978-0789759825 Chapter 12

CompTIA Network+ N10-007 Cert Guide

Chapter 12 Network Security

1) What are the three primary goals of network security?

A) Integrity, confidentiality, availability

B) Reliability, classified, accessibility

C) Integrated, restricted, obtainable

D) Veracity, dependability, unrestricted

2) DES (Data Encryption Standard) is the newest and strongest encrypted algorithm available

today.

3) Which of the following is not an example of an integrity violation?

A) Modifying the appearance of a corporate website

B) Intercepting and altering an e-commerce transaction

C) Sending improperly formatted data to a networked device, resulting in an unhandled

exception error

D) Modifying financial records that are stored electronically

4) What type of integrity attack is described in the following diagram?

A) Salami attack

B) Data diddling

C) Trojan horse

D) Man-in-the-middle

5) A worm is a piece of code that an end user executes.

6) ________ are rules, typically applied to router interfaces, that specify permitted and denied

traffic.

A) Point-to-point protocols

B) Access control lists

C) Firewalls

D) Network admission controls

7) A packet-filtering firewall is a device that filters traffic based on ACL-like rules.

8) What are the three types of malicious traffic detection methods?

A) Signature, policy, and anomaly based

B) IDS, IPS, and IRS based

C) NIDS, HIPS, and NIPS based

D) Symmetric, asymmetric, and transparent based

9) Which of the approaches is used to determine the password of a system account or a user

account? (Choose two.)

A) Through the use of Trojan horse

B) Through the use of keylogger

C) Through the use of encryption mechanism

D) Through the use of compression mechanism

E) Through the use of file shares

10) Which of the following is an example of symmetric encryption? (Choose two.)

A) Advanced Encryption Standard (AES)

B) Triple Data encryption Standard (3DES)

C) RSA

D) Pretty Good Privacy (PGP)

11) Which of the following is a network vulnerability scanner? (Choose two.)

A) Nessus

B) Keylogger

C) Nbtstat

D) Nmap

E) pathping

12) What is the name of the most popular asymmetric encryption algorithm used today?

A) RSA

B) AES

C) RC4

D) MD5

13) What is one of the most popular methods of ensuring the integrity of traffic?

A) Encryption

B) Hashing

C) Tunneling

D) Factoring

14) What are the two most common hashing algorithms? (Choose two.)

A) RC4

B) CRC

C) SHA-1

D) MD5

15) When is the name of the electrical disturbance that happens with an extended reduction of

power?

A) Brownout

B) Blackout

C) Power sag

D) Power drop

16) A ________ is designed to correct a known bug or fix a known vulnerability in a piece of

software. (Select the best answer.)

A) tap

B) patch

C) upgrade

D) fix

17) What is the name of the security policy that identifies what users of a network are and are not

allowed to do?

A) Tolerable use policy

B) Acceptable Internet policy

C) Acceptable use policy

D) Good practice policy

18) What is the name of a device that is implemented for the sole purpose of luring attackers

away from the real servers?

A) Sugar trap

B) Sticky pad

C) Slick switch

D) Honey pot

19) What is the name of the UDP-based protocol that is used to communicate with an AAA

server?

A) RADIUS

B) TACACS+

C) DAP

D) TFTP

8

20) A ________ firewall or gateway is a device that attempts to bundle multiple security

functions into a single physical or logical device.

A) Consolidation

B) UTM

C) RAS

D) AAA

21) An attacker might use a confidentiality attack such as packet capturing. What common utility

might an attacker use to capture packets on a network for further analysis?

A) Syslog

B) Wireshark

C) SNMP

D) Wiretapping

22) Hackers are not limited to attack vectors such as network vulnerabilities and social

engineering. One way hackers can intercept transmissions is through EMI emissions. The

government studied this technique, and based on this study, a style of room was created to help

combat EMI emanations. What is the room type called?

A) Tempest

B) Mantis

C) Covert

9

D) Cleanroom

23) There are many different types of confidentiality attacks, such as social engineering, FTP

bounce, and phishing. New attacks and even new categories of attacks are created all the time.

Which new type of attack attempts to lock a system or steal or corrupt data until the attacker is

paid?

A) Malware

B) Packet capture

C) Man-in-the-middle

D) Ransomware

24) Spanning Tree Protocol (STP) is a loop-prevention mechanism used in modern networks.

STP is, however, vulnerable to misconfiguration. Which protections accompany STP?

A) EtherChannel

B) BPDU guard

C) Root guard

D) Split horizon

E) TCP SYN flood