exam 2_review chapter 6-10
TRANSCRIPT
-
8/2/2019 Exam 2_Review Chapter 6-10
1/39
Chapter 6
Question 1
Telnet protocol packets usually go to TCP port ____.
Answer
a. 7
b. 8
c. 14
d. 23
4 points
Question 2
Which of the following is a valid version of TACACS?
Answer
a. TACACS+
b. Extended TACACS
c. TACACS
d. All of the above
4 points
Question 3
The ____ is an intermediate area between a trusted network and an untrusted network.
Answer
a. domain
-
8/2/2019 Exam 2_Review Chapter 6-10
2/39
b. DMZ
c. perimeter
d. firewall
4 points
Question 4
The dominant architecture used to secure network access today is the ____ firewall.
Answer
a. bastion
b. static
c. screened subnet
d. unlimited
4 points
Question 5
Kerberos ____ provides tickets to clients who request services.
Answer
a. TGS
b. KDS
c. VPN
d. AS
4 points
Question 6
In SESAME, the user is first authenticated to an authentication server and receives a token. The token is
then presented to a privilege attribute server as proof of identity to gain a(n) ____.
Answer
-
8/2/2019 Exam 2_Review Chapter 6-10
3/39
a. VPN
b. PAC
c. ECMA
d. ticket
4 points
Question 7
____ inspection firewalls keep track of each network connection between internal and external systems.
Answer
a. Stateful
b. Stateless
c. Static
d. Dynamic
4 points
Question 8
Firewalls fall into ____ major processing-mode categories.
Answer
a. two
b. three
c. four
d. five
4 points
Question 9
In most common implementation models, the content filter has two components: ____.
-
8/2/2019 Exam 2_Review Chapter 6-10
4/39
Answer
a. rating and filtering
b. encryption and decryption
c. rating and decryption
d. filtering and encoding
4 points
Question 10
Since the bastion host stands as a sole defender on the network perimeter, it is commonly referred to as
the ____ host.
Answer
a. sacrificial
b. trusted
c. single
d. domain
4 points
Question 11
In recent years, the broadband router devices that can function as packet-filtering firewalls have been
enhanced to combine the features of ____.
Answer
a. WANs
b. MACs
c. WAPs
d. UDPs
4 points
-
8/2/2019 Exam 2_Review Chapter 6-10
5/39
Question 12
____ is the protocol for handling TCP traffic through a proxy server.
Answer
a. HTTPS
b. Telnet
c. SOCKS
d. FTP
4 points
Question 13
ISA Server can use ____ technology.
Answer
a. RAS
b. PNP
c. Point to Point Tunneling Protocol
d. All of the above
4 points
Question 14
The restrictions most commonly implemented in packet-filtering firewalls are based on ____.
Answer
a. IP source and destination address
b. Direction (inbound or outbound)
c. TCP or UDP source and destination port requests
-
8/2/2019 Exam 2_Review Chapter 6-10
6/39
d. All of the above
4 points
Question 15
____ and TACACS are systems that authenticate the credentials of users who are trying to access an
organizations network via a dial-up connection.
Answer
a. IPSEC
b. TUNMAN
c. RADIAL
d. RADIUS
4 points
Question 16
A(n) ____ is a private data network that makes use of the public telecommunication infrastructure,
maintaining privacy through the use of a tunneling protocol and security procedures.
Answer
a. VPN
b. KERBES
c. SESAME
d. SVPN
4 points
Question 17
The proxy server is often placed in an unsecured area of the network or is placed in the ____ zone.
Answer
a. cold
-
8/2/2019 Exam 2_Review Chapter 6-10
7/39
b. hot
c. fully trusted
d. demilitarized
4 points
Question 18
In ____ mode, the data within an IP packet is encrypted, but the header information is not.
Answer
a. symmetric
b. public
c. tunnel
d. transport
4 points
Question 19
The application gateway is also known as a(n) ____.
Answer
a. application-level firewall
b. proxy firewall
c. client firewall
d. All of the above
4 points
Question 20
____ generates and issues session keys in Kerberos.
Answer
-
8/2/2019 Exam 2_Review Chapter 6-10
8/39
a. KDC
b. TGS
c. VPN
d. AS
4 points
Question 21
____ firewalls examine every incoming packet header and can selectively filter packets based on header
information such as destination address, source address, packet type, and other key information.
