exam 2_review chapter 6-10

8/2/2019 Exam 2_Review Chapter 6-10

1/39

Chapter 6

Question 1

Telnet protocol packets usually go to TCP port ____.

Answer

a. 7

b. 8

c. 14

d. 23

4 points

Question 2

Which of the following is a valid version of TACACS?

Answer

a. TACACS+

b. Extended TACACS

c. TACACS

d. All of the above

4 points

Question 3

The ____ is an intermediate area between a trusted network and an untrusted network.

Answer

a. domain


2/39

b. DMZ

c. perimeter

d. firewall

4 points

Question 4

The dominant architecture used to secure network access today is the ____ firewall.

Answer

a. bastion

b. static

c. screened subnet

d. unlimited

4 points

Question 5

Kerberos ____ provides tickets to clients who request services.

Answer

a. TGS

b. KDS

c. VPN

d. AS

4 points

Question 6

In SESAME, the user is first authenticated to an authentication server and receives a token. The token is

then presented to a privilege attribute server as proof of identity to gain a(n) ____.

Answer


3/39

a. VPN

b. PAC

c. ECMA

d. ticket

4 points

Question 7

____ inspection firewalls keep track of each network connection between internal and external systems.

Answer

a. Stateful

b. Stateless

c. Static

d. Dynamic

4 points

Question 8

Firewalls fall into ____ major processing-mode categories.

Answer

a. two

b. three

c. four

d. five

4 points

Question 9

In most common implementation models, the content filter has two components: ____.


4/39

Answer

a. rating and filtering

b. encryption and decryption

c. rating and decryption

d. filtering and encoding

4 points

Question 10

Since the bastion host stands as a sole defender on the network perimeter, it is commonly referred to as

the ____ host.

Answer

a. sacrificial

b. trusted

c. single

d. domain

4 points

Question 11

In recent years, the broadband router devices that can function as packet-filtering firewalls have been

enhanced to combine the features of ____.

Answer

a. WANs

b. MACs

c. WAPs

d. UDPs

4 points


5/39

Question 12

____ is the protocol for handling TCP traffic through a proxy server.

Answer

a. HTTPS

b. Telnet

c. SOCKS

d. FTP

4 points

Question 13

ISA Server can use ____ technology.

Answer

a. RAS

b. PNP

c. Point to Point Tunneling Protocol

d. All of the above

4 points

Question 14

The restrictions most commonly implemented in packet-filtering firewalls are based on ____.

Answer

a. IP source and destination address

b. Direction (inbound or outbound)

c. TCP or UDP source and destination port requests


6/39

d. All of the above

4 points

Question 15

____ and TACACS are systems that authenticate the credentials of users who are trying to access an

organizations network via a dial-up connection.

Answer

a. IPSEC

b. TUNMAN

c. RADIAL

d. RADIUS

4 points

Question 16

A(n) ____ is a private data network that makes use of the public telecommunication infrastructure,

maintaining privacy through the use of a tunneling protocol and security procedures.

Answer

a. VPN

b. KERBES

c. SESAME

d. SVPN

4 points

Question 17

The proxy server is often placed in an unsecured area of the network or is placed in the ____ zone.

Answer

a. cold


7/39

b. hot

c. fully trusted

d. demilitarized

4 points

Question 18

In ____ mode, the data within an IP packet is encrypted, but the header information is not.

Answer

a. symmetric

b. public

c. tunnel

d. transport

4 points

Question 19

The application gateway is also known as a(n) ____.

Answer

a. application-level firewall

b. proxy firewall

c. client firewall

d. All of the above

4 points

Question 20

____ generates and issues session keys in Kerberos.

Answer


8/39

a. KDC

b. TGS

c. VPN

d. AS

4 points

Question 21

____ firewalls examine every incoming packet header and can selectively filter packets based on header

information such as destination address, source address, packet type, and other key information.

