Archives

Total software reinstallation effectively addresses data loss. Answer: The most common attack against a wireless network is a wireless DoS attack. Answer: FALSE Under current U.S. federal laws, if a company allows personal information to be stolen, it may be […]

If a PC fails its initial NAC health assessment, it may be ________. A) refused access B) allowed to go to a remediation server and other nonsensitive resources C) Either A or B D) Neither A nor B Answer: ________ […]

The Microsoft Windows Server interface looks like the interface in ________. A) client versions of Microsoft Windows B) UNIX C) Both A and B D) Neither A nor B Answer: Allowing an attacker to continue working in a system after […]

Border management ________. A) is no longer important because there are so many ways to bypass borders B) is close to a complete solution to access control C) Both A and B D) Neither A nor B Answer: What protection […]

The most common form of deletion in Windows-based systems is nominal deletion. Answer: Trade secret theft can occur through interception, hacking, and other traditional cybercrimes. Answer: TRUE Incident response is defined as reacting to incidents according to plan. Answer: TRUE […]

A(n) ________ is defined as an attack that comes before fixes are released. A) exploit B) zero-day attack C) worm D) anomaly attack Answer: ________ ciphers leave letters in their original positions. A) Transposition B) Substitution C) Both A and […]

Misappropriation of assets is an example of employee financial theft. Answer: The first task in establishing a cryptographic system is selecting a cryptographic system standard for the dialogue. Answer: TRUE When a hashing algorithm is applied, the hash will ALWAYS […]

Flooding the frequency of a wireless network is one method attackers use to affect the network. Answer: Security tends to impede functionality. Answer: TRUE Vulnerability testing typically is not outsourced. Answer: FALSE CLIs usually are easier to learn than GUIs. […]

The attacker sends a mal-formed TCP segment. The victim host sends back a TCP RST message. This exchange verifies that the victim host exists and has a certain IP address. Answer: Prosecuting attackers in other countries is relatively straightforward under […]

Firewall appliances need little or no hardening before they are installed. Answer: File/directory data backup copies data, programs, configurations, and registry settings. Answer: FALSE Different honest people can make different ethical decisions in a given situation. Answer: TRUE Programmers can […]

Botnets usually have multiple owners over time. Answer: Wireless attacks avoid the access points to limit detection. Answer: FALSE In authentication, the party trying to provide its identity to the other party is called the applicant. Answer: FALSE Scripts do […]

In this book, when internet is spelled with a capital I, it means the global Internet. Answer: Backed-up data must be physically stored on something. Answer: TRUE You have access to your home page on a server. By accident, you […]

To outsource some security functions, a firm can use an MISP. Answer: After access is granted to a network, many NACs continue to monitor network PCs. Answer: TRUE Antivirus protections may be deliberately turned off by users. Answer: TRUE There […]

Because fingerprint scanning is often deceived, it should never be used as a security measure. Answer: In benefits, costs and benefits are expressed on a per-year basis. Answer: TRUE Incremental and full backups may be restored out of order in […]

Most cookies are dangerous. Answer: SIP identity protocols are common on IP telephones. Answer: TRUE When assigning initial permissions, it is good to add more permissions than strictly necessary and then remove permissions if appropriate. Answer: FALSE Backup onto another […]

A technical security architecture should be created ________. A) annually B) before a firm creates individual countermeasures C) before a firm creates a specific countermeasure D) after each major compromise Answer: Prosecutors initiate legal proceedings in ________ cases. A) civil […]

When you use your mobile firm to surf the Internet, it is a host. Answer: EAP uses RADIUS for authentication. Answer: FALSE On a compromised computer, if you mistype the name of a URL, you may be taken to a […]

Generally speaking, vendors use similar mechanisms for downloading and installing patches. Answer: Focusing electronic attacks on specific high-value targets is known as promiscuous attacks. Answer: FALSE Social engineering is rarely used in hacking. Answer: FALSE A false acceptance occurs when […]

In internets, different networks are connected by ________. A) switches B) routers C) Both A and B D) Neither A nor B Answer: The ________ collects event data and stores them in log files on the monitoring devices. A) manager […]

Another name for data is raw facts. Answer: SPI filtering for packets that are part of ongoing communications is usually simple. Answer: TRUE DoS attacks against VoIP can be successful even if they increase latency only slightly. Answer: TRUE Training […]

A ________ server gives an original host the IP address of another host to which the original host wishes to send packets. A) DHCP B) DNS C) Both A and B D) Neither A nor B Answer: When risk analysis […]

In order to be considered strong today, a symmetric encryption key must be at least ________ bits long. A) 6 B) 8 C) 100 D) 1,000 Answer: Integrated log files ________. A) tend to have problems with format incompatibilities B) […]

A network administrator notices extensive damage to wireless packets. This might indicate a ________ attack. A) man-in-the-middle B) SYN/ACK C) DoS flood attack D) None of the above Answer: Regarding retention policies, firms need to ________. A) implement strong and […]