'Introduction of Information Security Systems Cis4385\r'

'1. Which if the undermenti nonpargonild IPv6 name and point guinea pigwrite is assigned to nonuple fashionholes plainly parcels will plainly be freeed to unmatchable and that(a)? a. Multicast b. Anycast c. Unicast d. Broadcast put:1 substance ab theatrical roler Responses:b. Anycast Feedback:a. An anycast c tot all told(a)y off is assigned to a root word of interfaces on multiple nodes. Packets be delivered to the â€Å" first off” interface consummately.\r\n2. R come to the foreers operate at which OSI spirit level? a. Physical b. stockpile c. inter interlocking d. session regulate:1 substance ab usancer Responses:c. profits Feedback:a. Routers operate at the meshing horizontal surface making routing decisions base on IP approaches.\r\n3. Which of the avocation is not a head-to-head IPv4 administer? necessitate all that apply. a. 192. 168. 5. 60 b. 172. 25. 6. 4 c. 10. 0. 6. 5 d. 26. 68. 6. 1 regulate:1 drug drug workr Responses:d. 26. 68. 6. 1 Feedback:a. The closed-door IP shout ranges ar as follows. IP Class Assigned Range Class A 10. 0. 0. 0-10. 255. 255. 255 Class B 172. 16. 0. 0-172. 31. 255. 255 Class C 192. 168. 0. 0-192. 168. 255. 2554. What is a master of ceremonies that evaluates net income requests from LAN windings against a mark called? a. Proxy b. Firewall c. Load balancer d. NAT waiter post:1 substance abuser Responses:a. Proxy Feedback:a. A horde that evaluates Internet requests from LAN gimmicks against a set of rules is called a proxy innkeeper. NAT servers per excogitate orphic to mankind comprehend translation; load balancers manage traffic amid cluster servers; and a firewall filters traffic base on chafe make lists.5. Which type of device defys ken of the status of combineions, thereby baring IP spoofing glide slopes? a. Stateless packet filtering firewall b. Stateful packet filtering firewall c. NAT filter d. Application-level pass oning mark off:1 puzzle oute r Responses:b. Stateful packet filtering firewall Feedback:a. A stateful packet filtering firewall is one that monitors the state of each touch baseion by examining the drumhead of each packet. Read this Chapter 2 †Why shelter is Needed\r\nA stateless packet filtering firewall does non do this. NAT filters perform moreoer private-to- familiar savoir-faire translation. An application-level gate room provides harborion to a specific application much(prenominal)(prenominal) as FTP.6. Which of the chase firewall go works at the session layer of the OSI state of warning? a. Application layer gateway b. Stateful filtering c. NAT d. Circuit-level gateway cross out:0 substance abuser Responses:c. NAT Feedback:a. Circuit-level gateways work at the Session forge of the OSI sit and apply credentials mechanisms when a TCP or UDP fellowship is established; they affect as a go amidst for the Trans look and Application levels in TCP/IP.After the conjunctive has been m ade, packets give up flow between the hosts without further checking. Circuit-level gateways hide nurture to the highest degree the private vane, however they do not filter case-by-case packets.7. Which of the undermentioned be the two main functions of a proxy server? a. Caching of weathervane pages b. NAT c. cosmos enfranchisement d. DHCP row:1 drug user Responses:a. Caching of entanglement pages,c. Domain credentials Feedback:a. A proxy server restrains a interlock by affirming machines burn down buoy it anon.; it does this by the use of NAT. It as well improves web exercise by caching web pages from servers on the Internet for a set amount of time. b. A proxy server watertights a network by keeping machines behind it anonymous; it does this finished the use of NAT. It also improves web accomplishment by caching web pages from servers on the Internet for a set amount of time.8. Which of the side by side(p) devices spate detect tho not keep agg resss crosswise the sinless network? a. NIDS b. Host-based IDS c. NIPS d. communications protocol Analyzer tick off:1 exploiter Responses:a. NIDS Feedback:a. lucre Intrusion staining Systems (NIDS) detect but do not thwart flesh outs across the entire network. Host-based IDS thunder mug entertain whole the host on which it is installed. Network Intrusion safeguard Systems (NIPS) plenty detect and block onslaughts across the entire network. A communications protocol Analyzer usher out puzzle traffic but not act upon it.9. When a NIPs blocks real traffic, what is it know as? a. imitative interdict b. squargon(a) negative c. False positive d. True positive scar:1 user Responses:c. False positive Feedback:a. A blocking of traffic is a positive meet, and when it is in response to legitimate traffic, it is considered a fictional action; thus it is a false positive. A false negative would be when an action is non back outn on traffic that is not legitimate. The contrastive two options be normal actions; a line up negative is the allowing of legitimate traffic, whereas a true positive is the blocking of illegitimate traffic.10. Which of the chase types of NIPS reacts to actions that deviate from a baseline? a. Signature-based b. Heuristic c. Anomaly-based d. Bit blocker course of instruction:1 substance abuser Responses:c. Anomaly-based Feedback:a. Anomaly-based NIPS recognizes traffic that is fantastic and re airs it. Signature-based NIPs argon configured with the signatures of dishonours. Heuristics looks for regulations in the traffic, whereas bit blocker is a not a type of NIPs.11. Which of the by-line establishment of ruless attempt to stop the leakage of surreptitious info, oft concentrating on communications? a. DHCP b. DNS c. DLP d. STP musical score:1 substance abuser Responses:c. DLP Feedback:a. selective information loss cake (DLP) formations argon intentional to protect information by way of content i nspection. They ar meant to stop the leakage of confidential selective information, a good deal concentrating on communications. As much(prenominal), they be often also referred to as info leak saloon (DLP) devices, breeding leak keep onion (ILP) devices, and extrusion foreseeion systems.Regardless, they ar int lay offed to be utilize to keep entropy from leaking past a data processor system or network and into unwanted hands.12. When a phoner buys fire insurance they are ____________ bump. a. accepting b. avoiding c. enthralring d. cut back floor:1 user Responses:c. enthralring Feedback:a. It is possible to transfer some take