Answer

a. Packet-filtering

b. MAC layer firewalls

c. Application gateways

d. Circuit gateways

4 points

Question 22

ICMP uses port ____ to request a response to a query and can be the first indicator of a malicious attack.

Answer

a. 4

b. 7

c. 8

d. 48

4 points

Question 23


9/39

____ firewalls are designed to operate at the media access control sublayer of the data link layer of the

OSI network model.

Answer

a. MAC layer

b. Application gateways

c. Packet filtering

d. Circuit gateway

4 points

Question 24

A ____ filtering firewall can react to an emergent event and update or create rules to deal with the

event.

Answer

a. stateless

b. stateful

c. dynamic

d. static

4 points

Question 25

____ filtering requires that the filtering rules governing how the firewall decides which packets are

allowed and which are denied be developed and installed with the firewall.

Answer

a. Stateless

b. Stateful

c. Dynamic


10/39

d. Static

4 points

Chapter 7

Question 1

4 out of 4 points

____ is based on the use of some measurable human characteristic or trait to authenticate the

identity of a proposed systems user.

Answer

Selected Answer: c.

Biometric access control

Question 2

4 out of 4 points

____ are decoy systems designed to lure potential attackers away from critical systems.

Answer

Selected Answer: a.

Honeypots

Question 3

4 out of 4 points

In TCP/IP networking, port ____ is not used.

Answer

Selected Answer: a.

0

Question 4

4 out of 4 points

Which of the following ports is commonly used for the HTTP protocol?

Answer

Selected Answer: d.

80


11/39

Question 5

4 out of 4 points

The ____ is the level at which the number of false rejections equals the false acceptances, and

is also known as the equal error rate.

AnswerSelected Answer: c.

CER

Question 6

4 out of 4 points

____ is a specially configured connection on a network device that is capable of viewing all of

the traffic that moves through the entire device.

Answer

Selected Answer: d.SPAN

Question 7

4 out of 4 points

____ is the process of classifying IDPS alerts so that they can be more effectively managed.

Answer

Selected Answer: b.

Alarm filtering

Question 8

4 out of 4 points

____ is an event that triggers an alarm when no actual attack is in progress.

Answer

Selected Answer: a.

False Attack Stimulus

Question 9

4 out of 4 points

A(n) ____ is a network tool that collects copies of packets from the network and analyzes

them.

Answer

Selected Answer: b.

packet sniffer


12/39

Question 10

4 out of 4 points

A(n) ____ is a proposed systems user.

Answer

Selected Answer: c.supplicant

Question 11

4 out of 4 points

Most NBA sensors can be deployed in ____ mode only, using the same connection methods

as network-based IDPSs.

Answer

Selected Answer: c.

passive

Question 12

4 out of 4 points

____ benchmark and monitor the status of key system files and detect when an intruder

creates, modifies, or deletes monitored files.

Answer

Selected Answer: a.

HIDPSs

Question 13

4 out of 4 points

A(n) ____ works like a burglar alarm in that it detects a violation (some system activities

analogous to an opened or broken window) and activates an alarm.

Answer

Selected Answer: b.

IDS

Question 14

4 out of 4 points

____ testing is a straightforward testing technique that looks for vulnerabilities in a program

or protocol by feeding random input to the program or a network running the protocol.

Answer

Selected Answer: c.

Fuzz


13/39

Question 15

4 out of 4 points

To determine whether an attack has occurred or is underway, NIDPSs compare measured

activity to known ____ in their knowledge base.

AnswerSelected Answer: b.

signatures

Question 16

4 out of 4 points

IDPS researchers have used padded cell and honeypot systems since the late ____.

Answer

Selected Answer: c.

1980s

Question 17

4 out of 4 points

Activities that scan network locales for active systems and then identify the network services

offered by the host systems is known as ____.

Answer

Selected Answer: d.

fingerprinting

Question 18

4 out of 4 points

Among all possible biometrics, ____ is(are) considered truly unique.

