Jump to content


40
[Offer]

Security+ Guide To Network Security Fundamentals 4th Edition



109 replies to this topic

#29 beirnem21

beirnem21

    Newbie

  • Members
  • Pip
  • 0 posts
  • 4 thanks

Posted 26 January 2012 - 09:20 PM

wonger, I can't seem to find it. HELP!!! I really need this. I ordered the book and lab disk but I an trying to get it as a .pdf so I can use search in Adobe to find things quickly.  Class starts Monday and the University forgot to order the books so I can't get the hard cover until Wed or Thur next week.  The pdf will help until then. Thanks

Edited by beirnem21, 26 January 2012 - 09:22 PM.


Thanked by 4 Members:
cyntech , bnp123 , tamijohnstin , saidrich

#30 wonger

wonger

    Member

  • Members
  • PipPip
  • 13 posts
  • 4466 thanks

Posted 27 January 2012 - 07:41 PM

http://certcollection.org/forum/topic/145898-security-guide-to-network-security-fundamentals-4th-edition/  Please go there and hit the thanks button in the first post to see the links.  Good luck in class~!!

Edited by wonger, 27 January 2012 - 07:42 PM.


Thanked by 28 Members:

#31 beirnem21

beirnem21

    Newbie

  • Members
  • Pip
  • 0 posts
  • 4 thanks

Posted 27 January 2012 - 10:02 PM

Wonger,
I owe you. I’m going back to school at 55. The VA is paying my way and therefore buying my books.  However, to have the book electronically gives me the ability to use Acrobat’s “find” feature. And thet is a BIG plus for us old farts. You ARE the man!

#32 jchimposhow

jchimposhow

    Newbie

  • Members
  • Pip
  • 0 posts
  • 3 thanks

Posted 29 January 2012 - 09:46 PM

Extra super thanks Wonger! Getting the hard book sent to me but I hate anything but ebooks...



Thanked by 3 Members:
tsk666 , kristopheru , spectre503

#33 maka219

maka219

    Newbie

  • Members
  • Pip
  • 0 posts
  • 1865 thanks

Posted 03 February 2012 - 11:58 PM

Sorry for the long break but I am back and here are the answers for chapter 1-8. Save them before it gets taken down. GL to all in your studies! All of these still need to be numbered and organized better for anyone that wants to. All of these answers should be right.

Chapter 1 Review Questions Solutions
  • Each of the following is a reason why it is difficult to defend against today’s attackers except _______.
  • complexity of attack tools
  • weak patch distribution
  • greater sophistication of attacks
  • delays in patching hard work software products
  • In a general sense “security” is _______.
  • protection from only direct actions
  • using reverse attack vectors (RAV) for protection
  • only available on hardened computers and systems
  • the necessary steps to protect a person or property from harm
  • _____ ensures that only authorized parties can view the information.
  • Confidentiality
  • Availability
  • Integrity
  • Authorization
  • Each of the following is a successive layer in which information security is achieved except _______.
  • products
  • purposes
  • procedures
  • people
  • By definition a(n) _____ is a person or thing that has the power to carry out a threat.
  • vulnerability
  • exploit
  • threat agent
  • risk
  • _____ ensures that the individual is who they claim to be.
  • Authentication
  • Accounting
  • Access control
  • Certification
  • Each of the following is a goal of information security except _______.
  • Foil cyberterrorism
  • Avoid legal consequences
  • Decrease user productivity
  • Prevent data theft
  • The _____ requires that enterprises must guard protected health information and implement policies and procedures to safeguard it.
  • Hospital Protection and Insurance Association Agreement (HPIAA)
  • Sarbanes-Oxley Act (Sarbox)
  • Gramm-Leach-Bliley Act (GLBA)
  • Health Insurance Portability and Accountability Act (HIPAA)
  • Utility companies, telecommunications, and financial services are considered prime targets of _____ because attackers can significantly disrupt business and personal activities by destroying a few targets.
  • white hat hackers
  • script kiddies
  • computer spies
  • cyberterrorists
  • After an attacker probed a network for information the next step is to _______.
  • penetrate any defenses
  • paralyze networks and devices
  • circulate to other systems
  • modify security settings
  • An organization that purchased security products from different vendors is demonstrating which security principle?
  • obscurity
  • diversity
  • limiting
  • layering
  • Each of the following can be classified as an “insider” except _______.
  • business partners
  • contractors
  • cybercriminals
  • employees
  • _____ are a  network of attackers, identity thieves, and financial fraudsters.
  • Script kiddies
  • Hackers
  • Cybercriminals
  • Spies
  • Each of the following is a characteristic of cybercriminals except _______.
  • better funded
  • less risk-averse
  • low motivation
  • more tenacious
  • Each of the following is a characteristic of cybercrime except
  • targeted attacks against financial networks
  • exclusive use of worms and viruses
  • unauthorized access to information
  • theft of personal information
  • An example of a(n) _____ is a software defect in an operating system that allows an unauthorized user to gain access to a computer without a password.
  • threat agent
  • threat
  • vulnerability
  • asset exploit (AE)
  • _____ requires banks and financial institutions to alert customers of their policies and practices in disclosing customer information and to protect all electronic and paper containing personally identifiable financial information.
  • California Savings and Loan Security Act (CS&LSA)
  • Gramm-Leach-Bliley Act (GLBA)
  • USA Patriot Act
  • Sarbanes-Oxley Act (Sarbox)
  • The term _____ is sometimes used to identify anyone who illegally breaks into a computer system.
  • hacker
  • cyberterrorist
  • Internet Exploiter
  • cyberrogue
  • An example of _____is not revealing the type of computer, operating system, software, and network connection a computer uses.
  • obscurity
  • limiting
  • diversity
  • layering
  • The _____ is primarily responsible for assessment, management, and implementation of security
  • security manager
  • security administrator
  • Chief Information Security Officer (CISO)
  • security technician