a chance to a ternion-party. An example of risk transference (also known as risk sharing) would be an government that purchases insurance for a group of servers in a datacenter.The organization still takes on the risk of losing data in the case of server failure, theft, and disaster, but transfers the risk of losing the money those ser vers are worth in the case they are lose.13. Which of the sideline processes block impertinent files that use JavaScript or images from loading into the web browser? a. universal resource locator filtering b. Content filtering c. Malware inspection d. Blacklists commemorate:1 exploiter Responses:b. Content filtering Feedback:a. Content filtering is a process that blocks orthogonal files that use JavaScript or images from loading into the browser. URL filtering blocks pages based on the URL.Malware inspection looks for malware based on a signature file, and blacklists are items to be denied by netmail filters.14. Which of the side by side(p) actions should not be taken for the default on account on a network device? a. Delete it. b. Change the password. c. Disable it. d. Leave it as is. enjoin:1 user Responses:d. Leave it as is. Feedback:a. The default account has a well-known username and password, so it should be either deleted or disenabled, or at a minimum its passwor d should be changed.15. Firewall rules are typically based in all but which of the succeeding(a)? a. IP addresses b. mack addresses c. embrasure rime . Content type array:1 drug user Responses:d. Content type Feedback:a. Firewall rules are typically based on IP addresses, mac addresses, or behavior numbers, but they tidy sumnot filter for content.16. Which of the succeeding(a) is the target of a double tagging ack-ack? a. VPNs b. VLANs c. Collision domains d. demilitarized zones hit:1 exploiter Responses:b. VLANs Feedback:a. A double tagging fervor backside enable the assaulter to view traffic from multiple VLANs.17. A network created to allow inlet to resources from the Internet, magic spell maintaining separation from the upcountry network is called a ______? a. VPN b. VLAN c. king protea d. DMZ swan:1 exploiter Responses:d. DMZ Feedback:a. When talking about data processor protection, a Demilitarized Zone (DMZ) is a modified subject field of the network ( sometimes referred to as a subnetwork) that houses servers which host information accessed by clients or otherwise networks on the Internet, but which does not allow access to the internal network.18. How tin access to the conflicting trouble of a router be protected? a. Content filtering b. ACLs c. Firewalls d. IPS distinguish:0 exploiter Responses:c. Firewalls Feedback:a. Remote access to a router is unremarkably done via Telnet or SSH. The bearing apply (vty line) rag out be ensured employ an access go steady list. The other options commode all be employ to swear out protect routers but not access the upstage commission function.19. You compulsion to allow access from your network to all web sites. What style numbers should be opened in the firewall? Choose all that apply. a. 25 b. 443 c. 80 d. 119 e. 22 f. 23 degree:1 substance abuser Responses:c. 80 Feedback:a. HTTP and HTTPS are the two runs you sine qua non to allow access to use fashions 80 and 443 r espectively.20. Which of the interest mitigation techniques chiffonier retard mackintosh flooding? a. repair VLANs b. Prevent ICMP responses c. 802. 1x d. 802. 1q run:1 drug user Responses:c. 802. 1x Feedback:a. mac flooding, which involves overwhelming the memory of the switch with MAC frames sourced from different MAC addresses, can be prevented by requiring authentication on each embrasure with 802. 1x. Secure VLANs cannot prevent this be rationality the frames don’t need to enter a VLAN to cause the job. ICMP is at Layer 3, these frames are at Layer 2, and 802. 1q is a VLAN tagging protocol that does not prevent frames from entering the switch through access embrasures.21. Which of the following efforts cannot be mitigated with a flood guard? a. Smurf endeavour b. Fraggle c. Teardrop snipe d. Session theft vagabond:1 substance abuser Responses:d.Session theft Feedback:a. The smurf, fraggle, and teardrop fights all involve move a flood of packets to a device , using different types of malformed packets. A session theft advance is when a session cookie is stolen and employ to evidence to a server.22. Loop protection is intentional to address puzzles that occur with which device? a. Switch b. Hub c. Router d. Firewall course of action:0 drug user Responses:b. Hub Feedback:a. Loops occur when switches have redundant connections make a loop. Loop guard (or loop protection) can prevent loops on the switch.23. When creating an ACL which of the following dictations is NOT true? a.The order of the rules is im appearanceant for right functioning b. You moldiness include a disavow all statement at the end of the rule set for proper functioning c. The more specific rules should be set at the beginning of the rule list d. once created, the ACL must be applied to an interface aim:1 substance abuser Responses:b. You must include a deny all statement at the end of the rule set for proper functioning Feedback:a. on that point is an impli ed deny all statement at the end of each ACL and it is not necessary to include one.24. Which of the following is an example of in well(p) network bridging in a LAN? a. Laptop connected to a hotspot and an ad hoc network . Laptop connected to a piano tuner network and the wired LAN at the same time c. Router connected to two subnets d. PC connected with two NIC to the same LAN Grade:1 user Responses:b. Laptop connected to a wireless network and the wired LAN at the same time Feedback:a. When a laptop connects to a wireless network and the wired LAN at the same time, it can create a bridge over between the two allowing access to the LAN. The other scenarios do not create a tribute problem for the LAN.25. When the administrator creates a rule on the firewall to prevent FTP traffic, this is a type of __________rule. . implicit deny b. implicit allow c. uttered deny d. limpid allow Grade:1 substance abuser Responses:c. explicit deny Feedback:a. When traffic is specified to be p revented, it is an explicit deny. When it is denied simply because it was not specifically allowed, that is an implicit deny.26. Network rag aver (NAC) is an example of_______________. a. role-based heed b. rules-based management c. port-based access