it276 fall 2011 midterm student version little

8/3/2019 IT276 FALL 2011 Midterm Student Version Little

1/7

IT-276 Security + Mid Term Exam FALL 2010pg. 1

Name:__Chuck Little______________ Date__________________Questions 1-50 1pt each, total 50Questions 51-60 5 points each, total 50 Exam total = 100.

1. What Is Rule #1?

Dont be Stupid2. What type of attack takes advantage of vulnerabilities that have not

been previously revealeda. Undiscoveredb. Zero dayc. Loop backd. Glamour

3. After an attacker probes a computer or network for information, thenext attack step is to:

a. Penetrate any defensesb. Modify Security Settings

c. Circulate to other systemsd. Install a Root-Kit

4. ___________ is not revealing the type of computer, operating system,software, and network connections:

a. Hackingb. Limitingc. Cyber Queryintd. Diversity

5. What term is used to generically describe anyone who illegally breaksinto a computer system?

a. Scoundrel

b. Hackerc. Limiterd. Rogue

6. What is a general software security update intended to covervulnerabilities that have been discovered?

a. Service Packb. Patchc. Hotfixd. Bit Recycler


2/7


7. A cookie that was not created on the Web site that attempts to accessit is a:

a. First-party cookieb. Second-party cookie

c. Third-party cookied. Tertiary Cookie8. A ____________ is a list of pre-approved e-mail addresses that the user will

accept mail from.

a. White Listb. Black Listc. Client Account Access (CAA)d. POP3 forwarding list

9. Another name for a packet filter is:a. Switchb. Firewall

c. Routerd. Proxy10. A _______ is a cumulative package of all security updates plus

additional features.a. Service Packb. Patchc. Hotfixd. Bit Recycler

11. A program that pretends to clean up a hard drive but actuallyperforms a malicious activity is a:

a. Virus

b. Trojan Horsec. Root kitd. SPAM

12. A program that secretly attaches itself to a carrier (such as adocument or a program) and then executes when that document isopened or the program is launched is a:

a. Virusb. Trojan Horsec. Root kitd. SPAM

13. The first action a virus takes, once it infects a computer is to:

a. Close all portsb. Format the hard diskc. Replicate itselvd. Authenticate to the system


3/7


14. The ability to move a Virtual Machine (VM) from one physicalcomputer to another is:

a. Live Migrationb. Portable Replicationc. Hot segmentation

d. Heterogeneity15._SPYWARE__p51___ is the generic term used to describe softwarethat violates a users privacy.

a. Popupsb. Active-Xc. Adwared. Second-party Cookies

16.A firewall using ___________ is the most secure type of firewall.a. Asynchronous synthesisb. Anomaly recognitionc. Stateful packet filtering

d. Two-State Encryption17. A ___________ intercepts internal user requests and processes

that request on behalf of the usera. Proxy Serverb. Content filterc. Reverse Proxyd. SPAM detector

18. A device that routes incoming requests to the correct server is a:a. Proxy Serverb. Content filterc. Reverse Proxy

d. SPAM detector19. Subnetting is also called

a. Network Reallocationb. Subnet addressingc. IP preservationd. Address Resolution Protocol (ARP)

20. Network Address Translation(NAT):a. Makes IP and MAC addresses interchangeableb. Removes private addresses when the packet leaves the

networkc. Translates network addresses to non-english alphabets

d. Encrypts IP addresses for security21. An attack that consumes network resources so that the device(s)

can not respond to legitimate requests is a:a. ARP Spoofing Attackb. Denial of Service (DoS)c. Device Overflowd. Network disabler


4/7


22. _____ is used for Ethernet local area networks to resolve InternetProtocol Addresses (IP to MAC)

a. ARPb. SMTPc. P2P

d. FTP23. What technique is used by wireless access points to send outinformation about their presence and configuration settings?

a. Interrogation/Acknowledge (INT/ACK)b. Beaconingc. Broadcastingd. Location Frame Stamping (LFS)

24.A man-in-the-middle attack ________________________a. Intercepts legitimate communications and forges a

fictitious responseb. Can be defeated by using Secure-TCP/IP

c. Is only found on a wireless 802.11-n networkd. Is fictitious

25. In a(n) _____________ attack, the attacker overflows a switchsaddress table with fake media access control (MAC) addresses andmakes the switch act like a hub, sending packets to all devices.

