Intro to Network security quiz
What kind of server connects a remote system through the Internet to local serial ports using TCP/IP?
Serial server
An attack in which the attacker attempts to impersonate the user by using his or her session token is known as:
Session hijacking
The expected monetary loss every time a risk occurs
Single Loss Expectancy (SLE)
An attack that broadcasts a ping request to computers yet changes the address so that all responses are sent to the victim.
Smurf attack
What term below is used to describe a means of gathering information for an attack by relying on the weaknesses of individuals?
Social engineering
Which of the following is not one of the four methods for classifying the various types of malware?
Source
A phishing attack that targets only specific users
Spear phishing
What is the term used to describe unsolicited messages received on instant messaging software?
Spim
Anti-virus products typically utilize what type of virus scanning analysis
Static analysis
One of the armored virus infection techniques utilizes encryption to make virus code more difficult to detect, in addition to separating virus code into different pieces and inject these pieces throughout the infected program code. What is the name for this technique?
Swiss cheese
An attack that corrupts the ARP cache
ARP Poisoning
Generally considered to be the most important information security policies, what item below defines the actions a user may perform while accessing systems and networking equipment
Acceptable use policies
A policy that defines the actions users may perform while access systems and networking equipment.
Acceptable use policy (AUP)
The process of setting a user's account to expire
Account expiration
The least restrictive access control model in which the owner of the object has total control over it
Discretionary access control (DAC)
What type of undocumented yet benign hidden feature launches after a special set of commands, key combinations, or mouse clicks, and was no longer included in Microsoft software after the start of their Trustworthy Computing initiative?
Easter egg
What is the best way to prevent data input by a user from having potentially malicious effects on software
Escaping user responses
Script kiddies acquire which item below from other attackers to easily craft an attack:
Exploit kit
The PC Card and CardBus devices are being replaced by what technology
ExpressCard
The second version of the Terminal Access Control Access Control System (TACACS) authentication service
Extended TACACS (XTACACS)
Select below the option that is not one of the SD format card families
Extreme Capacity (SDXC)
Mobile devices such as laptops are stolen on average once every 20 seconds
False
Passwords provide strong protection
False
Successful attacks on computers today consist of a single element, malicious software programs that are created to infiltrate computers with the intent to do harm.
False
The CardBus is a 64-bit bus in the PC card form factor
False
The demand for certified IT professionals who know how to secure networks and computers is at an all-time low
False
The demand for certified IT professionals who know how to secure networks and computers is at an all-time low.
False
A due process policy is a policy that defines the actions users may perform while accessing systems and networking equipment
False Acceptable Use Policy (AUP)
An event that in the beginning is considered to be a risk yet turns out to not be one
False positive
A metallic enclosure that prevents the entry or escape of an electromagnetic field is known as a
Faraday cage
What is the name for a framework and corresponding functions required to enable incident response and incident handling within an organization
Incident management
What country is now the number one source of attack traffic?
Indonesia
An _______________ is a type of threat that can come from employees, contractors, and business partners, such as a disgruntled worker.
Insider
Select below the information protection item that ensures that information is correct and that no unauthorized person or malicious software has altered that data.
Integrity
The act of movinng individuals from one job responsibility to another
Job rotation
Select below the authentication system developed by the Massachusetts Institute of Technology (MIT) to verify the identity of network users
Kerberos
Software or a hardware device that captures and stores each keystroke that a user types on the computer's keyboard.
Keylogger
Providing only the minimum amount of privileges necessary to perform a job or function
Least privilege
Mobile devices with global positioning system (GPS) abilities typically make use of
Location services
Computer code that lies dormant until it is triggered by a specific logical event
Logic bomb
To date, the single most expensive malicious attack occurred in 2000, which cost an estimated $8.7 billion. What was the name of this attack?
Love Bug
Which hashing algorithm below is used with NTLMv2's Hashed Message Authentication Code
MD5
A computer virus that is written in a script known as a macro
Macro virus
What information security position reports to the CISO and supervises technicians, administrators, and security staff?
