Info and Network Security Chapter 11
A good password has at least ______ characters. Answers: 15 6 10 8
Selected Answer: 8
A password policy for a 90- or 180-day replacement schedule is called password ________. Answers: Recovery Uniqueness History Age
Selected Answer: Age
Jerod is setting up security for a server room for a university. Which of the following is true of the room in which the server is located? Answers: It should be in the most fire-resistant room in the building. It should have a strong lock with a strong door It should be accessible only to those who have a need for access All of the above
Selected Answer: All of the above
If your machine is not used as a server and is not on a local network, what packet-filtering strategy should you use? Answers: Do not block any ports Block all ports except 80 Block all ports that you don't need Do not block well-known ports
Selected Answer: Block all ports that you don't need
Teresa is explaining basic security to a new technician. She is teaching him how to secure ports on any server or workstation. What is the rule about ports? Answers: Block ICMP packets Block all unused ports Block all nonstandard ports Block all incoming ports.
Selected Answer: Block all unused ports
Which of the following certifications is the most prestigious? Answers: MCSA CISSP Security+ PE
Selected Answer: CISSP
A _________ involves setting up two firewalls: an outer and an inner firewall. Answers: DHCP server proxy server DNS server DMZ (demilitarized zone)
Selected Answer: DMZ (demilitarized zone)
A good password should contain only letters and numbers. Answers: True False
Selected Answer: False
For individual computers not running firewall software, you should directly close ports. Answers: True False
Selected Answer: False
Windows has a built in firewall, but Linux does not. Answers: True False
Selected Answer: False
The process to make a system as secure as it can be without adding on specialized software or equipment is _______________ Answers: Securitizing Tracking Hardening Routing
Selected Answer: Hardening
What is password age? Answers: A reference to a password's length A reference to the sophistication (maturity) of the password How long a user has had a password. The length of the password history
Selected Answer: How long a user has had a password.
Elizabeth is responsible for security policies at her policies. She is trying to implement sound end user security policies. What would be most important to block end users from doing on their own machine? Answers: Surfing the web and using chat rooms Running programs other than those installed by the IT staff Installing software or changing system settings Changing their screensaver and using chat rooms
Selected Answer: Installing software or changing system settings
John is now responsible for system security at a small bookkeeping firm. He wants to ensure he implements good fundamental security. According to the textbook, what is the first rule of computer security? Answers: Keep systems patched. Always use an IDS Install a firewall Always use antispyware
Selected Answer: Keep systems patched.
You would set a ___________ to prevent users from immediately changing their password several times in one day to return to the current password. This is particularly important if your password policy has a history depth of five. Answers: Minimum password age Minimum password length Maximum password age Maximum password length
Selected Answer: Minimum password age
On a server, you should create your own accounts with ________ that reflect their level of permission. Answers: Names Numbers Passwords Alias
Selected Answer: Names
What is the preferred method for storing backups? Answers: Near the server for quick restore if needed In the IT manager's office for security At the home of one of the IT staff Offsite in a secure location
Selected Answer: Offsite in a secure location
Probing your network for security flaws should occur once a quarter, and a complete audit of your security should be completed ________ per year. Answers: Twice Once Four times Three times
Selected Answer: Once
What is the minimum frequency for system probing and audits? Answers: Once per month Once per year Every other month Every other year
Selected Answer: Once per year
What is the rule on downloading from the Internet? Answers: Only download from well-known, reputable sites Only download if the download is free of charge Never download executables. Only download graphics. Never download anything
Selected Answer: Only download from well-known, reputable sites
Mohammed is responsible for security policies at a university. He is trying to ensure proper access policies. What is the rule of thumb on data access? Answers: All employees should have access to any data used in their department Only administrators and supervisors should access sensitive data A data must be available to the widest range of prople possible Only those with a need for the specific data should have access
Selected Answer: Only those with a need for the specific data should have access
The first rule of computer security is to check ___________. Answers: Patches Ports Policies Protocols
Selected Answer: Patches
An audit should check what areas? Answers: Only probe for flaws Perform system patching, review policies, check personnel records of all managers, and probe for flaws Perform system patches, probe for flaws, check logs, and review policies Check all machines for illicit software, perform complete system virus scan, and review firewall policies.