d. application layer filtering Grade:1 exploiter Responses:b. rules-based management Feedback:a. Network Access Control (NAC) uses rules by which connections to a network are governed.Computers attempting to connect to a network are denied access unless they conform to with rules including levels of anti calculator virus protection, system updates, and so on†trenchantly weeding out those who would perpetuate malicious flamings.27. What type of device is required for communication between VLANs? a. Hub b. Switch c. Router d. Firewall Grade:1 substance abuser Responses:c. Router Feedback:a. Hosts in different VLANs are also in different subnets and routing must be performed for them to communicate.28. Which of the following wou ld be least likely to be fit(p) in the DMZ? a. Web server b. DNS server c. Domain directler d. FTP serverGrade:1 exploiter Responses:c. Domain controller Feedback:a. All the options except a domain controller are often position in the DMZ so they are neighborly to the outside world. A DC however is excitable and should NOT be determined in the DMZ.29. Subnetting a network creates segmentation at which layer of the OSI manakin? a. Layer 1 b. Layer 2 c. Layer 3 d. Layer 4 Grade:1 drug user Responses:c. Layer 3 Feedback:a. Subnetting a network creates segmentation using IP addresses, which is Layer 3.30. What service is required to repre displace multiple private IP addresses with a single public IP address? a. NAT b. DHCP c. DNS d. DLP Grade:0User Responses:a. NAT Feedback:a. Network Address Translation (NAT) is required to represent multiple private IP addresses with a single public IP address. The specific form of NAT required to represent multiple private IP addresses with a single public IP address is called Port Address Translation (PAT).31. Which of the following is NOT a remote access protocol? a. MS- gadfly b. CHAP c. LDAP d. PAP Grade:1 User Responses:c. LDAP Feedback:a. light Directory Access Protocol is utilise for accessing directory go such as Active Directory. It is not use in remote access. All other options are remote access protocols.32. Which of the following devices are susceptible to war dialing? a. Modems b. Firewalls c. Content filters d. Load balancers Grade:0 User Responses:a. Modems Feedback:a. Any devices that accept phone calls such as modems or PBX systems with remote phone access are susceptible to war dialing.33. When computers are not allowed to connect to the network without proper warrantor measure patches and virus updates, the network is using a form of _____________. a. PAT b. DAC c. NAC d. DMZ Grade:0 User Responses:d. DMZ Feedback:a. Network Access Control (NAC) uses rules by which connections to a network are governed.Computers attempting to connect to a network are denied access unless they comply with rules including levels of antivirus protection, system updates, and so onâ€effectively weeding out those who would perpetuate malicious attacks.34. Which of the following items do not need to be changed on a new router to ensure secure router management? a. IP address b. decision maker name c. Administrator password d. IOS form Grade:1 User Responses:d. IOS version Feedback:a. All the options except the IOS version can be set to defaults from the factory and should be changed because they are well known.35. Which of the following is NOT an example of grease ones palms reckon? a. SaaS b. IaaS c. PaaS d. BaaS Grade:1 User Responses:d. BaaS Feedback:a. Software as a serve (SaaS), Infrastructure as a answer (IaaS), and platform as a Service (PaaS) are all forms of calumniate computer science.36. On which concept is misdirect computing based? a. load balancing b. virtualization c. RAID d. DLP Grade:1 User Responses:b. virtualization Feedback:a. All forms of veil computing use virtualization.37. A three legged gross profit is a form of ______________. a. VPN b. DMZ c. NAT d. ACL Grade:1 User Responses:b. DMZ Feedback:a. A three-legged circuit is a firewall or server with three NICs: one pointed to the LAN, one to the Internet, and one to the DMZ.38. Which of the following is NOT a benefit provided by subnetting? a. It increases certification by compartmentalizing the network. b. It is a more efficient use of IP address space. c. It reduces ship traffic and contacts. d. It eases administration of the network. Grade:1 User Responses:d. It eases administration of the network. Feedback:a. Subnetting provides a number of benefits but easing administration is not one of them.39. Which of the following is the expiry of implementing VLANs? . Larger broadcast domains b. Smaller collision domains c. Smaller broadcast domains d. Larger collision domains Grade:1 U ser Responses:c. Smaller broadcast domains Feedback:a. VLANs pick up the network into subnets and as such result in smaller broadcast domains.40. Which of the following services helps conserve public IP addresses? a. NAT b. DHCP c. DNS d. gaucherie Grade:0 User Responses:c. DNS Feedback:a. By allowing the use of private IP addresses wrong each network and by representing those groups of private IP addresses with a single public IP address, public IP addresses are conserve by NAT.41. Which of the following remote access protocols are utilise with VPNs? Choose all that apply. a. PPTP b. PPP c. L2TP d. SLIP Grade:1 User Responses:c. L2TP,d. SLIP Feedback:a. Point-to-Point Tunneling Protocol (PPTP) and Layer Two Tunneling protocol (L2TP) are utilize with VPNs. PPP and SLIP are used for dial-up. /b. Point-to-Point Tunneling Protocol (PPTP) and Layer Two Tunneling protocol (L2TP) are used with VPNs. PPP and SLIP are used for dial-up.42. Which of the following hostage protocols opera tes at the network layer of the OSI model? a. IPSec b. SSH c. SSL d. TLS Grade:1 User Responses:a. IPSec Feedback:a.One of the detect features of IPSec is its mental process at the network layer enabling it to protect any type of communication operating at the upper layers of the OSI model.43. Which of the following are components of SNMP? Choose all that apply. a. NMS b. IPSec c. Agent d. CARP Grade:1 User Responses:b. IPSec,c. Agent Feedback:a. The three components of SNMP are a network management system (NMS), agent package, and the managed device, where the agent software operates. /b. The three components of SNMP are a network management system (NMS), agent software, and the managed device, where the agent software operates.44. SSL is knowing as a secure replacement for which of the following? a. PPP b. Telnet c. TLS d. SSH Grade:0 User Responses:d. SSH Feedback:a. SSL is designed as a secure replacement for Telnet, which transmits in clear text.45. Which of the following p rotocols supersedes SSL? a. SSH b. TLS c. S/MIME d. EAP Grade:0 User Responses:a. SSH Feedback:a. TLS 1. 