Manager
What access control model below is considered to be the most restrictive access control model, and involves assigning access controls to users strictly according to the custodian
Mandatory Access Control
What are values that are attributed to a system of beliefs that help the individual distinguish right from wrong called
Morals
An attack that uses the Internet Control Message Protocol (ICMP) to flood a victim with packets.
Ping flood
Audits serve to verify that the security protections enacted by an organization are being followed and that corrective actions can be swiftly implemented before an attacker exploits a vulnerability
True
Because of how a rootkit replaces operating system files, it can be difficult to remove a rootkit from a system.
True
Geolocation is the identification of the location of a person or object using technology, and can be used as part of an authentication method
True
Today's software attack tools do not require any sophisticated knowledge on the part of the attacker.
True
Token credentials can be revoked at any time by the user without affecting other token credentials issued to other sites
True
XSS attacks occur when an attacker takes advantage of web applications that accept user input without validating it and then present it back to the user.
True
The first phase of the security policy cycle involves a vulnerability assessment
True 1- vulnerability assessment 2- create the security policy using information from risk management study 3- compliance monitoring and evaluation
How can an area be made secure from a non-secured area via two interlocking doors to a small room
Using a mantrap
A person's fundamental beliefs and principals, which are used to define what is good, and how to distinguish right from wrong, are collectively called a person's
Values
The two types of malware that require user intervention to spread are:
Viruses and trojans
A phishing attack that uses telephone calls instead of e-mails.
Vishing
What kind of data can be lost when a computer is turned off
Volatile
Select below the type of computing device that uses a limited version of the Linux operating system and uses a web browser with an integrated media player
Web-based
What language below is for the transport and storage of data, with the focus on what the data is?
XML
Due to the potential impact of changes that can affect all users in a organization, and considering that security vulnerabilities can arise from uncoordinated changes, what should an organization create to oversee changes
change management team
Computer code that is typically added to a legitimate program but lies dormant until it is triggered by a specific logical event is known as a?
logic bomb
A series of instructions that can be grouped together as a single command and are often used to automate a complex set of tasks or a repeated series of tasks are known as:
macro
What type of attack involves an attacker stealing a file containing password digests and comparing the digests with digests created by the attacker
offline cracking
The action that is taken by a subject over an object is called a(n)
operation
During a vulnerability assessment, what type of software can be used to search a system for port vulnerabilities
port scanner
Those who wrongfully disclose individually identifiable health information can be fined up to what amount per calendar year?
$1,500,000
Select below the string of characters that can be used to traverse up one directory level from the root directory:
../`
nother name for locally shared object (LSO)
.Flash cookie
What is the maximum effective range of a typical passive RFID tag?
19
According to the U.S. Bureau of Labor Statistics, what percentage of growth is the available job outlook supposed to reach by the end of the decade?
22
How many different Microsoft Windows file types can be infected with a virus?
70
According to the Federal Bureau of Investigation (FBI), what percentage of crime committed today leaves behind digital evidence that can be retrieved via computer forensics
85
What kind of software program delivers advertising content in a manner that is unexpected and unwanted by the user, and is typically included in malware?
Adware
A software program that delivers advertising content in a manner that is unexpected and unwanted by the user.
Adware
All In information security, what constitutes a loss?
All of the above
In information security, an example of a threat agent can be ____.
All of the above
In software development, the process of defining a collection of hardware and sfotware components along with their interfaces in order to create the framework for software development
Architectural Design
What type of learner tends to sit in the middle of the class and learns best through lectures and discussions
Auditory
The security protection item that ensures that the individual is who they claim to be (the authentic or genuine person) and not an imposter is known as?
Authentication
Software code that gives access to a program or a service that circumvents normal security protections.
Backdoor
What type of system security malware allows for access to a computer, program, or service without authorization?
Backdoor
Which item below is an imaginary line by which an element is measured or compared, and can be seen as the standard
Baseline
A logical computer network of zombies under the control of an attacker.
