Network Security
Describe some key considerations that should be made when hosting data or systems via a cloud solutions provider
All of the above
What are the services privided by a cloud access security broker (CASB)?
All of the above
Which of the following is an intrusion detection system with additional abilities that make it possible to protect systems from attacks by using different methods of access control?
An intrusion prevention system
Which of the following is a detection method that uses a known model of activity in an environment and reports deviations from established normal behavior?
Anomaly detection
Dave would like to use a firewall that is able to intercept user connection requests and perform those connections on behalf of end users. What type of firewall does he want?
Application Gateway Proxy
Which term refers to the process of positively identifying a party as a user, computer, or service?
Authentication
Ensuring that a consumer can access their account information from a bank 24/7 is an example of which of the CIA Triad?
Availability
Preventing a web site from being inaccessible due to a Denial of Service attack is an example of which of the CIA Triad?
Availability
What type of deployment model(s) allow users to select the mobile device make and model?
BYOD CYOD
A host that resides in a DMZ is sometimes referred to as a _____________ host.
Bastion
IT administrators in your company have been abusing their privileges to install computer games on company PCs. What technical control could you deploy to prevent this?
Blacklisting executables Whitelisting executables
Encrypting credit card data in transmission is an example of which of the CIA Triad?
Confidentiality
Protecting student grade information from being disclosed to other students is an example of which of the CIA Triad?
Confidentiality
Which of the following security services does data authentication NOT provide?
Confidentiality
Which of the following is NOT a design goal of a firewall?
Create alerts for suspicious network activity.
A _________ allows you to publish services or facilitate Internet access without allowing Internet hosts direct access to a private LAN.
DMZ
To ensure messages are not modified, which type of security service would you use?
Data Integrity
What is the risk of VM escaping?
Denial of Service stolen information Malware injection
What 802.1X protocol allows you to force a client device or user to be authenticated before full network access is granted?
EAPoL
A Type - I hypervisor manages virtual machines that has been installed to a guest OS.
False
A packet-filtering firewall is a type of firewall that functions as a gateway for requests arriving from clients.
False
A solution hosted by a third party and shared between subscribers (multitenant). This sort of cloud solution has the greatest security concerns. This type of system is called Shared Cloud
False
An intrusion detection system (IDS) prevents attacks from occurring.
False
An intrusion detection system (IDS) provides a way of both detecting an attack and dealing with it.
False
In the context of a network, misuse is always malicious in nature.
False
It is ideal for an effective IDS to have a number of false-positive responses and few true-positive responses.
False
Kerberos is designed to use public-key cryptography.
False
Modern antivirus software is not equipped to deal with the problems polymorphic viruses pose.
False
SHA-2 hash functions were phased out in 2010 and replaced by SHA-3.
False
True or false? Only Microsoft's operating systems and applications require security patches.
False
When designing a security system, it should be as large and complex as possible.
False
When designing a security system, it's best practice to allow full access by default, then limit access as needed.
False
Worms require user intervention for their infection to take place; viruses do not.
False
When there is no IDS alert is generated and an actual intrusion occurred, this is known as _______________
False-Negative
Which type of IDS can provide file integrity checking?
HIDS
enables the sharing of identities across different enterprises for user access to applications.
Identity Federation
Ensuring a patients medical data is accurate and up to date is an example of which of the CIA Triad?
Integrity
Protecting a web site from being defaced with false information is an example of which of the CIA Triad?
Integrity
Which of the following provides the ability to monitor a network, host, or application, and report back when suspicious activity is detected?
Intrusion detection system (IDS)
What use is a TPM when implementing full disk encryption?
Key access is provided by a password. Creating and storing the key used to encrypt the data.
Why would you deploy a layer 3 switch in place of a ordinary LAN (layer 2) switch?
Layer 3 switches can route between VLANs
Giving users the only the access they need to do their jobs is the would be example of which security design principle?
Least privilege
Which of the following is a general term for software that is inherently hostile, intrusive, or annoying in its operation?
Malware
Which of the following is a type of passive online password attack?
Man-in-the-middle attack
What technology would you use to enable private addressing on the LAN and still permit hosts to browse the web?
NAT
Which of the following is a firewall best able to control?
Network Traffic
Alice sends a message to Bob. She uses cryptography to ensure that Bob will be able to prove to another person that the message in his possession actually came from Alice. What goal of cryptography is Alice attempting to achieve?
