978-0789757463 Chapter 11

True / False

1. Microsoft Baseline Security Analyzer (MBSA) checks one or more Windows

machines to see if they have basic security in place.

2. Nessus is the premiere network vulnerability scanner.

3. Experience is the most important factor when looking for a security professional.

4. CNE, MCITP, CISSP, and CCNA are examples of industry certifications.

5. Every open port on a router is a possible avenue of entry for a malware or intruder.

6. For individual computers not running firewall software, you should directly close

ports. False—You should shut down the service using a particular port.

7. Windows has a built in firewall, but Linux does not.

8. There should be a firewall between your network and the outside world.

9. A good password should contain only letters and numbers.

10. A good rule of thumb for a password history policy is a history depth of five.

Multiple Choice

1. The first rule of computer security is to check ___________.

a. Patches

b. Ports

c. Policies

d. None of the above

2. Any _________ you do not explicitly need should be shut down.

a. Patches

b. Ports

c. Policies

d. Probes

3. For an individual machine that is not running firewall software, you do not directly

close ports. You shut down the _________ using that port.

a. Patch

b. Router

c. Probe

d. None of the above

4. A password policy for a 90- or 180-day replacement schedule is called password

________.

a. History

b. Age

c. Uniqueness

d. None of the above

5. You would set a ___________ to prevent users from immediately changing their

password several times in one day to return to the current password. This is particularly

important if your password policy has a history depth of five.

a. Minimum password age

b. Maximum password age

c. Minimum password length

d. Maximum password length

6. A good password has at least ______ characters.

a. 6

b. 8

c. 10

d. 15

7. Probing your network for security flaws should occur once a quarter, and a complete

audit of your security should be completed ________ per year.

a. Once

b. Twice

c. Three times

d. None of the above

8. The process to make a system as secure as it can be without adding on specialized

software or equipment is _______________

a. Securitizing

b. Hardening

c. Routing

d. None of the above

9. On a server, you should create your own accounts with ________ that do not reflect

their level of permission.

a. Names

b. Numbers

c. Passwords

d. None of the above

10. A _________ involves setting up two firewalls: an outer and an inner firewall.

a. DMZ (demilitarized zone)

b. proxy server

c. DNS server

d. None of the above

11. The rule that packets not originating from inside your LAN should not be forwarded

relates to ___________.

a. Servers

b. Workstations

c. Routers

d. Web servers