Answer
a. Packet-filtering
b. MAC layer firewalls
c. Application gateways
d. Circuit gateways
4 points
Question 22
ICMP uses port ____ to request a response to a query and can be the first indicator of a malicious attack.
Answer
a. 4
b. 7
c. 8
d. 48
4 points
Question 23
-
8/2/2019 Exam 2_Review Chapter 6-10
9/39
____ firewalls are designed to operate at the media access control sublayer of the data link layer of the
OSI network model.
Answer
a. MAC layer
b. Application gateways
c. Packet filtering
d. Circuit gateway
4 points
Question 24
A ____ filtering firewall can react to an emergent event and update or create rules to deal with the
event.
Answer
a. stateless
b. stateful
c. dynamic
d. static
4 points
Question 25
____ filtering requires that the filtering rules governing how the firewall decides which packets are
allowed and which are denied be developed and installed with the firewall.
Answer
a. Stateless
b. Stateful
c. Dynamic
-
8/2/2019 Exam 2_Review Chapter 6-10
10/39
d. Static
4 points
Chapter 7
Question 1
4 out of 4 points
____ is based on the use of some measurable human characteristic or trait to authenticate the
identity of a proposed systems user.
Answer
Selected Answer: c.
Biometric access control
Question 2
4 out of 4 points
____ are decoy systems designed to lure potential attackers away from critical systems.
Answer
Selected Answer: a.
Honeypots
Question 3
4 out of 4 points
In TCP/IP networking, port ____ is not used.
Answer
Selected Answer: a.
0
Question 4
4 out of 4 points
Which of the following ports is commonly used for the HTTP protocol?
Answer
Selected Answer: d.
80
-
8/2/2019 Exam 2_Review Chapter 6-10
11/39
Question 5
4 out of 4 points
The ____ is the level at which the number of false rejections equals the false acceptances, and
is also known as the equal error rate.
AnswerSelected Answer: c.
CER
Question 6
4 out of 4 points
____ is a specially configured connection on a network device that is capable of viewing all of
the traffic that moves through the entire device.
Answer
Selected Answer: d.SPAN
Question 7
4 out of 4 points
____ is the process of classifying IDPS alerts so that they can be more effectively managed.
Answer
Selected Answer: b.
Alarm filtering
Question 8
4 out of 4 points
____ is an event that triggers an alarm when no actual attack is in progress.
Answer
Selected Answer: a.
False Attack Stimulus
Question 9
4 out of 4 points
A(n) ____ is a network tool that collects copies of packets from the network and analyzes
them.
Answer
Selected Answer: b.
packet sniffer
-
8/2/2019 Exam 2_Review Chapter 6-10
12/39
Question 10
4 out of 4 points
A(n) ____ is a proposed systems user.
Answer
Selected Answer: c.supplicant
Question 11
4 out of 4 points
Most NBA sensors can be deployed in ____ mode only, using the same connection methods
as network-based IDPSs.
Answer
Selected Answer: c.
passive
Question 12
4 out of 4 points
____ benchmark and monitor the status of key system files and detect when an intruder
creates, modifies, or deletes monitored files.
Answer
Selected Answer: a.
HIDPSs
Question 13
4 out of 4 points
A(n) ____ works like a burglar alarm in that it detects a violation (some system activities
analogous to an opened or broken window) and activates an alarm.
Answer
Selected Answer: b.
IDS
Question 14
4 out of 4 points
____ testing is a straightforward testing technique that looks for vulnerabilities in a program
or protocol by feeding random input to the program or a network running the protocol.
Answer
Selected Answer: c.
Fuzz
-
8/2/2019 Exam 2_Review Chapter 6-10
13/39
Question 15
4 out of 4 points
To determine whether an attack has occurred or is underway, NIDPSs compare measured
activity to known ____ in their knowledge base.
AnswerSelected Answer: b.
signatures
Question 16
4 out of 4 points
IDPS researchers have used padded cell and honeypot systems since the late ____.
Answer
Selected Answer: c.
1980s
Question 17
4 out of 4 points
Activities that scan network locales for active systems and then identify the network services
offered by the host systems is known as ____.
Answer
Selected Answer: d.
fingerprinting
Question 18
4 out of 4 points
Among all possible biometrics, ____ is(are) considered truly unique.
