MIS 687- QUIZ#3
1. Which of the following is considered a stateful firewall filtering rule? A. If source and destination sockets are in the connection table, then PASS the packet. B. If protocol = TCP and destination port number = 25, then PASS the packet. C. If IP address = 10.47.122.79, protocol = TCP, and destination port number = 80, then PASS the packet. D. If protocol = UDP, then DROP the packet. E. If protocol = ICMP, then DROP the packet.
A
10. The evil twin AP is a form of ________. A. MITM attack B. wardriving attack C. zombie AP attack D. DOS attack E. port scanning attack
A
11. The digital signature attached to a message can authenticate: A. both the message sender and message itself B. the message sender only C. the message only D. both the message sender and receiver E. both the message receiver and message itself
A
12. ________ is a security standard developed for 802.11 WiFi LANs. A. Wired equivalent privacy (WEP) B. Secure socket layer (SSL) C. Packet acknowledgments D. Service set identifier (SSID) E. Pretty good privacy (PGP)
A
13. When "hypervisor-based virtualization" and "hosted virtualization" are compared: A. The host machine needs its own host operating system ONLY when "hosted virtualization" is used. B. The VM needs to have its own operating system ONLY when "hosted virtualization" is used. C. The VM running on "hosted virtualization" has better performance than that on "hypervisor-based virtualization." D. The maintenance cost of "hosted virtualization" is lower than that of "hypervisor-based virtualization." E. Moving VMs from one physical computer to another is easier on "hosted virtualization" than on "hypervisor-based virtualization."
A
14. Phishing is a form of ________ attack. A. social engineering B. port scanning C. packet sniffing D. fingerprinting E. MITM
A
14. The transition from IPv4 to IPv6 will be rather gradual, and one approach that allows their coexistence is direct address conversion. In that approach, 123.45.67.89 (IPv4) becomes ________ for IPv6: A. 0000:0000:0000:0000:0000:ffff:123.45.67.89 B. 1111:1111:1111:1111:1111:ffff:123.45.67.89 C. 123.45.67.89: 0000:0000:0000:0000:0000:0000 D. 1111:1111:1111:1111:1111:0000:123.45.67.89 E. 123.45.67.89:1111:1111:1111:1111:1111:ffff
A
15. Choose a WRONG statement regarding Domain Name System (DNS). A. The top-level domain includes university names. B. The second-level domain is also called sub-domain. C. Obtaining a second-level domain name, an organization can freely create lower-level domain names. D. The country code is a top-level domain. E. The URL combines a protocol and a domain name.
A
18. Which correctly describes ARP poisoning? A. An attacker sends "ARP replies" to a target computer to tell that the MAC address of its default gateway is the attacker's own MAC address. B. An attacker sends "ARP requests" to a target computer to tell that the MAC address of its default gateway is the attacker's own MAC address. C. An attacker sends "ARP requests" to the default gateway to tell that the IP address of its victim computer is the attacker's own IP address. D. An attacker sends "ARP requests" to the default gateway to tell that the MAC address of its victim computer is the attacker's own MAC address. E. An attacker sends "ARP replies" to a target computer to tell that the IP address of its default gateway is the attacker's own IP address.
A
2. A hacker sends an email with an attachment that, if activated by an unsuspecting user, searches up to 50 other email addresses stored in the victim's system and relays the same infection code to the email addresses. This must be a ________. A. worm B. Trojan horse C. zombie D. virus E. spam
A
2. Which is a top-level domain name? A. .com B. whitehouse.gov C. www.stanford.edu D. sdsu.edu/mis E. microsoft.com
A
20. When an attacker sets up a DHCP server to steal user information (e.g., password), it is a type of ________ security threat. A. MITM B. rogue AP C. evil twin D. wardriving E. DOS
A
20. Which information may NOT be included in a digital certificate? A. Owner's private key B. Issuer company C. Expiration date D. Name of its owner E. Owner's public key
A
5. When an AP issues an acknowledgment of a frame it receives, the acknowledgment is delivered in a ________ frame. A. control B. data C. beacon D. supervisory E. management
A
8. Benefits of VPN do NOT include: A. VPN performance is not affected by Internet congestion. B. VPN offers flexibility in forming and terminating secure connections over the Internet. C. VPN affords bandwidth scalability in which the data rate between a client and an ISP can grow. D. VPN supports anytime, anywhere, and any-to-any accessibility. E. VPN is cost-effective in forming WAN links.
