Test 1 Coms and Security

Lakukan tugas rumah & ujian kamu dengan baik sekarang menggunakan Quizwiz!

Which of the following is NOT a benefit of cloud computing to organizations?

Lower dependence on outside vendors

Which formula is typically used to describe the components of information security risks?

Risk = Threat X Vulnerability

Spyware gathers information about a user through an Internet connection, without his or her knowledge.

True

Standards are used when an organization has selected a solution to fulfill a policy goal.

True

Based on your interpretation of the Zenmap Intense Scan, the purpose/results of the ARP Ping Scan was to:

discover how many hosts are alive.

By creating users, assigning those users to groups, and then applying groups to resources in the domain, the administrator sets up both authentication using the Active Directory Domain authentication policies, and builds a series of nested __________ to control the access to domain resources.

Access Control Lists

What is NOT a good practice for developing strong professional ethics?

Assume that information should be free

Which of the following tools helps discover unwanted operating system changes and non-compliant systems within the network?

Baseline analyzers

Which security model does NOT protect the integrity of information?

Bell-LaPadula

Which type of password attack attempts all possible combinations of a password in an attempt to guess the correct value?

Brute-force attack

Which activity manages the baseline settings for a system or device?

Configuration control

In Wireshark, which of the following enable you to find only the traffic you wish to analyze?

Display filters

A phishing attack "poisons" a domain name on a domain name server

False

The first step in creating a comprehensive disaster recovery plan (DRP) is to document likely impact scenarios.

False

The term risk methodology refers to a list of identified risks that results from the risk-identification process.

False

The __________ on the Wireshark toolbar is used to filter all packets and only show those packets that meet certain criteria.

Filter box

In the lab, you used the __________ to link the new password group policy object to the Active Directory domain for the virtual lab environment.

Group Policy Management Console

Which element of the security policy framework offers suggestions rather than mandatory actions?

Guideline

With the use of Mobile IP, which device is responsible for keeping track of mobile nodes (MNs) and forwarding packets to the MN's current network?

Home agent (HA)

In the Host Name (or IP address) box of the PuTTY Configuration dialog box, you typed in 172.16.8.5, which is the:

IP address for LanSwitch1.

Which of the following would NOT be considered in the scope of organizational compliance efforts?

Laws

Which of the following is an example of a hardware security control?

MAC filtering

Which agreement type is typically less formal than other agreements and expresses areas of common interest?

Memorandum of understanding (MOU)

What is NOT a goal of information security awareness programs?

Punish users who violate policy

During which phase of a hacker's five-step approach does the hacker scan a network to identify IP hosts, open ports, and services enabled on servers and workstations?

Reconnaissance

Which of the following does NOT offer authentication, authorization, and accounting (AAA) services?

Redundant Array of Independent Disks (RAID)

What is the correct order of steps in the change control process?

Request, impact assessment, approval, build/test, implement, monitor

The __________ can identify the services using the TCP protocol, but not the versions of these applications.

SYN scan

Which of the following is NOT one of the four fundamental principles outlined by the Internet Society that will drive the success of Internet of Things (IoT) innovation?

Secure

Which one of the following is NOT an example of store-and-forward messaging?

Telephone call

The business impact analysis (BIA) identifies the resources for which a business continuity plan (BCP) is necessary.

True

The idea that users should be granted only the levels of permissions they need in order to perform their duties is called the principle of least privilege.

True

Using Mobile IP, users can move between segments on a local area network (LAN) and stay connected without interruption

True

Which of the following tools is used to capture data packets over time (continuously or overnight)?

Wireshark

In the lab, Wireshark continued to capture data in the background until the:

capture process was manually stopped later in the lab.

Keeping up with technology advances, newly discovered vulnerabilities, and system updates is best done through:

change control management.

Which of the following statements is true regarding the rules for password selection?

Change your passwords frequently.

Which practice is NOT considered unethical under RFC 1087 issued by the Internet Architecture Board (IAB)?

Enforcing the integrity of computer-based information

During the vulnerability assessment, any known vulnerabilities or bugs will be flagged and identified by:

Nessus.

Which one of the following is an example of a logical access control?

Password

Which one of the following is NOT an advantage of biometric systems?

Physical characteristics may change.

Which one of the following is an example of two-factor authentication?

Smart card and personal identification number (PIN)

The tools for conducting a risk analysis can include the documents that define, categorize, and rank risks.

True

With proactive change management, management initiates the change to achieve a desired goal.

True

Which of the following would NOT be considered in the scope of organizational compliance efforts?

Which of the following would NOT be considered in the scope of organizational compliance efforts?

Which type of attack against a web application uses a newly discovered vulnerability that is not patchable?

Zero-day attack

Conducting a vulnerability scan on entire subnets:

is time consuming and noisy (making them easily detected).

Active Directory:

makes the process of accessing machines that are not on the domain much easier.

Using Group Policy Objects, __________ can be set within Active Directory and automatically enforced.

password policies

A successful __________ assessment of a network is all about using the right tools to map the network and identify any vulnerabilities that can be the opening for a future attack.

scanning and vulnerability


Set pelajaran terkait

Network+ Chapter 7: Virtualization and Cloud Computing

View Set

Economics Module 3: Applications of Supply and Demand

View Set

Chapter 18: Planning Nursing Care

View Set

Virginia DMV Practice Test, Learners Permit, Questions to Review, 2021

View Set

Chapter 27: Safety, Security, and Emergency Preparedness - PrepU

View Set

Anatomy and Physiology: The Human Body: An Orientation: Body Planes and Sections, Body Orientation and Direction

View Set

CSS145 Midterm - Case Studies in Customer Service

View Set