Edited by maka219, 04 February 2012 - 12:10 AM.


Thanked by 22 Members:
takhisis , satanforaday , azura29 , tqc , singer6322 , jazzyficon , laleaverton , tsk666 , emotosell , marz04 , Kellwing , corg78 , terryelkins1 , kristopheru , spectre503 , liyanagelnp , berlin2003 , HMD , sammy4u2 , Akadin , quan864 , taruin

#34 maka219

maka219

    Newbie

  • Members
  • Pip
  • 0 posts
  • 1865 thanks

Posted 04 February 2012 - 12:00 AM

Chapter 2 Review Question Answers
  • A(n) _____ requires a user to transport it from one computer to another.
  • worm
  • rootkit
  • virus
  • Trojan
  • Each of the following is an action that a virus can take except _______.
  • Transport itself through the network to another device
  • Cause a computer to crash
  • Erase files from a hard drive
  • Make multiple copies of itself and consumed all of the free space in a hard drive
  • Each of the following is a different type of computer virus except _______.
  • program virus
  • macro virus
  • remote virus
  • boot virus
  • Li downloads a program that prints out coupons but in the background it silently collects her passwords.  Li has actually downloaded a(n) _____.
  • virus
  • worm
  • Trojan
  • logic bomb
  • To completely remove a rootkit from a computer you should _______.
  • flash the ROM BIOS
  • erase and reinstall all files in the WINDOWS folder
  • expand the Master Boot Record
  • reformat the hard drive and reinstall the operating system
  • Each of the following could be a logic bomb except _______.
  • Erase all data if John Smith’s name is removed from the list of employees
  • Reformat the hard drive three months after Susan Jones left the company
  • Send spam e-mail to all users
  • If the company’s stock price drops below $10 then credit Jeff Brown with ten additional years of retirement credit
  • _____ is an image spam that is divided into multiple images and each piece of the message is divided and then layered to create a complete and legible message.
  • Word splitting
  • Geometric variance
  • GIF layering
  • Split painting
  • _____ is a general term used for describing software that gathers information without the user’s consent.
  • Adware
  • Scrapeware
  • Pullware
  • Spyware
  • Each of the following is true regarding a keylogger except _______.
  • Hardware keyloggers are installed between the keyboard connector and computer keyboard or USB port
  • Software keyloggers are easy to detect
  • Keyloggers can be used to capture passwords, credit card numbers, or personal information
  • Software keyloggers can be designed to automatically send captured information back to the attacker through the Internet
  • The preferred method today of bot herders for command and control of zombies is to use _______.
  • Internet Relay Chat (IRC)
  • e-mail
  • Hypertext Transport Protocol (HTTP)
  • spam
  • Which of the following is a social engineering technique that uses flattery on a victim?
  • Conformity
  • Friendliness
  • Fear
  • Ingratiation
  • _____ sends phishing messages only to wealthy individuals.
  • Spear phishing
  • Target phishing
  • Microing
  • Whaling
  • _____ is unsolicited instant messaging.
  • Spam
  • Vishing
  • SMS Phishing (SMS-P)
  • Spim
  • Erin pretends to be a manager from another city and calls Nick to trick him into giving to her his password.  What social engineering attack has Erin performed?
  • Aliasing
  • Luring
  • Impersonation
  • Duplicity
  • How can an attacker use a hoax?
  • A hoax could convince a user that a bad Trojan is circulating and that he should change his security settings.
  • By sending out a hoax an attacker can convince a user to read his e-mail more often.
  • A user who receives multiple hoaxes could contact his supervisor for help.
  • Hoaxes are not used by attackers today.
  • Which of the following is not an item that could be retrieved through dumpster diving that would provide useful information?
  • Calendars
  • Memos
  • Organizational charts
  • Books
  • _____ is following an authorized person through a secure door.
  • Tagging
  • Tailgating
  • Social Engineering Following (SEF)
  • Backpacking
  • Each of the following is the reason why adware is scorned except _______.
  • It displays the attackers programming skills
  • It displays objectionable content
  • It can cause a computer to crash or slow down
  • It can interfere with a user’s productivity
  • An attacker who controls multiple zombies in a botnet is known as a(n) _______.
  • Zombie shepherd
  • Rogue IRC
  • Bot herder
  • Cyber-robot
  • Observing from a distance a user who enters a keypad code is known as _______.
  • shoulder surfing
  • piggybacking
  • spoofing
  • watching


