Intro to Network security quiz

Ace your homework & exams now with Quizwiz!

What kind of server connects a remote system through the Internet to local serial ports using TCP/IP?

Serial server

An attack in which the attacker attempts to impersonate the user by using his or her session token is known as:

Session hijacking

The expected monetary loss every time a risk occurs

Single Loss Expectancy (SLE)

​An attack that broadcasts a ping request to computers yet changes the address so that all responses are sent to the victim.

Smurf attack

What term below is used to describe a means of gathering information for an attack by relying on the weaknesses of individuals?

Social engineering

Which of the following is not one of the four methods for classifying the various types of malware?​

Source

​A phishing attack that targets only specific users

Spear phishing

What is the term used to describe unsolicited messages received on instant messaging software?

Spim

Anti-virus products typically utilize what type of virus scanning analysis

Static analysis

One of the armored virus infection techniques utilizes encryption to make virus code more difficult to detect, in addition to separating virus code into different pieces and inject these pieces throughout the infected program code. What is the name for this technique?

Swiss cheese

An attack that corrupts the ARP cache​

ARP Poisoning​

Generally considered to be the most important information security policies, what item below defines the actions a user may perform while accessing systems and networking equipment

Acceptable use policies

A policy that defines the actions users may perform while access systems and networking equipment.

Acceptable use policy (AUP)

The process of setting a user's account to expire

Account expiration

The least restrictive access control model in which the owner of the object has total control over it

Discretionary access control (DAC)

What type of undocumented yet benign hidden feature launches after a special set of commands, key combinations, or mouse clicks, and was no longer included in Microsoft software after the start of their Trustworthy Computing initiative?

Easter egg

What is the best way to prevent data input by a user from having potentially malicious effects on software

Escaping user responses

Script kiddies acquire which item below from other attackers to easily craft an attack:

Exploit kit

The PC Card and CardBus devices are being replaced by what technology

ExpressCard

The second version of the Terminal Access Control Access Control System (TACACS) authentication service

Extended TACACS (XTACACS)

Select below the option that is not one of the SD format card families

Extreme Capacity (SDXC)

Mobile devices such as laptops are stolen on average once every 20 seconds

False

Passwords provide strong protection

False

Successful attacks on computers today consist of a single element, malicious​ software programs that are created to infiltrate computers with the intent to do harm.

False

The CardBus is a 64-bit bus in the PC card form factor

False

The demand for certified IT professionals who know how to secure networks and computers is at an all-time low

False

The demand for certified IT professionals who know how to secure networks and computers is at an all-time low.

False

A due process policy is a policy that defines the actions users may perform while accessing systems and networking equipment

False Acceptable Use Policy (AUP)

An event that in the beginning is considered to be a risk yet turns out to not be one

False positive​

A metallic enclosure that prevents the entry or escape of an electromagnetic field is known as a

Faraday cage

What is the name for a framework and corresponding functions required to enable incident response and incident handling within an organization

Incident management

What country is now the number one source of attack traffic?

Indonesia

An _______________ is a type of threat that can come from employees, contractors, and business partners, such as a disgruntled worker.​

Insider

Select below the information protection item that ensures that information is correct and that no unauthorized person or malicious software has altered that data.

Integrity

The act of movinng individuals from one job responsibility to another

Job rotation​

Select below the authentication system developed by the Massachusetts Institute of Technology (MIT) to verify the identity of network users

Kerberos

Software or a hardware device that captures and stores each keystroke that a user types on the computer's keyboard.​

Keylogger

Providing only the minimum amount of privileges necessary to perform a job or function

Least privilege​

Mobile devices with global positioning system (GPS) abilities typically make use of

Location services

Computer code that lies dormant until it is triggered by a specific logical event​

Logic bomb

To date, the single most expensive malicious attack occurred in 2000, which cost an estimated $8.7 billion. What was the name of this attack?

Love Bug

Which hashing algorithm below is used with NTLMv2's Hashed Message Authentication Code

MD5

​A computer virus that is written in a script known as a macro

Macro virus

What information security position reports to the CISO and supervises technicians, administrators, and security staff?