2, the latest version, is used when establishing an HTTPS connection and supersedes SSLv3.46. The operation of which of the following protocols makes the SYN flood attack possible? a. IPX/SPX b. AppleTalk c. TCP/IP d. RIP Grade:1 User Responses:c. TCP/IP Feedback:a.TCP/IP uses a three-way handshake for its connection, and the SYN flood attack attempts to take advantage of the operation of this connection operation.47. Which of the following provides secure web access? a. SFTP b. HTTP c. HTTPS d. SSH Grade:1 User Responses:c. HTTPS Feedback:a. HTTPS uses port 443 and is the measuring for secure web access.48. SCP is a secure copy protocol that uses the port of which other protocol for transfers? a. HTTPS b. SSH c. SSL d. FTPS Grade:0 User Responses:d. FTPS Feedback:a. Secure copy (SCP) is another example of a protocol that uses another protocol (and its corresponding port). It us es SSH and ultimately uses port 22 to transfer data.49. Which of the following protocols is abused when a ping flood occurs? a. SNMP b. IGMP c. ICMP d. EIGRP Grade:0 User Responses:a. SNMP Feedback:a. Ping floods use ICMP echo request packets aimed at the target.50. Which of the following auspices mechanisms are built into IPv6? a. IPSec b. SSL c. HTTPS d. EAP Grade:1 User Responses:a. IPSec Feedback:a. IPv6 has IPSec support built in.51. What method is used by SSL to obtain and validate certificates? a. SPI b. PKI c. TLS d. EAP Grade:1 User Responses:b. PKI Feedback:a.SSL and TLS use a public Key Infrastructure (PKI) to obtain and validate certificates.52. What port number does FTPS use to protect the transmission? a. 21 b. 88 c. 443 d. 445 Grade:0 User Responses:a. 21 Feedback:a. FTPS uses SSL or TLS over port 443 to make a secure connection.53. Which of the following protocols uses port 22, usually used by SSH, to make a secure connection? a. FTPS b. SCP c. SFTP d. SSL Grade: 0 User Responses:b. SCP Feedback:a. Secure FTP (SFTP) uses port 22, the port for SSH, which is why it is also sometimes called SSH FTP.54. Which protocol uses ports 161 and 162? a. SMTP b. IMAP4 . SNMP d. IGMP Grade:0 User Responses:a. SMTP Feedback:a. SNMP is used to collect information about and make changes to devices on the network. It uses ports 161 and 162.55. Which protocol uses the same port as HTTPS? a. SCP b. FTPS c. SFTP d. IMAP4 Grade:0 User Responses:c. SFTP Feedback:a. FTP secure (FTPS) uses port 443, which is also used by HTTPS.56. Which protocol uses port 69? a. SCP b. FTPS c. TFTP d. IMAP4 Grade:1 User Responses:c. TFTP Feedback:a. TFTP uses port 69.57. What port number is used by Telnet? a. 80 b. 443 c. 21 d. 23 Grade:1 User Responses:d. 23 Feedback:a. Port 23 is used by Telnet.58. Which port does HTTP use? a. 80 b. 443 c. 21 d. 23 Grade:0 User Responses:b. 443 Feedback:a. HTTP uses port 80.59. Which port does SCP use to transfer data? a. 80 b. 22 c. 21 d. 23 Grade :0 User Responses:c. 21 Feedback:a. SCP uses SSH and thus port 22 to transfer data.60. Which protocol uses port 443? a. HTTPS b. FTPS c. TFTP d. IMAP4 Grade:1 User Responses:a. HTTPS Feedback:a. HTTPS uses port 443.61. Which two protocols use port 22? a. HTTPS b. FTPS c. SSH d. SCP Grade:2 User Responses:c. SSH,d. SCP Feedback:a. SCP uses SSH and thus port 22 to transfer data, so both protocols use this port. b. SCP uses SSH and thus port 22 to transfer data, so both protocols use this port.62. Which ports does the NetBIOS protocol uses? Choose all that apply. a. 138 b. 139 c. 137 d. 140 Grade:3 User Responses:a. 138,b. 139,c. 137 Feedback:a. The NetBIOS protocol uses ports 137 through 139. /b. The NetBIOS protocol uses ports 137 through 139. /c. The NetBIOS protocol uses ports 137 through 139.63. What protocol uses port 53? a. HTTPS b. FTPS c. SSH d. DNS Grade:0 User Responses:b. FTPS Feedback:a. DNS uses port 53.64. Which port number does RDP use? a. 3389 b. 1723 c. 1701 d. 140 Gr ade:1 User Responses:a. 3389 Feedback:a. Port 3389 is used for Remote Desktop (RDP).65. What protocol uses port 25? a. HTTPS b. SMTP c. SSH d. DNS Grade:1 User Responses:b. SMTP Feedback:a. SMTP uses port 25.66. Which of the following statements is true attentivenessing WPA and WPA2? (Choose all that apply. ) a. WPA uses 256-bit encoding. b. WPA2 uses 128-bit encoding. c. WPA uses TKIP. d. WPA2 uses AES. Grade:2 User Responses:c. WPA uses TKIP. ,d. WPA2 uses AES. Feedback:a. WPA uses TKIP 128-bit encoding, whereas WPA2 uses 256-bit AES. /b. WPA uses TKIP 128-bit encoding, whereas WPA2 uses 256-bit AES.67. Which statement is NOT true with regard to WPA2? a. Uses AES encryption b. Meets requirements of 802. 11i c. Uses TKIP encryption d. Uses 256 bit encryption Grade:1 User Responses:c. Uses TKIP encryption Feedback:a. WPA uses TKIP but WPA2 uses AES.68. Which of the following is the security provided in the original 802. 11 standard? a. WPA b. WPA2 c. WEP d. CCMP Grade:1 User R esponses:c. WEP Feedback:a. Wired same Privacy (WEP) is the security provided in the original 802. 11 standard.69. What is the authentication system that calls for a supplicant, authenticator, and authentication server called? . EAP b. WPA c. WPA2 d. WEP Grade:1 User Responses:a. EAP Feedback:a. Extensible certificate Protocol (EAP) is an authentication system that calls for a supplicant, authenticator, and authentication server.70. Which of the following implementations of EAP requires certificates on the client and the server? a. EAP-FAST b. EAP-TTLS c. PEAP d. EAP-TLS Grade:1 User Responses:d. EAP-TLS Feedback:a. EAP-TLS requires certificates on the client and the server.71. Which of the following versions of EAP is Cisco proprietary? a. LEAP b. EAP-TTLS c. PEAP d. EAP-TLS Grade:1 User Responses:a. LEAP Feedback:a. Lightweight EAP is a version that works only on Cisco devices unless the device is from a partner that participates in the Cisco matched Extensions curriculum.72. Why are MAC filters not effective in preventing access to the WLAN? a. The MAC addresses of allowed devices are tick offed in the beacon frames sent by the AP. b. The MAC addresses of allowed devices are contained in any frames sent by the allowed device. c. The administrative effort to maintain the MAC list