Unlock document.
This document is partially blurred.
Unlock all pages and 1 million more documents.
Get Access
Most cookies are dangerous.
Answer:
SIP identity protocols are common on IP telephones.
Answer:
When assigning initial permissions, it is good to add more permissions than strictly
necessary and then remove permissions if appropriate.
Answer:
Backup onto another hard drive is a very slow method of backup.
Answer:
DRM restricts what people can do with sensitive material.
Answer:
Some writers prefer to turn off SSID broadcasting.
Answer:
Many compliance regimes require firms to adopt specific formal governance
framework to drive security planning and operational management.
Answer:
Most traditional external hackers do not cause extensive damage or commit theft for
money.
Answer:
IP addresses are 32 octets long.
Answer:
If a firewall receives a packet that is suspicious, it will drop and log the packet.
Answer:
In public key encryption for authentication, the verifier decrypts the ciphertext with the
supplicant's public key.
Answer:
Blind SQL injection uses a series of SQL statements that produce different responses
based on true/false questions, or timed responses.
Answer:
SPIT is where the attacker uses the corporate VoIP network to place free calls.
Answer:
Triggers are damaging code that attackers use to destroy databases.
Answer:
Pre-shared key mode was created for homes and small businesses with a single access
point.
Answer:
IP options are used frequently.
Answer:
A router can be a NIDS.
Answer:
"Death of the perimeter" is a phrase used by network administrators to convey that
creating a 100% secure network is impossible.
Answer:
Systems administrators manage individual hosts but not groups of hosts.
Answer:
Each network interface card (NIC) has a media access control address (MAC).
Answer:
XML makes SAML platform-dependent.
Answer:
Incremental backups are usually discarded after the next full backup.
Answer:
In military security, the term multilevel security means multifactor security.
Answer:
When performing trend analysis, decreasing granularity in queries is desirable.
Answer:
Optical disks can safely hold data for decades.
Answer:
Experts advise firms to turn on most or all applications and then harden them.
Answer:
Assigning security measures to individuals within groups is cheaper than assigning
security measures to groups.
Answer:
Traffic in a honeypot usually indicates an attack.
Answer:
SSL/TLS was developed for remote access VPNs.
Answer:
NAT adds latency to VoIP packets.
Answer:
In MMCs, the tree pane lists ________.
A) objects on which actions can be taken
B) actions that can be taken on the selected object
C) Both A and B
D) Neither A nor B
Answer:
Which of the following statements accurately describes RC4?
A) RC4 is extremely fast.
B) RC4 always uses a 40-bit key.
C) Both A and B
D) Neither A nor B
Answer:
What is the general function of the second row in the IPv4 header?
A) To give the source address
B) To give the destination address
C) To handle fragmentation and reassembly
D) None of the above.
Answer:
Spam over VoIP is called ________.
A) VAM
B) SOVI
C) SPIT
D) SPIP
Answer:
The principle of ________ states that each person should only get the permissions that
he or she absolutely needs to do his or her job.
A) appropriate authorizations
B) least permissions
C) minimization
D) All of the above.
Answer:
In an IPv4 packet, the ________ field describes the contents of the packet's data field.
A) TTL
B) header checksum
C) protocol
D) next-higher-layer
Answer:
If an IDS cannot process all of the packets it receives, it will ________ packets it
cannot process.
A) drop
B) pass
C) quarantine
D) None of the above
Answer:
If an attacker takes over a router, he or she will be able to ________.
A) map the entire internal network
B) reroute traffic to cause a local DoS
C) Both A and B
D) Neither A nor B
Answer:
When you make a purchase over the Internet, your sensitive traffic is almost always
protected by ________ VPN transmission.
A) SSL/TLS
B) IPsec
C) Both A and B
D) Neither A nor B
Answer:
________ ciphers move letters around within a message but characters are not
substituted.
A) Transposition
B) Substitution
C) Both A and B
D) Neither A nor B
Answer:
Which encryption method does MS-CHAP use?
A) Symmetric key encryption
B) Public key encryption
C) Both A and B
D) Neither A nor B
Answer:
HIDSs ________.
A) provide highly specific information about what happened on a particular host
B) cannot be compromised by hacking the host
C) Both A and B
D) Neither A nor B
Answer:
The super user account in UNIX is called ________.
A) root
B) administrator
C) MMC
D) kernel
Answer:
________ consists of activities that violate a company's IT use policies or ethics
policies.
A) Fraud
B) Extortion
C) Hacking
D) Abuse
Answer:
________ allows many different groups to be assigned different permissions.
A) Windows
B) UNIX
C) Both A and B
D) Neither A nor B
Answer:
________ of response is critical.
A) Accuracy
B) Speed
C) Both A and B
D) Neither A nor B
Answer:
________ examines organizational units for efficiency, effectiveness, and adequate
controls.
A) Internal auditing
B) Financial auditing
C) IT auditing
D) None of the above
Answer:
About how long was the Sony PlayStation Network offline as a result of the cyber
attacks?
A) 3 days
B) 3 weeks
C) 3 months
D) It never went down.
Answer:
18 U.S.C. 2511 prohibits ________.
A) the interception of electronic messages
B) hacking
C) Both A and B
D) Neither A nor B
Answer:
Which of the following statements accurately describes RC4?
A) RC4 is very slow.
B) RC4 uses a large amount of RAM.
C) RC4 can use a broad range of key lengths.
D) All of the above
Answer:
A router that connects to three subnets is called a ________ router.
A) border
B) internal
C) application proxy
D) None of the above
Answer:
To get to the super user account in UNIX, the administrator should use the ________
command.
A) RunAs
B) su
C) rlogin
D) None of the above
Answer:
The most popular way for hackers to take over hosts today is ________.
A) by taking over the operating system
B) by taking over an application
C) by guessing the root password
D) by taking over the user interface
Answer:
TCP segment carries octets 4321 through 4371. The next segment carries no data. What
is that segment's sequence number?
A) 4321
B) 4371
C) 4372
D) None of the above.
Answer:
After gaining wireless access to the private network, the attach can ________.
A) cause harm to internal clients
B) steal data
C) launch external attacks
D) All of the above
Answer:
________ means responding to risk by not taking a risky action.
A) Risk reduction
B) Risk acceptance
C) Risk avoidance
D) Risk transference
Answer:
Another name for RAID 1 is ________.
A) Mirroring
B) Distributed Parity
C) Striping
D) None of the above
Answer:
After wiping/clearing, data is ________.
A) recoverable
B) reusable
C) Both A and B
D) Neither A nor B
Answer:
Which of the following should be forbidden in secure areas?
A) Cameras
B) USB flash drives
C) Both A and B
D) Neither A nor B
Answer:
The template is based on ________ generated during the enrollment scan.
A) scan data
B) key features
C) Both A and B
D) Neither A nor B
Answer:
If a firewall receives a suspicious packet, the firewall will ________.
A) log the packet
B) drop the packet
C) Both A and B
D) Neither A nor B
Answer:
If it can be applied, the least-damaging recovery option is ________.
A) restoration from backup tapes
B) total reinstallation
C) repair during continuing server operation
D) All of the above are about equally damaging
Answer:
The business continuity team should be headed by ________.
A) a senior business manager
B) the chief information officer
C) the chief security officer
D) None of the above
Answer:
A ________ attack is when a victim is flooded with SYN packets in an attempt to make
many half-open TCP connections.
A) SYN flood
B) Ping flood
C) HTTP flood
D) None of the above
Answer:
