IST 220 Exam 4

Ace your homework & exams now with Quizwiz!

In two-way dialogues using symmetric key encryption, how many keys are used for encryption and decryption? 2 1 none of these 4

1

If the subnet ID in an IPv6 address is 32 bits, how long is the routing prefix? 64 bits 32 bits We cannot say based on the limited information none of these

32 bits

What working group in Ethernet provides standards for security None of these 802.3 802.11 802.1

802.1

Which offers stronger security? 802.11i Both WPA and WPA2 offer equally strong security. 802.3 WPA

802.11i

The ________ Ethernet standard was created to prevent attackers from walking in and simply plugging a computer into a wall jack and therefore accessing the network. 802.3X 802.1X Ethernet firewall 802.1AE

802.1X

In what mode of 802.11i operation is a central authentication server used? 802.1X mode PSK mode both 802.1X mode and PSK mode neither 802.1X mode and PSK mode

802.1X mode

Which of the following IPv6 helper protocols does not exist Stateless Autoconfiguration Router Advertisement ARPv6 Neighbor Discovery

ARPv6

A rogue access point ________. is an unauthorized internal access point often has very poor security often operates at high power All of these are true.

All of these are true.

Which of the following meets the definition of hacking ________. to use a computer on which you have an account for unauthorized purposes to intentionally use a computer resource without authorization neither of these both of these

both of these

Attack programs that can be remotely controlled by an attacker are ________. DoS programs exploits sock puppets bots

bots

Which of the following can be upgraded after it is installed on a victim computer? (Choose the most specific answer.) bots worms viruses Trojan horses

bots

A password-cracking attack that tries all combinations of keyboard characters is called a ________. hybrid mode dictionary attack dictionary attack comprehensive keyboard attack brute-force attack

brute-force attack

What type of attacker are most of attackers today? disgruntled employees and ex-employees career criminals cyberterrorists hackers motivated by a sense of power

career criminals

In digital certificate authentication, the verifier gets the key it needs directly from the ________. supplicant true party certificate authority verifier

certificate authority

A specific encryption method is called a ________. key method code schema cipher

cipher

Using encryption, you make it impossible for attackers to read your messages even if they intercept them. This is ________. both of these confidentiality authentication neither of these

confidentiality

ACLs are used for packets in the ________ state. both of these ongoing communication neither of these connection-opening

connection-opening

A user picks the password "tiger." This is likely to be cracked quickly by a(n) ________. dictionary attack attack on an application running as root reverse engineering attack brute-force attack

dictionary attack

Which of the following must be followed? guidelines neither of these both of these standards

standards

Debit card is secure because it requires two credentials for authentication. This is also called ________. the supplicant's authentication none of these two-factor authentication the verifier's authentication

two-factor authentication

________ is the general name for proofs of identity in authentication. Credentials Authorizations Certificates Signatures

Credentials

The IEEE calls 64-bit interface addresses ________. Extended Unique Identifiers half-IP Host names MAC addresses

Extended Unique Identifiers

If a packet is highly suspicious but not a provable attack packet, a(n) ________ may drop it. SPI firewall IPS IDS all of the above

IPS

Which has stronger security? IPsec SSL/TLS Both have about equal security.

IPsec

Who are the most dangerous types of employees? financial employees manufacturing employees IT security employees former employees

IT security employees

Which type of firewall filtering looks at application-layer content? static packet filtering Next Generation All of these stateful packet inspection

Next Generation

In 802.11i ________, hosts must know a shared initial key. PSK mode 802.1X mode neither 802.1X mode and PSK mode both 802.1X mode and PSK mode

PSK mode

What IPv6 address do all routers listen on for ICMPv6 router solicitation messages? fe80::11 FF02::1 Port 68 0.0.0.0

Port 68

Which is less expensive to implement? IPsec Both cost about the same to implement. SSL/TLS

SSL/TLS

In 802.1X authentication, which entity provides their credentials Authenticator Credential Manager Suplicant None of these

Suplicant

Malware programs that masquerade as system files are called ________. Trojan horses payloads viruses scripts

Trojan horses

Which of the following secures communication between the wireless computer and the server it wishes to use against evil twin attacks? PEAP VPNs 802.1X mode VLANs

VPNs

Which of the following attach themselves to other programs? Viruses neither Viruses nor Worms Worms both Viruses and Worms

Viruses

________ are full stand-alone programs. Viruses neither Viruses nor Worms Worms both Viruses and Worms

Worms

You discover that you can get into other e-mail accounts after you have logged in under your account. You spend just a few minutes looking at another user's mail. Is that hacking? No Yes We cannot say from the information given.