A
8. Every possible combination of alphanumeric characters can be applied to crack the password of a system. This is a form of ________. A. brute force attack B. backdooring C. dictionary attack D. packet sniffing E. hash attack
A
9. IEEE802.11 supports at least two different solutions to authenticate user stations: open authentication and ________ authentication. A. pre-shared key B. closed key C. public key D. private key E. dynamic key
A
9. The email in the figure is an example of ________: A. phishing B. sniffing C. MITM attack D. cracking E. scanning
A
1. A video player infected with malware was downloaded. When it was installed, the ________ was activated and changed my computer's default DNS setup to direct all DNS inquires to the rogue DNS server maintained by a criminal group. A. worm B. Trojan C. macro D. rootkit E. backdoor
B
10. Bluetooth is a popular wireless standard for the ________. A. MAN B. PAN C. WAN D. LAN E. Enterprise network
B
10. The digital certificate: A. is an alternative authentication method when encryption is unavailable. B. validates the owner of a particular public key. C. transports a private key to the owner. D. is a method to securely exchange session keys. E. is an electronic receipt of an online transaction.
B
11. Which represents a security hazard a corporate employee can create unintentionally? A. evil twin AP B. rogue AP C. master AP D. wardriving AP E. drive-by hacker AP
B
12. Wireshark is probably the most popular tool for ________? A. port scanning B. packet sniffing C. MITM attack D. social engineering E. spam generating
B
13. Which may be the LEAST relevant approach to steal someone's password? A. social engineering B. port scanning C. phishing D. brute force attack E. keystroke logging
B
14. Which is ACCURATE? A. authentication request—control frame B. association request—management frame C. acknowledgment—data frame D. RTS/CTS—management frame E. beacons—data frame
B
16. Which is an INCORRECT statement on server virtualization? A. The VM installed in a host computer has its own operating system. B. The number of servers an IT professional can manage declines with server virtualization. C. The number of physical servers necessary to deliver equivalent amount of computing is reduced. D. The need for physical cabling of server computers to the network decreases. E. IT service disruption due to maintenance and outages is reduced.
B
17. Which is CORRECT in describing the DMZ? A. The DMZ and production networks generally belong to a single subnet. B. SMTP email and HTTP web servers are frequently placed in the DMZ. C. The DMZ and production networks should be physically separated. D. Servers in the DMZ should use public IP addresses. E. The border router is unable to perform NAT when the DNZ is set up.
B
19. Choose an INCORRECT statement regarding spoofing. A. Spoofing and masquerading are synonymous. B. MAC spoofing is damaging because it shuts down WiFi NICs. C. IP spoofing is used to conceal the sources of DOS attacks. D. Email spoofing is used much by spammers. E. Phishing is used much to draw traffic to spoofed websites.
B
20. Choose a CORRECT statement regarding VPN standards. A. SSL offers the most secure VPN solution among available standards. B. The IPSec's tunnel mode is more cost-effective to implement than the transport mode. C. Implementing the IPSec's tunnel mode requires software installation in each computer. D. IPSec's security software is embedded in web browsers. E. When SSL is combined with HTTP, the mutual authentication of both client and server is mandated.
B
20. The technical details of WiFi are defined at the________. A. physical layer only B. physical and data link layers only C. physical, data link, and internet layers only D. physical, data link, internet, and transport layers only E. physical, data link, internet, transport, and application layers
B
4. Which is CORRECT about the ISP? A. Companies and individuals can access the Internet without ISPs. B. National ISP networks form the Internet backbone. C. The Internet is owned by the US government. D. ISPs interconnect each other through network service points. E. Tier 1 ISPs are regional or local ISPs.