is prohibitive. d. If the user changes his MAC address, the filter will prohibit entry. Grade:1 User Responses:b.The MAC addresses of allowed devices are contained in any frames sent by the allowed device. Feedback:a. The MAC addresses of allowed devices are contained in any frames sent by the allowed device and can be seen by those using wireless protocol analyzers. The MAC address can then be spoofed for entry.73. Which of the following frame types contain the SSID? (Choose all that apply. ) a. Beacon frames b. Data frames c. stand frames d. assay-mark frames Grade:3 User Responses:b. Data frames,c. Association frames,d. Authentication frames Feedback:a. The SSID is contain ed in all frames.If the SSID is hidden, it is removed only from the beacon frames. /b. The SSID is contained in all frames. If the SSID is hidden, it is removed only from the beacon frames. /c. The SSID is contained in all frames. If the SSID is hidden, it is removed only from the beacon frames.74. TKIP was designed to correct the shortcomings of which of the following? a. EAP b. WPA c. WEP d. WPA2 Grade:1 User Responses:c. WEP Feedback:a. TKIP was designed to correct the shortcomings of WEP. It was a temporary solution for use until the 802. 1x standard was completed.75. Which of the following encryption protocols is used with WPA2? . TKIP b. CCMP c. WEP d. DES Grade:1 User Responses:b. CCMP Feedback:a. Counter Mode with Cipher discontinue Chaining Message Authentication Code Protocol (CCMP) is the encryption protocol used with WPA2. It addresses the vulnerabilities of TKIP and meets requirements of IEEE 802. 11i.76. Which antenna types would be beat for shaping the signal away f rom the front of the structure for security purposes while still providing coverage in the other part of the building? (Choose all that apply. ) a. yagi b. Omni c. Parabolic dish d. Semidirectional Grade:2 User Responses:a. Yagi,d. Semidirectional Feedback:a.You can use a yagi antenna, which is a type of semidirectional antenna, to shape the coverage area as called for in the scenario. /b. You can use a yagi antenna, which is a type of semidirectional antenna, to shape the coverage area as called for in the scenario.77. How can you keep the animated radiation pattern of the antenna while trim the coverage area? a. Increase the effect of the transmitter. b. drop-off the power of the transmitter. c. Change the polarity of the antenna. d. Remove one of the attenuators from the line. Grade:1 User Responses:b. Decrease the power of the transmitter.Feedback:a. Reducing the power level maintains the radiation pattern while making the area of radiation smaller.78. What organization cre ated WPA? a. FCC b. Wi-Fi bail c. IEEE d. ISO Grade:1 User Responses:b. Wi-Fi Alliance Feedback:a. The Wi-Fi Alliance created WPA to address the sicknesses of WEP.79. To which standard is WPA2 designed to attach? a. 802. 16 b. 802. 11f c. 802. 11i d. 802. 11e Grade:1 User Responses:c. 802. 11i Feedback:a. WPA2 is designed to adhere to the 802. 11i security standard.80. Which of the following is the weakest form of security? a. TKIP b. WPA c. WEP d. EAP Grade:1User Responses:c. WEP Feedback:a. WEP is the weakest form of security. It has been cracked and is not suited for Enterprise WLANs.81. A ______________ attack intercepts all data between a client and a server. a. DDoS b. Man-in-the- nitty-gritty c. action replay d. Smurf Grade:1 User Responses:b. Man-in-the-middle Feedback:a. Man-in-the-middle is a type of active interception. If prospered, all communications now go through the MITM attacking computer.82. When a group of compromised systems attack a single target it is a c alled a _______________ attack. a. DDoS b. Man-in-the middle c. instant replay d. Smurf Grade:1User Responses:a. DDoS Feedback:a. A distributed denial-of-service attack occurs when a group of compromised systems launches a DDoS attack on a single target.83. When valid data transmissions are maliciously or fraudulently repeated, it is called a _______________ attack. a. DDoS b. man-in-the middle c. replay d. smurf Grade:1 User Responses:c. replay Feedback:a. When valid data transmissions are maliciously or fraudulently repeated, it is a called a replay attack.84. What attack sends large amounts of ICMP echoes, broadcasting the ICMP echo requests to every computer on its network or subnetwork? a.DDoS b. Man-in-the middle c. Replay d. Smurf Grade:1 User Responses:d. Smurf Feedback:a. A smurf attack sends large amounts of ICMP echoes, broadcasting the ICMP echo requests to every computer on its network or subnetwork. The ICMP request is sent to a broadcast address. When all hosts recei ve the ICMP broadcast request, these host send ICMP replies to the source address, which has been set to the address of the target.85. Changing your MAC address to that of another host is called ___________________. a. spear phishing b. spoofing c. pharming d. vishing Grade:1 User Responses:b. spoofing Feedback:a.Spoofing is when an assailant tails the IP or MAC address of another computer.86. Which of the following is more an aggravation than an attack? a. Spear phishing b. Spoofing c. Spam d. Vishing Grade:1 User Responses:c. Spam Feedback:a. Spam or unwanted telecommunicate is more an aggravation than an attack.87. Which of the following uses instant electronic messaging as its vehicle? a. Spim b. Spoofing c. Phishing d. Vishing Grade:1 User Responses:a. Spim Feedback:a. Spam Over Instant Messaging (SPIM) uses IM to deliver the spam.88. When VoIP phone calls are used in the hobbyhorse of social engineering, it is called__________. a. spim b. poofing c. phishing d. vishing Gra de:1 User Responses:d. vishing Feedback:a. Vishing is phishing performed with VoIP calls, which are harder to trace than regular calls.89. What type of attack is an march on plane that tries to get around firewalls and look for open ports? a. DDoS b. Man-in-the-middle c. Xmas attack d. Smurf Grade:1 User Responses:c. Xmas attack Feedback:a. Usually using Nmap, the Xmas attack is an advanced scan that tries to get around firewalls and look for open ports.90. __________________ is when an attacker redirects one website’s traffic to another bogus and possibly malicious website. a.DDoS b. Pharming c. Xmas attack d. Smurf Grade:1 User Responses:b. Pharming Feedback:a. Host files and vulnerable DNS software can also be victims of pharming attacks. Pharming is when an attacker redirects one website’s traffic to