CISS 320 Final

Which of the following is described as a 64-bit block cipher composed of a 16-round Feistel network and key-dependent S-box functions?

Blowfish

Which layer does wireless communication rely heavily upon?

MAC sublayer of the Data Link layer

Encrypted files can be transmitted in both electronic form and as written messages.

True

In wireless networks, infrared signals are used most often for data communications.

True

RF signals can pass through walls and other objects while IR cannot.

True

The signature of a normal FTP connection includes a three-way handshake.

True

The standardization of cryptographic protocols discourages attackers from trying to break them.

True

With discretionary access control, network users can share information with other users, making it more risky than MAC.

True

Which element of an ICMP header would indicate that the packet is an ICMP echo request message.

Type

Which of the following is a current standard for PKI that specifies a strict hierarchical system for CAs issuing certificates?

X.509

Which type of scan has the FIN, PSH, and URG flags set?

Xmas scan

What can an attacker use a port scanner to test for on a target computer?

open sockets

Which type of function is used in cryptography?

permutation

Which of the following is true about cryptographic primitives?

primitives are usually not the source of security failures

Which of the following is NOT an advantage of IPv6 versus IPv4?

supports static configuration

Under which attack category does a UNIX Sendmail exploitation fall?

suspicious data payload

Which of the following is true about infrared transmissions?

the intensity of the light pulse indicates the on or off status of each bit

Which of the following is true about asymmetric cryptography?

the public key is used to encrypt a message sent to the private key owner

What is the most likely weak link when using asymmetric encryption for verifying message integrity and nonrepudiation?

the source of the public keys

Which of the following is true about encryption algorithms?

their strength is tied to their key length

Which of the following is true about extended IP ACLs?

they should be applied to an interface close to the traffic source

Why might you want to allow extra time for setting up the database in an anomaly-based system?

to allow a baseline of data to be compiled

A hactivist can best be described as which of the following?

use DoS attacks on Web sites with which they disagree

Which of the following is true about MAC addresses in a wireless network?

you can change a WNICs MAC address with software

Which of the following is a valid IPv6 address?

1080::8:800:200C:417A

Which of the following addresses is a Class B IP address?

189.77.101.6

If you are subnetting a class B network, what subnet mask will yield 64 subnets?

255.255.252.0

Which of the following pairs represents a medium frequency band and its common use?

300 KHz-3MHz, AM radio

Which wireless networking standard uses the 2.4 GHz band and has a maximum bandwidth of 54 MBps?

802.11g

Which feature of a router provides traffic flow and enhances network security?

ACLs

Which RF transmission method uses an expanded redundant chipping code to transmit each bit?

DSSS

Which approach to stateful protocol analysis involves detection of the protocol in use, followed by activation of analyzers that can identify applications not using standard ports?

Dynamic Application layer protocol analysis

Which EAP protocol requires digital certificates to validate supplicants?

EAP-TLS

Which wireless transmission method uses a hopping code?

FHSS

Which digital signal modulation method is a binary modulation technique in which the carrier signal's frequency is changed to represent a 1 or 0 bit?

FSK

What is the packet called where a Web browser sends a request to the Web server for Web page data?

HTTP GET

Which component of IPsec enables computers to exchange keys to make an SA?

IKE

What is contained in ARP tables?

IP address, MAC address

Which of the following is an accurate set of characteristics you would find in an attack signature?

IP address, TCP flags, port numbers

Which of the following makes a single pass on data and generates a 128-bit hash value displayed as a 32-character hexadecimal number and is used in VPNs?

Message Digest 5

Which binary signaling technique uses a scheme in which zero voltage represents a 0 bit and the voltage for a 1 bit does not drop back to zero before the end of the bit period?

NRZ

What feature in ICMPv6 replaces ARP in IPv4?

Neighbor Discovery

In which OSI model layer will you find the OSPF protocol?

Network

Which type of control frame does a station send to let the AP know is can transmit buffered frames?

PS-Poll

Which of the following is an open standard used for authentication on Cisco routers?

RADIUS

Which TCP flag can be the default response to a probe on a closed port?

RST

Which of the following is the first packet sent in the TCP three-way handshake?

SYN

Which of the following is NOT a field in a control frame?

Sequence control

Which of the following was developed as a way of enabling Web servers and browsers to exchange encrypted information and uses a hashed message authentication code to increase security?

