Which of the following is the best definition
for non-repudiation?
The process
to Verify Which user performs the action.
What is the acronym of URL.
Subnetting is used to split a network into
smaller portions.
True
Class A IPs with range 0-126 are reserved for
multicasting.
False
Server Message Block (SMB) protocol runs on
which port?
Which of the following is NOT one of the three
major classes of threats?
Online
auction fraud
Trivial File Transfer Protocol (TFTP) runs on
which port?
69
Blocking attacks seek to accomplish what?
Prevent
legitimate users from accessing a system
Malware is NOT a common threat for systems.
False
The most desirable approach to security is one
which is:
What is the danger inherent in IP spoofing
attacks?
Many
firewalls do not examine packets that seem to come from within the network
What is a Trojan horse? (2 Answers)
The most common session-hijacking is man in
the middle attack
True
Which of the following best describes session
hacking?
Taking
control of a target machine remotely
Which of the following is the best definition
of a virus?
Software
that self-replicates
To be protected against Ping of death attacks
ensure that all operating systems are patched.
True
The point of hijacking a connection is to
exploit trust and gain access to a system.
True
Which of the following is the best definition for
IP spoofing?
Smurf attack is a popular DoS attack
True
Why might a proxy gateway be
susceptible to a flood attack?
It allows
multiple simultaneous connections
What is the most important security advantage
to NAT
It hides
internal network addresses
Why a stateful packet inspection
firewall is less susceptible to spoofing attacks?
Which type of firewall is considered the most
secure?
Stateful
packet inspection
Which of the following can be shipped
preconfigured?
Router-based
firewalls
A device that hides its internal IP addresses
is called?
Which of the following is an advantage of the
network host based configuration?
It is
inexpensive or free
Which of the following is a combination of
firewalls?
Bastion
host firewalls
What type of firewall requires client
applications to be authorised to connect?
Application
gateway
Which of the following are four basic types of
Firewalls?
What is another term for preemptive blocking?
Banishment
vigilance
Specter is an advanced IDS system
False
A system that is setup for attracting and
monitoring intruders is called?
Honeypot
A series of ICMP packets sent to your ports in
sequence might indicate what?
A ping
flood
Attempting to attract intruders to a system
setup for monitoring them is called?
Which of the following is NOT a profiling
strategy used in anomaly detection?
System
monitoring
IDS is an acronym for:
Intrusion-detection
system
What type of IDS is Snort?
A profiling technique that monitors how
applications use resources is called?
Executable
profiling
Which of the following is the symmetric key system using
blocks?
DES
Blowfish is an asymmetric stream cipher
False
Which encryption algorithm uses a variable length symmetric
key?
Blowfish
Which of the following is an encryption method developed by
three mathematicians?
RSA
Which hashing algorithm do modern windows system use?
NTLM
What is a digital signature?
A piece of encrypted data added to other data
to verify the sender
What is the purpose of a certificate?
To validate the sender of a digital signature
or software
Which of the following encryption algorithms is a block
cipher and uses the Rijndael algorithm?
AES
Which of the following uses key sizes equal to 128, 192 and
256 bits?
AES
Secure Multipurpose Internet Mail Extensions (S/MIME) use
X.509 certificates to secure e-mail communication
True
The ESP Protocol provides data confidentiality and
authentication.
True
Which of the following is an important security feature in
CHAP
It periodically re-authenticates
Which authentication protocols are available under PPTP?
EAP,CHAP
Which of the following is generally considered the least
secure?
PAP
What is the purpose of IKE?
Key exchange
Which of the following is a weakness in PPTP?
No encryption
Openswan is a VPN solution provided by CISCO.
False
PPTP is based on which protocol?
PPP
PPTP is an acronym for which of the following?
Point-to-Point Tunneling Protocol
What does L2TP stand for?
Layer 2 Tuneling Protocol
Which of the following best describes the registry
A database containing system settings
What account lockout threshold does the NSA recommends?
3 tries
The command sudo find/-perm -4000 checks for the location of
suid binaries
True
What minimum password length does the NSA recommends?
12
What level of privileges all users must have?
Least possible
What maximum password age does Microsoft recommend?