Manager

What access control model below is considered to be the most restrictive access control model, and involves assigning access controls to users strictly according to the custodian

Mandatory Access Control

What are values that are attributed to a system of beliefs that help the individual distinguish right from wrong called

Morals

​An attack that uses the Internet Control Message Protocol (ICMP) to flood a victim with packets.

Ping flood

Audits serve to verify that the security protections enacted by an organization are being followed and that corrective actions can be swiftly implemented before an attacker exploits a vulnerability

True

Because of how a rootkit replaces operating system files, it can be difficult to remove a rootkit from a system.

True

Geolocation is the identification of the location of a person or object using technology, and can be used as part of an authentication method

True

Today's software attack tools do not require any sophisticated knowledge on the part of the attacker.

True

Token credentials can be revoked at any time by the user without affecting other token credentials issued to other sites

True

XSS attacks occur when an attacker takes advantage of web applications that accept user input without validating it and then present it back to the user.​

True

The first phase of the security policy cycle involves a vulnerability assessment

True 1- vulnerability assessment 2- create the security policy using information from risk management study 3- compliance monitoring and evaluation

How can an area be made secure from a non-secured area via two interlocking doors to a small room

Using a mantrap

A person's fundamental beliefs and principals, which are used to define what is good, and how to distinguish right from wrong, are collectively called a person's

Values

The two types of malware that require user intervention to spread are:

Viruses and trojans

​A phishing attack that uses telephone calls instead of e-mails.

Vishing

What kind of data can be lost when a computer is turned off

Volatile

​Select below the type of computing device that uses a limited version of the Linux operating system and uses a web browser with an integrated media player

Web-based

What language below is for the transport and storage of data, with the focus on what the data is?

XML

Due to the potential impact of changes that can affect all users in a organization, and considering that security vulnerabilities can arise from uncoordinated changes, what should an organization create to oversee changes

change management team

Computer code that is typically added to a legitimate program but lies dormant until it is triggered by a specific logical event is known as a?

logic bomb

A series of instructions that can be grouped together as a single command and are often used to automate a complex set of tasks or a repeated series of tasks are known as:

macro

What type of attack involves an attacker stealing a file containing password digests and comparing the digests with digests created by the attacker

offline cracking

The action that is taken by a subject over an object is called a(n)

operation

During a vulnerability assessment, what type of software can be used to search a system for port vulnerabilities

port scanner

Those who wrongfully disclose individually identifiable health information can be fined up to what amount per calendar year?

$1,500,000

Select below the string of characters that can be used to traverse up one directory level from the root directory:

../`

nother name for locally shared object (LSO)

.Flash cookie

What is the maximum effective range of a typical passive RFID tag?

19

According to the U.S. Bureau of Labor Statistics, what percentage of growth is the available job outlook supposed to reach by the end of the decade?

22

How many different Microsoft Windows file types can be infected with a virus?

70

According to the Federal Bureau of Investigation (FBI), what percentage of crime committed today leaves behind digital evidence that can be retrieved via computer forensics

85

What kind of software program delivers advertising content in a manner that is unexpected and unwanted by the user, and is typically included in malware?

Adware

​A software program that delivers advertising content in a manner that is unexpected and unwanted by the user.

Adware

All In information security, what constitutes a loss?

All of the above

In information security, an example of a threat agent can be ____.

All of the above

​In software development, the process of defining a collection of hardware and sfotware components along with their interfaces in order to create the framework for software development

Architectural Design

What type of learner tends to sit in the middle of the class and learns best through lectures and discussions

Auditory

The security protection item that ensures that the individual is who they claim to be (the authentic or genuine person) and not an imposter is known as?

Authentication

Software code that gives access to a program or a service that circumvents normal security protections.​

Backdoor

​What type of system security malware allows for access to a computer, program, or service without authorization?

