ITN 260 Lab 3 Cryptography Encryption & Hashing

  1. A Digital signature is a piece of data digest encrypted with:  The private key of the signer.
  2. A firewall examines each packet entering or leaving the network, and accepts or drops it based on:  Pre-defined firewall rules
  3. A forensic investigator at a crime lab is performing a forensic analysis of a hard drive that was brought in by state troopers. They make a mistake by using the wrong forensic tool during their forensics examination. What should the investigator do?    Document the mistake and workaround the problem
  4. A network administrator is evaluating different firewalls. Which of the following firewalls provides deep packet inspection, looks at the packet payload for malicious content, and hides servers from traffic that might be malicious?  Application layer gateway
  5. A newly hired security administrator is reviewing firewall rules for mistakes. Which firewall rules require matching of the interface and direction?  Anti-Spoofing rules
  6. A security administrator wants to empty the DNS cache after a suspected attack that may have corrupted the DNS server. The server has been repaired, however it is feared that DNS entries may remain in client computer caches. Which of the following tools can be used to flush the DNS cache on a Windows client?   IPCONFIG
  7. A Web application firewall protects Web servers from malicious traffic and blocks attempts to compromise the system. It prevents targeted attacks that include Denial of Service (DOS), Cross-Site Scripting (XSS), SQL injection, Cross-Site Request Forgery (CSRF), forceful browsing, cookie poisoning and invalid input. In which of the following attacks does the attacker gains access to a restricted page within a Web application by supplying a URL directly?  Forceful browsing
  8. Along with the forensic investigation effort, the man hours and expense should not be tracked since the costs are always justified regardless, of the actual amount involved  False
  9. An attacker has targeted Corp.com’s employees with voicemails that attempt to acquire sensitive information by masquerading as a trustworthy entity. Which type of attack is this?  Vishing
  10. Anetwork administrator is evaluating different firewalls. Which of the following firewalls provides protection from the following attacks: Denial of Service (DOS), Cross-Site Scripting (XSS), SQL injection, Cross-Site Request Forgery (CSRF), forceful browsing, cookie poisoning and invalid input?  Web Application Firewall (WAF)
  11. Applying the correct patch, following the correct procedure, at the correct time   NSLOOKUP
  12. Both DNS poisoning and ARP poisoning involves  Spoofing
  13. DoS attacks are for gaining unauthorized access or control of a system  False
  14. For what purpose should the network traffic log be analyzed?  To check for suspicious traffic
  15. For what purpose would it be desired to capture the system image?  So memory analysis can be performed later
  16.  Hashing aims to produce:  A fixed-size bit string
  17. In Active Directory, what does authorization?  LDAP
  18. In Windows network, transitive trust is used among the different domains inside a forest for implementing:  Authentication
  19. Many botnets were controlled through using what protocol?  IRC
  20. MD5 uses a hash value to create a hash which is typically a 32 character hex number and how many bits?  128
  21. MD5 uses a hash value to create a hash which is typically a 32 character hex number and how many bits?  128
  22. NIDS is an advanced version of NIPS.   False
  23. One may not have control over how exactly the data is safeguarded  False
  24. Packet sniffing can be helpful in detecting rogue packets.  True
  25. Proxies are “devices” that are strictly software-only  False
  26. RIPEMD is a suite of cryptographic hash functions developed basing upon:  MD4
  27. Secure Sockets Layer (SSL) is the predecessor of   TLS
  28. SNMP uses which port by default?  161
  29. The forensic investigator at a crime lab will be performing a forensic analysis of a hard drive that was brought in by state troopers. What should be done before performing the analysis?  Capture a system image
  30. The security administrator for a large organization receives numerous alerts from a network-based intrusion detection system (NIDS) of a possible worm infection spreading through the network via network shares. Before taking any drastic action to solve this problem such as blocking file sharing, what should first be done?   Call an emergency change management meeting to ensure the solution will not have unforeseen negative affects.
  31. The security administrator for Corp.com. You are explaining to your CIO the value of credentialed scanning over non-credentialed scanning. In credentialed scanning, policy compliance plugins give you which advantage?  Customized auditing
  32. To achieve server scalability, more servers may be added to a configuration and make use of  Load balancers
  33. To avoid potential documentary errors and security leaks, the configuration of firewalls should not be documented unless strictly necessary.  False
  34. Under which of the following does “shoulder surfing” fall  Social engineering
  35. Viruses, botnets, social engineering, and drive-by-downloads and other methods used to attack a target are best described as which of the following?  Threat vectors
  36. What attack involves impersonating another device?  Spoofing
  37. What can be deployed to intercept and log network traffic passing through the network?  Protocol analyzers
  38. What can be used to offer an extra layer of protection on the network for those hosts running behind the firewall?  DMZ
  39. What causes buffer overflow?  Flaw in programming
  40. What is always the first line of defense in protecting data and information?  Passwords
  41. What is PBKDF2 for?  Hashing passwords for storage
  42. What is SSH?  An encryption management protocol
  43. What protocol offers the capability to deploy RADIUS in an Ethernet network?  EAP
  44. What will be the available drive space in a RAID 5 configured system with 3 250GB hard drives?  500 GB
  45. Which is not a common symptom of a RAID array failure?  Overheating
  46. Which of the following are recompiled UNIX tools that can hide evidence of the intrusion?  Rootkits
  47. Which of the following are zombie armies formed by a number of innocent hosts set up to perform malicious operations?  Botnets
  48. Which of the following involves deploying a large number of compromised hosts to flood a target system?  DDoS
  49. Which of the following is a form of delayed-execution virus?  Logic Bomb
  50. Which of the following is false concerning vulnerability scanning?  All scanning attempts must be credentialed
  51. Which of the following is NOT a means used by an attacker to do reconnaissance on a network?  Smurf attack
  52. Which of the following is not a measure for achieving availability?  Hashing
  53. Which of the following is not a valid physical security measure?  System patching
  54. Which of the following is not an available protocol for security purposes?  NetBIOS
  55. Which of the following is the main purpose of a firewall?  Access control
  56. Which of the following is true concerning RC4?   It was the most widely used software stream cipher
  57. Which of the following is true regarding cloud storage?  One may not have control over how exactly the data is safeguarded
  58. Which of the following is usually bundled as a hidden component of a freeware?  Spyware
  59. Which of the following MAINLY applies to email that appears to be sent from a legitimate business?  Phishing
  60. Which of the following measures does not protect data integrity?  Mantrap
  61. Which of the following risks does the use of social netowrking and P2P platforms pose?  Social engineering attacks
  62. Which of the following services only requires a single port be opened on the firewall?  HTTP
  63. Which of the following statement regarding proper patch management is true?  Applying the correct patch, following the correct procedure, at the correct time
  64. Which port should be filtered (or blocked) to disallow NETBIOS traffic?    139
  65. With this type of key cryptography, the sender and receiver of a message share a single common key   Symmetric
  66. With this type of key cryptography, the sender and receiver of a message share a single common key  Symmetric

Other Links:

Statistics Quiz

Networking Quiz

See other websites for quiz:

Check on QUIZLET

Check on CHEGG

Post Views: 102

Leave a Reply

Your email address will not be published. Required fields are marked *