IST 220 Exam 4
In two-way dialogues using symmetric key encryption, how many keys are used for encryption and decryption? 2 1 none of these 4
1
If the subnet ID in an IPv6 address is 32 bits, how long is the routing prefix? 64 bits 32 bits We cannot say based on the limited information none of these
32 bits
What working group in Ethernet provides standards for security None of these 802.3 802.11 802.1
802.1
Which offers stronger security? 802.11i Both WPA and WPA2 offer equally strong security. 802.3 WPA
802.11i
The ________ Ethernet standard was created to prevent attackers from walking in and simply plugging a computer into a wall jack and therefore accessing the network. 802.3X 802.1X Ethernet firewall 802.1AE
802.1X
In what mode of 802.11i operation is a central authentication server used? 802.1X mode PSK mode both 802.1X mode and PSK mode neither 802.1X mode and PSK mode
802.1X mode
Which of the following IPv6 helper protocols does not exist Stateless Autoconfiguration Router Advertisement ARPv6 Neighbor Discovery
ARPv6
A rogue access point ________. is an unauthorized internal access point often has very poor security often operates at high power All of these are true.
All of these are true.
Which of the following meets the definition of hacking ________. to use a computer on which you have an account for unauthorized purposes to intentionally use a computer resource without authorization neither of these both of these
both of these
Attack programs that can be remotely controlled by an attacker are ________. DoS programs exploits sock puppets bots
bots
Which of the following can be upgraded after it is installed on a victim computer? (Choose the most specific answer.) bots worms viruses Trojan horses
bots
A password-cracking attack that tries all combinations of keyboard characters is called a ________. hybrid mode dictionary attack dictionary attack comprehensive keyboard attack brute-force attack
brute-force attack
What type of attacker are most of attackers today? disgruntled employees and ex-employees career criminals cyberterrorists hackers motivated by a sense of power
career criminals
In digital certificate authentication, the verifier gets the key it needs directly from the ________. supplicant true party certificate authority verifier
certificate authority
A specific encryption method is called a ________. key method code schema cipher
cipher
Using encryption, you make it impossible for attackers to read your messages even if they intercept them. This is ________. both of these confidentiality authentication neither of these
confidentiality
ACLs are used for packets in the ________ state. both of these ongoing communication neither of these connection-opening
connection-opening
A user picks the password "tiger." This is likely to be cracked quickly by a(n) ________. dictionary attack attack on an application running as root reverse engineering attack brute-force attack
dictionary attack
Which of the following must be followed? guidelines neither of these both of these standards
standards
Debit card is secure because it requires two credentials for authentication. This is also called ________. the supplicant's authentication none of these two-factor authentication the verifier's authentication
two-factor authentication
________ is the general name for proofs of identity in authentication. Credentials Authorizations Certificates Signatures
Credentials
The IEEE calls 64-bit interface addresses ________. Extended Unique Identifiers half-IP Host names MAC addresses
Extended Unique Identifiers
If a packet is highly suspicious but not a provable attack packet, a(n) ________ may drop it. SPI firewall IPS IDS all of the above
IPS
Which has stronger security? IPsec SSL/TLS Both have about equal security.
IPsec
Who are the most dangerous types of employees? financial employees manufacturing employees IT security employees former employees
IT security employees
Which type of firewall filtering looks at application-layer content? static packet filtering Next Generation All of these stateful packet inspection
Next Generation
In 802.11i ________, hosts must know a shared initial key. PSK mode 802.1X mode neither 802.1X mode and PSK mode both 802.1X mode and PSK mode
PSK mode
What IPv6 address do all routers listen on for ICMPv6 router solicitation messages? fe80::11 FF02::1 Port 68 0.0.0.0
Port 68
Which is less expensive to implement? IPsec Both cost about the same to implement. SSL/TLS
SSL/TLS
In 802.1X authentication, which entity provides their credentials Authenticator Credential Manager Suplicant None of these
Suplicant
Malware programs that masquerade as system files are called ________. Trojan horses payloads viruses scripts
Trojan horses
Which of the following secures communication between the wireless computer and the server it wishes to use against evil twin attacks? PEAP VPNs 802.1X mode VLANs
VPNs
Which of the following attach themselves to other programs? Viruses neither Viruses nor Worms Worms both Viruses and Worms
Viruses
________ are full stand-alone programs. Viruses neither Viruses nor Worms Worms both Viruses and Worms
Worms
You discover that you can get into other e-mail accounts after you have logged in under your account. You spend just a few minutes looking at another user's mail. Is that hacking? No Yes We cannot say from the information given.