Yes

In tunnel mode, IPsec provides protection ________. both of these only between the IPsec servers all the way between the two hosts neither of these

only between the IPsec servers

Trojan horses can spread by ________. neither of these e-mailing themselves to victim computers both of these directly propagating to victim computers

neither of these

The routing prefix in IPv6 is like the ________ part in an IPv4 address. network host both network and subnet subnet

network

How will a stateful packet inspection (SPI) firewall handle a packet containing a TCP segment which is an acknowledgement? pass it if it is part of an approved connection both of these neither of these process it through the Access Control List (ACL)

pass it if it is part of an approved connection

The general name for malware on a user's PC that collects sensitive information and sends this information to an attacker is ________. anti-privacy software spyware data mining software keystroke loggers

spyware

In distributed DoS attacks, the attacker sends messages directly to ________. the intended victim of the DoS attack bots a command and control server DOS servers

a command and control serve

A program that can capture passwords as you enter them is ________. a keystroke logger both of these neither of these data mining software

a keystroke logger

Today, it can be problematic to have only a single IPv6 stack because ________. a single IPv6 stack could not communicate with a single IPv4 stack all of these a single IPv4 stack is out of date a dual stack has become a common solution

a single IPv6 stack could not communicate with a single IPv4 stack

In 802.11i, protection is provided between the client and the ________. server router switch access point

access point

IPsec protects ________ layer messages. both of these data link neither of these application

application

Authentication should generally be ________. the same for all resources, for consistency appropriate for a specific resource as strong as possible all of these

appropriate for a specific resource

Electronic signatures provide message-by-message ________. confidentiality authentication neither of these both of these

authentication

Requiring someone to use a resource to prove his or her identity is ________. confidentiality both authentication and authorization authorization authentication

authentication

Actions that people are allowed to take on a resource come under the heading of ________. hacks authorizations exploits risks

authorizations

Policies should drive ________. both of these implementation neither of these oversight

both of these

To defeat brute-force attacks, a password must be ________. complex long neither of these both of these

both of these

If someone has been properly authenticated, they should receive ________ permissions. no all minimum maximum

minimum

After two wireless clients authenticate themselves via PSK to an access point, they will use ________ to communicate with the access point. different session keys an 802.1X key WPS keys the preshared key

different session keys

Which of the following can spread more rapidly? directly-propagating viruses All of these above can spread with approximately equal speed. v Hacker attack

directly-propagating worms

Breaking into WLANs from outside the premises is ________. Lurking war driving Stalking drive-by hacking

drive-by hacking

The Wi-Fi Alliance calls 802.1X mode ________ mode. WPA personal WEP enterprise

enterprise

Firewall log files should be read ________. every week usually only when a serious attack is suspected every month every day

every day

A notebook computer configured to act like a real access point is a(n) ________. rogue access point router evil twin access point switch

evil twin access point

Methods that hackers use to break into computers are ________. exploits magics compromises cracks

exploits

Advanced persistent threats are ________. inexpensive for the attacker extremely dangerous for the victim Neither of these Both of these

extremely dangerous for the victim

Which of the following can be done today without the target's knowledge? face recognition both of these iris scanning neither of these

face recognition

Which of the following is a form of biometrics? facial recognition reusable passwords digital certificate authentication all of these

facial recognition

Which of the following is an appropriate IPv6 link-local address for a host with an EUI-48 address 2F:AB:34:92:C4:45 2d:ab:34:ff:fe:92:c4:45 2FAB:3492:C445 fffe::2dab:34fe:8092:c445 fe80::2dab:34ff:fe92:c445

fe80::2dab:34ff:fe92:c445

Which of the following is an appropriate IPv6 link-local address for a host with an EUI-48 address 3e:44:20:87:ac:83 fe80::3e44:20ff:fe87:ac83 fe80::3c44:2087:ac83 3c44:20ff:fe87:ac83 fe80::3c44:20ff:fe87:ac83

fe80::3c44:20ff:fe87:ac83

A step in creating an EUI-64 is dividing a 48-bit MAC address in half and inserting ________ in the center. the interface ID fffe 0000 the subnet ID

fffe

If a host is to be able to communicate via IPv4 and IPv6, it is said to ________. have a dual-stack be IP-agile be IPv6-ready be bilingual

have a dual-stack

Attackers only need to find a single weakness to break in. Consequently, companies must ________. only give minimum permissions have comprehensive security do risk analysis have insurance