Selected Answer: Perform system patches, probe for flaws, check logs, and review policies
Any _________ you do not explicitly need should be shut down. Answers: Ports Patches Probes Policies
Selected Answer: Ports
What are the six Ps of security? Answers: Patch, ports, personnel, privacy, protect, policies. Physical, privacy, patch, ports probe, protect. Ports, patch, probe, physical, privacy, policies. Ports, patch, protect, probe, policies, physical.
Selected Answer: Ports, patch, protect, probe, policies, physical.
You are trying to implement good fundamental security for a small company. Which of the following is the least essential device for protecting your network? Answers: Virus scanners on all machines Proxy server Firewall IDS system
Selected Answer: Proxy server
Which of the following is a common way to establish security between a web server and a network? Answers: Do not connect your network to the web server Block all traffic between the web server and the network Place virus scanning between the network and the web server Put a firewall between the web server and the network
Selected Answer: Put a firewall between the web server and the network
The rule that packets not originating from inside your LAN should not be forwarded relates to ___________. Answers: Web servers Workstations Routers Servers
Selected Answer: Routers
Which of the following is a step you might take for large networks but not for smaller networks? Answers: Do criminal background checks for network administrators Use antivirus software on all machines on the network Segment the network with firewalls between the segments Use an IDS
Selected Answer: Segment the network with firewalls between the segments
For an individual machine that is not running firewall software, you do not directly close ports. You shut down the _________ using that port. Answers: Probe Service Patch Router
Selected Answer: Service
Which of the following set of credentials would be best for a security consultant? Answers: Eleven years of IT experience, 3 years in security, MCSE and CISSP, M.S. in information systems. Ten years of IT experience, 1 year in security, CIW Security analyst, M.B.A. Ten years of experience as a hacker and cracker, MCSE/CIW and Security+, Ph.D in computer science. Eight years of IT experience, 3 years in security, CISSP, B.S. in computer science
Selected Answer: Ten years of experience as a hacker and cracker, MCSE/CIW and Security+, Ph.D in computer science.
Miguel is trying to secure a web server. He has decided to shut down any services that are not needed. His supervisor has told him to check dependencies first. Which of the following is a good reason to check dependencies before shutting down a service? Answers: To find out what this service does To find out whether this service is critical to system operations, To determine whether you will need to shut down other services as well To determine whether shutting down this service will affect other services.
Selected Answer: To determine whether shutting down this service will affect other services.
A good rule of thumb for a password history policy is a history depth of five. Answers: True False
Selected Answer: True
CNE, MCITP, CISSP, and CCNA are examples of industry certifications. Answers: True False
Selected Answer: True
Every open port on a router is a possible avenue of entry for a malware or intruder. Answers: True False
Selected Answer: True
Experience is the most important factor when looking for a security professional. Answers: True False
Selected Answer: True
Microsoft Baseline Security Analyzer (MBSA) checks one or more Windows machines to see if they have basic security in place. Answers: True False
Selected Answer: True
Nessus is the premiere network vulnerability scanner. Answers: True False
Selected Answer: True
There should be a firewall between your network and the outside world. Answers: True False
Selected Answer: True
Which of the following is a step you would definitely take with any server but might not be required for a workstation? Answers: Uninstall all unneeded programs/software Disabling ununsed SSH and XRDP services. Block all Internet access Turn off the screensaver
Selected Answer: Uninstall all unneeded programs/software
You work in the network security department of a large bank. One of your jobs is to keep all systems patched. How might you ensure that system patches are kept up to date? Answers: Patch any time you receive a vendor notification of a new patch. Use periodic scheduled patching Use an automated patching system. Patch whenever a new threat is announced
Selected Answer: Use an automated patching system.