Answer

Selected Answer: d.

All of the above

Question 19

4 out of 4 points

____ is the action of luring an individual into committing a crime to get a conviction.

Answer

Selected Answer: b.

Entrapment

Question 20


14/39

4 out of 4 points

____ sensors are typically intended for network perimeter use, so they would be deployed in

close proximity to the perimeter firewalls, often between the firewall and the Internet border

router to limit incoming attacks that could overwhelm the firewall.

Answer

Selected Answer: c.Inline

Question 21

4 out of 4 points

Intrusion ____ activities finalize the restoration of operations to a normal state and seek to

identify the source and method of the intrusion in order to ensure that the same type of attack

cannot occur again.

Answer

Selected Answer: a.correction

Question 22

4 out of 4 points

____ are usually passive devices and can be deployed into existing networks with little or no

disruption to normal network operations.

Answer

Selected Answer: a.

NIDPSs

Question 23

4 out of 4 points

____ applications use a combination of techniques to detect an intrusion and then trace it back

to its source.

Answer

Selected Answer: d.

Trap and trace

Question 24

4 out of 4 points

A(n) ____ IDPS is focused on protecting network information assets.

Answer

Selected Answer: d.

network-based


15/39

Question 25

4 out of 4 points

Using ____, the system reviews the log files generated by servers, network devices, and even

other IDPSs.

AnswerSelected Answer: d.

LFM

Wednesday, March 14, 2012 10:27:14 PM CDT

Chapter 8

Question 1

The ____ protocol provides system-to-system authentication and data integrity verification, but does

not provide secrecy for the content of a network communication.

Answer

a. AH

b. SEP

c. ESP

d. HA

4 points

Question 2

A method of encryption that requires the same secret key to encipher and decipher the message is

known as ____ encryption.

Answer


16/39

a. public

b. asymmetric

c. private

d. symmetric

4 points

Question 3

____ is a federal information processing standard that specifies a cryptographic algorithm used within

the U.S. government to protect information in federal agencies that are not a part of the national

defense infrastructure.

Answer

a. 3DES

b. 2DES

c. AES

d. DES

4 points

Question 4

____ functions are mathematical algorithms that generate a message summary or digest to confirm the

identity of a specific message and to confirm that there have not been any changes to the content.

Answer

a. Hash

b. Encryption

c. Key

d. Map

4 points


17/39

Question 5

An X.509 v3 certificate binds a _____, which uniquely identifies a certificate entity, to a users public key.

Answer

a. fingerprint

b. distinguished name

c. digital signature

d. message digest

4 points

Question 6

____ attacks are a collection of brute-force methods that attempt to deduce statistical relationships

between the structure of the unknown key and the ciphertext that is the output of the cryptosystem.

Answer

a. Dictionary

b. Man-in-the-middle

c. Correlation

d. Timing

4 points

Question 7

A ____ is a key-dependent, one-way hash function that allows only specific recipients (symmetric key

holders) to access the message digest.

Answer

a. digest

b. signature


18/39

c. fingerprint

d. MAC

4 points

Question 8

The ____ is responsible for the fragmentation, compression, encryption, and attachment of an SSL

header to the cleartext prior to transmission.

Answer

a. SFTP

b. Standard HTTP

c. S-HTTP

d. SSL Record Protocol

4 points

Question 9

More advanced substitution ciphers use two or more alphabets, and are referred to as ____

substitutions.

Answer

a. monoalphabetic

b. polyalphabetic

c. multialphabetic

d. polynomic

4 points

Question 10

In a ____ attack, the attacker eavesdrops during the victims session and uses statistical analysis of

patterns and inter-keystroke timings to discern sensitive session information.


19/39

Answer

a. timing

b. correlation

c. replay

d. dictionary

4 points

Question 11

____ is the process of converting an original message into a form that is unreadable to unauthorized

individuals.