Botnet
What type of attack involves using every possible combination of letters, numbers, and characters to create candidate digests that are then matched against those in a stolen digest file
Brute force
An attack that occurs when a process attempts to store data in RAM beyond the boundaries of a fixed-length storage buffer
Buffer overflow attack
When a company needs to identify mission-critical business functions and quantify the impact a loss of such functions may have on the organization in terms of it's operational and financial position, what should be performed
Business impact analysis (BIA)
The default root directory of the Microsoft Internet Information Services (IIS) Web server is located at which directory below?
C:\Inetpub\ wwwroot
A methodology for making modifications to a system and keeping track of those changes
Change management
In software development, presenting the code to multiple reviewers in order to reach agreement about its security.
Code review
Injecting and executing commands to execute on a server
Command injection
Using technology to search for computer evidence of a crime in order to retrieve information, even if it has been altered or erased, that can be used in pursuit of an attacker or criminal is an example of:
Computer forensics
Malicious computer code that, like its biological counterpart, reproduces itself on the same computer.
Computer virus
Which of the three protections ensures that only authorized parties can view information?
Confidentiality
Most DLP systems make use of what method of security analysis below
Content inspection
Mobile Device Management systems that allow users to store usernames and passwords within a device are said to be using
Credential management
What term is used to describe a loose network of attackers, identity thieves, and financial fraudsters?
Cybercriminals
The X.500 standard defines a protocol for a client application to access an X.500 directory known as which of the following options
DAP
Entries within a Directory Information Base are arranged in a tree structure called the
DIT
When TCP/IP was developed, the host table concept was expanded into a hierarchical name system for matching computer names and numbers using this service:
DNS
How can an attacker substitute a DNS address so that a computer is automatically redirected to another device?
DNS poisoning
An attack that substitutes DNS addresses so that the computer is automatically redirected to an attacker's device.
DNS poisoning
ARP poisoning is successful because there are few authentication procedures to verify ARP requests and replies.
False
Because of the minor role it plays, DNS is never the focus of attacks.
False
Because the XSS is a widely known attack, the number of Web sites that are vulnerable is very small.
False
Duplicate image backups are considered a primary key to uncovering evidence because they create exact replicas of the crime scene
False
The ____ Act requires banks and financial institutions to alert customers of their policies and practices in disclosing customer information.
Gramm-Leach-Bliley
A penetration test where some limited information has been provided to the tester.
Gray box
Under which law are health care enterprises required to guard protected health information and implement policies and procedures whether it be in paper or electronic format?
HIPAA
What language below is designed to display data, with a primary focus on how the data looks?
HTML
What portion of the HTTP packet consists of fields that contain information about the characteristics of the data being transmitted?
HTTP header
A false warning designed to trick users into changing security settings on their computer
Hoax
A computer typically located in an area with limited security and loaded with software and data files that appear to be authentic, but are actually imitations of real data files, to trick attackers into revealing their attack techniques.
Honeypot
The use of a single authentication credential that is shared across multiple networks is called
Identity management
What type of theft involves stealing another person's personal information, such as a Social Security number, and then using the information to impersonate the victim, generally for financial gain?
Identity thef
The termination of an agreement between parties.
Off-boarding
Select below the decentralized open-source FIM that does not require specific software to be installed on the desktop
OpenID
Risk control type that covers the operational procedures to limit risk
Operational risk control type
A network that does not have servers, so each device simultaneously functions as both a client and a server to all other devices connected to the network
Peer-topeer network
Disabling unused application/service ports to reduce the number of threat vectors.
Port security
security policy that outlines how the organization uses personal information it collects
Privacy policy
On a compromised computer, you have found that a user without administrative privileges was able to perform a task limited to only administrative accounts. What type of exploit has occurred?