Answer
Selected Answer: d.
All of the above
Question 19
4 out of 4 points
____ is the action of luring an individual into committing a crime to get a conviction.
Answer
Selected Answer: b.
Entrapment
Question 20
-
8/2/2019 Exam 2_Review Chapter 6-10
14/39
4 out of 4 points
____ sensors are typically intended for network perimeter use, so they would be deployed in
close proximity to the perimeter firewalls, often between the firewall and the Internet border
router to limit incoming attacks that could overwhelm the firewall.
Answer
Selected Answer: c.Inline
Question 21
4 out of 4 points
Intrusion ____ activities finalize the restoration of operations to a normal state and seek to
identify the source and method of the intrusion in order to ensure that the same type of attack
cannot occur again.
Answer
Selected Answer: a.correction
Question 22
4 out of 4 points
____ are usually passive devices and can be deployed into existing networks with little or no
disruption to normal network operations.
Answer
Selected Answer: a.
NIDPSs
Question 23
4 out of 4 points
____ applications use a combination of techniques to detect an intrusion and then trace it back
to its source.
Answer
Selected Answer: d.
Trap and trace
Question 24
4 out of 4 points
A(n) ____ IDPS is focused on protecting network information assets.
Answer
Selected Answer: d.
network-based
-
8/2/2019 Exam 2_Review Chapter 6-10
15/39
Question 25
4 out of 4 points
Using ____, the system reviews the log files generated by servers, network devices, and even
other IDPSs.
AnswerSelected Answer: d.
LFM
Wednesday, March 14, 2012 10:27:14 PM CDT
Chapter 8
Question 1
The ____ protocol provides system-to-system authentication and data integrity verification, but does
not provide secrecy for the content of a network communication.
Answer
a. AH
b. SEP
c. ESP
d. HA
4 points
Question 2
A method of encryption that requires the same secret key to encipher and decipher the message is
known as ____ encryption.
Answer
-
8/2/2019 Exam 2_Review Chapter 6-10
16/39
a. public
b. asymmetric
c. private
d. symmetric
4 points
Question 3
____ is a federal information processing standard that specifies a cryptographic algorithm used within
the U.S. government to protect information in federal agencies that are not a part of the national
defense infrastructure.
Answer
a. 3DES
b. 2DES
c. AES
d. DES
4 points
Question 4
____ functions are mathematical algorithms that generate a message summary or digest to confirm the
identity of a specific message and to confirm that there have not been any changes to the content.
Answer
a. Hash
b. Encryption
c. Key
d. Map
4 points
-
8/2/2019 Exam 2_Review Chapter 6-10
17/39
Question 5
An X.509 v3 certificate binds a _____, which uniquely identifies a certificate entity, to a users public key.
Answer
a. fingerprint
b. distinguished name
c. digital signature
d. message digest
4 points
Question 6
____ attacks are a collection of brute-force methods that attempt to deduce statistical relationships
between the structure of the unknown key and the ciphertext that is the output of the cryptosystem.
Answer
a. Dictionary
b. Man-in-the-middle
c. Correlation
d. Timing
4 points
Question 7
A ____ is a key-dependent, one-way hash function that allows only specific recipients (symmetric key
holders) to access the message digest.
Answer
a. digest
b. signature
-
8/2/2019 Exam 2_Review Chapter 6-10
18/39
c. fingerprint
d. MAC
4 points
Question 8
The ____ is responsible for the fragmentation, compression, encryption, and attachment of an SSL
header to the cleartext prior to transmission.
Answer
a. SFTP
b. Standard HTTP
c. S-HTTP
d. SSL Record Protocol
4 points
Question 9
More advanced substitution ciphers use two or more alphabets, and are referred to as ____
substitutions.
Answer
a. monoalphabetic
b. polyalphabetic
c. multialphabetic
d. polynomic
4 points
Question 10
In a ____ attack, the attacker eavesdrops during the victims session and uses statistical analysis of
patterns and inter-keystroke timings to discern sensitive session information.
-
8/2/2019 Exam 2_Review Chapter 6-10
19/39
Answer
a. timing
b. correlation
c. replay
d. dictionary
4 points
Question 11
____ is the process of converting an original message into a form that is unreadable to unauthorized
individuals.
