1.What can be deployed to intercept and log network traffic passing through the network?
A) protocol analyzers
2.What attack involves impersonating another device?
A) Spoofing
3.Packet sniffing can be helpful in detecting rogues.
A) True
4.Which of the following is NOT a means used by an attacker to do reconnaissance on a network?
A) Smurf attack
5.Packet sniffing can be helpful in detecting rogues. True or False
A) False
6.What can be deployed to intercept and log network traffic passing through the network?
A) Protocol Analyzers
7.What attack involves impersonating another device?
A) Spoofing
8.Which of the following is NOT a means used by an attacker to do reconnaissance on a network?
A) Smurf Attack
9.Proxies are “devices” that are strictly software-only.
A) False
10.A web application firewall is exactly the same as a network firewall.
A) False
11.A Web Application firewall protects Web servers from malicious traffic and blocks attempts to compromise the system.
A) Forceful Browsing
12.A network administrator is evaluating different firewalls.
What type of firewall provides protection from the following attacks?
-Denial of Service (DOS)
-Cross Site Scripting (XSS)
-Cross-Site Request Forgery (CSRF)
-Forceful Browsing
-Cookie Poisoning
-Invalid Inpu
A) Web Application Firewall (WAF)
13.Which of the following are available protocols for security purposes? (Choose all that apply)
A) IPSec, TLS, SSL, SSH
14.Simple Network Management Protocol (SNMP) uses which port by default?
A) 161
15.A MAC address consists of up to ____ bits, usually represented as a string of ____ _________ digits.
A) 48 bits
16.In a situation where MIMO is used, the 802.11n standard has an average geographic range of up to _________ meters.
A) 400
17.Which of the following wireless network standards include MIMO?
A) 802.11n
18.An 802.11g wireless connection operates in the frequency range of ______ GHz.
A) 2.4
19.SSIDs that are visible to wireless clients before configuration are _______.
A) Broadcast
20.To achieve scalability, more servers may be added to a configuration and make us of:
A) Load Balancers
21.What hardware based solutions are measures for fault tolerance? (Choose all that apply.)
A) RAID, Clustering, Load Balancing
22.Both DNS poisoning and ARP poisoning involves.
A) Spoofing
23.Which command is used in testing can troubleshooting DNS servers?
A) nslookup
24.You are examining the security implications of virtual machines. A condition exists where the virtual machine can potentially harm the host. Which choice describes this?
A) Escape
25.You are asked to design a VLAN using a Type 1 Hypervisor. Which technology will you use as a base?
A)Hardware
26.Considering the implications of virtual servers on a host, what poses the greatest threat to them?
A) Hypervisor Compromise
27.You are planning to deploy several patches and updates to a virtual server. Which step do you take just before implementation?
A) Take a System SnapShot
28.When preparing a cloud computing security solution for your organization, you implement a “gatekeeper” to guarantee your security policies. Which choice correctly identifies this method of policy enforcement?
A) CASB – Cloud Access Security Broker
29.A __________ logs the attack and may also raise alert to notify someone. Most ____ are ______by default. The notification can come in many forms, including email, a text message, a pop-up window, or a notification on a central monitor.
A) A Passive IDS, Most IDSs are passive by default.
30.An ______ ______ logs and notifies personnel just as a _______ ___ does, but it can also change the environment to thwart or block the attack. For example, it can modify access control lists (ACLs) on firewalls to block offending traffic, close processes on a system that were caused by the attacks, or divert the attack to a safe environment, such as a ___________ or _______.
A) An Active IDS., Passive IDS., Honeynet or Honeypot.
31.A mail gateway can have many functions. Which is not one of those functions?
A) Require full tunnel.
32.One way to secure data is through Data Loss Prevention (DLP). Which of the choices is not a data type protected by DLP?
A) Data-to-disclose
33.Which of the DLP sensor choices requires communication with the DLP server?
A) DLP agent
34.To make a firewall effective you need to define/edit ____________
35.What happens when you execute the following command: netsh advfirewall set allprofiles state off
A) Switch off Windows Firewall for all network profiles
36.What can be deployed to intercept and log network traffic passing through the network?
A) protocol analyzers
37.What attack involves impersonating another device?
A) Spoofing
38.Packet sniffing can be helpful in detecting rogues.
A) True
39.Which of the following is NOT a means used by an attacker to do reconnaissance on a network?
A) Smurf attack
40.Which port should be filtered (or blocked) to disallow NETBIOS traffic?
A) 139
41.An attacker has targeted Corp.com’s employees with voicemails that attempt to acquire sensitive information by masquerading as a trustworthy entity. Which type of attack is this?
A) Vishing
42.Packet sniffing can be helpful in detecting rogue packets.
A) True
43.A newly hired security administrator is reviewing firewall rules for mistakes. Which firewall rules require matching of the interface and direction?
A) Anti-Spoofing rules
44.Which of the following services only requires a single port be opened on the firewall?
A) HTTP
45.Which of the following are recompiled UNIX tools that can hide evidence of the intrusion?
A) Rootkits
46.SNMP uses which port by default?
A) 161
47.What protocol offers the capability to deploy RADIUS in an Ethernet network?
A) EAP
48.Which of the following is the main purpose of a firewall?
A) Access control
49.Proxies are “devices” that are strictly software-only.
A) False
50.A Digital signature is a piece of data digest encrypted with:
A) The private key of the signer.
51.Which of the following is not a valid physical security measure?
