystroke logger Data mining software Both Neither

A keystroke logger

________ is the general name for a security flaw in a program.

A vulnerability

________ attacks typically extend over a period of months.

APT

In public key encryption, if Bob wants to send Alice a secure message, Bob would use

Alice's public key

Authentication should generally be ________. Different for every resource As strong as possible The same for all resources Appropriate for a specific resource

Appropriate for a specific resource

A type of encryption that requires seperate keys for encryption and decryption

Asymmetric Key Encryption

In antivirus filtering, the best ways to filter currently use ________.

Behavioral detection

For reusable passwords, NIST now recommends ________. That passwords be easy to remember That passwords be long phrases instead of being about 8-12 characters long Both Neither

Both

Which of the following is a risk in 802.11i PSK mode? Unauthorized sharing of the pre-shared key. A weak passphrase may be selected. Both Neither

Both

Which of the following meets the definition of hacking? To intentionally use a computer resource without authorization To intentionally use a computer on which you have an account but use it for unauthorized purposes Both Neither

Both, To intentionally use a computer resource without authorization and to intentionally use a computer on which you have an account but use it for unauthorized purposes

IPsec is used for ________ VPNs. Site-to-site Remote-access Both Neither

Both, remote-access and site-to-site

Antivirus programs are designed to detect ________. Worms Viruses Both Neither

Both, viruses and worms

Major incidents are handled by the __________ .

CSIRT

Which of the following is more widely used? ESP AH Both are used equally

ESP

Which of the following is the most frustrating to use? Opaque filtering SPI Firewalls IDSs NGFW firewalls

IDSs

The first stage of IPsec uses the ________ protocol.

IKE

Which has stronger security? SSL/TLS IPsec Both have equal security

IPsec

Who are the most dangerous types of employees?

IT security employees

Facial recognition is controversial because ________. It can be used surreptitiously It can be fooled very easily Both Neither

It can be used surreptitiously

Communication after authentication is protected most strongly if the ________ initial authentication is used. 802.1X PSK WPA It does not matter which initial authentication mode is used

It does not matter which initial authentication mode is used

Stateful packet inspection firewalls are attractive because of their ________. Ability to base rules on specific application programs Low cost for a given traffic volume Both Neither

Low cost for a given traffic volume

The general term for evil software is ________.

Malware

Which type of firewall filtering collects streams of packets to analyze them as a group? NGFW SPI Both Neither

NGFW

If a drive-by hacker succeeds in connecting to an internal access point, the network traffic is ________. Still protected by encryption Still protected by a firewall Both Neither

Neither

If a packet is highly suspicious but not a provable attack packet, an ________ may drop it. NGFW SPI Firewall IDS None of the above

None of the above

In 802.11i ________, hosts must know a shared initial key. PSK initial authentication mode 802.1X initial authentication mode Both Neither

PSK initial authentication mode

________ is the dominant firewall filtering method used on main border firewalls today.

Stateful packet inspection

Which protects more of the original IP packet? tunnel mode transport mode both provide the same protection

Tunnel mode

When a user attempts to plug into an Ethernet switch protected by 802.1X, ________. The user will be required to authenticate himself or herself The switch port will freeze The switch will freeze None of the above

The user will be required to authenticate himself or herself

SSL/TLS is used for ________.

Web applications

In 802.1x initial authentication mode, the authenticator is the ________. Wireless access point Wireless client Authentication server None of the above

Wireless access point

Which of the following sometimes uses direct propagation between computers? Trojan Horses Viruses Downloaders Worms

Worms

An evil twin access point is usually ________.

a laptop computer

ARP cache poisoning is ________.

a man-in-the-middle attack

A central firewall management program that pushes changes to firewalls is __________. (Select the most specific answer.)

a single point of takeover

In 802.11i, protection is provided between the client and the ________.

access point

Secured packets typically receive ________. Message integrity Confidentiality Authentication All of the above

all of the above

IPsec protects ________ layer content. application data link both neither

application

SAs in two directions ________. are always the same are always different are sometimes different

are sometimes different

Electronic signatures provide message-by-message ________. authentication confidentiality both neither

authentication

A user is allowed to edit files in a particular directory. This is an example of __________. (Select the most specific answer.)

authorizations

Using bodily measurements for authentication is ________.

biometrics

In a DDoS attack, a ________ sends messages directly to the victim.

bot

What type of attacker are most attackers today?

career criminals

In digital certificate authentication, the verifier gets the key it needs directly from the ________.

certificate authority

In an SPI firewall, all rules except the last will permit the connection. The last will ________.

deny the connection

After two wireless clients authenticate themselves via PSK to an access point, they will use ________ to communicate with the access point.

different pairwise session keys

When a packet that is not part of an ongoing connection and that does not attempt to open a connection arrives at a stateful inspection firewall, the firewall ________.

drops the packet

In tunnel mode, ESP fields surround an IPv4 packet's ________.

entire length

Attackers only need to find a single weakness to break in. Consequently, companies must __________.

have comprehensive security

Vulnerabilities are occasionally found in even the best security products. Consequently, companies must __________.

have defense in depth

In which type of attack does the attacker gather extensive sensitive personal information about its victim?

identity theft

Policies are separated by implementation to take advantage of __________.

implementer knowledge

Users typically can eliminate a vulnerability in one of their programs by ________.

installing a patch

A firewall will drop a packet if it ________.

is a definite attack packet

In encryption, what must be kept secret?

key

If someone has been properly authenticated, they should receive _______ permissions.

minimum

When a packet that is part of an ongoing connection arrives at a stateful inspection firewall, the firewall usually ________.

passes the packet

Pieces of code that are executed after the virus or worm has spread are called ________.

payloads

SPI firewalls are being replaced in large part because they are limited in their ability to detect ________.

port spoofing

In a ________ attack, the attacker encrypts some or all of the victim's hard drive.

ransom

DoS attacks attempt to ________.

reduce the availability of a computer

802.11i PSK initial authentication mode was created for ________.

residences with a single access point

Balancing threats against protection costs is called .

risk analysis

A ________ is an unauthorized internal access point.

rogue

It is most desirable to do access control based on __________.

roles

In IPsec, agreements about how security will be done are called ________. security associations security contracts tranches service-level agreements

security associations

What kind of attack is most likely to succeed against a system with no technological vulnerabilities?

social engineering

Compliance with __________ is mandatory.

standards

In authentication, the ________ is the party trying to prove his or her identity.

supplicant

In digital certificate authentication, the supplicant encrypts the challenge message with ________.

the supplicant's private key

The supplicant claims to be ________.

the true party

In digital certificate authentication, the verifier decrypts the challenge message with ________. the true party's private key the true party's public key the supplicant's private key the supplicant's public key

the true party's public key

Malware programs that masquerade as system files are called ________.

trojan horses

If a company uses 802.11i for its core security protocol, an evil twin access point will set up ________ 802.11i connection(s). one two four none of the above

two

A debit card is secure because it requires two credentials for authentication-the card itself and a PIN. This is called ________.

two-factor authentication

Attacking your own firm occurs in __________.

vulnerability testing

A policy specifies .

what should be done

Vulnerability-based attacks that occur before a patch is available are called ________ attacks.

zero-day


Set pelajaran terkait

F255 Chapter 1 practice questions

View Set

Chemistry - Ch. 0 to Ch. 10 - Full Review

View Set

Series 65 Unit 19 Checkpoint Exam

View Set

Chapter 24 "The Digestive System"

View Set