another bogus and possibly malicious website. Pharming can be prevented by carefully monitor DNS configurations and host files.91. ___________ is when a psyche tha t is not usually authorized to a server manages to get administrative permissions to resources. a. Whaling b. Pharming c. Spear phishing d. permit escalation Grade:1 User Responses:d. Privilege escalation Feedback:a.Privilege escalation is when a someone that is not normally authorized to a server manages to get administrative permissions to resources.92. Which problem is the most intemperate to contend with? a. vindictive insider curse b. Fraggle attack c. Distributed denial-of-service d. Whaling Grade:1 User Responses:a. Malicious insider threat Feedback:a. Because the attacker already is inside the network with company knowledge, a malicious insider threat is the most difficult to contend with.93. What type of attack can DNS acerbateing lead to? a. Whaling b. Pharming c. Spear phishing d. Privilege escalation Grade:0User Responses:c. Spear phishing Feedback:a. Pharming attacks lead users from a legitimate website to a malicious tally. The easiest way to do this is to pois on the DNS cache so that the DNS server sends them to the malicious site.94. powerful foreplay validation can help prevent ____________________. a. bluesnarfing b. SQL stroke c. session hijacking d. mind utilisation Grade:0 User Responses:c. session highjacking Feedback:a. SQL guesswork attacks user input in web forms that is not correctly filtered. This can be prevented with input validations.95. LDAP injection is an attack on __________________servers. . SQL b. directory c. web d. telecommunicate Grade:1 User Responses:b. directory Feedback:a. Lightweight Directory Access Protocol is a protocol used to maintain a directory of information such as user accounts or other types of objects.96. XML injection can be prevented with __________________. a. IDS b. IPS c. input validation d. complex passwords Grade:0 User Responses:d. complex passwords Feedback:a. The best way to protect against this (and all code injection techniques for that matter) is to incorporate fast input val idation.97. The .. / attack is also known as ________________. a. irectory traversal b. SQL injection c. session highjacking d. header utilisation Grade:1 User Responses:a. directory traversal Feedback:a. Directory traversal, or the .. / (dot dot slash) attack is a method to access unofficial parent (or worse, root) directories.98. _____________ is when commands and command sentence structure are entered into an application or OS. a. Directory traversal b. miss injection c. Command highjacking d. Code manipulation Grade:1 User Responses:b. Command injection Feedback:a. Command injection is when commands and command syntax are entered into an application or OS.99. Buffer overflows operate against the _________ of the computer. a. NIC b. drop off c. CPU d. memory Grade:1 User Responses:d. memory Feedback:a. A lover overflow is when a process stores data outside of the memory that the developer intended.100. What is the distinction between an XSS and XSRF attack? a. The XSS att ack exploits the consider a user’s browser has in a website, whereas the XSFR attack exploits the trust that a website has in a user’s browser. b. The XSFR attack exploits the trust a user’s browser has in a website, whereas the XSS attack exploits the trust that a website has in a user’s browser. . The XSS attack creates a archetype overflow on the website, whereas the XSFR attack creates a fender overflow on the client. d. The XSS attack creates a buffer overflow on the client, whereas the XSFR attack creates a buffer overflow on the website. Grade:1 User Responses:a. The XSS attack exploits the trust a user’s browser has in a website, whereas the XSFR attack exploits the trust that a website has in a user’s browser. Feedback:a. The XSS attack exploits the trust a user’s browser has in a website. The converse of this: the XSRF attack exploits the trust that a website has in a user’s browser. In this attack (also known as a one-click attack), the user’s browser is compromised and transmits unauthorized commands to the website.101. _______________ are placed by programmers, knowingly or inadvertently, to bypass normal authentication and other security mechanisms in place. a. Landing spots b. Backdoors c. Hotspots d. Code heels Grade:1 User Responses:b. Backdoors Feedback:a. Backdoors are placed by programmers, knowingly or inadvertently, to bypass normal authentication and other security mechanisms in place.102. An XSS attack is also called a(n) __________________ attack. a. Zero daylight b. Command injection . Xmas d. louse up site scripting Grade:1 User Responses:d. hybridisation site scripting Feedback:a. XSS attacks, also called cross site scripting attacks, exploit the trust a user’s browser has in a website through code injection, often in webforms.103. ______________can be used by spyware and can track people without their permission. a. MAC addresses b. Cookies c. IP addresses d. Attachments Grade:1 User Responses:b. Cookies Feedback:a. Cookies are text files placed on the client computer that store information about it, which could include your computer’s browsing habits and possibly user credentials.104. Which of the following attachments is the riskiest to open? a.. exe b.. pdf c.. mercantilism d.. txt Grade:1 User Responses:a.. exe Feedback:a. A . exe or executable file is one that contains a program that will do something, perhaps malicious to the computer.105. Stolen cookies can be used to launch a(n) ____________________. a. XSS attack b. SQL injection c. session highjack d. header manipulation Grade:1 User Responses:c. session highjack Feedback:a. Session cookies authenticate you to a server and can be used to highjack your session.106. Header manipulation alters information in ______________ headers. a. LDAP b. file c. HTTP . SQL Grade:1 User Responses:c. HTTP Feedback:a. Header manipulation alters information in HTTP headers and falsifi es access.107. An ActiveX control is an example of a(n) _________________. a. cookie b. add-on c. cipher d. virus Grade:1 User Responses:b. add-on Feedback:a. You can enable and disable add-on programs such as ActiveX controls in the Programs tab by clicking the Manage add-ons handout in Internet Explorer.108. When an attack targets an operating system vulnerability that is still extraterrestrial to the world in general, it is called a __________. a. P2P attack b. zero day attack c. whaling attack d. DDoS attack Grade:1User Responses:b. zero day attack Feedback:a. A zero day attack targets an operating system vulnerability that is still unknown to the world in general.109. __________________is a concept that refers to the observe of data in use, data in doing, and data at rest. a. DLP b. DHCP c. DEP d. DMS Grade:1 User Responses:a. DLP Feedback:a. Data Loss Prevention (DLP) is a concept that refers to the observe of data in use, data in motion, and data at rest. It does this th rough content inspection and is designed to prevent unauthorized use of data as well as prevent the leakage of data outside the computer (or network) that it resides.110. Which form of DLP is typically installed in data centers or server rooms? a. result DLP b. Network DLP c. shop DLP d. extensive DLP Grade:1 User Responses:c. Storage DLP Feedback:a. Storage DLP systems are typically installed in data centers or server rooms as software that inspect data at rest.111. Which of the following is an example of sire encryption? a. AppLocker b. BitLocker c. Windows protector d. Trusted Platform staff Grade:1 User Responses:b. BitLocker Feedback:a. To encrypt an entire hard turn, you need some kind of full disk encryption software.Several are currently available on the trade; one developed by Microsoft is called BitLocker.112. The beauty of hardware-based encryption devices such as HSM (and TPM) is that it is ____________ than software encryption. a. more difficult to crack b. eas ier to use than software encryption c. high-velocity than software encryption d. can be used to calculate data other than encryption keys Grade:1 User Responses:c. faster than software encryption Feedback:a. Hardware security modules (HSMs) are physical devices that act as secure cryptoprocessors.This means that they are used for encryption during secure login/authentication processes, during digital signings of data, and for allowance security systems. The beauty of hardware-based encryption devices such as HSM (and TPM) is that it is faster than software encryption.113. A _________________ is a disrupt residing on the motherboard that actually stores the encrypted keys. a. DLP b. DHCP c. DEP d. TPM Grade:1 User Responses:d. TPM Feedback:a. A Trusted Platform Module (TPM) stoppage is one residing on the motherboard that actually stores the encrypted keys.114. Which of the following is NOT required to encrypt the entire disk in Windows?Choose all that apply. a. TPM chip or USB k ey b. A hard film with two volumes c. HSM Module d. Cryptoprocessor Grade:2 User Responses:c. HSM Module,d. Cryptoprocessor Feedback:a. Hardware security modules (HSMs) are physical devices that act as secure cryptoprocessors; however, they are NOT a part of encrypting the entire disk in Windows. /b. Hardware security modules (HSMs) are physical devices that act as secure cryptoprocessors; however, they are NOT a part of encrypting the entire disk in Windows.115. Probably the most important security concern with debauch computing is _______________. . less secure connections b. loss of physical control of data c. weak authentication d. bug exploitation Grade:1 User Responses:b. loss of physical control of data Feedback:a. Probably the most important security control concern is the physical control of data that is lost when an organization makes use of cloud computing.116. Which of the following is NOT a solution to security issues surrounding cloud computing? a. Complex passwords b. Strong authentication methods c. normalization of programming d. Multiple firewalls Grade:1 User Responses:d. Multiple firewalls Feedback:a. Solutions to these security issues include complex passwords, ardent authentication methods, encryption, and standardization of programming.117. Which form of DLP is typically installed on individual computers? a. terminus DLP b. Network DLP c. Storage DLP d. Comprehensive DLP Grade:1 User Responses:a. Endpoint DLP Feedback:a. Endpoint DLP systems run on an individual computer and are usually software-based. They monitor data in use such as email communications and can control what information flows between various users.118. Where could you disable the use of removable media on a computer? a. Device manager . BIOS c. Control panel d. Programs and features Grade:1 User Responses:b. BIOS Feedback:a. BIOS settings can be used to reduce the risk of infiltration including disabling removable media including the floppy drives and eSATA and USB ports.119. What are two shortcomings of using BitLocker drive encryption? a. Weak encryption b. Expensive c. process suffers d. Shorter drive life Grade:2 User Responses:c. Performance suffers,d. Shorter drive life Feedback:a. A drive encrypted with BitLocker usually suffers in performance compared to a nonencrypted drive and could have a shorter ledge life as well. /b. A drive encrypted with BitLocker usually suffers in performance compared to a nonencrypted drive and could have a shorter shelf life as well.120. Which form of DLP is typically installed on the margin of the network? a. Endpoint DLP b. Network DLP c. Storage DLP d. Comprehensive DLP Grade:1 User Responses:b. Network DLP Feedback:a. Network DLP systems can be software or hardware solutions that are often installed on the border of the network. They inspect data that is in motion.121. Software as a service (SaaS) is a type of _____________ computing. a. HSM b. cloud c. role-based d. TPM Grade:1 User Responses:b. cl oudFeedback:a. Software as a Service (SaaS) is the most commonly used and recognized example of cloud computing. SaaS is when users access applications over the Internet that are provided by a third party.122. Which form of DLP inspects ONLY data in motion? a. Endpoint DLP b. Network DLP c. Storage DLP d. Comprehensive DLP Grade:1 User Responses:b. Network DLP Feedback:a. Network DLP systems can be software or hardware solutions that are often installed on the perimeter of the network. They inspect data that is in motion.123. Which of the following is NOT an example of cloud services? a. SaaS b. IaaS c. PaaS d. BaaS Grade:1User Responses:d. BaaS Feedback:a. Examples of cloud services include Software as a Service (SaaS), Infrastructure as a Service (IaaS), and Platform as a Service (PaaS).124. When an electronic control suffers an error, reports the error, and shuts down, it is called_____________. a. Failopen b. Failsafe c. Failclose d. Failshut