Answer
a. Decryption
b. Encryption
c. Cryptography
d. Cryptology
4 points
Question 12
Bit stream methods commonly use algorithm functions like the exclusive OR operation (_____).
Answer
a. EOR
b. NOR
c. XOR
d. OR
4 points
-
8/2/2019 Exam 2_Review Chapter 6-10
20/39
Question 13
____ is a hybrid cryptosystem that combines some of the best available cryptographic algorithms and
has become the open-source de facto standard for encryption and authentication of e-mail and file
storage applications.
Answer
a. AH
b. PGP
c. DES
d. ESP
4 points
Question 14
Digital signatures should be created using processes and products that are based on the ____.
Answer
a. NIST
b. HTTPS
c. SSL
d. DSS
4 points
Question 15
____ is the amount of effort (usually in hours) required to perform cryptanalysis to decode an encrypted
message when the key or algorithm (or both) are unknown.
Answer
a. Work factor
b. Code
-
8/2/2019 Exam 2_Review Chapter 6-10
21/39
c. Key
d. Algorithm
4 points
Question 16
____ are encrypted messages that can be mathematically proven to be authentic.
Answer
a. Message digests
b. Digital signatures
c. Message certificates
d. MAC
4 points
Question 17
The ____ algorithm was the first public key encryption algorithm developed (in 1977) and published for
commercial use.
Answer
a. MAC
b. RSA
c. DES
d. AES
4 points
Question 18
The CA periodically distributes a(n) ____ to all users that identifies all revoked certificates.
Answer
-
8/2/2019 Exam 2_Review Chapter 6-10
22/39
a. MAC
b. RA
c. AES
d. CRL
4 points
Question 19
____ is an integrated system of software, encryption methodologies, protocols, legal agreements, and
third-party services that enables users to communicate securely.
Answer
a. DES
b. MAC
c. PKI
d. AES
4 points
Question 20
SHA-1 produces a(n) _____-bit message digest, which can then be used as an input to a digital signature
algorithm.
Answer
a. 48
b. 56
c. 160
d. 256
4 points
-
8/2/2019 Exam 2_Review Chapter 6-10
23/39
Question 21
____ is the entire range of values that can possibly be used to construct an individual key.
Answer
a. Keyspace
b. Algorithm
c. Code
d. Cryptogram
4 points
Question 22
____ was developed by Phil Zimmermann and uses the IDEA Cipher for message encoding.
Answer
a. S/MIME
b. PEM
c. SSL
d. PGP
4 points
Question 23
____ is the information used in conjunction with an algorithm to create the ciphertext from the
plaintext or derive the plaintext from the ciphertext.
Answer
a. Password
b. Cipher
c. Passphrase
-
8/2/2019 Exam 2_Review Chapter 6-10
24/39
d. Key
4 points
Question 24
____ is the protocol used to secure communications across any IP-based network such as LANs, WANs,
and the Internet.
Answer
a. PEM
b. SET
c. SSH
d. IPSec
4 points
Question 25
DES uses a(n) _____-bit block size.
Answer
a. 32
b. 64
c. 128
d. 256
Chapter 9
-
8/2/2019 Exam 2_Review Chapter 6-10
25/39
Question 1
Computing and other electrical equipment in areas where water can accumulate must be uniquelygrounded, using ____ equipment.
Answer
a. HVAC
b. UPS
c. ESD
d. GFCI
4 points
Question 2
Locks can be divided into four categories based on the triggering process: manual, programmable,
electronic, and biometric.
True
False
4 points
Question 3
Interior walls reach only part way to the next floor, which leaves a space above the ceiling of the offices
but below the top of the storey. This space is called a(n) ____.
Answer
a. padding
b. kneespace
c. plenum
-
8/2/2019 Exam 2_Review Chapter 6-10
26/39
d. attic
4 points
Question 4
____ sensors work when two contacts are connected as, for example, when a foot steps on a pressure-
sensitive pad under a rug, or a window being opened triggers a pin-and-spring sensor.
Answer
a. Pressure
b. Movement
c. Motion
d. Contact and
weight
4 points
Question 5
UPS devices typically run up to ____ VA.
Answer
a. 100
b. 250
c. 500
d. 1,000
4 points
Question 6
One of the leading causes of damage to sensitive circuitry is ____.
