Chapter 11 - Info & Network Security

Ace your homework & exams now with Quizwiz!

A good password has at least ______ characters.

8

A password policy for a 90- or 180-day replacement schedule is called password ________.

Age

Jerod is setting up security for a server room for a university. Which of the following is true of the room in which the server is located? - It should be in the most fire-resistant room in the building. - It should have a strong lock with a strong door - It should be accessible only to those who have a need for access - All of the above

All of the above

The process to make a system as secure as it can be without adding on specialized software or equipment is _______________

Hardening

What is password age?

How long a user has had a password.

Elizabeth is responsible for security policies at her policies. She is trying to implement sound end user security policies. What would be most important to block end users from doing on their own machine?

Installing software or changing system settings

Which of the following is a common way to establish security between a web server and a network?

Put a firewall between the web server and the network

The rule that packets not originating from inside your LAN should not be forwarded relates to ___________.

Routers

Which of the following is a step you might take for large networks but not for smaller networks?

Segment the network with firewalls between the segments

Miguel is trying to secure a web server. He has decided to shut down any services that are not needed. His supervisor has told him to check dependencies first. Which of the following is a good reason to check dependencies before shutting down a service?

To determine whether shutting down this service will affect other services

A good rule of thumb for a password history policy is a history depth of five.

True

CNE, MCITP, CISSP, and CCNA are examples of industry certifications.

True

Every open port on a router is a possible avenue of entry for a malware or intruder.

True

Experience is the most important factor when looking for a security professional.

True

Microsoft Baseline Security Analyzer (MBSA) checks one or more Windows machines to see if they have basic security in place.

True

Nessus is the premiere network vulnerability scanner.

True

There should be a firewall between your network and the outside world.

True

Which of the following is a step you would definitely take with any server but might not be required for a workstation?

Uninstall all unneeded programs/software

You work in the network security department of a large bank. One of your jobs is to keep all systems patched. How might you ensure that system patches are kept up to date?

Use an automated patching system.

A good password should contain only letters and numbers.

False

For individual computers not running firewall software, you should directly close ports.

False

Windows has a built in firewall, but Linux does not.

False

An audit should check what areas?

Perform system patches, probe for flaws, check logs, and review policies

Any _________ you do not explicitly need should be shut down.

Ports

What are the six Ps of security?

Ports, patch, protect, probe, policies, physical.

You are trying to implement good fundamental security for a small company. Which of the following is the least essential device for protecting your network?

Proxy server

If your machine is not used as a server and is not on a local network, what packet-filtering strategy should you use?

Block all ports that you don't need

Teresa is explaining basic security to a new technician. She is teaching him how to secure ports on any server or workstation. What is the rule about ports?

Block all unused ports

Which of the following certifications is the most prestigious?

CISSP

A _________ involves setting up two firewalls: an outer and an inner firewall.

DMZ (demilitarized zone)

John is now responsible for system security at a small bookkeeping firm. He wants to ensure he implements good fundamental security. According to the textbook, what is the first rule of computer security?

Keep systems patched.

You would set a ___________ to prevent users from immediately changing their password several times in one day to return to the current password. This is particularly important if your password policy has a history depth of five.

Minimum password age

On a server, you should create your own accounts with ________ that reflect their level of permission.

Names

What is the preferred method for storing backups?

Offsite in a secure location

Probing your network for security flaws should occur once a quarter, and a complete audit of your security should be completed ________ per year

Once

What is the minimum frequency for system probing and audits?

Once per year

What is the rule on downloading from the Internet?

Only download from well-known, reputable sites

Mohammed is responsible for security policies at a university. He is trying to ensure proper access policies. What is the rule of thumb on data access?

Only those with a need for the specific data should have access

The first rule of computer security is to check ___________.

Patches

For an individual machine that is not running firewall software, you do not directly close ports. You shut down the _________ using that port.

Service

Which of the following set of credentials would be best for a security consultant?

Ten years of experience as a hacker and cracker, MCSE/CIW and Security+, Ph.D in computer science.


Related study sets

Brannigans building construction 5th ed. The motherload minus ch.4r

View Set

System Administration and IT Infrastructure Services. Week 1: What is System Administration?

View Set

Chapter 22: PrepU - Complications Occurring During Labor and Delivery

View Set

Anatomy and Physiology II Lymphatic System-Part 2

View Set

Intracranial Pressure & Brain Tumors

View Set

Life Insurance PA Chapter 6 Test

View Set

Why did America fail to stop the spread of Communism in Vietnam?

View Set