Thanked by 14 Members:
azura29 , tqc , singer6322 , laleaverton , tsk666 , Kellwing , corg78 , kristopheru , atom2 , spectre503 , berlin2003 , Akadin , quan864 , taruin

#35 maka219

maka219

    Newbie

  • Members
  • Pip
  • 0 posts
  • 1865 thanks

Posted 04 February 2012 - 12:01 AM

Chapter 3 Review Question Answers
  • A _____ attack exploits previously unknown vulnerabilities.
  • virus resource
  • shock and awe
  • surprise
  • zero day
  • Why can traditional networking security devices NOT be used to block Web application attacks?
  • Traditional network security devices ignore the content of HTTP traffic, which is the vehicle of Web application attacks.
  • Web application attacks use Web browsers that cannot be controlled on a local computer.
  • Network security devices cannot prevent attacks from Web resources.
  • The complex nature of TCP/IP allows for too many ping sweeps to be blocked.
  • Attackers use buffer overflows to ___________.
  • corrupt the kernel so the computer cannot reboot
  • point to another area in data memory that contains the attacker’s malware code
  • place a virus into the kernel
  • erase buffer overflow signature files
  • What is unique about a cross site scripting (XSS) attack compared to other injection attacks?
  • SQL code is used in an XSS attack
  • XSS requires the use of a browser
  • XSS does not attack the Web application server to steal or corrupt its information
  • XSS attacks are rarely used anymore compared to other injection attacks
  • Each of the following can be used in an XSS attack except _____________.
  • HTML
  • Javascript
  • Adobe Flash
  • ICMP
  • A cookie that was not created by the Web site being viewed is called a ___________.
  • first-party cookie
  • second-party cookie
  • third-party cookie
  • fourth-party cookie
  • The basis of a SQL injection attack is ___________.
  • to inject SQL statements through unfiltered user input
  • to have the SQL server attack client Web browsers
  • to link SQL servers into a botnet
  • to expose SQL code so that it can be examined
  • Which of the following cannot be performed through a successful SQL injection attack?
  • Display a list of customer telephone numbers
  • Discover the names of different fields in a table
  • Erase a database table
  • Reformat the Web application server’s hard drive
  • A markup language that is designed to carry data is ___________.
  • ICMP
  • HTTP
  • HTML
  • XML
  • When an attacker can access files in directories other than the root directory this is known as a(n) _____ attack.
  • Command injection
  • Directory traversal
  • SQL injection
  • XML injection
  • A(n) _____ attack modifies the fields that contain the different characteristics of the data that is being transmitted.
  • HTML packet
  • SQL injection
  • XML manipulation
  • HTTP header
  • Which of the following cookies only lasts for the duration of visiting the Web site?
  • Session
  • Persistent
  • Temporary
  • RAM
  • What is a session token?
  • A random string assigned by a Web server
  • The same as a third-party cookie
  • A unique identifier that includes the user’s e-mail address
  • XML code used in an XML injection attack
  • Which of the following is not a security concern of the ActiveX add-on?
  • The person who signed the control may not have properly assessed the control’s safety.
  • A malicious ActiveX control can affect all users of that computer.
  • ActiveX can be integrated with Javascript.
  • ActiveX does not have safeguards and has full access to the Windows operating system.
  • Which of the following is not a DoS attack?
  • Ping flood
  • SYN flood
  • Push flood
  • Smurf
  • What type of attack intercepts legitimate communication and forges a fictitious response to the sender?
  • Man-in-the-middle
  • Interceptor
  • SQL intrusion
  • SIDS
  • A replay attack ___________.
  • makes a copy of the transmission for use at a later time
  • replays the attack over and over to flood the server
  • can be prevented by patching the Web browser
  • is considered to be a type of DoS attack
  • _____ is used to discover the MAC address of a client based on its IP address.
  • Ping
  • ICMP
  • DNS
  • ARP
  • DNS poisoning ___________.
  • is rarely found today due to the use of host tables
  • can attack an external DNS server
  • is the same as ARP poisoning
  • floods a DNS server with requests until it can no longer respond
  • _____ involves using a third party to gain access rights.
  • Transitive access
  • Privilege escalation
  • Active Rights Scaling (ARS)
  • Directory traversal


Thanked by 15 Members:
azura29 , singer6322 , laleaverton , aciavolino , Kellwing , corg78 , kristopheru , jonnygrifff , atom2 , spectre503 , berlin2003 , Akadin , quan864 , yubbyubb , taruin