Privilege escalation
The remaining cluster space of a partially filled sector is padded with contents from RAM. What is the name for this type of scenario
RAM slack
Proximity readers utilize a special type of tag that can be affixed to the inside of an ID badge. What is the name for this type of tag
Radio Frequency Identification tag (RFID)
Malware that locks or prevents a device from functioning properly until a fee has been paid is known as:
Ransomware
Which of the following is not one of the types of settings that would be included in a Microsoft Windows security template
Resolution settings System services User rights Account policies
A situation that involves exposure to danger
Risk
The practice of requiring that processes should be divided between two or more individuals.
Separation of duties
When using Role Based Access Control (RBAC), permissions are assigned to
Roles
Which access control model can dynamically assign roles to subjects based on a set of defined rules
Rule Based Access Control
What language below is used to view and manipulate data that is stored in a relational database?
SQL
Select below the term that is used to describe individuals who want to attack computers yet lack the knowledge of computers and networks needed to do so:
Script kiddies
The physical procedure whereby an unauthorized person gains access to a location by following an authorized user is known as?
Tailgating
A risk control type that involves using technology to control risk
Technical risk control type
A person or element that has the power to carry out a threat
Threat agent
Limitation imposed as to when a user can log in to a system or access resources
Time-of-day restriction
Select below the type of malware that appears to have a legitimate use, but actually contains or does something malicious:
Trojan
A QR code can store website URLs, plain text, phone numbers, e-mail addresses, or virtually any alphanumeric data up to 4296 characters
True
A macro is a series of instructions that can be grouped together as a single command.
True
A security administrator has both technical knowledge and managerial skills.
True
Although traditional network security devices can block traditional network attacks, they cannot always block Web application attacks.
True
Keyed entry locks are much more difficult to defeat than deadbolt locks
True
RAM slack can contain any information that has been created, viewed, modified, downloaded, or copied since the computer was last booted
True
Securing the host involves protecting the physical device itself, securing the operating system software on the system, using security-based software applications, and monitoring logs
True
Security is the goal to be free from danger as well as the process that achieves that freedom.
True
Software keyloggers are programs that silently capture all keystrokes, including passwords and sensitive information.
True
The Bell-LaPadula (BLP) model of MAC can be used to prevent subjects from creating a new object or performing specific functions on objects that are at a lower level than their own
True
The CompTIA Security+ Certification is aimed at an IT security professional with the recommended background of a minimum of two years experience in IT administration, with a focus on security.
True
A spiked collar that extends horizontally for up to 3 feet from the pole is an example of what kind of technology
anti-climb collar
An item that has value.
asset
The code that can be executed by unauthorized users in a software program
attack surface
During RADIUS authentication, what type of packet includes information such as identification of a specific AP that is sending the packet and the username and password
authentication request
What is the name for a standard or checklist against which systems can be evaluated and audited for their level of security (security posture)
baseline
Multiple sectors on a disk, when combined, are referred to as a
cluster
In order to minimize vulnerabilities in software, code should be subject to and analyzed while it is being written in what option below
code review
A premeditated, politically motivated attack against information, computer systems, computer programs, and data, which often results in violence
cyberterrorism
In what kind of attack can attackers make use of hundreds of thousands of computers under their control in an attack against a single server or network?
distributed
A user has become compromised as a result of visiting a specific web page, without clicking on any kind of content. What type of attack has occurred?
drive-by-download
Automated attack package that can be used without an advanced knowledge of computers
exploit kit
Automated attack package that can be used without an advanced knowledge of computers
exploit kit
DLP agent sensors are unable to read inside compressed files and binary files
false
Spreading similarly to a virus, a worm inserts malicious code into a program or data file.
false
What type of device, sometimes called a packet filter, is designed to prevent malicious network packets from entering or leaving computers or networks
firewall
Attacker who attacks for ideological reasons that are generally not as well defined as a cyberterrorist's motivation
hactivist
Which is the term for a computer typically located in an area with limited security and loaded with software and data files that appear to be authentic, yet they are actually imitations of real data files.