42 days
What type of encryption does EFS utilize?
Public key
encryption
What is the rule for unused services on any computer?
Turn them off
A Linux system has a repository of packages available to be
installed on the system
True
What operating system requires periodic patches?
All
What is active code scanning?
Actively
scanning for malicious code
The unfortunate side effect of heuristic
scanning is that it can easily lead to false positives
True
What is the most common method of virus
propagation?
Through e-mail
attachments
In the context of viruses what is a .dat file?
A file with
virus definitions
The first known ransomware was the 1995 PC
Trojan
False
In the event of a virus infection, the first
priority is to contact the IT department.
False
What is heuristic scanning?
Scanning
using a rules-based approach
Which of the below are famous Trojan Horses?
(Choose two)
Netbus
FinFisher
What malicious activity did the Rombertik
virus attempt?
It overwrote the master boot
record
Which of the following should be the least
important consideration when purchasing antivirus software?
Cost of the
software
Which of the following should be recommended
as acceptable e-mail attachments?
Text
attachments
What is the best rule of thumb in access
control?
Allow the least
access job requirements allow
Instant messaging can be used not only for
business communication but also for personall communication.
False
Always open email attachments coming from
unknown sources.
False
Passwords must always be shared with any person
for any reason.
False
Which of the following is NOT an example of a
user password policy?
Users may
share passwords only with their assistants
What should an employee do if she believes her
password has been revealed to another party?
Change her
password immediately
Which of the following is the best reason
users should be prohibited from installing software?
They may
install software that disables existing security programs on your machine
Which of the following is NOT an area user
policies need to cover.
If and when
to share passwords
Logon accounts, VPN, network and any other
resources should NOT be disabled for leaving employees.
False
All visitors to the building must be logged in
and escorted by an employee at all times.
True
Which of the following is the most fundamental
aspect of security?
Implementing
an IDS
All employees within a company must have
access to the server room.
False
Which of the following best describes risk
assessment.
Evaluating
the security of a network
Which of the following is the least necessary
security device/software
Encryption
for all internal transmissions
Virus attacks utilize uncommon ports to gain
access to a system.
True
You should have a document that lists physical
security is in place
True
Ports 1 through 1024 are NOT assigned and used
for well-known protocols
False
What is NOT a primary reason for documenting
your security activity and audits?
To
demonstrate how much work the network administrators usually do
Open Web Application Security Project is the
standard for risk assessment.
False
Which U.S. standard should you consult to
guide you in developing security policies?
NIST SP
800-14
ISO 27035 describes incident management.
True
Which standard defines Management System
Auditing?
ISO 27007
PCI DSS is a proprietary information security
standard for organisations that handle cardholder data.
True
Which U.S. standard covers risk assessment?
NIST SP
800-30
NIST SP 800-30 Rev.1 is a standard for
conducting risk assessments.
True
What is the acronym of GDPR?
General
Data Protection Regulation
What standard should you consult for managing
incident response?
ISO 27035
What does the Step 3 in NIST 800-30 Rev.1
clarifies?
Threat
Identification
Which of the following describes ISO 27003?
ISMS
Implementation
How should a company test the integrity of its
backup data
Restoring
the backup
What is a mantrap?
A double
door facility used for physical access control
Cameras must be placed so that they have an
unobstructed view of the areas you want to monitor.
True
Which of the following is NOT considered a
disaster?
Server
Maintenance
A common method of securing building access is
to have a locked door or barrier requiring employee ID.
True
The disaster recovery plan has as a major goal
to get the organisation back to full functionality.
True
Which RAID level offers dual parity
6
The plan for recovering from an IT disaster
and having the IT infrastructure back in operation is called?
DRP
Which RAID level uses mirroring?
1
RAID 0 does not offer fault tolerance
True
From a port scanning you identified that port
88 is open. What does this tell you?
The target
system uses Kerberos authentication
If you send a SYN to an open port what is the
correct response?
SYN/ACK
Which of the following is the most reliable
type of scan?
SYN
Trying to identify machines on a target
network is called?
Enumeration
Julie has been hired to perform a penetration
test on xyz.com.
Passive
Information Gathering