#36 maka219

maka219

    Newbie

  • Members
  • Pip
  • 0 posts
  • 1865 thanks

Posted 04 February 2012 - 12:01 AM

Chapter 4 Review Questions Answers
  • A _____ is a systematic and methodical evaluation of the exposure of assets to attackers, forces of nature, or any other entity that is a potential harm.
  • penetration test
  • vulnerability scan
  • vulnerability assessment
  • risk appraisal (RAP)
  • Each of the following can be classified as an asset except ______.
  • business partners
  • buildings
  • employee databases
  • accounts payable
  • Each of the following is a step in risk management except ______.
  • attack assessment
  • vulnerability appraisal
  • threat evaluation
  • risk mitigation
  • Which of the following is true regarding vulnerability appraisal?
  • Vulnerability appraisal is always the easiest and quickest step
  • Every asset must be viewed in light of each threat
  • Each threat could reveal multiple vulnerabilities
  • Each vulnerability should be cataloged
  • A threat agent _____.
  • is limited to attacks using viruses and worms
  • does not include natural disasters
  • is something that cannot be determined in advance
  • is a person or entity with the power to carry out a threat against an asset
  • _____ constructs scenarios of the types of threats that assets can face in order to learn who the attackers are, why they attack, and what types of attacks may occur.
  • Vulnerability prototyping
  • Risk assessment
  • Attack assessment
  • Threat modeling
  • What is a current snapshot of the security of an organization?
  • Vulnerability appraisal
  • Risk evaluation
  • Threat mitigation
  • Liability reporting
  • The _____ is the proportion of an asset’s value that is likely to be destroyed by a particular risk.
  • Exposure Factor (EF)
  • Single Loss Expectancy (SLE)
  • Annualized Rate of Occurrence (ARO)
  • Annualized Loss Expectancy (ALE)
  • Which of the following is NOT an option for dealing with risk?
  • Eliminate the risk
  • Accept the risk
  • Diminish the risk
  • Transfer the risk
  • ________ is a comparison of the present security state of a system compared to a standard established by the organization.
  • Risk mitigation
  • Baseline reporting
  • Comparative Resource Appraisal (CRA)
  • Horizontal comparables
  • Each of the following is a state of a port that can be returned by a port scanner except _____.
  • open
  • busy
  • blocked
  • closed
  • Each of the following is true regarding TCP SYN port scanning except ______.
  • it uses FIN messages that can pass through firewalls and avoid detection
  • instead of using the operating system's network functions, the port scanner generates IP packets itself and monitors for responses
  • the scanner host closes the connection before the handshake is completed
  • this scan type is also known as “half-open scanning” because it never actually opens a full TCP connection
  • The protocol File Transfer Protocol (FTP) uses which two ports?
  • 19 and 20
  • 20 and 21
  • 21 and 22
  • 22 and 23
  • A protocol analyzer places the computer’s network interface card (NIC) adapter into _____ mode.
  • promiscuous
  • full
  • view
  • real
  • Each of the following is a function of a vulnerability scanner except ______.
  • detect which ports are served and which ports are browsed for each individual system
  • alert users when a new patch cannot be found
  • maintain a log of all interactive network sessions
  • detect when an application is compromised
  • Which of the following is true of the Open Vulnerability and Assessment Language (OVAL)?
  • It only functions on Linux-based computers.
  • It attempts to standardize vulnerability assessments.
  • It has been replaced by XML.
  • It is a European standard and is not used in the Americas.
  • Which of the following is not true regarding a honeypot?
  • It is typically located in an area with limited security.
  • It contains real data files because attackers can easily identify fake files.
  • It cannot be part of a honeynet.
  • It can direct an attacker’s attention away from legitimate servers.
  • Which of the following is true of vulnerability scanning?
  • It uses automated software to scan for vulnerabilities.
  • The testers are always outside of the security perimeter.
  • It may disrupt the operation of the network or systems.
  • It produces a short report of the attack methods and value of the exploited data.
  • If a tester is given the IP addresses, network diagrams, and source code of customer applications, then she is using which technique?
  • Black box
  • White box
  • Gray box
  • Blue box
  • If a software application aborts and leaves the program open, which control structure is it using?
  • Fail-safe
  • Fail-secure
  • Fail-open
  • Fail-right


Thanked by 15 Members:
mx900 , emiliepatterson , azura29 , tqc , laleaverton , Kellwing , corg78 , kristopheru , atom2 , spectre503 , berlin2003 , Akadin , quan864 , yubbyubb , taruin