Backdoor

Which item below is an imaginary line by which an element is measured or compared, and can be seen as the standard

Baseline

A logical computer network of zombies under the control of an attacker.​

Botnet

What type of attack involves using every possible combination of letters, numbers, and characters to create candidate digests that are then matched against those in a stolen digest file

Brute force

An attack that occurs when a process attempts to store data in RAM beyond the boundaries of a fixed-length storage buffer​

Buffer overflow attack

When a company needs to identify mission-critical business functions and quantify the impact a loss of such functions may have on the organization in terms of it's operational and financial position, what should be performed

Business impact analysis (BIA)

The default root directory of the Microsoft Internet Information Services (IIS) Web server is located at which directory below?

C:\Inetpub\ wwwroot

A methodology for making modifications to a system and keeping track of those changes

Change management​

In software development, presenting the code to multiple reviewers in order to reach agreement about its security.​

Code review

Injecting and executing commands to execute on a server​

Command injection​

Using technology to search for computer evidence of a crime in order to retrieve information, even if it has been altered or erased, that can be used in pursuit of an attacker or criminal is an example of:

Computer forensics

Malicious computer code that, like its biological counterpart, reproduces itself on the same computer.​

Computer virus

Which of the three protections ensures that only authorized parties can view information?

Confidentiality

Most DLP systems make use of what method of security analysis below

Content inspection

Mobile Device Management systems that allow users to store usernames and passwords within a device are said to be using

Credential management

What term is used to describe a loose network of attackers, identity thieves, and financial fraudsters?

Cybercriminals

The X.500 standard defines a protocol for a client application to access an X.500 directory known as which of the following options

DAP

Entries within a Directory Information Base are arranged in a tree structure called the

DIT

When TCP/IP was developed, the host table concept was expanded into a hierarchical name system for matching computer names and numbers using this service:

DNS

How can an attacker substitute a DNS address so that a computer is automatically redirected to another device?

DNS poisoning

​An attack that substitutes DNS addresses so that the computer is automatically redirected to an attacker's device.

DNS poisoning

ARP poisoning is successful because there are few authentication procedures to verify ARP requests and replies.

False

Because of the minor role it plays, DNS is never the focus of attacks.

False

Because the XSS is a widely known attack, the number of Web sites that are vulnerable is very small.

False

Duplicate image backups are considered a primary key to uncovering evidence because they create exact replicas of the crime scene

False

The ____ Act requires banks and financial institutions to alert customers of their policies and practices in disclosing customer information.

Gramm-Leach-Bliley

A penetration test where some limited information has been provided to the tester.​

Gray box

Under which law are health care enterprises required to guard protected health information and implement policies and procedures whether it be in paper or electronic format?

HIPAA

What language below is designed to display data, with a primary focus on how the data looks?

HTML

What portion of the HTTP packet consists of fields that contain information about the characteristics of the data being transmitted?

HTTP header

A false warning designed to trick users into changing security settings on their computer​

Hoax

​A computer typically located in an area with limited security and loaded with software and data files that appear to be authentic, but are actually imitations of real data files, to trick attackers into revealing their attack techniques.

Honeypot​

The use of a single authentication credential that is shared across multiple networks is called

Identity management

What type of theft involves stealing another person's personal information, such as a Social Security number, and then using the information to impersonate the victim, generally for financial gain?

Identity thef

The termination of an agreement between parties.

Off-boarding

Select below the decentralized open-source FIM that does not require specific software to be installed on the desktop

OpenID

Risk control type that covers the operational procedures to limit risk

Operational risk control type

A network that does not have servers, so each device simultaneously functions as both a client and a server to all other devices connected to the network

Peer-topeer network

Disabling unused application/service ports to reduce the number of threat vectors.

Port security

security policy that outlines how the organization uses personal information it collects

Privacy policy

On a compromised computer, you have found that a user without administrative privileges was able to perform a task limited to only administrative accounts. What type of exploit has occurred?​

Privilege escalation

The remaining cluster space of a partially filled sector is padded with contents from RAM. What is the name for this type of scenario

RAM slack

Proximity readers utilize a special type of tag that can be affixed to the inside of an ID badge. What is the name for this type of tag

Radio Frequency Identification tag (RFID)

Malware that locks or prevents a device from functioning properly until a fee has been paid is known as:​

Ransomware

Which of the following is not one of the types of settings that would be included in a Microsoft Windows security template

Resolution settings System services User rights Account policies

A situation that involves exposure to danger

Risk

The practice of requiring that processes should be divided between two or more individuals.