Yes
In tunnel mode, IPsec provides protection ________. both of these only between the IPsec servers all the way between the two hosts neither of these
only between the IPsec servers
Trojan horses can spread by ________. neither of these e-mailing themselves to victim computers both of these directly propagating to victim computers
neither of these
The routing prefix in IPv6 is like the ________ part in an IPv4 address. network host both network and subnet subnet
network
How will a stateful packet inspection (SPI) firewall handle a packet containing a TCP segment which is an acknowledgement? pass it if it is part of an approved connection both of these neither of these process it through the Access Control List (ACL)
pass it if it is part of an approved connection
The general name for malware on a user's PC that collects sensitive information and sends this information to an attacker is ________. anti-privacy software spyware data mining software keystroke loggers
spyware
In distributed DoS attacks, the attacker sends messages directly to ________. the intended victim of the DoS attack bots a command and control server DOS servers
a command and control serve
A program that can capture passwords as you enter them is ________. a keystroke logger both of these neither of these data mining software
a keystroke logger
Today, it can be problematic to have only a single IPv6 stack because ________. a single IPv6 stack could not communicate with a single IPv4 stack all of these a single IPv4 stack is out of date a dual stack has become a common solution
a single IPv6 stack could not communicate with a single IPv4 stack
In 802.11i, protection is provided between the client and the ________. server router switch access point
access point
IPsec protects ________ layer messages. both of these data link neither of these application
application
Authentication should generally be ________. the same for all resources, for consistency appropriate for a specific resource as strong as possible all of these
appropriate for a specific resource
Electronic signatures provide message-by-message ________. confidentiality authentication neither of these both of these
authentication
Requiring someone to use a resource to prove his or her identity is ________. confidentiality both authentication and authorization authorization authentication
authentication
Actions that people are allowed to take on a resource come under the heading of ________. hacks authorizations exploits risks
authorizations
Policies should drive ________. both of these implementation neither of these oversight
both of these
To defeat brute-force attacks, a password must be ________. complex long neither of these both of these
both of these
If someone has been properly authenticated, they should receive ________ permissions. no all minimum maximum
minimum
After two wireless clients authenticate themselves via PSK to an access point, they will use ________ to communicate with the access point. different session keys an 802.1X key WPS keys the preshared key
different session keys
Which of the following can spread more rapidly? directly-propagating viruses All of these above can spread with approximately equal speed. v Hacker attack
directly-propagating worms
Breaking into WLANs from outside the premises is ________. Lurking war driving Stalking drive-by hacking
drive-by hacking
The Wi-Fi Alliance calls 802.1X mode ________ mode. WPA personal WEP enterprise
enterprise
Firewall log files should be read ________. every week usually only when a serious attack is suspected every month every day
every day
A notebook computer configured to act like a real access point is a(n) ________. rogue access point router evil twin access point switch
evil twin access point
Methods that hackers use to break into computers are ________. exploits magics compromises cracks
exploits
Advanced persistent threats are ________. inexpensive for the attacker extremely dangerous for the victim Neither of these Both of these
extremely dangerous for the victim
Which of the following can be done today without the target's knowledge? face recognition both of these iris scanning neither of these
face recognition
Which of the following is a form of biometrics? facial recognition reusable passwords digital certificate authentication all of these
facial recognition
Which of the following is an appropriate IPv6 link-local address for a host with an EUI-48 address 2F:AB:34:92:C4:45 2d:ab:34:ff:fe:92:c4:45 2FAB:3492:C445 fffe::2dab:34fe:8092:c445 fe80::2dab:34ff:fe92:c445
fe80::2dab:34ff:fe92:c445
Which of the following is an appropriate IPv6 link-local address for a host with an EUI-48 address 3e:44:20:87:ac:83 fe80::3e44:20ff:fe87:ac83 fe80::3c44:2087:ac83 3c44:20ff:fe87:ac83 fe80::3c44:20ff:fe87:ac83
fe80::3c44:20ff:fe87:ac83
A step in creating an EUI-64 is dividing a 48-bit MAC address in half and inserting ________ in the center. the interface ID fffe 0000 the subnet ID
fffe
If a host is to be able to communicate via IPv4 and IPv6, it is said to ________. have a dual-stack be IP-agile be IPv6-ready be bilingual
have a dual-stack
Attackers only need to find a single weakness to break in. Consequently, companies must ________. only give minimum permissions have comprehensive security do risk analysis have insurance
have comprehensive security
Vulnerabilities are occasionally found in even the best security products. Consequently, companies must ________. do risk analysis have defense in depth only give minimum permissions have comprehensive security
have defense in depth