#37 maka219

maka219

    Newbie

  • Members
  • Pip
  • 0 posts
  • 1865 thanks

Posted 04 February 2012 - 12:02 AM

Chapter 5 Review Question Answers
  • The residential lock most often used for keeping out intruders is the _______.
  • privacy lock
  • passage lock
  • keyed entry lock
  • encrypted key lock
  • A lock that extends a solid metal bar into the door frame for extra security is the _______.
  • deadman’s lock
  • full bar lock
  • deadbolt lock
  • triple bar lock
  • A mantrap _______.
  • is illegal in the U.S.
  • monitors and controls two interlocking doors to a room
  • is a special keyed lock
  • requires the use of a cipher lock
  • Which of the following cannot be used along with fencing as a security perimeter?
  • Vapor barrier
  • Rotating spikes
  • Roller barrier
  • Anti-climb paint
  • A _____ can be used to secure a mobile device.
  • cable lock
  • mobile chain
  • security tab
  • mobile connector
  • Which of the following is not used to secure a desktop computer?
  • Data encryption
  • Screen locking
  • Remote wipe/sanitation
  • Strong passwords
  • Which is the first step in securing an operating system?
  • Implement patch management
  • Configure operating system security and settings
  • Perform host software baselining
  • Develop the security policy
  • A typical configuration baseline would include each of the following except _______.
  • changing any default settings that are insecure
  • eliminating any unnecessary software
  • enabling operating system security features
  • performing a security risk assessment
  • Which of the following is NOT a Microsoft Windows setting that can be configured through a security template?
  • Account Policies
  • User Rights
  • Keyboard Mapping
  • System Services
  • ________ allows for a single configuration to be set and then deployed to many or all users.
  • Group Policy
  • Active Directory
  • Snap-In Replication (SIR)
  • Command Configuration
  • A _____ addresses a specific customer situation and often may not be distributed outside that customer's organization.
  • rollup
  • service pack
  • patch
  • hotfix
  • Which of the following is NOT an advantage to an automated patch update service?
  • Administrators can approve or decline updates for client systems, force updates to install by a specific date, and obtain reports on what updates each computer needs.
  • Downloading patches from a local server instead of using the vendor’s online update service can save bandwidth and time because each computer does not have to connect to an external server.
  • Users can disable or circumvent updates just as they can if their computer is configured to use the vendor’s online update service.
  • Specific types of updates that the organization does not test, such as hotfixes, can be automatically installed whenever they become available.
  • Each of the following is a type of matching used by anti-virus software except _______.
  • string scanning
  • wildcard scanning
  • match scanning
  • mismatch scanning
  • How does heuristic detection detect a virus?
  • A virtualized environment is created and the code is executed in it.
  • A string of bytes from the virus is compared against the suspected file.
  • The bytes of a virus are placed in different “piles” and then used to create a profile.
  • The virus signature file is placed in a suspended chamber before streaming to the CPU.
  • A cross-site request forgery (XSRF) _________.
  • is used to inherit the identity and privileges of the victim
  • is identical to cross-site scripting (XSS)
  • cannot be blocked
  • can only be used with a Web-based e-mail client
  • Which of the following is a list of approved e-mail senders?
  • whitelist
  • blacklist
  • greylist
  • greenlist
  • A(n) _____ can provide details regarding requests for specific files on a system.
  • audit log
  • access log
  • report log
  • file log
  • Errors that occur while an application is running are called _______.
  • exceptions
  • faults
  • liabilities
  • conventions
  • Which is the preferred means of trapping user input for errors?
  • Input validation
  • On-Trap input
  • Escaping
  • Fuzz testing
  • Each of the following is true about data loss prevention (DLP) except _______.
  • it can only protect data in use
  • it can scan data on a DVD
  • it can read inside compressed files
  • a policy violation can generate a report or block the data


Thanked by 10 Members:
azura29 , tqc , laleaverton , Kellwing , corg78 , Nick963 , berlin2003 , Akadin , quan864 , taruin

