Unlock document.
This document is partially blurred.
Unlock all pages and 1 million more documents.
Get Access
16.
Threat of intrusion comes from ____________.
a. the government
b. crackers
c. outside of the organization
d. both inside and outside of the organization
e. inside of the organization
17.
The key principle in preventing disruption, destruction and disaster is ___________.
a. redundancy
b. control spreadsheet
c. IDS
d. anti-virus software
e. prevention controls
18.
A(n) ___________ is one of the most common examples of redundancy built into a network
to help reduce the impact of disruption.
a. network cloaking device
b. backup punch card reader
c. uninterruptible power supply
d. service level agreement
e. help desk
19.
A (n) ______ is a special type of virus that spreads itself without human intervention.
a. snake
b. worm
c. Trojan horse
d. boot sector virus
e. stealth virus
20.
A ____________ is a situation in which a hacker attempts to disrupt the network by sending
messages to the network that prevent normal users’ messages from being processed.
a. denial-of-service attack
b. service level agreement
c. virus
d. spamming
e. scamming
21.
Which of the following is not a type of intruder who attempts to gain intrusion to computer
networks?
a. Delphi team member
b. script kiddies
c. crackers
d. professional hackers
e. organization employees
22.
Which of the following is not a method for deterring intrusion?
a. training end users not to divulge passwords
b. using a smart card in conjunction with a password to gain access to a computer
system
c. using biometric devices to gain access to a computer system
d. using a security software package that logs out users if that user is ‘idle’ for a certain
amount of time
e. performing social engineering
23.
The three basic network access points into most organizational networks are from the
Internet, from LANs inside of the organization and ________________.
a. WLANs
b. intranet
c. extranet
d. WAN
e. none of the above
24.
Which of the following type of media is least susceptible to eavesdropping?
a. fiber optics
b. twisted pair
c. microwave
d. infrared
e. coaxial cable
25.
Which of the following are usually the first choice for eavesdropping?
a. unshielded twisted pair
b. shielded twisted pair
c. local cables owned by the organization
d. wireless LANs
e. fiber optics
26.
For Ethernet networks, a _______ switch can make eavesdropping more difficult.
a. secure
b. Trojan horse
c. proxy
d. spoofing
e. spamming
27.
Which of the following is not a method for deterring outside intruders from gaining access to
the organization’s office or network equipment facilities?
a. locks on network circuits after working hours
b. passwords that disable the screen and keyboard of a computer
c. secured network cabling behind walls and above ceilings
d. use of armored cable
e. unlocked wiring closet for network devices
28.
A sniffer program is a:
a. type of macro-virus
b. small peep-hole in a door or wall to allow a security guard to sniff the area with his
or her nose before entering a secure area or location
c. used in a call-back modem
d. a program that records all LAN messages received for later (unauthorized) analysis
e. secure hub program
29.
_______________ is an encryption standard that uses a total of 168 bits as the key.
a. Triple DES
b. Dial-back
c. WEP
d. EAP
e. Ciphering
30.
__________ refers to the process of translating between one set of private addresses inside a
network and a set of public address outside the network.
a. Translation
b. Conversion
c. Network address translation
d. Proxy translation
e. IP conversion.
31.
A __________ is a router or special purpose computer that examines packets flowing into
and out of a network and restricts access to the organization’s network.
a. firewall
b. token system
c. ANI
d. call-back modem
e. firefighter
32.
A(n) ____________ examines the source and destination address of every network packet
that passes through it.
a. packet level firewall
b. mullion server
c. ANI system
d. IP spoofing system
e. application level firewall
33.
IP spoofing means to:
a. fool the target computer and any intervening firewall into believing that messages
from the intruder’s computer are actually coming from an authorized user inside the
organization’s network
b. clad or cover the internal processing (IP) lines with insulating material to shield the
IP lines from excess heat or radiation
c. illegally tape or listen in on telephone conversations
d. detect and prevent denial-of-service attacks
e. act as an intermediate host computer between the Internet and the rest of the
organization’s networks
34.
A(n) ____________ acts an intermediate host computer or gateway between the Internet and
the rest of the organization’s networks.
a. application level firewall
b. bullion server
c. ANI system
d. IP spoofing systems
e. packet level firewall
35.
A(n) _________ is a type of application level firewall that is transparent so that no other
computer notices that it is on the network.
a. ANI system
b. NAT firewall
c. IP spoofing bridge
d. packet level firewall
e. smart hub
36.
A security hole is a(n):
a. malfunction or bug in an application program that allows data to be seen or accessed
by unauthorized users
b. small peep-hole in a door or wall to allow a security guard to examine an individual
before allowing that individual access to a secure area or location
c. packet-level firewall
d. missing or absent protected mode addressing restrictions on user programs during
multitasking or multithreaded program execution
e. ANI system
37.
Spyware, adware and DDOS agents are three types of:
a. IP spoofing attacks
b. Denial-of-service attacks
c. Trojans
d. Physical security threats
e. Intrusion prevention detection approaches
38.
A way to prevent intrusion by disguising information through algorithms is:
a. spoofing
b. call-back access
c. encryption
d. disk elevatoring
e. disk mirroring
39.