TLS

Which field in the IP header is an 8-bit value that identifies the maximum amount of time the packet can remain in the network before it is dropped?

TTL

At which layer of the OSI model does IPsec work?

Three

What is a program that appears to do something useful but is actually malware?

Trojan

A RTS frame is the first step of the two-way handshake before sending a data frame.

True

A hash value is a variable-length string of symbols and numbers representing the original input's contents.

True

A packet monkey is an unskilled programmer who spreads viruses and other malicious scripts to exploit computer weaknesses.

True

A worm creates files that copy themselves repeatedly and consume disk space.

True

An IDPS consists of a single device that you install between your firewall and the Internet.

True

Cisco routers support both numbered and named ACLs, starting with IOS version 11.2.

True

Which of the following is true about standard IP ACLs?

a 0.0.0.0 inverse mask means all bits are significant

Which of the following is the first step in the digital signature process where Mike sends a message to Sophie?

a message digest of Mike's message is calculated using a hashing algorithm

Which of the following best describes a CRL?

a published listing of invalid certificates

Which of the following is defined as the maximum departure of a wave from the undisturbed state?

amplitude

What function does a RADIUS server provide to a wireless network?

authentication

Which security layer verifies the identity of a user, service, or computer?

authentication

Which of the following is NOT a primary detection methodology?

baseline detection

Which of the following tasks does an AP typically perform?

bridges between the wired and wireless network

In which form of authentication does the authenticating device generate a random code and send it to the user who wants to be authenticated?

challenge/response

What can an IDPS check to try to determine whether a packet has been tampered with or damaged in transit?

checksum

Which of the following is NOT information that a packet filter uses to determine whether to block a packet?

checksum

Which of the following is an IDPS security best practice?

communication between IDPS components should be encrypted

Which of the following is a command you would find in an antispoofing ACL for network 172.31.0.0/16?

deny ip 172.31.0.0 0.0.255.255 any log

Which of the following is a type of cryptanalysis that applies primarily to block ciphers but can also be used against stream ciphers and hashing functions and works by examining how differences in input affect the output?

differential

What uses mathematical calculations to compare routes based on some measurement of distance?

distance-vector routing protocols

What does a measurement of +3 dB equal in power measured in mW?

double the power

Which of the following is an advantage of a signature-based detection system?

each signature is assigned a number and name

Which of the following best describes a one-way function?

easy to compute but difficult and time consuming to reverse

Which of the following types of password prevents a user from accessing privileged exec mode on a Cisco router?

enable

What is the term used when an IDPS doesn't recognize that an attack is underway?

false negative

Which of the following is true about the steps in setting up and using an IDPS?

false positives do not compromise network security

Which of the following is true about RF transmissions?

frequency has an inverse relationship with wavelength

Which of the following is defined as the positive difference in amplitude between two signals?

gain

Which of the following is commonly used for verifying message integrity?

hashing function

Which type of IDPS can have the problem of getting disparate systems to work in a coordinated fashion?

hybrid

Which of the following is true about IEEE 802.11i?

it uses a symmetric block cipher for encryption

Which of the following is performed by the MAC sublayer?

joining the wireless network

Which of the following is a type of script that automates repetitive tasks in an application such as a word processor but can also be programmed to be a virus?

macro

Which type of attack works by an attacker operating between two computers in a network and impersonating one computer to intercept communications?

man-in-the-middle

With which access control method do system administrators establish what information users can share?

mandatory access control

What is used to convert an analog RF signal into digital format?

modulator

What does a sliding window do in a TCP packet?

provides flow control

What is the name of a storage area where viruses are placed by antivirus software so they cannot replicate or do harm to other files?

quarantine

Which of the following causes of signal loss is defined as differences in density between air masses over distance?

refraction

What is a downside to using Triple DES?

requires more processing time

Which of the following makes routing tables more efficient?

route summarization

Which of the following is NOT a critical goal of information security?

scalability

What is a VPN typically used for?

secure remote access

What is the TCP portion of a packet called?

segment

In which type of wireless attack does the attacker cause valid users to lose their connections by sending a forged deauthentication frame to their stations?

session hijacking

Why might you want your security system to provide nonrepudiation?

so a user can't deny sending or receiving a communication

Which of the following is the description of a land attack?

source and destination IP address/port are the same