#38 maka219

maka219

    Newbie

  • Members
  • Pip
  • 0 posts
  • 1865 thanks

Posted 04 February 2012 - 12:02 AM

Chapter 6 Review Question Answers
  • Which of the following is true about subnetting?
  • It requires the use of a Class B network.
  • It divides the network IP address on the boundaries between bytes.
  • It provides very limited security protection.
  • It is also called subnet addressing.
  • A virtual LAN (VLAN) allows devices to be grouped _____________.
  • based on subnets
  • logically
  • directly to hubs
  • only around core switches
  • Which of the following devices is easiest for an attacker to take advantage of in order to capture and analyze packets?
  • hub
  • switch
  • router
  • load balancer
  • Which of the following is not an attack against a switch?
  • MAC flooding
  • ARP address impersonation
  • ARP poisoning
  • MAC address impersonation
  • Which of the following is not true regarding a demilitarized zone (DMZ)?
  • It provides an extra degree of security.
  • It typically includes an e-mail or Web server.
  • It can be configured to have one or two firewalls.
  • It contains servers that are only used by internal network users.
  • Which of the following is true about network address translation (NAT)?
  • It substitutes MAC addresses for IP addresses.
  • It removes private addresses when the packet leaves the network.
  • It can only be found on core routers.
  • It can be stateful or stateless.
  • Which of the following is not an advantage of a load balancer?
  • The risk of overloading a desktop client is reduced.
  • Network hosts can benefit from having optimized bandwidth.
  • Network downtime can be reduced.
  • DoS attacks can be detected and stopped.
  • Which is another name for a packet filter?
  • proxy server
  • reverse proxy server
  • DMZ
  • firewall
  • A _____ firewall allows the administrator to create sets of related parameters that together define one aspect of the device’s operation.
  • rule-based
  • host-based
  • signature-based
  • settings-based
  • A(n) _____ intercepts internal user requests and then processes that request on behalf of the user.
  • content filter
  • host detection server
  • proxy server
  • intrusion prevention device
  • A reverse proxy _________________.
  • only handles outgoing requests
  • is the same as a proxy server
  • must be used together with a firewall
  • routes incoming requests to the correct server
  • Which is the preferred location for a spam filter?
  • Install the spam filter with the SMTP server.
  • Install the spam filter on the POP3 server.
  • Install the spam filter on the proxy server.
  • Install the spam filter on the local host client.
  • A _____ watches for attacks and only sounds an alert when one occurs.
  • network intrusion prevention system (NIPS)
  • proxy intrusion device
  • network intrusion detection system (NIDS)
  • firewall
  • A multipurpose security device is known as a(n) _______.
  • unified attack management system (UAMS)
  • intrusion detection/prevention device
  • all-in-one network security appliance
  • proxy security system (PSS)
  • Each of the following can be used to hide information about the internal network except ___________.
  • a protocol analyzer
  • a proxy server
  • network address translation (NAT)
  • subnetting
  • What is the difference between a network intrusion detection system (NIDS) and a network intrusion prevention system (NIPS)?
  • A NIPS can take actions quicker to combat an attack.
  • A NIDS provides more valuable information about attacks.
  • A NIPS is much slower because it uses protocol analysis.
  • There is no difference because a NIDS and a NIPS are equal.
  • A variation of NAT that is commonly found on home routers is _______.
  • Port address translation (PAT)
  • Network proxy translation (NPT)
  • Network address IP transformation (NAIPT)
  • Subnet transformation (ST)
  • If a device is determined to have an out-of-date virus signature file, then Network Access Control (NAC) can redirect that device to a network by _______.
  • a Trojan horse
  • TCP/IP hijacking
  • Address Resolution Protocol (ARP) poisoning
  • DHCP man-in-the-middle
  • Each of the following is an option in a firewall rule except _______.
  • prompt
  • block
  • delay
  • allow
  • A firewall using _____ is the most secure type of firewall.
  • stateful packet filtering
  • network intrusion detection system replay
  • stateless packet filtering
  • reverse proxy analysis


Thanked by 11 Members:
azura29 , tqc , laleaverton , Kellwing , corg78 , tdogg , spectre503 , berlin2003 , Akadin , quan864 , taruin

#39 maka219

maka219

    Newbie

  • Members
  • Pip
  • 0 posts
  • 1865 thanks

Posted 04 February 2012 - 12:03 AM

Chapter 7 Review Questions Answers
  • The TCP/IP architecture uses how many layers?
  • Seven
  • Six
  • Five
  • Four
  • Which of the following would not be a valid Internet Control Message Protocol (ICMP) error message?
  • Network Unreachable
  • Host Unreachable
  • Router Delay
  • Destination Network Unknown
  • Each of the following attacks use Internet Control Message Protocol (ICMP) except _______.
  • Smurf DoS attack
  • ICMP Redirect attack
  • Ping of Death
  • ICMP poisoning
  • Which version of Simple Network Management Protocol (SNMP) is considered the most secure?
  • SNMPv2
  • SNMPv3
  • SNMPv4
  • SNMPv5
  • Which of the following Domain Name System (DNS) attacks replaces a fraudulent IP address for a symbolic name?
  • DNS replay
  • DNS poisoning
  • DNS masking
  • DNS forwarding
  • Which of the following is the most secure protocol for transferring files?
  • SCP
  • FTPS
  • SFTP
  • FTP
  • The address space in an IPv6 header is _____ bits in length.
  • 32
  • 64
  • 128
  • 256
  • Each of the following is a technique for securing a router except _______.
  • make all configuration changes remotely
  • secure all ports
  • use a meaningful router name
  • set a strong administrator password
  • Which of the following is true regarding a flood guard?
  • It is a separate hardware appliance that is located inside the DMZ.
  • It can be used on either local host systems or network devices.
  • It protects a router from password intrusions.
  • It prevents DoS or DDoS attacks.
  • Each of the following is a type of a network security hardware log except _______.
  • local host anti-virus log
  • NIDS and NIPS logs
  • proxy server log
  • firewall log
  • Each of the following is an entry in a firewall log that should be investigated except _______.
  • IP addresses that are being rejected and dropped
  • suspicious outbound connections
  • IP addresses that are being rejected and dropped
  • successful logins
  • If a group of users must be separated from other users, which is the most secure network design?
  • Use a VLAN
  • Connect them to different switches and routers
  • Use a subnet mask
  • It is impossible to separate users on a network
  • Why is loop protection necessary?
  • It denies attackers from launching DDoS attacks
  • It prevents a broadcast storm that can cripple a network
  • It must be installed before IEEE 802.1d can be implemented
  • It makes a DMZ more secure
  • What does MAC limiting and filtering do?
  • It limits devices that can connect to a switch
  • It prevents Address Resolution Protocol spoofing
  • It provides security for a router
  • It allows only approved wireless devices to connect to a network
  • In a network using IEEE 802.1x, a supplicant _______.
  • makes a request to the authenticator
  • contacts the authentication server directly
  • can only be a wireless device
  • must use IEEE 802.11d to connect to the network
  • Which of the following is true regarding security for a computer that boots to Apple Mac OS X and then runs a Windows 7 virtual machine?
  • The security of the Apple Mac OS X completely protects the Windows 7 virtual machine.
  • The security of the Windows 7 virtual machine completely protects the Apple Mac OS X.
  • The Windows 7 virtual machine needs its own security.
  • The hypervisor protects both the Apple Mac OS X and Windows 7 operating systems.
  • Which of the following is not an advantage of host virtualization?
  • Penetration testing can be performed using a simulated network environment on a computer using multiple virtual machines.
  • Only one copy of anti-virus software is needed.
  • Security patches can be tested.
  • Host operating system virtualization can be used for training purposes.
  • Which of the following is not a security concern of virtualized environments?
  • Virtual machines must be protected from both the outside world and also from other virtual machines on the same physical computer.
  • Virtual servers are less expensive than their physical counterparts.
  • Live migration can immediately move one virtualized server to another hypervisor.
  • Physical security appliances are not always designed to protect virtual systems.
  • _____ is adding digital voice clients and new voice applications onto the IP network.
  • VoIP
  • IP telephony
  • TCP/IP convergence
  • Voice packet consolidation (VPC)
  • Which of the following is not a characteristic of cloud computing?
  • Limited client support
  • On-demand self-service
  • Immediate elasticity
  • Metered services