Answer
a. ESD
-
8/2/2019 Exam 2_Review Chapter 6-10
27/39
b. CPU
c. HVAC
d. EPA
4 points
Question 7
Class ____ fires are extinguished with non-conducting agents only.
Answer
a. A
b. B
c. C
d. D
4 points
Question 8
Electronic monitoring includes ____ systems.
Answer
a. blocked video
b. local video
c. closed-circuit television
d. open-circuit television
4 points
Question 9
A device that assures the delivery of electric power without interruption is a(n) ____.
Answer
-
8/2/2019 Exam 2_Review Chapter 6-10
28/39
a. HVAC
b. UPS
c. GPS
d. GFCI
4 points
Question 10
Fire ____ systems are devices installed and maintained to detect and respond to a fire, potential fire, or
combustion danger situation.
Answer
a. prevention
b. detection
c. protection
d. suppression
4 points
Question 11
The most sophisticated locks are ____ locks.
Answer
a. manual
b. programmable
c. biometric
d. electronic
4 points
Question 12
-
8/2/2019 Exam 2_Review Chapter 6-10
29/39
A ____ system is designed to work in areas where electrical equipment is used. Instead of containing
water, the system contains pressurized air.
Answer
a. sprinkler
b. dry-pipe
c. wet-pipe
d. deluge
4 points
Question 13
Most guards have clear ____ that help them to act decisively in unfamiliar situations.
Answer
a. SOPs
b. POSs
c. OPSs
d. MACs
4 points
Question 14
When the lock of a door fails and the door becomes unlocked, it is classified as a fail-secure lock.
True
False
4 points
Question 15
In general, ESD damage to chips produces two types of failures: immediate and latent.
-
8/2/2019 Exam 2_Review Chapter 6-10
30/39
True
False
4 points
Question 16
In the ____ approach, the sensor detects an unusually rapid increase in the area temperature within a
relatively short period of time.
Answer
a. rate-of-rise
b. fixed rate
c. permanent temperature
d. fixed temperature
4 points
Question 17
____ occurs when an authorized person presents a key to open a door, and other people, who may or
may not be authorized, also enter.
Answer
a. Crowdsurfing
b. Tailgating
c. Hitchhiking
d. Freeloading
4 points
Question 18
____ sensors project and detect an infrared beam across an area.
Answer
-
8/2/2019 Exam 2_Review Chapter 6-10
31/39
a. Smoke
b. Thermal
c. Photoelectric
d. Air-aspirating
4 points
Question 19
Keycard readers based on smart cards are often used to secure computer rooms, communications
closets, and other restricted areas.
True
False
4 points
Question 20
____ involves a wide variety of computing sites that are distant from the base organizational facility and
includes all forms of telecommuting.
Answer
a. Remote site computing
b. Hot site computing
c. Telecommuting
d. Remote working
4 points
Question 21
In the ____ UPS, the internal components of the standby models are replaced with a pair of inverters
and converters.
Answer
-
8/2/2019 Exam 2_Review Chapter 6-10
32/39
a. offline
b. true online
c. ferroresonant
d. line-interactive
4 points
Question 22
Class ____ fires are extinguished by agents that remove oxygen from the fire.
Answer
a. A
b. B
c. C
d. D
4 points
Question 23
____ locks can be changed after they are put in service, allowing for combination or key changes
without a locksmith and even allowing the owner to change to another access method (key or
combination) to upgrade security.
Answer
a. Manual
b. Programmable
c. Biometric
d. Electronic
4 points
Question 24
-
8/2/2019 Exam 2_Review Chapter 6-10
33/39
Fire detection systems fall into two general categories: manual and electrical.
True
False
4 points
Question 25
____ sprinklers are the newest form of sprinkler systems and rely on ultra-fine mists instead of
traditional shower-type systems.
Answer
a. Water mist
b. Pre-action
c. Air-dry
d. Water-free
4 points
Chapter 10
Question 1
4 out of 4 points
The parallel implementation works well when an isolated group can serve as the guinea pig,
which prevents any problems with the new system from dramatically interfering with the
performance of the organization as a whole.
AnswerSelected Answer: False
Question 2
4 out of 4 points
By managing the ____, the organization can reduce unintended consequences by having a
process to resolve potential conflict and disruption that uncoordinated change can introduce.
