ITSY 2459 Exam 3 - Ch. 9-12
Even the newest wireless protocols are slower than using high-quality physical cable. A. True B. False
A
NAT is helpful to hide internal IP addresses from the outside world. A. True B. False
A
One of the most important concerns when sending data across a WAN is confidentiality. A. True B. False
A
Which LAN device commonly has the ability to filter packets and deny traffic based on the destination address? A. Router B/ /Gateway C. Hub D. Switch
A
Which WAN technology is a cost-effective solution for connecting multiple locations? A. MPLS B. ISDN C. MAN D. L2TP
A
Which access control method is based on granting permissions? A. DAC B. MAC C. RBAC D. OAC
A
Which of the following best describes the term honeypot? A. A server that is deliberately set up in an unsecure manner to attract attackers B. A server that contains extremely sensitive data C. A collection of computers that are vulnerable to attack and could allow your network to be compromised D. Vulnerable servers in your network that would not be dangerous if compromised
A
Which of the following is a solution that defines and implements a policy that describes the requirements to access your network? A. NAC B. NAT C. NIC D. NOP
A
Which of the following is commonly the primary security control for data entering the LAN-to-WAN Domain? A. Filtering B. NAT C. Encryption D. Address validation
A
Which security related act requires organizations to protect all personal medical information? A. HIPPA B. GLBA C. SOX D. SCM
A
Which type of WAN generally has the highest speed and is most secure? A. Dedicated line B. Circuit switching C. Packet switching D. MPLS network
A
What are the types of malware? (select 2) A. Programs that actively spread or infect B. Programs that slow down data transfer C. Programs that cause damage D. Programs that hide
A & D
You should back up LAN device configuration settings as part of a LAN back up. A. True B. False
A true
A LAN is a network that generally spans several city blocks. A. T B. F
B
By definition, VPN traffic is encrypted. A. True B. False
B
The WAN Domain commonly contains a DMZ. A. True B. False
B
WAN subscription cost tends to decrease as availability increases. A. True B. False
B
Which of the following is the primary type of control employed in the WAN Domain? A. Firewalls B. Encryption C. Hashing D. Compression
B
Which of the following is the process of verifying credentials of a specific user? A. Authorization B. Identification C. Authentication D. Revocation
B
Which type of network device is most commonly used to filter network traffic? A. Router B. Firewall C. Switch D. IDS
B
Why is LAN device configuration control important? A. Configuration control helps to detect violations of LAN resource access controls. B. Configuration control can detect changes an attacker might have made to allow harmful traffic in a LAN C. It reduces the frequency of changes because they are more difficult to implement with configuration control D. Configuration control ensures LAN devices are set up once and never changed.
B
Why is mapping a LAN a productive exercise? A. Visual maps help to identify unnecessary controls B. they help in understanding your LAN design C. it's required before physically installing any hardware or connection media D. it's the only way to define paths between devices
B
You only need written authorization prior to conducting a penetration test that accesses resources outside your organization. A. True B. False
B
Where must sensitive information be encrypted to ensure is confidentiality? (Select 2) A. While in use on a workstation B. During transmission over the network C. As it is stored on disk D. In memory
B and C
Which of the following choices protect your system from users transferring private data files from a server to a workstation? (Select 2). A. Increase the frquency of object access audits B. Deliver current security policy training C. Place access control to prohibit inappropriate actions D. Enable access auditing for all private data files.
B and C
Which of the following devices detect potential intrusions? (Select two.) A. Firewall B. IPS C. IDS D. Load balancer
B and C
How can some smart routers attempt to stop a DoS attack in progress? A. They can alert an attack repsonder B. They can log all traffic coming from the source of the attack C. They can terminate any connections with the source of attack D. They can reset all connections
C
Most WAN protocols operate at which level in the OSI reference model? A. 7 B. 3 C. 2 D. 1
C
What does it mean when there are differences between the last security configuration baseline and the current security configuration settings? A. Unauthorized changes have occurred. B. Authorized changes have occurred. C. Changes have occurred (either authorized or unauthorized). D. Unapproved changes are awaiting deployment.
C
Which of the following best describes a dual-homed ISP connection? A. An ISP connection using two firewalls B. Connecting two LANs to the Internet using a single ISP connection C. A network that maintains two ISP connections D. Using two routers to split a single ISP connection into two subnets
C
Which of the following controls would comply with the directive to limit access to payroll data to computers in the HR dept.? A. User based authorization B. Group based authorization C. Media Access Control based authorization D. Smart card based authorization
C
Which of the following is an internal control report for the services provided by a service provider? A. SLA B. WAN C. SOC D. MPLS
C
Which of the following is the process of providing additional private credentials that match the user ID or username? A. Authorization B. Identification C. Authentication D. Revocation
C
Which of the following would be the best use for a packet sniffer? A. To approve or deny traffic based on the destination address b. to encrypt confidential data C. To analyze packet contents for known inappropriate traffic D. To track configuration changes to specific LAN devices
C
Who writes SLAs? A. Subscribing organization B. Telecom company C. WAN service provider D. SOC
C
_______ cabling provides excellent protection from interference but can be expensive.
Fiber optic
The ________ feature speeds up routing network packets by adding a label to each packet with routing information.
Multi-protocol label switching (MPLS)
An _____ is a dedicated computer on a LAN that runs network management software.
Network monitoring platform (NMP)
The ________ property of the CIA triad provides the assurance the information cannot be changed by unauthorized users.
Integrity
A(n) ________ makes requests for remote services on behalf of local clients.
Proxy server
The ________ contains the guaranteed availability for your WAN connection.
Service level agreement (SLA)
If you only have one connection to the Internet and that connection fails, your organization loses its Internet connection. This is an example of a(n) ________.
Single point of failure
A ________ makes it easy to establish what appears to be a dedicated connection over a WAN.
Virtual Private network (VPN)
Many organizations use a(n) ________ to allow remote users to connect to internal network resources.
Virtual private network
A(n) ________ can exclude unnecessary traffic from the WAN.
WAN optimizer
Some attackers use the process of ____________ to find modems that may be used to attack a computer.
War dialing
A successful DoS attack violates the _______ property of C-I-A.
availability
A local resource is any resource connected to the local LAN. A. T B. F
b
A _____ is a type of malware that s a self-contained program that replications and sends copies of itself to other computers.
worm
A distributed application is one in which the components that make up the application reside on different computers. A. True B. False
A
Which of the following describes a common LAN protocol deployed to a network the size of a city? A. IPSec MAN B. Urban Ethernet C. TCP MAN D. Metro Ethernet
D
A(n) ________ is an isolated part of a network that is connected both to the Internet and your internal secure network and is a common home for Internet-facing Web servers.
Demilitarized zone (DMZ)
_____________ means the ongoing attention and care an organization places on security.
Due diligence
PCI DSS allows merchants to store the CVV number. T/F
False
Which of the following devices repeats input received to all ports? A. Hub B. Switch C. Gateway D. Router
Switch