Thanked by 9 Members:
azura29 , laleaverton , Kellwing , corg78 , spectre503 , berlin2003 , Akadin , quan864 , taruin

#40 maka219

maka219

    Newbie

  • Members
  • Pip
  • 0 posts
  • 1865 thanks

Posted 04 February 2012 - 12:03 AM

Chapter 8 Review Question Answers
  • Bluetooth falls under the category of _______.
  • local area network (LAN)
  • short area network (SAN)
  • paired-device network (PDN)
  • personal area network (PAN)
  • A Bluetooth network that contains one master and at least one slave using the same RF channel forms a _______.
  • cluster
  • grouping
  • scatteringnet
  • piconet
  • _____ is the unauthorized access of information from a wireless device through a Bluetooth connection.
  • Bluejacking
  • Bluetooth snatching
  • Bluetooth spoofing
  • Bluesnarfing
  • The IEEE _____ standard specifies a maximum rated speed of 54 Mbps using the 5 GHz spectrum.
  • 802.11
  • 802.11a
  • 802.11b
  • 802.11g
  • Each of the following is an advantage of IEEE 802.11n except _______.
  • smaller coverage area
  • faster speed
  • less interference
  • stronger security
  • Which of the following is not found in a residential WLAN gateway?
  • intrusion detection system (IDS)
  • firewall
  • router
  • dynamic host configuration protocol (DHCP)
  • Which of the following is not a requirement for war driving?
  • Wireless NIC adapter
  • antennas
  • GPS receiver
  • mobile computer device
  • The primary design of a(n) _____ is to capture the transmissions from legitimate users.
  • evil twin
  • Bluetooth grabber
  • WEP
  • rogue access point
  • Which is the following is a vulnerability of MAC address filtering?
  • The user must enter the MAC.
  • APs use IP addresses instead of MACs.
  • Not all operating systems support MACs.
  • MAC addresses are initially exchanged between wireless devices and the AP in an unencrypted format.
  • Each of the following is a limitation of turning off the SSID broadcast from an AP except _______.
  • the SSID can easily be discovered, even when it is not contained in beacon frames, because it still is transmitted in other management frames sent by the AP
  • turning off the SSID broadcast may prevent users from being able to freely roam from one AP coverage area to another
  • some versions of operating systems favor a network broadcasting an SSID over one that does not
  • users can more easily roam from one WLAN to another
  • The primary weakness of wired equivalent privacy (WEP) is ________.
  • its usage creates a detectable pattern
  • initialization vectors (IVs) are difficult for users to manage
  • it only functions on specific brands of APs
  • it slows down a WLAN from 104 Mbps to 16 Mbps
  • The two models for personal wireless security developed by the Wi-Fi Alliance are Wi-Fi Protected Access (WPA) and _____.
  • Protected Wireless Security (WPS)
  • IEEE 802.11ai
  • Postshared Key Protection (PKP)
  • Wi-Fi Protected Access 2 (WPA2)
  • WPA replaces WEP with _____.
  • Temporal Key Integrity Protocol (TKIP)
  • Cyclic Redundancy Check (CRC)
  • Message Integrity Check (MIC)
  • WPA2
  • A preshared key (PSK) of fewer than _____ characters may be subject to an attack if that key is a common dictionary word.
  • 6
  • 12
  • 16
  • 20
  • A WEP key that is 128 bits in length _____.
  • cannot be used on access points that use passphrases.
  • is less secure than a WEP key of 64 bits because shorter keys are stronger.
  • has an initialization vector (IV) that is the same length as a WEP key of 64 bits.
  • cannot be cracked because it is too long.
  • AES-CCMP is the encryption protocol standard used in ________.
  • WPA2
  • IEEE 802.11
  • WPA
  • Bluetooth
  • What is the Extensible Authentication Protocol (EAP)?
  • A subset of WPA2.
  • EAP is the protocol used in TCP/IP for authentication.
  • EAP is a framework for transporting authentication protocols.
  • A technology used by IEEE 802.11 for encryption.
  • Which technology should be used instead of LEAP?
  • STREAK
  • LEAP-2
  • REAP
  • PEAP
  • Each of the following is a type of wireless AP probe except ________.
  • wireless device probe
  • dedicated probe
  • AP probe
  • WNIC probe
  • The most flexible approach for a wireless VLAN is to have which device separate the packets?
  • firewall
  • AP
  • NIC
  • router