B
5. The PKI is maintained and operated by ________. A. governments B. certificate authorities C. Internet engineering task force D. Internet service providers (ISPs) E. WAN service providers
B
6. When a digital signature is used for authentication, a session key can be utilized concurrently to: A. generate a message digest by the sender. B. encrypt the original message and digital signature. C. generate a digital signature by the sender. D. generate a digital signature by the receiver. E. generate a message digest by the receiver.
B
7. DOS attacks are intended to compromise a system's ________. A. confidentiality B. availability C. integrity D. privacy E. authenticity
B
7. The 2.4GHz band supports ________ non-overlapping channels in North America. A. 1 B. 3 C. 7 D. 11 E. 2
B
9. The PKI and X.509 are necessary elements of the ________ technology. A. digital signature B. digital certificate C. public key encryption D. symmetric key encryption E. message digest
B
9. Which VPN requires additional purchase and installation of security software in user computers? A. SSL in the tunnel mode B. IPSec in the transport mode C. IPSec in the tunnel mode D. IPSec in the site-to-site mode E. SSL in the regular mode
B
10. Which statement describes the IPv6 standard? A. Using a security protocol will become an option. B. Each packet's payload should be less than 50KB. C. IPv6 packets have a simpler header structure than IPv4 packets. D. Unicasting, multicasting, and broadcasting are supported by IPv6. E. SSL is a security protocol preferred by IPv6.
C
12. How can laptops associated with an AP avoid transmission collisions? A. Using electronic tokens B. Using the spread spectrum technology C. Using random back-off time even when the network is quiet D. Using a collision detection mechanism E. Using the first-come-last-served approach
C
12. ________ represents the process of encapsulating a packet within another packet and is heavily used for VPN. A. Binding B. Packing C. Tunneling D. Bonding E. Trunking
C
13. Improving host security through antivirus software and a firewall is ________. A. host firewalling B. host self-defense C. host hardening D. host patching E. host demilitarizing
C
13. Key functions of the AP do NOT include: A. Frame conversion primarily between WiFi and Ethernet. B. Authentication of host stations attempting to join a WiFi network. C. Dynamic allocation of radio transmission channels to neighboring wireless access points. D. MAC to prevent collisions. E. Data encryptions for secure communications with clients.
C
15. Which is a CORRECT statement on the WiFi technology? A. The Wi-mesh network uses routers for frame routing. B. The wavelength of radio waves as the WiFi medium is primarily measured in GHz. C. Radio waves used for WiFi are in the frequency range of microwaves. D. WiFi uses the ring topology to deploy APs. E. WiFi uses licensed frequency ranges of the radio spectrum.
C
16. The ________ is a password cracking method that relies on a computer's powerful processing capability. A. worm B. social engineering C. dictionary attack D. packet sniffing E. port scanning
C
17. ________ is a popular security standard built into web browsers. A. Secure shell (SSH) B. Point-to-point tunneling protocol (PPTP) C. SSL D. Secure electronic transaction (SET) E. IPSec
C
19. The WPA standard has one major advantage over WAP2. What can it be? A. WPA offers stronger authentication than WPA2. B. WPA offers better quality of service than WPA2. C. Wireless NICs that support WEP can be upgraded to WPA, but not to WPA2. D. WPA has been standardized by IEEE but WPA2 has not. E. WPA is supported by more WiFi standards including 802.11g and 802.11n than WPA2.
C
3. Flooding the ________ is a popular approach to trigger DOS on a target server. Assume that the ICMP on the target server has been disabled. A. ARP request B. trace-route message C. SYN request D. telnet message E. DNS request
C
4. Choose a CORRECT statement on the WPA standard. A. WPA provides the most advanced WiFi security. B. WPA comes only in the enterprise mode that uses central authentication servers. C. WPA's encryption key in a WiFi network changes periodically. D. WPA's official standard is IEEE802.11i. E. WPA is as weak as WEP in protecting WiFi networks.
