OS Hardening - SEC340 chapter 1 & 2

Lakukan tugas rumah & ujian kamu dengan baik sekarang menggunakan Quizwiz!

Which of the following is a valid IPv6 address? a. 1080::8:800:200C:417A b. 24::5B1A::346C c. 5BA4:2391:0:0:4C3E d. 5510:ABCD::34:1::2

a. 1080::8:800:200C:417A

Which of the following is considered a flooded broadcast IP address? a. 255.255.255.255 b. 10.255.255.255 c. 200.15.6.255 d. FFFF.FFFF.FFFF

a. 255.255.255.255

Which IPv6 header field is known as the priority field? a. Traffic Class b. Version c. Flow Label d. Hop Limit

a. Traffic Class

Which of the following is a type of script that automates repetitive tasks in an application such as a word processor but can also be programmed to be a virus? a. macro b. Trojan c. worm d. back door

a. macro

What is the name of a storage area where viruses are placed by antivirus software so they cannot replicate or do harm to other files? a. quarantine b. firewall c. demilitarized zone d. recycle bin

a. quarantine

Which type of firewall policy calls for a firewall to deny all traffic by default? a. restrictive policy b. demilitarized policy c. perimeter policy d. permissive policy

a. restrictive policy

Malware that creates networks of infected computers that can be controlled from a central station is referred to as which of the following? a. logic bomb b. botnet c. Trojan d. packet monke

b. botnet

Which of the following is NOT a reason for subnetting a network? a. increasing network security b. making larger groups of computers c. planning for growth d. controlling network traffic

b. making larger groups of computers

Which type of attack works by an attacker operating between two computers in a network and impersonating one computer to intercept communications? a. malicious port scanning b. man-in-the-middle c. remote procedure call d. denial of service

b. man-in-the-middle

With which access control method do system administrators establish what information users can share? a. administrative access control b. discretionary access control c. mandatory access control d. role-based access control

c. mandatory access control

What can an attacker use a port scanner to test for on a target computer? a. invalid IP addresses b. SYN flags c. open sockets d. ping floods

c. open sockets

What is a VPN typically used for? a. detection of security threats b. filter harmful scripts c. secure remote access d. block open ports

c. secure remote access

A hacktivist can best be described as which of the following? a. consider themselves seekers of knowledge b. an unskilled programmer that spreads malicious scripts c. use DoS attacks on Web sites with which they disagree d. deface Web sites by leaving messages for their friends to read

c. use DoS attacks on Web sites with which they disagree

Which of the following is the broadcast address for subnet 192.168.10.32 with subnet mask 255.255.255.240 a. 192.168.10.95 b. 192.168.10.23 c. 192.168.10.63 d. 192.168.10.47

d. 192.168.10.47

What feature in ICMPv6 replaces ARP in IPv4? a. Echo Request b. Authentication Header c. Multicast Listener Discovery d. Neighbor Discovery

d. Neighbor Discovery

Which type of attack causes the operating system to crash because it is unable to handle arbitrary data sent to a port? a. SYN flood b. malicious port scanning c. ICMP message abuse d. RPC attacks

d. RPC attacks

Which of the following is the first packet sent in the TCP three-way handshake? Select one: a. ACK b. PSH c. RST d. SYN

d. SYN

Which of the following is a reason that UDP is faster than TCP? a. it doesn't guarantee delivery b. it doesn't use port numbers c. the header is smaller d. it has a higher priority on the network

a. it doesn't guarantee delivery

Why might you want your security system to provide nonrepudiation? a. so a user can't deny sending or receiving a communication b. to prevent a user from capturing packets and viewing sensitive information c. to trace the origin of a worm spread through email d. to prevent an unauthorized user from logging into the system

a. so a user can't deny sending or receiving a communication

How large is the IPv6 address space? a. 168 bits b. 128 bits c. 64 bits d. 32 bits

b. 128 bits

Which security tool works by recognizing signs of a possible attack and sending notification to an administrator? a. VPN b. IDPS c. DiD d. DMZ

b. IDPS

In which OSI model layer will you find the OSPF protocol? a. Transport b. Network c. Session d. Application

b. Network

What tool do you use to secure remote access by users who utilize the Internet? a. DiD b. VPN c. DMZ d. IDS D. DiD

b. VPN

What is the TCP portion of a packet called? a. data b. segment c. frame d. header

b. segment

Which term is best described as an attack that relies on the gullibility of people? a. back door b. social engineering c. malicious code d. script kiddie

b. social engineering

Which of the following addresses is a Class B IP address? a. 211.55.119.7 b. 224.14.9.11 c. 189.77.101.6 d. 126.14.1.7

c. 189.77.101.6

If you are subnetting a class B network, what subnet mask will yield 64 subnets? a. 255.255.224.0 b. 255.255.192.0 c. 255.255.252.0 d. 255.255.64.0

c. 255.255.252.0

Which of the following is the IPv6 loopback address? a. ::FFFF b. 1000:127:0:0:1 c. ::1 d. 000:000::

c. ::1

Which protocol is responsible for automatic assignment of IP addresses? Select one: a. FTP b. SNMP c. DHCP d. DNS

c. DHCP

What is a program that appears to do something useful but is actually malware? a. virus b. back door c. Trojan d. logic bomb

c. Trojan

In which form of authentication does the authenticating device generate a random code and send it to the user who wants to be authenticated? a. biometrics b. signature c. challenge/response d. basic

c. challenge/response

Which of the following is NOT information that a packet filter uses to determine whether to block a packet? a. port b. protocol c. checksum d. IP address

c. checksum

Which field in the IP header is an 8-bit value that identifies the maximum amount of time the packet can remain in the network before it is dropped? a. ECN b. Options c. Fragment Offset d. TTL

d. TTL

Defense in depth can best be described as which of the following? a. a firewall that protects the network and the servers b. antivirus software and firewalls c. authentication and encryption d. a layered approach to security

d. a layered approach to security

Which security layer verifies the identity of a user, service, or computer? a. physical security b. authorization c. repudiation d. authentication

d. authentication

What should you do when configuring DNS servers that are connected to the Internet in order to improve security? a. setup DNS proxy b. disable DNS buffers c. delete the DNS cache d. disable zone transfers

d. disable zone transfers

Which of the following is NOT one of the three primary goals of information security? a. confidentiality b. availability c. integrity d. impartiality

d. impartiality

What does a sliding window do in a TCP packet? a. ensures all packets are delivered b. ensures transmission reliability c. provides packet security d. provides flow control

d. provides flow control

How are the two parts of an IP address determined? a. host identifier b. network identifier c. routing table d. subnet mask

d. subnet mask

Which of the following is NOT an advantage of IPv6 versus IPv4? a. built-in security b. NAT is unnecessary c. larger address space d. supports static configuration

d. supports static configuration


Set pelajaran terkait

Intro to Biology Evolution and Natural Selection

View Set

Ch. 1 Epidemiology, Prevention and Health Promotion

View Set

Honors Anatomy Lymphatic System Multiple Choice

View Set

Essential Cell Biology Chapter 6

View Set

Biological Psychology Chapter 1 & 2 Kalat

View Set

Architect storage infrastructure in Azure - Secure your Azure Storage account

View Set

Writing an Informative Essay about the Immigrant Experience

View Set