honey Pot
What is the center of the weakness of passwords
human memory
Which term below is frequently used to describe the tasks of securing information that is in a digital format?
information security
A virus that infects an executable program file is known as
program virus
An administrator needs to view packets and decode and analyze their contents. What type of application should the administrator use
protocol analyzer
Passwords that are transmitted can be captured by what type of software
protocol analyzer
Which type of attack below is similar to a passive man-in-the-middle attack?
replay
Proper ________________ involves identifying risks but making the decision to not engage in the activity.
risk avoidance
An independently rotating large cup affixed to the top of a fence prevents the hands of intruders from gripping the top of a fence to climb over it. What is the name for this technology
roller barrier
To what specific directory are users generally restricted to on a web server?
root
What type of malware consists of a set of software tools used by an attacker to hide the actions or presence of other types of malicious software, such as Trojans, viruses, or worms?
rootkitv
Which position below is considered an entry-level position for a person who has the necessary technical skills?
security technician
Attacks that take place against web based services are considered to be what type of attack?
server-side
A service contract between a vendor and a client that specifies what services will be provided, the responsibilities of each party, and any guarantees of service, is known as
service level agreement
HTML uses which option below within embedded brackets (< >) causing a web browser to display text in a specific format?
tags
A type of action that has the potential to cause harm.
threat
The goal of what type of threat evaluation is to better understand who the attackers are, why they attack, and what types of attacks might occur
threat modeling
The means by which an attack could occur
threat vector
What type of malware is heavily dependent on a user in order to spread?
virus
Which of the following is malicious computer code that reproduces itself on the same computer?
virus
A flaw or weakness that allows a threat agent to bypass security
vulnerability
What is the name of the process that takes a snapshot of the current security of an organization?
vulnerability appraisal
Which SQL injection statement example below could be used to discover the name of the table?
whatever' AND 1=(SELECT COUNT(*) FROM tabname); -
Which SQL statement represents a SQL injection attempt to determine the names of different fields in a database?
whatever' AND email IS NULL; --
Choose the SQL injection statement example below that could be used to find specific users:
whatever' OR full_name LIKE '%Mia%'
Which SQL injection statement can be used to erase an entire database table?
whatever'; DROP TABLE members; --
Which tester has an in-depth knowledge of the network and systems being tested, including network diagrams, IP addresses, and even the source code of custom applications
white box
The exchange of information among DNS servers regarding configured zones is known as:
zone transfer
Part of the TCP/IP protocol for determining the MAC address based on the IP address.
Address Resolution Protocol (ARP)
A comparison of the present state of a system to its baseline
Baseline reporting
What type of filtering utilizes a an analysis of the content of spam messages in comparison to neutral / non-spam messages in order to make intelligent decisions as to what should be considered spam
Bayesian filtering
An attack that injects scripts into a web application server to direct attacks at clients.
Cross-site scripting (XSS)
An event that does not appear to be a risk but actually turns out to be one.
False negative
What security goal do the following common controls address: hashing, digital signatures, certificates, nonrepudiation tools
Integrity
An agreement through which parties in a relationship can reach an understanding of their relationships and responsibilities.
Interoperability agreement
An attack that constructs LDAP statements based on user input statements, allowing the attacker to retrieve information from the LDAP database or modify its content
LDAP injection attack
The most restrictive access control model, typically found in military settings in which security is of supreme importance
Mandatory access control (MAC)
What type of management system below can help facilitate asset tracking
Mobile Device Management (MDM)
The start-up relationship agreement between parties.
On-boarding
What term below describes a hand-held mobile device that was intended to replace paper systems, and typically included an appointment calendar, an address book, a "to-do" list, a calculator, and the ability to record limited notes
Personal digital assistant (PDA)
A form of verification used when accessing a secure web application
Session token
The current version of the Terminal Access Control Access Control System (TACACS) authentication service
TACACS+
What type of attack is targeted against a smaller group of specific individuals, such as the major executives working for a manufacturing company?
Watering Hole