C
4. Which attack or pre-attack CAN be done without planting malware or gaining access to a victim's computer or network? A. worm B. Trojan C. DOS D. port scanning E. MAC address flooding
C
5. When an IP packet with a spurious source IP address is crafted in an attempt to bypass a firm's firewall, it is a form of ________. A. phishing B. sniffing C. spoofing D. fingerprinting E. backdooring
C
6. The ________ is a junction point that joins ISP networks together to enable packet routing over the Internet. A. gateway B. internet switching point C. internet exchange point D. internet service point E. internet portal
C
7. Which INCORRECTLY describes IPv6 addressing? A. An address is composed of two parts: 64-bit network ID and 64-bit host ID. B. Host addresses can be configured manually. C. IPv6 supports broadcasting of IP packets as IPv4 does. D. Host addresses can be dynamically provided through the DHCP service. E. The 64-bit host ID of a computer can be derived from its 48-bit MAC address.
C
11. There are two unlicensed bands used for WiFi: 2.4GHz (ranging 2.4-2.48GHz) and 5.0GHz (ranging 5.20-5.85). Which statement is CORRECT? A. The bandwidth of the 5.0GHz band is roughly four times larger than that of 2.4GHz. B. The bandwidth of the 2.4GHz band is roughly eight times larger than that of 5.0GHz. C. The bandwidth of the 2.4GHz band is roughly four times larger than that of 5.0GHz. D. The bandwidth of the 5.0GHz band is roughly eight times larger than that of 2.4GHz. E. The bandwidth of the 2.4GHz band is roughly equal to that of 5.0GHz.
D
16. Cryptography can be a tool for: A. confidentiality and authentication B. authentication and integrity C. integrity and confidentiality D. confidentiality, authentication, and integrity E. confidentiality
D
16. Which is NOT true regarding the IEEE802.11 standard? A. In North America, 11 channels are defined within the 2.4GHz frequency band. B. In North America, channels 1, 6, and 11 are non-overlapping channels of the 2.4GHz frequency band. C. An AP may periodically broadcast the beacon frame to announce its presence and it may include SSID. D. The ad hoc mode is more popular than the infrastructure mode in implementing WiFi at a university campus. E. Binding between a user station and an AP is called association.
D
17. Sometimes, the ________ is all it takes for a host station to join a WiFi network. A. digital certificate B. public key C. digital signature D. service set identifier E. beacon
D
17. When an attacker sets up his/her WNIC to broadcast a continuous stream of CTS frames, this should result in: A. MITM attack B. wardriving attack C. zombie AP attack D. DOS attack E. port scanning attack
D
18. The following information should be kept in A. local DNS servers B. root DNS servers C. DNS authority servers D. host computers E. DHCP servers
D
2. The router's ACL examines PDUs of the following protocols, EXCEPT (choose the least relevant): A. IP B. TCP C. UDP D. DNS E. ICMP
D
2. What is the key difference between the BSS and the ESS? A. Number of clients B. Number of servers C. Number of overlapping channels available D. Number of access points E. Number of wireless switches .
D
3. An AP may be in the regular AP mode or in the ________ mode. A. firewall B. modem C. router D. repeater E. switch
D
3. Which is CORRECTLY paired in terms of security requirements and technology solutions? A. data confidentiality _____ ACL B. data integrity _____ anti-spyware C. access control _____ FCS D. authentication _____ digital signature E. access control _____ cryptography
D
4. With the ________ protocol activated, when a user station wishes to transmit data, it has to obtain the AP's permission. A. Carrier Sense Multiple Access/Collision Avoidance + Acknowledgment B. Carrier Sense Multiple Access/Collision Avoidance C. Carrier Sense Multiple Access/Collision Detection D. Request to Send/Clear to Send E. Carrier Sense Multiple Access/Collision Detection + Acknowledgment
D
6. When a computer's NIC is in the promiscuous mode, it can perform ________ better. A. brute force attack B. DOS attack C. dictionary attack D. packet sniffing E. IP address spoofing
D
8. An applicant is sending an encrypted message with her/his digital signature appended. To authenticate the sender, the verifier (message receiver) uses a/the ________. A. private key of the verifier B. public key of the verifier C. private key of the applicant D. public key of the applicant E. session key
D
8. Which is CORRECT regarding the IEEE802.11 standard? A. At an enterprise network, the router translates WiFi frames into Ethernet frames. B. With 802.11n, multiple client stations can exchange data with an AP concurrently. C. The pre-shared key authentication uses SSID for authentication. D. At a home network, the pre-shared key is derived from the password/passphrase. E. The AP acts as a router in the infrastructure mode.