A) System patching
52.A Web application firewall protects Web servers from malicious traffic and blocks attempts to compromise the system. It prevents targeted attacks that include Denial of Service (DOS), Cross-Site Scripting (XSS), SQL injection, Cross-Site Request Forgery (CSRF), forceful browsing, cookie poisoning and invalid input. In which of the following attacks does the attacker gains access to a restricted page within a Web application by supplying a URL directly?
A) Forceful browsing
53.In Windows network, transitive trust is used among the different domains inside a forest for implementing:
A) Authentication
54.For what purpose would it be desired to capture the system image?
A) So memory analysis can be performed later
55.What causes buffer overflow?
A) Flaw in programming
56.What is SSH?
A) An encryption management protocol
57.Which of the following is usually bundled as a hidden component of a freeware?
A) Spyware
58.MD5 uses a hash value to create a hash which is typically a 32 character hex number and how many bits?
A) 128
59.Which of the following is a form of delayed-execution virus?
A) Logic Bomb
60.DoS attacks are for gaining unauthorized access or control of a system
A) False
61.Which of the following risks does the use of social netowrking and P2P platforms pose?
A) Social engineering attacks
62.A forensic investigator at a crime lab is performing a forensic analysis of a hard drive that was brought in by state troopers. They make a mistake by using the wrong forensic tool during their forensics examination. What should the investigator do?
A) Document the mistake and workaround the problem
63.Which of the following measures does not protect data integrity?
A) Mantrap
64.The forensic investigator at a crime lab will be performing a forensic analysis of a hard drive that was brought in by state troopers. What should be done before performing the analysis?
A) Capture a system image
65.Which of the following is NOT a means used by an attacker to do reconnaissance on a network?
A) Smurf attack
66.For what purpose should the network traffic log be analyzed?
A) To check for suspicious traffic
67.In Active Directory, what does authorization?
A) LDAP
68.Which is not a common symptom of a RAID array failure?
A) Overheating
69.Which of the following is false concerning vulnerability scanning?
A) All scanning attempts must be credentialed
70.To achieve server scalability, more servers may be added to a configuration and make use of
A) Load balancers
71.A network administrator is evaluating different firewalls. Which of the following firewalls provides deep packet inspection, looks at the packet payload for malicious content, and hides servers from traffic that might be malicious?
A) Application layer gateway
72.What will be the available drive space in a RAID 5 configured system with 3 250GB hard drives?
A) 500 GB
73.Many botnets were controlled through using what protocol?
A) IRC
74.Under which of the following does “shoulder surfing” fall
A) Social engineering
75.Along with the forensic investigation effort, the man hours and expense should not be tracked since the costs are always justified regardless, of the actual amount involved
A) False
76.What attack involves impersonating another device?
A) Spoofing
77.What can be used to offer an extra layer of protection on the network for those hosts running behind the firewall?
A) DMZ
78.Which of the following is not an available protocol for security purposes?
A) NetBIOS
79.A security administrator wants to empty the DNS cache after a suspected attack that may have corrupted the DNS server. The server has been repaired, however it is feared that DNS entries may remain in client computer caches. Which of the following tools can be used to flush the DNS cache on a Windows client?
A) IPCONFIG
80.With this type of key cryptography, the sender and receiver of a message share a single common key
A) Symmetric
81.The security administrator for a large organization receives numerous alerts from a network-based intrusion detection system (NIDS) of a possible worm infection spreading through the network via network shares. Before taking any drastic action to solve this problem such as blocking file sharing, what should first be done?
A) Call an emergency change management meeting to ensure the solution will not have unforeseen negative affects.
82.Which of the following MAINLY applies to email that appears to be sent from a legitimate business?
A) Phishing
83.Which of the following is not a measure for achieving availability?
A) Hashing
84.To avoid potential documentary errors and security leaks, the configuration of firewalls should not be documented unless strictly necessary.
A) False
85.A firewall examines each packet entering or leaving the network, and accepts or drops it based on:
A) Pre-defined firewall rules
86.Secure Sockets Layer (SSL) is the predecessor of
A) TLS
87.The security administrator for Corp.com. You are explaining to your CIO the value of credentialed scanning over non-credentialed scanning. In credentialed scanning, policy compliance plugins give you which advantage?
A) Customized auditing
88.Both DNS poisoning and ARP poisoning involves:
A) Spoofing
89.Which of the following involves deploying a large number of compromised hosts to flood a target system?
A) DDoS
90.Viruses, botnets, social engineering, and drive-by-downloads and other methods used to attack a target are best described as which of the following?
A) Threat vectors
91.What is always the first line of defense in protecting data and information?
A) Passwords
92.What can be deployed to intercept and log network traffic passing through the network?
A) Protocol analyzers
93.Anetwork administrator is evaluating different firewalls. Which of the following firewalls provides protection from the following attacks: Denial of Service (DOS), Cross-Site Scripting (XSS), SQL injection, Cross-Site Request Forgery (CSRF), forceful browsing, cookie poisoning and invalid input?
A) Web Application Firewall (WAF)
94.Which of the following statement regarding proper patch management is true?
A) Applying the correct patch, following the correct procedure, at the correct time
95.Applying the correct patch, following the correct procedure, at the correct time
A) NSLOOKUP
96.Which of the following are zombie armies formed by a number of innocent hosts set up to perform malicious operations?
A) Botnets
97.Which of the following is true regarding cloud storage?
A) One may not have control over how exactly the data is safeguarded
98.One may not have control over how exactly the data is safeguarded
A) False
99.NIDS is an advanced version of NIPS.
A) False
Other Links:
Statistics Quiz
Networking Quiz
See other websites for quiz:
Check on QUIZLET
Check on CHEGG