Answer

a. Decryption

b. Encryption

c. Cryptography

d. Cryptology

4 points

Question 12

Bit stream methods commonly use algorithm functions like the exclusive OR operation (_____).

Answer

a. EOR

b. NOR

c. XOR

d. OR

4 points


20/39

Question 13

____ is a hybrid cryptosystem that combines some of the best available cryptographic algorithms and

has become the open-source de facto standard for encryption and authentication of e-mail and file

storage applications.

Answer

a. AH

b. PGP

c. DES

d. ESP

4 points

Question 14

Digital signatures should be created using processes and products that are based on the ____.

Answer

a. NIST

b. HTTPS

c. SSL

d. DSS

4 points

Question 15

____ is the amount of effort (usually in hours) required to perform cryptanalysis to decode an encrypted

message when the key or algorithm (or both) are unknown.

Answer

a. Work factor

b. Code


21/39

c. Key

d. Algorithm

4 points

Question 16

____ are encrypted messages that can be mathematically proven to be authentic.

Answer

a. Message digests

b. Digital signatures

c. Message certificates

d. MAC

4 points

Question 17

The ____ algorithm was the first public key encryption algorithm developed (in 1977) and published for

commercial use.

Answer

a. MAC

b. RSA

c. DES

d. AES

4 points

Question 18

The CA periodically distributes a(n) ____ to all users that identifies all revoked certificates.

Answer


22/39

a. MAC

b. RA

c. AES

d. CRL

4 points

Question 19

____ is an integrated system of software, encryption methodologies, protocols, legal agreements, and

third-party services that enables users to communicate securely.

Answer

a. DES

b. MAC

c. PKI

d. AES

4 points

Question 20

SHA-1 produces a(n) _____-bit message digest, which can then be used as an input to a digital signature

algorithm.

Answer

a. 48

b. 56

c. 160

d. 256

4 points


23/39

Question 21

____ is the entire range of values that can possibly be used to construct an individual key.

Answer

a. Keyspace

b. Algorithm

c. Code

d. Cryptogram

4 points

Question 22

____ was developed by Phil Zimmermann and uses the IDEA Cipher for message encoding.

Answer

a. S/MIME

b. PEM

c. SSL

d. PGP

4 points

Question 23

____ is the information used in conjunction with an algorithm to create the ciphertext from the

plaintext or derive the plaintext from the ciphertext.

Answer

a. Password

b. Cipher

c. Passphrase


24/39

d. Key

4 points

Question 24

____ is the protocol used to secure communications across any IP-based network such as LANs, WANs,

and the Internet.

Answer

a. PEM

b. SET

c. SSH

d. IPSec

4 points

Question 25

DES uses a(n) _____-bit block size.

Answer

a. 32

b. 64

c. 128

d. 256

Chapter 9


25/39

Question 1

Computing and other electrical equipment in areas where water can accumulate must be uniquelygrounded, using ____ equipment.

Answer

a. HVAC

b. UPS

c. ESD

d. GFCI

4 points

Question 2

Locks can be divided into four categories based on the triggering process: manual, programmable,

electronic, and biometric.

True

False

4 points

Question 3

Interior walls reach only part way to the next floor, which leaves a space above the ceiling of the offices

but below the top of the storey. This space is called a(n) ____.

Answer

a. padding

b. kneespace

c. plenum


26/39

d. attic

4 points

Question 4

____ sensors work when two contacts are connected as, for example, when a foot steps on a pressure-

sensitive pad under a rug, or a window being opened triggers a pin-and-spring sensor.

Answer

a. Pressure

b. Movement

c. Motion

d. Contact and

weight

4 points

Question 5

UPS devices typically run up to ____ VA.

Answer

a. 100

b. 250

c. 500

d. 1,000

4 points

Question 6

One of the leading causes of damage to sensitive circuitry is ____.