Encryption is the process of:
a. transmission of information over secure lines in analog form to prevent illegal access
b. detecting errors in messages by means of mathematical rules
c. correcting errors in message by means of mathematical rules
d. disguising information by the use of mathematical rules, known as algorithms
e. preventing errors in messages by means of logical rules
40.
A symmetric encryption system has two parts: the key and the ____________.
a. algorithm
b. spamming method
c. IP spoofer
d. clearance code
e. smart card bits
41.
A brute force attack against an encryption system:
a. tries to gain access by trying every possible key
b. is called RC4
c. is also known as 3DES
d. always uses the Rijndael algorithm
e. is part of the Advanced Encyrption Standard
42.
DES:
a. is maintained by ISO
b. refers to Date Electronic Security
c. is a commonly used symmetric encryption algorithm that was developed in the mid-
1970s
d. was developed by a joint effort that included Microsoft
e. is an asymmetric algorithm
43.
__________ provide authentication which can legally prove who sent a message over a
network.
a. Digital signatures
b. DES keys
c. Directory keys
d. Screen names
e. User Ids
44.
A __________ is a trusted organization that can vouch for the authenticity of the person or
the organization using the authentication.
a. disaster recovery firm
b. DES company
c. directory company
d. certificate authority
e. fingerprint advisory board
45.
IP Security Protocol:
a. is focused on Web applications
b. is primarily used to encrypt e-mail
c. is a policy which makes public key encryption work on the Internet
d. sits between IP at the network layer and TCP/UDP at the transport layer
e. operates in entrapment mode
46.
Which of the following is a mode that is used by IPSec?
a. exchange
b. sniffer
c. tunnel
d. creeper
e. firefighter
47.
Which of the following is not true about one-time passwords?
a. Users’ pagers can receive them.
b. They can be used in conjunction with a token system.
c. The user must enter the one-time password to gain access or the connection is
terminated.
d. This is a good security solution for users who travel frequently and who must have
secure dial-in access.
e. They create a packet level firewall on the system.
48.
Which of the following is not a type of intrusion prevention system?
a. network-based
b. data link-based
c. application-based
d. host-based
e. none of the above is an appropriate answer
49.
A fundamental technique to determine if an intrusion is in progress in a stable network is:
a. anomaly detection
b. armoring cable
c. RSA algorithm
d. patching
e. scanning a user’s fingerprint
50.
To snare intruders, many organizations now use _________ techniques.
a. entrapment
b. hacker
c. Trojan horse
d. cracker
e. DES
51.
The use of computer analysis techniques to gather evidence for criminal and/or civil trials is
known as:
a. Trojan horse
b. sniffing
c. tunneling
d. computer forensics
e. misuse detection
52.
According to Symantec, more than 50% of all targeted companies had fewer than 2,500
employees because they
a. often have weaker security.
b. have more assets.
c. are more likely to have credit card numbers available.
d. are likely off-shore.
e. have lower bandwidth
53.
The use of hacking techniques to bring attention to a larger political or social goal is referred
to as
a. hacking
b. ethical politics
c. hacktivism
d. social engineering
e. brute force attacks
54.
Which of the following is not considered one of the five most common business impacts?
a. Financial
b. Productivity
c. Reputation
d. Social
e. Safety
55.
_______________ describes how an asset can be compromised by one specific threat.
a. Threat scenarios
b. Threat plans
c. Threat hacks
d. Threat contingencies
e. Threat attacks
56.
We can calculate the relative ___________, by multiplying the impact score by the
likelihood.
a. rootkit
b. authentication
c. risk score
d. risk assessment
e. risk event
Short Answer and Essay Questions:
1. Using a chart format, describe 8 possible threats to a data network (such as
hardware, software, files, circuits, internal personnel, physical security, external
people, and users). Describe 8 possible solutions to these conceivable threats.
2. How does a packet level firewall work? Describe the proxy server function, the
packet layer firewall function, the DMZ and the architecture of this design.
3. What is a packet level firewall as compared to a NAT firewall and as compared to
an applications layer firewall?
4. What is IP spoofing?
5. Explain how a Trojan horse works.
6. Compare and contrast symmetric and asymmetric encryption.
7. Describe how symmetric encryption works, draw a chart of this approach. How
does DES differ from 3DES? From RC4? From AES?
8. Compare and contrast DES and public key encryption.
9. Describe how asymmetric encryption works, using a chart to help to explain this
approach.
10. What is PKI and why is it important?
11. How does PGP differ from SSL? How does SSL differ from IPsec? Compare
and contrast IPSec tunnel mode and IPSec transfer mode.
12. Describe five biometric technologies. How can a biometric enhance security in a
network? What are some of the advantages and disadvantages of biometrics?
13. How does a network manager utilize a user profile?
14. What is social engineering?
15. What is the difference between a network-based IPS, host-based IPS and
application-based IPS?
16. How does IPS anomaly detection differ from misuse detection?
17. What is a honey pot?
18. Some people think that CERT’s posting of security alerts causes more break ins
than it prevents. What are the pros and cons of this argument? Do you think
CERT should continue to post security holes?
19. What are the most important servers to protect on a network and why?
20. Describe the three main reasons why there has been an increase in computer
security over the past few years.
21. List three risk assessment frameworks that are commonly used.
22. Describe the four risk control strategies and when you might use each one.
