Unlock document.
This document is partially blurred.
Unlock all pages and 1 million more documents.
Get Access
CompTIA Network+ N10-007 Cert Guide
Chapter 12 Network Security
1) What are the three primary goals of network security?
A) Integrity, confidentiality, availability
B) Reliability, classified, accessibility
C) Integrated, restricted, obtainable
D) Veracity, dependability, unrestricted
2) DES (Data Encryption Standard) is the newest and strongest encrypted algorithm available
today.
3) Which of the following is not an example of an integrity violation?
A) Modifying the appearance of a corporate website
B) Intercepting and altering an e-commerce transaction
C) Sending improperly formatted data to a networked device, resulting in an unhandled
exception error
D) Modifying financial records that are stored electronically
4) What type of integrity attack is described in the following diagram?
A) Salami attack
B) Data diddling
C) Trojan horse
D) Man-in-the-middle
5) A worm is a piece of code that an end user executes.
6) ________ are rules, typically applied to router interfaces, that specify permitted and denied
traffic.
A) Point-to-point protocols
B) Access control lists
C) Firewalls
D) Network admission controls
7) A packet-filtering firewall is a device that filters traffic based on ACL-like rules.
8) What are the three types of malicious traffic detection methods?
A) Signature, policy, and anomaly based
B) IDS, IPS, and IRS based
C) NIDS, HIPS, and NIPS based
D) Symmetric, asymmetric, and transparent based
9) Which of the approaches is used to determine the password of a system account or a user
account? (Choose two.)
A) Through the use of Trojan horse
B) Through the use of keylogger
C) Through the use of encryption mechanism
D) Through the use of compression mechanism
E) Through the use of file shares
10) Which of the following is an example of symmetric encryption? (Choose two.)
A) Advanced Encryption Standard (AES)
B) Triple Data encryption Standard (3DES)
C) RSA
D) Pretty Good Privacy (PGP)
11) Which of the following is a network vulnerability scanner? (Choose two.)
A) Nessus
B) Keylogger
C) Nbtstat
D) Nmap
E) pathping
12) What is the name of the most popular asymmetric encryption algorithm used today?
A) RSA
B) AES
C) RC4
D) MD5
13) What is one of the most popular methods of ensuring the integrity of traffic?
A) Encryption
B) Hashing
C) Tunneling
D) Factoring
14) What are the two most common hashing algorithms? (Choose two.)
A) RC4
B) CRC
C) SHA-1
D) MD5
15) When is the name of the electrical disturbance that happens with an extended reduction of
power?
A) Brownout
B) Blackout
C) Power sag
D) Power drop
16) A ________ is designed to correct a known bug or fix a known vulnerability in a piece of
software. (Select the best answer.)
A) tap
B) patch
C) upgrade
D) fix
17) What is the name of the security policy that identifies what users of a network are and are not
allowed to do?
A) Tolerable use policy
B) Acceptable Internet policy
C) Acceptable use policy
D) Good practice policy
18) What is the name of a device that is implemented for the sole purpose of luring attackers
away from the real servers?
A) Sugar trap
B) Sticky pad
C) Slick switch
D) Honey pot
19) What is the name of the UDP-based protocol that is used to communicate with an AAA
server?
A) RADIUS
B) TACACS+
C) DAP
D) TFTP
8
20) A ________ firewall or gateway is a device that attempts to bundle multiple security
functions into a single physical or logical device.
A) Consolidation
B) UTM
C) RAS
D) AAA
21) An attacker might use a confidentiality attack such as packet capturing. What common utility
might an attacker use to capture packets on a network for further analysis?
A) Syslog
B) Wireshark
C) SNMP
D) Wiretapping
22) Hackers are not limited to attack vectors such as network vulnerabilities and social
engineering. One way hackers can intercept transmissions is through EMI emissions. The
government studied this technique, and based on this study, a style of room was created to help
combat EMI emanations. What is the room type called?
A) Tempest
B) Mantis
C) Covert
9
D) Cleanroom
23) There are many different types of confidentiality attacks, such as social engineering, FTP
bounce, and phishing. New attacks and even new categories of attacks are created all the time.
Which new type of attack attempts to lock a system or steal or corrupt data until the attacker is
paid?
A) Malware
B) Packet capture
C) Man-in-the-middle
D) Ransomware
24) Spanning Tree Protocol (STP) is a loop-prevention mechanism used in modern networks.
STP is, however, vulnerable to misconfiguration. Which protections accompany STP?
A) EtherChannel
B) BPDU guard
C) Root guard
D) Split horizon
E) TCP SYN flood