-
8/2/2019 Exam 2_Review Chapter 6-10
34/39
Answer
Selected Answer: c.
process of change
Question 34 out of 4 points
The ____ layer of the bull's-eye model receives attention last.
Answer
Selected Answer: c.
Applications
Question 4
4 out of 4 points
A ____ is usually the best approach to security project implementation.Answer
Selected Answer: c.
phased implementation
Question 5
4 out of 4 points
The goal of the ____ is to resolve any pending issues, critique the overall effort of the project,
and draw conclusions about how to improve the process for the future.
Answer
Selected Answer: b.
wrap-up
Question 6
4 out of 4 points
Some cases of ____ are simple, such as requiring employees to use a new password beginning
on an announced date.
Answer
Selected Answer: c.direct changeover
Question 7
4 out of 4 points
The Lewin change model consists of ____.
-
8/2/2019 Exam 2_Review Chapter 6-10
35/39
Answer
Selected Answer: d.
All of the above
Question 84 out of 4 points
The ____ methodology has been used by many organizations, requires that issues be
addressed from the general to the specific, and that the focus be on systematic solutions
instead of individual problems.
Answer
Selected Answer: b.
bulls-eye
Question 9
4 out of 4 points
The task of creating a project plan is often assigned to either a project manager or the project
leader.
Answer
Selected Answer: False
Question 10
4 out of 4 points
A task or subtask becomes an action step when it can be completed by one individual or skillset and when it includes a single deliverable.
Answer
Selected Answer: True
Question 11
4 out of 4 points
The ____ involves collecting information about an organizations objectives, its technicalarchitecture, and its information security environment.
Answer
Selected Answer: a.
SecSDLC
Question 12
4 out of 4 points
A(n) ____, typically prepared in the analysis phase of the SecSDLC, must be reviewed and
-
8/2/2019 Exam 2_Review Chapter 6-10
36/39
-
8/2/2019 Exam 2_Review Chapter 6-10
37/39
____ is a simple planning tool.
Answer
Selected Answer: b.
WBS
Question 18
4 out of 4 points
The primary drawback to the direct changeover approach is that if the new system fails or
needs modification, users may be without services while the systems bugs are worked out.
Answer
Selected Answer: True
Question 19
4 out of 4 pointsThe ____ level of the bulls-eye model establishes the ground rules for the use of all systems
and describes what is appropriate and what is inappropriate, it enables all other information
security components to function correctly.
Answer
Selected Answer: d.
Policies
Question 20
4 out of 4 points
If the task is to write firewall specifications for the preparation of a(n) ____, the planner
would note that the deliverable is a specification document suitable for distribution to vendors.
Answer
Selected Answer: c.
RFP
Question 21
4 out of 4 points
Public organizations often have ____ to spend all their remaining funds before the end ofthe fiscal year.
Answer
Selected Answer: d.
-
8/2/2019 Exam 2_Review Chapter 6-10
38/39
end-of-fiscal-year spend-a-thons
Question 22
4 out of 4 points
In a ____ implementation, the entire security system is put in place in a single office,
department, or division, and issues that arise are dealt with before expanding to the rest of the
organization.
Answer
Selected Answer: a.
pilot
Question 23
4 out of 4 points
Technology ____ guides how frequently technical systems are updated, and how technical
updates are approved and funded.
Answer
Selected Answer: b.
governance
Question 24
4 out of 4 points
The date for sending the final RFP to vendors is considered a(n) ____, because it signals that
all RFP preparation work is complete.
Answer
Selected Answer: a.
milestone
Question 25
4 out of 4 points
Tasks or action steps that come after the task at hand are called ____.
Answer
Selected Answer: c.
successors
Friday, March 16, 2012 11:08:44 AM CDT
OK
http://launch%28%27/webapps/blackboard/content/listContent.jsp?content_id=_390095_1&course_id=_5048_1&nolaunch_after_review=true%27);http://launch%28%27/webapps/blackboard/content/listContent.jsp?content_id=_390095_1&course_id=_5048_1&nolaunch_after_review=true%27); -
8/2/2019 Exam 2_Review Chapter 6-10
39/39
http://launch%28%27/webapps/blackboard/content/listContent.jsp?content_id=_390095_1&course_id=_5048_1&nolaunch_after_review=true%27);