IS 432 Mid-Term

Ace your homework & exams now with Quizwiz!

What tool does McAfee Personal Firewall offer?

A visual tool to trace attacks

Which of the following has three different key sizes that it can use?

AES

Which of the following is a block cipher?

AES

Which type of encryption is included with the T series?

AES and 3DES

Modern ciphers use binary operations. Which of the following is an example of a binary operator?

AND

Specter can be used to emulate which of the following services?

All of the above

The Windows 10 Firewall allows you to set rules for which of the following areas?

All of these

What is another term for preemptive blocking?

Banishment vigilance

Which of the following is not a common feature of most single PC firewalls?

Built-in NAT

The first computer incident-response team is affiliated with what university?

Carnegie-Mellon University

Which of the following is an example of an enterprise level firewall?

Check Point 15000 series

Which type of firewall creates a private virtual connection with the client?

Circuit level gateway.

Which of the following is a small text file that web pages can place on your computer to keep track of your browsing activity?

Cookie

Which of the following is a symmetric key system using blocks?

DES

At which layer of the OSI model does PPTP operate?

Data link

Which of the following is a combination of IDS and a honeypot?

Decoy server

Which of the following is not part of the CIA triangle?

Discretion

Which of the following types of attacks tricks internet routers into attacking a target?

Distributed reflection denial of service attack

Which authentication protocols are available under PPTP?

EAP and CHAP

Which of the following IDS terms refers to an occurrence that indicates a suspicious activity may have taken place?

Event

Which of the following is used to filter incoming and ongoing traffic?

Firewall

Which of the following malware can monitor network traffic and take a snapshot of the target system?

Flame

Specter is which of the following?

Honeypot

Which of the following refers to a single machine set up to simulate a valuable server or even an entire subnetwork?

Honeypot

Which of the following IPSec protocols manages the exchange of encryption keys?

IKE

What is the best method for defending against IP spoofing?

Installing a router/firewall that blocks packets that appear to be originating within the network.

Virtual Private Networks (VPNS) establish a secure private connection over which of the following communication mediums?

Internet

Attempting to attract intruders to a system set up to monitor them is called what?

Intrusion Deflection

Which of the following involves trying to make a network system seem like a less appealing target?

Intrusion Deterrence

Which of the following is a disadvantage of an application gateway?

It consumes a lot of system resources

Which of the following is the primary weakness in the Caesar cipher?

It does not disrupt letter frequency.

What is the most important security advantage of NAT?

It hides internal network addresses

Which of the following statements about Flame is true?

It is a virus designed for espionage.

Which of the following is an advantage of the network host-based configuration?

It is inexpensive or free

What is a technical weakness of the stack tweaking defense?

It only decreases the danger but does not prevent it.

Which of the following is a disadvantage of the Cisco ASA 5500 series firewall?

It requires at least moderate skill to configure and administer.

Why might a circuit level gateway be inappropriate for some situations?

It requires client-side configuration

Should a home user block incoming ICMP traffic, and why or why not?

It should be blocked because such traffic is often used to do port scans and flood attacks.

Which of the following is a problem with the threshold monitoring approach?

It yields many false positives

What is the best way to defend against a buffer overflow?

Keep all software patched and updated.

Which of the following is a difference between PPTP and L2TP?

L2TP can work over X.25 and ATM networks whereas PPTP can work only over IP networks.

Which of the following is not an advantage of the FortiGate Firewall?

Low cost

Which of the following types of viruses target office documents such as files created in Microsoft Office?

Macro viruses

Which of the following is an example of threshold monitoring?

Monitoring failed login attempts

Enterprise network solutions typically offer which of the following in comparison with smaller network solutions?

More features, additional throughput, and advanced capabilities.

Which of the following virus attacks initiated a DoS attack?

MyDoom

Why is encryption an important part of security?

No matter how secure your network is, the data being transmitted is still vulnerable without encryption.