Separation of duties

When using Role Based Access Control (RBAC), permissions are assigned to

Roles

Which access control model can dynamically assign roles to subjects based on a set of defined rules

Rule Based Access Control

What language below is used to view and manipulate data that is stored in a relational database?

SQL

Select below the term that is used to describe individuals who want to attack computers yet lack the knowledge of computers and networks needed to do so:

Script kiddies

The physical procedure whereby an unauthorized person gains access to a location by following an authorized user is known as?

Tailgating

A risk control type that involves using technology to control risk

Technical risk control type

A person or element that has the power to carry out a threat

Threat agent

Limitation imposed as to when a user can log in to a system or access resources

Time-of-day restriction

Select below the type of malware that appears to have a legitimate use, but actually contains or does something malicious:

Trojan

A QR code can store website URLs, plain text, phone numbers, e-mail addresses, or virtually any alphanumeric data up to 4296 characters

True

A macro is a series of instructions that can be grouped together as a single command.​

True

A security administrator has both technical ​knowledge and managerial skills.

True

Although traditional network security devices can block traditional network attacks, they cannot always block Web application attacks.

True

Keyed entry locks are much more difficult to defeat than deadbolt locks

True

RAM slack can contain any information that has been created, viewed, modified, downloaded, or copied since the computer was last booted

True

Securing the host involves protecting the physical device itself, securing the operating system software on the system, using security-based software applications, and monitoring logs

True

Security is the goal to be free from danger as well as the process that achieves that freedom.

True

Software keyloggers are programs that silently capture all keystrokes, including passwords and sensitive information.

True

The Bell-LaPadula (BLP) model of MAC can be used to prevent subjects from creating a new object or performing specific functions on objects that are at a lower level than their own

True

The CompTIA Security+ Certification is aimed at an IT security professional with the recommended background of a minimum of two years experience in IT administration, with a focus on security.

True

A spiked collar that extends horizontally for up to 3 feet from the pole is an example of what kind of technology

anti-climb collar

An item that has value.

asset

The code that can be executed by unauthorized users in a software program

attack surface

During RADIUS authentication, what type of packet includes information such as identification of a specific AP that is sending the packet and the username and password

authentication request

What is the name for a standard or checklist against which systems can be evaluated and audited for their level of security (security posture)

baseline

Multiple sectors on a disk, when combined, are referred to as a

cluster

In order to minimize vulnerabilities in software, code should be subject to and analyzed while it is being written in what option below

code review

A premeditated, politically motivated attack against information, computer systems, computer programs, and data, which often results in violence

cyberterrorism

In what kind of attack can attackers make use of hundreds of thousands of computers under their control in an attack against a single server or network?

distributed

A user has become compromised as a result of visiting a specific web page, without clicking on any kind of content. What type of attack has occurred?

drive-by-download

Automated attack package that can be used without an advanced knowledge of computers

exploit kit

​Automated attack package that can be used without an advanced knowledge of computers

exploit kit

DLP agent sensors are unable to read inside compressed files and binary files

false

Spreading similarly to a virus, a worm inserts malicious code into a program or data file.

false

What type of device, sometimes called a packet filter, is designed to prevent malicious network packets from entering or leaving computers or networks

firewall

Attacker who attacks for ideological reasons that are generally not as well defined as a cyberterrorist's motivation

hactivist

Which is the term for a computer typically located in an area with limited security and loaded with software and data files that appear to be authentic, yet they are actually imitations of real data files.

honey Pot

What is the center of the weakness of passwords

human memory

Which term below is frequently used to describe the tasks of securing information that is in a digital format?

information security

A virus that infects an executable program file is known as

program virus

An administrator needs to view packets and decode and analyze their contents. What type of application should the administrator use

protocol analyzer

Passwords that are transmitted can be captured by what type of software

protocol analyzer

Which type of attack below is similar to a passive man-in-the-middle attack?