have comprehensive security

Vulnerabilities are occasionally found in even the best security products. Consequently, companies must ________. do risk analysis have defense in depth only give minimum permissions have comprehensive security

have defense in depth

Prepare2 can be cracked most quickly by a(n) ________. authentication attack hybrid dictionary attack dictionary attack brute-force attack

hybrid dictionary attack

Which of the following tends to be more damaging to the victim credit card theft Neither is damaging Both about the same identity theft

identity theft

Users typically can eliminate a vulnerability in one of their programs by ________. installing a patch all of the above doing a zero-day installation using an antivirus program

installing a patch

A firewall will drop a packet if it ________. is a probable attack packet both of these neither of these is a definite attack packet

is a definite attack packet

Using SSL/TLS for Web applications is attractive because SSL/TLS ________. is essentially free to use for the end user both of these neither of these offers the strongest possible cryptographic protections

is essentially free to use for the end user

If a firewall does not have the processing power to filter all of the packets that arrive, ________. it will drop packets it cannot process neither of these it will pass some packets without filtering them both of these

it will drop packets it cannot process

Egress filtering examines packets ________. both of these arriving from the outside neither of these leaving to the outside

leaving to the outside

Stateful firewalls are attractive because of their ________. QoS guarantees low cost high filtering sophistication ability to filter complex application content

low cost

Electronic signatures also provide ________ in addition to authentication. both of these message integrity neither of these message encryption

message integrity

When a packet that is part of an ongoing connection arrives at a stateful inspection firewall, the firewall usually ________. passes the packet, but notifies an administrator drops the packet and notifies an administrator passes the packet drops the packet

passes the packet

Pieces of code that are executed after the virus or worm has spread are called ________. compromises vulnerabilities payloads exploits

payloads

Which of the following is NOT one of the four major security planning principles? risk analysis defense in depth comprehensive security perimeter defense

perimeter defense

An attack in which an authentic-looking e-mail entices a user to open a maleware infected attachment, click a link to a dangerous website, or respond with their username, password, or other sensitive information is called ________. (Select the most specific answer.) identity theft social engineering phishing a spyware attack

phishing

How will a stateful packet inspection (SPI) firewall handle a packet containing a TCP SYN segment? both of these pass it if it is part of an approved connection neither of these process it through the Access Control List (ACL)

process it through the Access Control List (ACL)

Which phase of the plan-protect-respond cycle takes the largest amount of work? protect respond plan The phases require about equal amounts of effort.

protect

Balancing threats against protection costs is called ________. comprehensive security economic justification risk analysis defense in depth

risk analysis

In IPsec, agreements about how security will be done are called ________. tranches security associations security contracts service-level agreements

security associations

Tricking users into doing something against their security interests is ________. both of these neither of these social engineering hacking

social engineering

Unsolicited commercial e-mail is better known as ________. identity theft spam adware social engineering

spam

If a company uses 802.11i for its core security protocol, an evil twin access point will set up ________ 802.11i connection(s). four one 16 two

two

In authentication, the ________ is the party trying to prove his or her identity. supplicant true party all of these verifier

supplicant

In digital certificate authentication, the supplicant encrypts the challenge message with ________. none of the above the supplicant's private key the verifier's private key the true party's private key

the supplicant's private key

In digital certificate authentication, the verifier uses ________. neither of these the supplicant's public key both of these the true party's public key

the true party's public key

Client PCs must have digital certificates in ________. both of these transport mode neither of these tunnel mode

transport mode

IPsec provides protection in two modes of operation; one of these two modes is ________. network mode transport mode data link mode 802.1X mode

transport mode

Which mode of IPsec may be more expensive if a company has a large number of computers? Both of these are equally expensive. transport mode tunnel mode

transport mode

Viruses most commonly spread from one computer to another ________. through obfuscation by propagating directly by themselves via e-mail all of these

via e-mail

The general name for a security flaw in a program is a ________. vulnerability virus security fault malware

vulnerability

Attacking your own firm occurs in ________. vulnerability testing auditing neither of these both of these

vulnerability testing

A policy specifies ________. what should be done how to do it both of these neither of these

what should be done

Which of the following sometimes uses direct propagation between computers? Trojan horses downloaders viruses worms

worms

Vulnerability-based attacks that occur before a patch is available are called ________ attacks. stealth malware preinstallation zero-day

zero-day


Related study sets

Exercise Physiology Lab exam HSS 408L

View Set

Definitions and equations physics: Statistics data types and distribution

View Set

Adult One Exam 3 Rheumatic disorders

View Set

Chapter 39: Management of Patients with Oral and Esophageal Disorders

View Set