Prepare2 can be cracked most quickly by a(n) ________. authentication attack hybrid dictionary attack dictionary attack brute-force attack
hybrid dictionary attack
Which of the following tends to be more damaging to the victim credit card theft Neither is damaging Both about the same identity theft
identity theft
Users typically can eliminate a vulnerability in one of their programs by ________. installing a patch all of the above doing a zero-day installation using an antivirus program
installing a patch
A firewall will drop a packet if it ________. is a probable attack packet both of these neither of these is a definite attack packet
is a definite attack packet
Using SSL/TLS for Web applications is attractive because SSL/TLS ________. is essentially free to use for the end user both of these neither of these offers the strongest possible cryptographic protections
is essentially free to use for the end user
If a firewall does not have the processing power to filter all of the packets that arrive, ________. it will drop packets it cannot process neither of these it will pass some packets without filtering them both of these
it will drop packets it cannot process
Egress filtering examines packets ________. both of these arriving from the outside neither of these leaving to the outside
leaving to the outside
Stateful firewalls are attractive because of their ________. QoS guarantees low cost high filtering sophistication ability to filter complex application content
low cost
Electronic signatures also provide ________ in addition to authentication. both of these message integrity neither of these message encryption
message integrity
When a packet that is part of an ongoing connection arrives at a stateful inspection firewall, the firewall usually ________. passes the packet, but notifies an administrator drops the packet and notifies an administrator passes the packet drops the packet
passes the packet
Pieces of code that are executed after the virus or worm has spread are called ________. compromises vulnerabilities payloads exploits
payloads
Which of the following is NOT one of the four major security planning principles? risk analysis defense in depth comprehensive security perimeter defense
perimeter defense
An attack in which an authentic-looking e-mail entices a user to open a maleware infected attachment, click a link to a dangerous website, or respond with their username, password, or other sensitive information is called ________. (Select the most specific answer.) identity theft social engineering phishing a spyware attack
phishing
How will a stateful packet inspection (SPI) firewall handle a packet containing a TCP SYN segment? both of these pass it if it is part of an approved connection neither of these process it through the Access Control List (ACL)
process it through the Access Control List (ACL)
Which phase of the plan-protect-respond cycle takes the largest amount of work? protect respond plan The phases require about equal amounts of effort.
protect
Balancing threats against protection costs is called ________. comprehensive security economic justification risk analysis defense in depth
risk analysis
In IPsec, agreements about how security will be done are called ________. tranches security associations security contracts service-level agreements
security associations
Tricking users into doing something against their security interests is ________. both of these neither of these social engineering hacking
social engineering
Unsolicited commercial e-mail is better known as ________. identity theft spam adware social engineering
spam
If a company uses 802.11i for its core security protocol, an evil twin access point will set up ________ 802.11i connection(s). four one 16 two
two
In authentication, the ________ is the party trying to prove his or her identity. supplicant true party all of these verifier
supplicant
In digital certificate authentication, the supplicant encrypts the challenge message with ________. none of the above the supplicant's private key the verifier's private key the true party's private key
the supplicant's private key
In digital certificate authentication, the verifier uses ________. neither of these the supplicant's public key both of these the true party's public key
the true party's public key
Client PCs must have digital certificates in ________. both of these transport mode neither of these tunnel mode
transport mode
IPsec provides protection in two modes of operation; one of these two modes is ________. network mode transport mode data link mode 802.1X mode
transport mode
Which mode of IPsec may be more expensive if a company has a large number of computers? Both of these are equally expensive. transport mode tunnel mode
transport mode
Viruses most commonly spread from one computer to another ________. through obfuscation by propagating directly by themselves via e-mail all of these
via e-mail
The general name for a security flaw in a program is a ________. vulnerability virus security fault malware
vulnerability
Attacking your own firm occurs in ________. vulnerability testing auditing neither of these both of these
vulnerability testing
A policy specifies ________. what should be done how to do it both of these neither of these
what should be done
Which of the following sometimes uses direct propagation between computers? Trojan horses downloaders viruses worms
worms
Vulnerability-based attacks that occur before a patch is available are called ________ attacks. stealth malware preinstallation zero-day
zero-day