a. Switch floodingb. MAC-ARP impersonationc. Address Domain Resolution (ADR)d. Address Reverse Sequencing Protocol (ARSP)

Acronyms and Terms:

Call Out the following PC-Related Acronyms List what theystand for:

Acronym Call-Out26. AD Active Directory27. ARP Address Resolution Protocol28. ASLR Address Space Layout Randomization29. BIND Berkeley Internet Name Domain30. BIOS Basic Input Output System31. DDoS Distributed Denial of Service32. DNS Domain Name Service33. DoS Denial of Service34. HIPAA Health Insurance Portability and Accountability Act35. HIPS Host Intrusion Prevention Systems36. IRC Internet Relay Chat37. MBR Master Boot Record38. NAC Network Access Card39. NAT Network Address Translation40. NIPS Network Intrusion Prevention System


5/7


Acronym Call-Out41. NIPS Network Intrusion Prevention System42. P2P Peer-to-Peer Network43. POP/POP3 Post Office Protocol44. SMTP Simple Mail Transfer Protocol

45. SNMP Simple Network Management Protocol46. SPOF47. SQL Structured Query Language48. VLAN Virtual Local Area Network49. VoIP Voice Over Internet Protocol50. XSS Cross Site Scripting

Discussion questions 10 points each (x5=50)

Answer 5 of the 10 questions (51-60)!!

51.What is the security triad? Give a definition of each term.

__________________________

__________________________

__________________________

52.Discuss Layering/Defense in Depth. What is it? Why is it important? What are

its strengths?

Layering is no more than having multiple means of defense to protect

something in the case of an attack. Multiple barriers are put in place to either

hinder or completely stop an intruder in the case of an attack.

Having Layering as a defense is important so that information, goods or

money can become protected and maintain that protection. The obvious

strengths are the built in redundancy because of its multiple layers. Due to its

structure, layered security is among the best designs of security to have.

53.In class weve discussed both homogenous and heterogeneous network

environments. What are they? List some strengths and weaknesses of each.

54.Name two of the advantages of NATting and discuss benefits.


6/7


55.Discuss three reasons that passwords are the weakest security measure

available. Password strength and security should not be put in second place

due to a weak memory. There are multiple reasons why passwords are the

weak link in security. First, some people use personal information as

passwords. For example, the use of birth dates, pet names, and spousenames are all items that can be figured out through general conversation.

Second, writing passwords down and then hiding them. This is a pet peeve of

mine. Obviously, if you write a password down anyone that finds it then has

it. If a person cant remember the password, what are the chances that they

may forget where they put the note they wrote it down on in the first place.

Finally, short passwords are not the way to go. There is less security due to

the number of characters as well as they are easier to break than longer

more complicated passwords that use special characters.

56.What is a logic bomb? Describe a hypothetical logic bomb and how it would

work. A logic bomb is a malicious unused program on a computer system.

The logic bomb will only activate based upon some sort of preset trigger. A

hypothetical logic bomb would be, a student planting a malicious program on

a school computer. This program is set up to travel to each server and

corrupt grades and GPAs. This would only be triggered if the student did not

receive an A in his security plus class.

57.What is Identity Theft? What types of privacy information are required tosteal an identity? Identity Theft is using someone elses information as your

own to establish credit, banking or incurs debt with the intention of then

never paying it back. In doing so, it is then left up to the true individual to pay

for the problem themself. By gathering social security numbers, birth dates,

account numbers addresses for home and employers, one can go far in

establishing the theft of someone elses identity.

58.What is a configuration baseline, and what security advantages does it offer

the organization?

59.Briefly describe a De-Militarized Zone (DMZ) and how it offers protection to

the network.


7/7


60.What does a content filter do? Content filters block or restrict a PC from going

out to a specific IP address or receiving correspondence from that same IP

address. With this said, they can be put in place to affect multiple addresses

not just any one particular. They can be set to restrict employees from

accessing personal networking sites such as Facebook, Skype, My-Space and

so on. They could even be used to block email service like Yahoo, AOL, Hot

Mail and the like.

it276 fall 2011 midterm student version little

Documents