Answer

a. ESD


27/39

b. CPU

c. HVAC

d. EPA

4 points

Question 7

Class ____ fires are extinguished with non-conducting agents only.

Answer

a. A

b. B

c. C

d. D

4 points

Question 8

Electronic monitoring includes ____ systems.

Answer

a. blocked video

b. local video

c. closed-circuit television

d. open-circuit television

4 points

Question 9

A device that assures the delivery of electric power without interruption is a(n) ____.

Answer


28/39

a. HVAC

b. UPS

c. GPS

d. GFCI

4 points

Question 10

Fire ____ systems are devices installed and maintained to detect and respond to a fire, potential fire, or

combustion danger situation.

Answer

a. prevention

b. detection

c. protection

d. suppression

4 points

Question 11

The most sophisticated locks are ____ locks.

Answer

a. manual

b. programmable

c. biometric

d. electronic

4 points

Question 12


29/39

A ____ system is designed to work in areas where electrical equipment is used. Instead of containing

water, the system contains pressurized air.

Answer

a. sprinkler

b. dry-pipe

c. wet-pipe

d. deluge

4 points

Question 13

Most guards have clear ____ that help them to act decisively in unfamiliar situations.

Answer

a. SOPs

b. POSs

c. OPSs

d. MACs

4 points

Question 14

When the lock of a door fails and the door becomes unlocked, it is classified as a fail-secure lock.

True

False

4 points

Question 15

In general, ESD damage to chips produces two types of failures: immediate and latent.


30/39

True

False

4 points

Question 16

In the ____ approach, the sensor detects an unusually rapid increase in the area temperature within a

relatively short period of time.

Answer

a. rate-of-rise

b. fixed rate

c. permanent temperature

d. fixed temperature

4 points

Question 17

____ occurs when an authorized person presents a key to open a door, and other people, who may or

may not be authorized, also enter.

Answer

a. Crowdsurfing

b. Tailgating

c. Hitchhiking

d. Freeloading

4 points

Question 18

____ sensors project and detect an infrared beam across an area.

Answer


31/39

a. Smoke

b. Thermal

c. Photoelectric

d. Air-aspirating

4 points

Question 19

Keycard readers based on smart cards are often used to secure computer rooms, communications

closets, and other restricted areas.

True

False

4 points

Question 20

____ involves a wide variety of computing sites that are distant from the base organizational facility and

includes all forms of telecommuting.

Answer

a. Remote site computing

b. Hot site computing

c. Telecommuting

d. Remote working

4 points

Question 21

In the ____ UPS, the internal components of the standby models are replaced with a pair of inverters

and converters.

Answer


32/39

a. offline

b. true online

c. ferroresonant

d. line-interactive

4 points

Question 22

Class ____ fires are extinguished by agents that remove oxygen from the fire.

Answer

a. A

b. B

c. C

d. D

4 points

Question 23

____ locks can be changed after they are put in service, allowing for combination or key changes

without a locksmith and even allowing the owner to change to another access method (key or

combination) to upgrade security.

Answer

a. Manual

b. Programmable

c. Biometric

d. Electronic

4 points

Question 24


33/39

Fire detection systems fall into two general categories: manual and electrical.

True

False

4 points

Question 25

____ sprinklers are the newest form of sprinkler systems and rely on ultra-fine mists instead of

traditional shower-type systems.

Answer

a. Water mist

b. Pre-action

c. Air-dry

d. Water-free

4 points

Chapter 10

Question 1

4 out of 4 points

The parallel implementation works well when an isolated group can serve as the guinea pig,

which prevents any problems with the new system from dramatically interfering with the

performance of the organization as a whole.

AnswerSelected Answer: False

Question 2

4 out of 4 points

By managing the ____, the organization can reduce unintended consequences by having a

process to resolve potential conflict and disruption that uncoordinated change can introduce.