Which of the following is used for steganalysis, to detect the use of steganography?

Noise distortion, RQP method, Chi-square analysis. all of these.

What is the difference between the transport mode and the tunnel mode in IPsec?

Only transport mode does not encrypt the header

What is the difference between voluntary and compulsory tunneling in PPTP?

Only voluntary tunneling allows standard PPP/non-VPN connection

Which of the following is an open source VPN solution available for Linux operating systems?

Openswan

What is the greatest danger in a network host-based configuration?

Operation system security flaws

Which of the following is generally considered the least secure?

PAP

PPTP is based on what earlier protocol?

PPP

Which of the following is an older VPN protocol based on point-to-point protocol?

PPTP

Which of the following are the four basic types of firewalls?

Packet Filtering, Application gateway, circuit level, and stateful packet inspection

Which of the following statements about buffer overflow attacks is true?

Perfectly written programs are not susceptible to buffer overflow attacks.

What are the three approaches to security?

Perimeter, layered, and hybrid

Which of the following commands can be used to determine if a system is reachable and how long a packet takes to reach that system?

Ping

Banishment Vigilance is also known as which of the following?

Preemptive blocking

Which of the following DoS attacks sends an ICMP packet with a modified return address to the broadcast network address?

Smurf attack

Which of the following is another term for ethical hacker?

Sneaker

Which of the following snort modes displays packet information to the console?

Sniffer

Which of the following uses the same key to encrypt and decrypt the message?

Symmetric encryption

Which of the following is the most common legitimate use for a password cracker?

Testing the encryption of your own network.

When assessing threats to a system, what three factors should you consider?

The System's attractiveness, the information contained on the system, and how much traffic the system gets

Which of the following IPSec modes encrypts the data in each packet but leaves the header unencrypted?

Transport

TLS is an acronym for which of the following?

Transport Layer Security

Which of the following are the two encryption modes used by IPSec?

Transport and tunnel

Which layer of the OSI model provides end-to-end communication control?

Transport layer

Which of the following DoS attacks sends a UDP packet to a random port on the victim's system?

UDP flood

Which of the following is a common problem when seeking information on firewalls?

Unbiased information might be hard to find.

An enterprise network is often made up of several local networks connected over which of the following?

WAN

Which of the following is a security approach that blocks users from visiting any website or internet resource except those on approved list?

Whitelisting

Which binary operator returns 0 if both numbers it compares are the same and returns 1 if the numbers it compares are different?

XOR

What is a computer virus?

Any program that self-replicates

Which of the following allows an administrator to specify what applications are allowed access?

Application gateway

What type of firewall requires individual client applications to be authorized to connect?

Application gateway.

Which of the following is the most basic security activity?

Authenticating users

An intrusion detection system is an example of:

Proactive security

Which of the following can be used to hide a company's internal IP address?

Proxy server

Which of the following is an encryption method developed by three mathematicians in the 1970s?

RSA

Which of the following would be the best defense if your web server had limited resources but you needed a strong defense against DoS?

RST cookies

Which of the following is a type of anomaly detection that measures the system-wide use of resources to develop a profile of that usage?

Resource profiling

What type of firewall is the Check Point 5000 series firewall?

SPI/Application gateway hybrid

What is the name for a DoS defense that is dependent on sending back a hash code to the client?

SYN cookie

The most desirable approach to security is one which is:

layered and dynamic


Related study sets

NUR 228 Exam 3 Podcast & Interactive Module Q's

View Set

Biology 11A Chapter 20 - Module Questions

View Set

Clin Assess Ch. 6 (Table 6-5, 6-6) Secondary Skin Lesions

View Set

Retirement Accounts and IRA Rules

View Set

Anatomy & Physiology Chapter 1: The Sciences of Anatomy & Physiology

View Set

Network and Security Midterm Review

View Set

chapter 26: Assessing Male Genitalia and Rectum

View Set