Nonrepudiation
This type of security service prevents either the sender or receiver from denying transmitting or receiving a message
Nonrepudiation
Which term refers to the ability to ensure that a message originated from a specific party?
Nonrepudiation
For a hash function to be considered secure, it must contain which of the following properties?
One-way property Collision Resistance Computational Unqieness
Which of the following types of viruses is designed to change its code and "shape" to avoid detection by virus scanners?
Polymorphic virus
Which of the following is a type of malware designed to hold your data hostage?
Ransomware
Which of the following is an example of "Something you are"?
Retina scan
How might wireless connection methods be used to compromise the security of a mobile device processing corporate data?
Rogue AP
Which of the following hash algorithms is NOT part of the SHA-2 standard?
SHA-1024
Which of the following refers to an intrusion detection system (IDS) that is programmed to identify known attacks occurring in an information system or network by comparing sniffed traffic or other activity with that stored in a database?
Signature analysis
The _______________ is the address of the system that originated the IP Packet.
Source IP Address
Which type of firewall examines the IP and port information as well as the connection state to determine if a packet should be allowed through?
Stateful Packet Filter
Which type of firewall only examines the IP and port information to determine if a packet should be allowed through?
Stateless Packet Filter
Which intrusion detection approach involves creating a profile of activity for each user to detect changes in behavior?
Statistical anomaly detection
Which intrusion detection approach involves defining thresholds for the frequency of various events?
Statistical anomaly detection
What type of encryption uses the same key to encrypt and to decrypt information?
Symmetric encryption
Why might a company invest in device control software that prevents the use of recording devices within company premises?
To hinder espionage To hinder physical reconnaissance
A multi-homed device has multiple network interfaces that use rules to determine how packets will be forwarded between interfaces.
True
An attacker can use a keystroke logger to monitor activity on a system and have it reported back to the attacker.
True
An intrusion detection system (IDS) captures traffic and compares the intercepted traffic to known good or bad behavior.
True
Antivirus programs can use the suspicious behavior method to monitor the behavior of applications on a system.
True
Firewalls separate networks and organizations into different zones of trust.
True
For both symmetric and asymmetric cryptography, data is encrypted by applying the key to an encryption algorithm.
True
Infrastructure as a Service would be used to implement a SAN
True
Message Authentication Codes provide data authenticity because they used a secret key when creating a message digest.
True
One of the main characteristics of worms is that they do not need a host program to function.
True
Substitution, transposition, stream, and block are common forms of ciphers.
True
The failure of a single hardware host or physical network link to the host could disrupt multiple virtual server instances and applications hence the risk of a single point of failure is higher when virtual serversare deployed.
True
The public key infrastructure (PKI) framework exists to manage, create, store, and distribute keys and digital certificates safely and securely.
True
True or False: A mobile app or workspace that runs within a partitioned environment to prevent other unauthorized apps from interacting with it is known as containerization.
True
True or False: An end-of-life system is one where the vendor has previously announced a timescale for withdrawing support in terms of providing patches and updates.
True
True or False: Modern printers have their own hard drive, OS, and firmware and are, therefore, susceptible to the same attacks as any other computer?
True
True or False: Sideloading is when the user installs an app directly onto the device rather than from an official app store.
True
True or False: The Trusted Platform Module (TPM) is a tamper-proof (at least in theory) cryptographic module embedded in the CPU or chipset. This can provide a means to report the system configuration to a policy enforcer securely.
True
When ordering firewall rules, your should put deny rules ahead of allow rules.
True
With asymmetric encryption, information is encrypted by the sender with the receiver's public key and the information is decrypted by the receiver with the private key.
True
Network segments can be established logically with the use of _________.
VLANs
A _____________is the workspace presented when accessing an instance in a virtual desktop infrastructure (VDI) solution.
Virtual Desktop Enviornment
Which of the following types of malware is a piece of code or software that spreads from system to system by attaching itself to other files, and is activated when the file is accessed?
Virus
An Identity Management system uses _____________ to define specific objects, such as a user account.
attributes
Unallocated public IP addresses known as __________ are likely spoofed IP addresses.
bogons
To limit what devices can connect to a network port, MAC ____________ can be used to create a list of authorized MAC addresses.
filtering
The main function or capability of certificate authorities (CAs) is to
generate key pairs and bind a user's identity to the public key
The term __ is defined as an unauthorized use or access of a system by an individual, a party, or a service
intrusion
A ________ subnet uses two firewalls, one external and one internal.
screened
Cryptography provides all of the following except
the ability to hack into systems and remain undetected