Grade:1 User Responses:b. Failsafe F eedback:a. When the control fails and shuts down, it is a failsafe. When it fails and leaves a vulnerable system, it is a failopen.125. What should be the first thing you check when an intrusion has been find? a. Firewall logs b. Server logs c. Work invest logs d. tribute patches Grade:1 User Responses:a. Firewall logs Feedback:a. log is also important when it comes to a firewall. Firewall logs should be the first thing you check when an intrusion has been detected. You should know how to access the logs and how to read them.126. Which log on a Windows server is where you could learn if Joe logged in today? a. Applications b. System c. Security d. DNS Grade:1 User Responses:c. Security Feedback:a. The security log contains entries about logins and access to resources both successful and unsuccessful.127. Which of the following is NOT an example of physical security? a. Mantraps b.Security logs c. Video surveillance d. Hardware locks Grade:1 User Responses:b. Security logs Feedback: a. Security logs track activities on the network which is logical not physical security.128. Which of the following is NOT a type of door lock? a. Cipher b. Keyed c. Cardkey d. Mantrap Grade:1 User Responses:d. Mantrap Feedback:a. A mantrap is a two door system designed to prevent tailgating.129. Which of the following is NOT an example of operating system normalizeing? a. Disabling unnecessary services b. Removing the NIC c. protect management interfaces d. Password protection Grade:1 User Responses:b. Removing the NIC Feedback:a.Hardening the system should not reduce its functionality, and removing the NIC would do that.130. Which of the following standards is often referred to as port-based security? a. 802. 1x b. 802. 11 c. 802. 11n d. 802. 1 Grade:1 User Responses:a. 802. 1x Feedback:a. 802. 1x enforces perimeter security by keeping the port of the station closed until authentication is complete.131. In which type of monitor is network traffic canvas for predetermined attack patterns? a. Signature-based monitoring b. Anomaly-based monitoring c. Behavior-based monitoring d. Reactive-based monitoring Grade:1 User Responses:a. Signature-based monitoringFeedback:a. Network traffic is analyzed for predetermined attack patterns. These attack patterns are known as signatures.132. A(n) __________________ uses baseline reporting and other analyses to catch out vulnerabilities and weaknesses in systems. a. NAT b. SPA c. SLA d. PSK Grade:1 User Responses:b. SPA Feedback:a. The security posture can be defined as the risk level to which a system, or other technology element, is exposed. Security present Assessments (SPA) use baseline reporting and other analyses to entrap vulnerabilities and weaknesses in systems.133. Which of the following insinuate a problem currently occurring? . Trends b. Baselines c. Alarms d. Averts Grade:1 User Responses:c. Alarms Feedback:a. Although alerts indicate an issue that MAY need attention, alarms indicate a problem currently oc curring.134. Which of the following are undercover work controls? (Choose all that apply. ) a. IDS b. IPS c. Video cameras d. Security guard Grade:2 User Responses:a. IDS,c. Video cameras Feedback:a. perception controls, such as Intrusion Detection systems and video cameras record only activity; they do not prevent it. /b. Detection controls, such as Intrusion Detection systems and video cameras record only activity; they do not prevent it.135. Which of the following is designed to prevent tailgating? a. Mantraps b. Security logs c. Video surveillance d. Hardware locks Grade:1 User Responses:a. Mantraps Feedback:a. Mantraps use double doors to prevent tailgating.136. Which of the following is a proximity contributor? a. a security circuit board that transmits the location of the holder b. a device that tracks how close an individual is c. a security flier reader that can read the card from a length d. a card reader that locks the door when the holder is a certain distance from the door Grade:1 User Responses:c. security card reader that can read the card from a distance Feedback:a. These cards use piano tuner waves to transmit to the reader.137. By frequently updating systems and by employing other methods such as group policies and baselining, you _____________ the systems. a. pick up b. harden c. virtualize d. hardline Grade:1 User Responses:b. harden Feedback:a. By frequently updating systems and by employing other methods such as group policies and baselining, you harden the system.138. Installing service packs is a part of the ___________ process. a. baselining b. change c. scaling . security templating Grade:1 User Responses:b. hardening Feedback:a. Hardening the OS is accomplished through the use of service packs, patch management, hotfixes, group policies, security templates, and configuration baselines.139. ______________ can be described as unauthorized WAPs that inadvertently enable access to secure networks. a. scallywag access points b. sliminess twin c. war driver d. Phisher Grade:1 User Responses:a. rascal access points Feedback:a. Rogue access points can be described as unauthorized wireless access points/routers that enable access to secure networks.They differ from an diabolic twin in that an unrighteous twin is strategically placed for the purpose of accessing the network or playing a high jacking attack, whereas rogue access points loosely may be placed by employees for their convenience.140. Which wireless attacks include the introduction of radio interference? a. Rogue Access Point b. Evil twin c. war driver d. Bluesnarfing Grade:1 User Responses:b. Evil twin Feedback:a. The despicable twin attack includes pack the network to cause the send to associate with the evil twin AP.141. When executing the Evil twin attack, what evaluate must match on the Evil twin and the legitimate AP? . IP address b. SSID c. MAC address d. Admin password Grade:1 User Responses:b. SSID Feedback:a. The Evil twin attac k includes jamming the network to cause the stations to associate with the Evil twin AP. The stations will not roam to the Evil twin unless the SSID is the same as the legitimate AP.142. ________________ is when a person attempts to access a wireless network, usually while driving in a vehicle. a. fight chalking b. Radiophishing c. contend driving d. Bluesnarfing Grade:1 User Responses:c. War driving Feedback:a. War driving is when a person attempts to access a wireless\r\n'