Thanked by 12 Members:
corbittc1 , azura29 , tqc , laleaverton , Kellwing , corg78 , kristopheru , spectre503 , berlin2003 , Akadin , quan864 , taruin

#41 maka219

maka219

    Newbie

  • Members
  • Pip
  • 0 posts
  • 1865 thanks

Posted 04 February 2012 - 12:04 AM

Chapter 9 Review Question Answers
  • A RADIUS authentication server requires that the _____ be authenticated first.
  • authentication server
  • supplicant
  • authenticator
  • user
  • Each of the following make up the AAA elements in network security except _______.
  • controlling access to network resources (authentication)
  • enforcing security policies (authorization)
  • determining user need (analyzing)
  • auditing usage (accounting)
  • With the development of IEEE 802.1x port security, the authentication server _____ has seen even greater usage.
  • RDAP
  • DAP
  • RADIUS
  • AAA
  • _____ is an authentication protocol available as a free download that runs on Microsoft Windows 7/Vista, Windows Server 2008, Apple Mac OS X, and Linux.
  • IEEE 802.1x
  • RADIUS
  • Kerberos
  • LDAP
  • The version of the X.500 standard that runs on a personal computer over TCP/IP is_____.
  • DAP
  • LDAP
  • IEEE X.501
  • Lite RDAP
  • A user entering her user name would correspond to the _____ action in access control.
  • authentication
  • identification
  • authorization
  • access
  • A process functioning on behalf of the user that attempts to access a file is known as a(n) _______.
  • object
  • subject
  • resource
  • operation check
  • The individual who periodically reviews security settings and maintains records of access by users is called the _____.
  • supervisor
  • owner
  • custodian
  • manager
  • In the _____ model, the end user cannot change any security settings.
  • Discretionary Access Control
  • Security Access Control
  • Mandatory Access Control
  • Restricted Access Control
  • Rule Based Access Control _____.
  • is considered obsolete today
  • dynamically assigns roles to subjects based on rules
  • is considered a real-world approach by linking a user’s job function with security
  • requires that a custodian set all rules
  • Separation of duties requires that _____.
  • processes should be divided between two or more individuals
  • end users cannot set security for themselves
  • managers must monitor owners for security purposes
  • jobs be rotated among different individuals
  • _____ in access control means that if a condition is not explicitly met then access is to be rejected.
  • Denial of duties
  • Implicit deny
  • Explicit rejection
  • Prevention control
  • A(n) _____ is a set of permissions that is attached to an object.
  • access control list (ACL)
  • Subject Access Entity (SAE)
  • object modifier
  • security entry designator
  • _____ is a Microsoft Windows feature that provides centralized management and configuration of computers and remote users who are using Active Directory.
  • Windows Register Settings
  • Group Policy
  • Resource Allocation Entities
  • AD Management Services (ADMS)
  • A(n) _____ constructs LDAP statements based on user inputs in order to retrieve information from the database or modify its contents.
  • SQL/LDAP insert attack
  • modified Trojan attack
  • LDAP injection attack
  • RBASE plug-in attack
  • The least restrictive access control model is _____.
  • Role Based Access Control (RBAC)
  • Mandatory Access Control (MAC)
  • Discretionary Access Control (DAC)
  • Rule Based Access Control (RBAC)
  • The principle known as _____ in access control means that each user should only be given the minimal amount of privileges necessary for that person to perform their job function.
  • Enterprise Security
  • least privilege
  • deny all
  • Mandatory Limitations
  • A(n) _____ is the person responsible for the information and determines the level of security needed for the data and delegates security duties as required.
  • owner
  • custodian
  • end user
  • administrator
  • In the Mandatory Access Control (MAC) model, every subject and object _____.
  • is restricted and cannot be accessed
  • is assigned a label
  • can be changed by the owner
  • must be given a number from 200–900
  • A user account that has not been accessed for a lengthy period of time is called a(n) _____ account.
  • orphaned
  • limbo
  • static
  • dormant


Thanked by 33 Members:

#42 wonger

wonger

    Member

  • Members
  • PipPip
  • 13 posts
  • 4466 thanks

Posted 04 February 2012 - 01:50 AM

welcome back maka

Thanked by 3 Members:
tsk666 , pjayasinghe , quan864



0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

Organization

Community

Downloads

Test Providers

Site Info


Go to top