D
1. Choose an INCORRECT statement regarding DHCP. A. It is a protocol used to obtain temporary IP addresses. B. When a user computer is powered on, it broadcasts the DHCP request. C. A router may be programmed to provide DHCP service to requesting hosts. D. When an IP is assigned to a host, the information is updated to a DNS server. E. Many web servers obtain their IP addresses from DHCP servers.
E
1. Which statement CORRECTLY describes the IEEE802.11n standard? A. Its rated speed is less than 10Mbps. B. With channel bonding, a 2.4GHz channel and a 5.0GHz channel can be combined to create a larger channel. C. It uses a single antenna to achieve the MIMO mode. D. It does NOT support QoS as all frames get the same priority. E. The dual-band transmission can use both 2.4 and 5.0GHz concurrently.
E
11. Which is CORRECTLY paired between a VPN standard and its operational layer? A. IPSec: internet, SSL: data link B. IPSec: internet, SSL: application C. IPSec: transport, SSL: data link D. IPSec: transport, SSL: application E. IPSec: internet, SSL: transport
E
14. When a person has a 20-MB message to transmit electronically, how can she add a digital signature for sender authentication? A. By scanning her handwriting signature B. By encrypting the message with her own public key C. By encrypting the message with her own private key D. By encrypting the message digest with her own public key E. By encrypting the message digest with her own private key
E
15. Which is NOT a technology solution for user or message authentication? A. Digital signature B. Digital certificate C. Password/passphrase D. Voice/biometric recognition E. ACL
E
15. Which is NOT a well-known security threat for the WiFi LAN? A. rogue AP B. evil twin C. wardriving D. DOS E. fingerprinting
E
18. Firewalls can undertake the following functions, EXCEPT: A. packet inspection and filtering B. NAT C. detection of denial-of-service attacks D. packet filtering based on application layer information such as web content and URL addresses E. provision of digital certificates
E
18. The MAC layer of IEEE802.11 conducts the following functions, EXCEPT A. maintaining communication reliability using acknowledgments. B. controlling access (transmission) to the shared radio channel. C. protecting frames with encryption. D. authenticating client stations. E. choosing a transmission channel randomly.
E
19. Select a CORRECT statement of the IEEE802.11n standard. A. It uses CSMA/CD to control data transmissions by host stations. B. It supports only single-input-single-output between an AP and a client. C. It works only in the 2.4GHz band. D. It mandates RTS/CTS for media access control. E. It supports QoS to deliver time-sensitive frames without delays.
E
19. Which describes the transport mode of IPSec? A. IPSec servers are placed at the boundary of local sites. B. Hosts internal to a site are not aware of IPSec servers. C. When a packet in transition is in a corporate network, it remains unencrypted. D. It is a popular choice for implementing intranet-based site-to-site VPNs. E. The data field of an IP packet is protected by encryption, but not the IP header.
E
3. Which is NOT in the first 64 network address bits of IPv6? A. Regional registry prefix B. ISP prefix C. Site prefix necessary for global routing D. Subnet prefix E. TTL prefix
E
5. ________ represents an arrangement of direct links between ISPs to bypass NAPs. A. Pairing B. Channeling C. Exchanging D. Hopping E. Peering
E
6. Which function is generally NOT built into the wireless access router designed for home networking? A. wireless access point B. Ethernet switch C. DHCP server D. network address translation E. CSU/DSU
E
7. Choose an ACCURATE statement on asymmetric versus symmetric key encryption. A. In asymmetric key encryption, both parties encrypt and decrypt messages with the same single key. B. In symmetric key encryption, each party should have two keys—a public key and a private key. C. In asymmetric key encryption, only one key must be shared between communicating parties. D. Symmetric keys are longer than asymmetric keys. E. Asymmetric key encryption is slower than symmetric key encryption.
E
