Type
Quiz
Book Title
Computer Security Fundamentals (Pearson IT Cybersecurity Curriculum (ITCC)) 3rd Edition
ISBN 13
978-0789757463

978-0789757463 Chapter 11

February 27, 2021
True / False
1. Microsoft Baseline Security Analyzer (MBSA) checks one or more Windows
machines to see if they have basic security in place.
2. Nessus is the premiere network vulnerability scanner.
3. Experience is the most important factor when looking for a security professional.
4. CNE, MCITP, CISSP, and CCNA are examples of industry certifications.
5. Every open port on a router is a possible avenue of entry for a malware or intruder.
6. For individual computers not running firewall software, you should directly close
ports. FalseYou should shut down the service using a particular port.
7. Windows has a built in firewall, but Linux does not.
8. There should be a firewall between your network and the outside world.
9. A good password should contain only letters and numbers.
10. A good rule of thumb for a password history policy is a history depth of five.
Multiple Choice
1. The first rule of computer security is to check ___________.
a. Patches
b. Ports
c. Policies
d. None of the above
2. Any _________ you do not explicitly need should be shut down.
a. Patches
b. Ports
c. Policies
d. Probes
3. For an individual machine that is not running firewall software, you do not directly
close ports. You shut down the _________ using that port.
a. Patch
b. Router
c. Probe
d. None of the above
4. A password policy for a 90- or 180-day replacement schedule is called password
________.
a. History
b. Age
c. Uniqueness
d. None of the above
5. You would set a ___________ to prevent users from immediately changing their
password several times in one day to return to the current password. This is particularly
important if your password policy has a history depth of five.
a. Minimum password age
b. Maximum password age
c. Minimum password length
d. Maximum password length
6. A good password has at least ______ characters.
a. 6
b. 8
c. 10
d. 15
7. Probing your network for security flaws should occur once a quarter, and a complete
audit of your security should be completed ________ per year.
a. Once
b. Twice
c. Three times
d. None of the above
8. The process to make a system as secure as it can be without adding on specialized
software or equipment is _______________
a. Securitizing
b. Hardening
c. Routing
d. None of the above
9. On a server, you should create your own accounts with ________ that do not reflect
their level of permission.
a. Names
b. Numbers
c. Passwords
d. None of the above
10. A _________ involves setting up two firewalls: an outer and an inner firewall.
a. DMZ (demilitarized zone)
b. proxy server
c. DNS server
d. None of the above
11. The rule that packets not originating from inside your LAN should not be forwarded
relates to ___________.
a. Servers
b. Workstations
c. Routers
d. Web servers
1. microsoft baseline security analyzer (mbsa) checks one or more windows machines to see if they have basic security in place. true—mbsa is available as a free download. 1. the first rule of computer security is to check ___________. a. patches b. ports c. policies d. none of the above answer a. the operating system, database management systems, development tools, and internet browsers should be checked for patches. 2. any _________ you do not explicitly need should be shut down. a. patches b. ports c. policies d. probes answer b. this means that unused services on servers and individual workstations should be shut down. 3. for an individual machine that is not running firewall software, you do not directly close ports. you shut down the _________ using that port. a. patch b. router c. probe d. none of the above answer d. you shut down the service using that port. 4. a password policy for a 90- or 180-day replacement schedule is called password ________. a. history b. age c. uniqueness d. none of the above answer a. you can set many systems to force the user to get a new password after a certain period of time. 5. you would set a ___________ to prevent users from immediately changing their password several times in one day to return to the current password. this is particularly important if your password policy has a history depth of five. a. minimum password age b. maximum password age c. minimum password length d. maximum password length answer a. in this way, a use cannot change his password five times in one day to avoid the policy. 6. a good password has at least ______ characters. a. 6 b. 8 c. 10 d. 15 answer b. the password should contain letters, numbers, and characters. it should combine uppercase and lowercase letters. 7. probing your network for security flaws should occur once a quarter, and a complete audit of your security should be completed ________ per year. a. once b. twice c. three times d. none of the above answer a. this would include probing your ports. 8. the process to make a system as secure as it can be without adding on specialized software or equipment is _______________ a. securitizing b. hardening c. routing d. none of the above answer b. you may see the terms server hardening or router hardening. 9. on a server, you should create your own accounts with ________ that do not reflect their level of permission. a. names b. numbers c. passwords d. none of the above answer a. you might disable an administrator account, create an account called basic_user, and set that account as the administrator account. this might make it difficult for an intruder to select an account to use for hacking. 10. a _________ involves setting up two firewalls: an outer and an inner firewall. a. dmz (demilitarized zone) b. proxy server c. dns server d. none of the above answer a. resources that must be accessible to the outside world are between the two firewalls. 11. the rule that packets not originating from inside your lan should not be forwarded relates to ___________. a. servers b. workstations c. routers d. web servers answer c. other router security rules involve not answering to arp requests for hosts that are not on the lan and closing router ports not used by applications on your network.