replay

Proper ________________ involves identifying risks but making the decision to not engage in the activity.​

risk avoidance

An independently rotating large cup affixed to the top of a fence prevents the hands of intruders from gripping the top of a fence to climb over it. What is the name for this technology

roller barrier

To what specific directory are users generally restricted to on a web server?

root

What type of malware consists of a set of software tools used by an attacker to hide the actions or presence of other types of malicious software, such as Trojans, viruses, or worms?

rootkitv

Which position below is considered an entry-level position for a person who has the necessary technical skills?

security technician

Attacks that take place against web based services are considered to be what type of attack?

server-side

A service contract between a vendor and a client that specifies what services will be provided, the responsibilities of each party, and any guarantees of service, is known as

service level agreement

HTML uses which option below within embedded brackets (< >) causing a web browser to display text in a specific format?

tags

A type of action that has the potential to cause harm.

threat

The goal of what type of threat evaluation is to better understand who the attackers are, why they attack, and what types of attacks might occur

threat modeling

The means by which an attack could occur

threat vector

What type of malware is heavily dependent on a user in order to spread?

virus

Which of the following is malicious computer code that reproduces itself on the same computer?

virus

A flaw or weakness that allows a threat agent to bypass security

vulnerability

What is the name of the process that takes a snapshot of the current security of an organization?

vulnerability appraisal

Which SQL injection statement example below could be used to discover the name of the table?

whatever' AND 1=(SELECT COUNT(*) FROM tabname); -

Which SQL statement represents a SQL injection attempt to determine the names of different fields in a database?

whatever' AND email IS NULL; --

Choose the SQL injection statement example below that could be used to find specific users:

whatever' OR full_name LIKE '%Mia%'

Which SQL injection statement can be used to erase an entire database table?

whatever'; DROP TABLE members; --

Which tester has an in-depth knowledge of the network and systems being tested, including network diagrams, IP addresses, and even the source code of custom applications

white box

The exchange of information among DNS servers regarding configured zones is known as:

zone transfer

​Part of the TCP/IP protocol for determining the MAC address based on the IP address.

​Address Resolution Protocol (ARP)

A comparison of the present state of a system to its baseline

​Baseline reporting

​What type of filtering utilizes a an analysis of the content of spam messages in comparison to neutral / non-spam messages in order to make intelligent decisions as to what should be considered spam

​Bayesian filtering

​An attack that injects scripts into a web application server to direct attacks at clients.

​Cross-site scripting (XSS)

An event that does not appear to be a risk but actually turns out to be one.

​False negative

What security goal do the following common controls address: hashing, digital signatures, certificates, nonrepudiation tools

​Integrity

An agreement through which parties in a relationship can reach an understanding of their relationships and responsibilities.​

​Interoperability agreement

An attack that constructs LDAP statements based on user input statements, allowing the attacker to retrieve information from the LDAP database or modify its content

​LDAP injection attack

The most restrictive access control model, typically found in military settings in which security is of supreme importance

​Mandatory access control (MAC)

What type of management system below can help facilitate asset tracking

​Mobile Device Management (MDM)

The start-up relationship agreement between parties.​

​On-boarding

​What term below describes a hand-held mobile device that was intended to replace paper systems, and typically included an appointment calendar, an address book, a "to-do" list, a calculator, and the ability to record limited notes

​Personal digital assistant (PDA)

​A form of verification used when accessing a secure web application

​Session token

The current version of the Terminal Access Control Access Control System (TACACS) authentication service

​TACACS+

What type of attack is targeted against a smaller group of specific individuals, such as the major executives working for a manufacturing company?​

​Watering Hole


Related study sets

Chemistry Lab Safety Final 7.1.2

View Set

Soc 1 - Inquizitive Chapter 5 2017

View Set

CH 40 Basic Principles of Animal Form & Function

View Set

Bimbisara, Ajathashatru, Chandragupta Maurya and Chanakya

View Set

history exam 3 film questions & class notes

View Set