34/39

Answer

Selected Answer: c.

process of change

Question 34 out of 4 points

The ____ layer of the bull's-eye model receives attention last.

Answer

Selected Answer: c.

Applications

Question 4

4 out of 4 points

A ____ is usually the best approach to security project implementation.Answer

Selected Answer: c.

phased implementation

Question 5

4 out of 4 points

The goal of the ____ is to resolve any pending issues, critique the overall effort of the project,

and draw conclusions about how to improve the process for the future.

Answer

Selected Answer: b.

wrap-up

Question 6

4 out of 4 points

Some cases of ____ are simple, such as requiring employees to use a new password beginning

on an announced date.

Answer

Selected Answer: c.direct changeover

Question 7

4 out of 4 points

The Lewin change model consists of ____.


35/39

Answer

Selected Answer: d.

All of the above

Question 84 out of 4 points

The ____ methodology has been used by many organizations, requires that issues be

addressed from the general to the specific, and that the focus be on systematic solutions

instead of individual problems.

Answer

Selected Answer: b.

bulls-eye

Question 9

4 out of 4 points

The task of creating a project plan is often assigned to either a project manager or the project

leader.

Answer

Selected Answer: False

Question 10

4 out of 4 points

A task or subtask becomes an action step when it can be completed by one individual or skillset and when it includes a single deliverable.

Answer

Selected Answer: True

Question 11

4 out of 4 points

The ____ involves collecting information about an organizations objectives, its technicalarchitecture, and its information security environment.

Answer

Selected Answer: a.

SecSDLC

Question 12

4 out of 4 points

A(n) ____, typically prepared in the analysis phase of the SecSDLC, must be reviewed and


36/39


37/39

____ is a simple planning tool.

Answer

Selected Answer: b.

WBS

Question 18

4 out of 4 points

The primary drawback to the direct changeover approach is that if the new system fails or

needs modification, users may be without services while the systems bugs are worked out.

Answer

Selected Answer: True

Question 19

4 out of 4 pointsThe ____ level of the bulls-eye model establishes the ground rules for the use of all systems

and describes what is appropriate and what is inappropriate, it enables all other information

security components to function correctly.

Answer

Selected Answer: d.

Policies

Question 20

4 out of 4 points

If the task is to write firewall specifications for the preparation of a(n) ____, the planner

would note that the deliverable is a specification document suitable for distribution to vendors.

Answer

Selected Answer: c.

RFP

Question 21

4 out of 4 points

Public organizations often have ____ to spend all their remaining funds before the end ofthe fiscal year.

Answer

Selected Answer: d.


38/39

end-of-fiscal-year spend-a-thons

Question 22

4 out of 4 points

In a ____ implementation, the entire security system is put in place in a single office,

department, or division, and issues that arise are dealt with before expanding to the rest of the

organization.

Answer

Selected Answer: a.

pilot

Question 23

4 out of 4 points

Technology ____ guides how frequently technical systems are updated, and how technical

updates are approved and funded.

Answer

Selected Answer: b.

governance

Question 24

4 out of 4 points

The date for sending the final RFP to vendors is considered a(n) ____, because it signals that

all RFP preparation work is complete.

Answer

Selected Answer: a.

milestone

Question 25

4 out of 4 points

Tasks or action steps that come after the task at hand are called ____.

Answer

Selected Answer: c.

successors

Friday, March 16, 2012 11:08:44 AM CDT

OK
http://launch%28%27/webapps/blackboard/content/listContent.jsp?content_id=_390095_1&course_id=_5048_1&nolaunch_after_review=true%27);http://launch%28%27/webapps/blackboard/content/listContent.jsp?content_id=_390095_1&course_id=_5048_1&nolaunch_after_review=true%27);


39/39
http://launch%28%27/webapps/blackboard/content/listContent.jsp?content_id=_390095_1&course_id=_5048_1&nolaunch_after_review=true%27);

exam 2_review chapter 6-10

Documents