Most Operating Systems Aside from Microsoft’s Windows based are traces its heritage back to Unix. Ex: Solaris, IBM AIX, Linux, Mac OS X, Android, iOS, Chrome OS are often called “Unix-like” operating systems. Network Security

Data Center Consolidation

Data center consolidation is the process of reducing the volume of physical IT assets through highly efficient and scalable technologies. Organizations leverage data center consolidation to reduce operating costs.

Analyse and Solve Serious Hardware and Sofware Problems

Listing several basic hardware and software troubleshooting steps with respect to operating systems, software programs, and computer hardware.

Mission Critical Systems

A mission critical system is a system that is essential to the survival of a business or organization. When a mission critical system fails or is interrupted, business operations are significantly impacted.

The best server hardware to maximize IT performance

Data center hardware advances target new workloads such as big data processing, as well as higher efficiency for existing apps and services. The best server hardware for your data center depends on existing and planned application architectures, data center operations staff skills and of course the IT budget.

Monday, July 13, 2020

Certified Network Security Specialist Quiz Questions

Which of the following is the best definition for non-repudiation?
The process to Verify Which user performs the action.

What is the acronym of URL.

Subnetting is used to split a network into smaller portions.
True

Class A IPs with range 0-126 are reserved for multicasting.
False

Server Message Block (SMB) protocol runs on which port?
Which of the following is NOT one of the three major classes of threats?
Online auction fraud

Trivial File Transfer Protocol (TFTP) runs on which port?
69

Blocking attacks seek to accomplish what?
Prevent legitimate users from accessing a system

Malware is NOT a common threat for systems.
False

The most desirable approach to security is one which is:

What is the danger inherent in IP spoofing attacks?
Many firewalls do not examine packets that seem to come from within the network

What is a Trojan horse? (2 Answers)

The most common session-hijacking is man in the middle attack
True

Which of the following best describes session hacking?
Taking control of a target machine remotely

Which of the following is the best definition of a virus?
Software that self-replicates

To be protected against Ping of death attacks ensure that all operating systems are patched.
True

The point of hijacking a connection is to exploit trust and gain access to a system.
True

Which of the following is the best definition for IP spoofing?
Smurf attack is a popular DoS attack
True

Why might a proxy gateway be susceptible to a flood attack?
It allows multiple simultaneous connections

What is the most important security advantage to NAT
It hides internal network addresses 

Why  a stateful packet inspection firewall is less susceptible to spoofing attacks?

Which type of firewall is considered the most secure?
Stateful packet inspection

Which of the following can be shipped preconfigured?
Router-based firewalls

A device that hides its internal IP addresses is called?

Which of the following is an advantage of the network host based configuration?
It is inexpensive or free

Which of the following is a combination of firewalls?
Bastion host firewalls

What type of firewall requires client applications to be authorised to connect?
Application gateway

Which of the following are four basic types of Firewalls?

What is another term for preemptive blocking?
Banishment vigilance

Specter is an advanced IDS system
False

A system that is setup for attracting and monitoring intruders is called?
Honeypot

A series of ICMP packets sent to your ports in sequence might indicate what?
A ping flood

Attempting to attract intruders to a system setup for monitoring them is called?

Which of the following is NOT a profiling strategy used in anomaly detection?
System monitoring

IDS is an acronym for:
Intrusion-detection system

What type of IDS is Snort?

A profiling technique that monitors how applications use resources is called?
Executable profiling

Which of the following is the symmetric key system using blocks?
DES

Blowfish is an asymmetric stream cipher
 False

Which encryption algorithm uses a variable length symmetric key?
Blowfish

Which of the following is an encryption method developed by three mathematicians?
RSA

Which hashing algorithm do modern windows system use?
NTLM

What is a digital signature?
 A piece of encrypted data added to other data to verify the sender

What is the purpose of a certificate?
 To validate the sender of a digital signature or software

Which of the following encryption algorithms is a block cipher and uses the Rijndael algorithm?
 AES

Which of the following uses key sizes equal to 128, 192 and 256 bits?
AES

Secure Multipurpose Internet Mail Extensions (S/MIME) use X.509 certificates to secure e-mail communication
True

 The ESP Protocol provides data confidentiality and authentication.
 True
 
Which of the following is an important security feature in CHAP
 It periodically re-authenticates

Which authentication protocols are available under PPTP?
 EAP,CHAP

Which of the following is generally considered the least secure?
 PAP

What is the purpose of IKE?
 Key exchange

Which of the following is a weakness in PPTP?
 No encryption

Openswan is a VPN solution provided by CISCO.
 False

PPTP is based on which protocol?
 PPP

PPTP is an acronym for which of the following?
 Point-to-Point Tunneling Protocol

What does L2TP stand for?
 Layer 2 Tuneling Protocol

Which of the following best describes the registry
 A database containing system settings

What account lockout threshold does the NSA recommends?
 3 tries

The command sudo find/-perm -4000 checks for the location of suid binaries
 True

What minimum password length does the NSA recommends?
 12

What level of privileges all users must have?
 Least possible

What maximum password age does Microsoft recommend?
 42 days

What type of encryption does EFS utilize?
Public key encryption

What is the rule for unused services on any computer?
 Turn them off

A Linux system has a repository of packages available to be installed on the system
 True

What operating system requires periodic patches?
 All

What is active code scanning?
Actively scanning for malicious code

The unfortunate side effect of heuristic scanning is that it can easily lead to false positives
True

What is the most common method of virus propagation?
Through e-mail attachments

In the context of viruses what is a .dat file?
A file with virus definitions

The first known ransomware was the 1995 PC Trojan
False

In the event of a virus infection, the first priority is to contact the IT department.
False

What is heuristic scanning?
Scanning using a rules-based approach

Which of the below are famous Trojan Horses? (Choose two)
Netbus
FinFisher

What malicious activity did the Rombertik virus attempt?
It overwrote the master boot record

Which of the following should be the least important consideration when purchasing antivirus software?
Cost of the software

Which of the following should be recommended as acceptable e-mail attachments?
Text attachments

What is the best rule of thumb in access control?
Allow the least access job requirements allow

Instant messaging can be used not only for business communication but also for personall communication.
False

Always open email attachments coming from unknown sources.
False

Passwords must always be shared with any person for any reason.
False

Which of the following is NOT an example of a user password policy?
Users may share passwords only with their assistants

What should an employee do if she believes her password has been revealed to another party?
Change her password immediately

Which of the following is the best reason users should be prohibited from installing software?
They may install software that disables existing security programs on your machine

Which of the following is NOT an area user policies need to cover.
If and when to share passwords

Logon accounts, VPN, network and any other resources should NOT be disabled for leaving employees.
False 

All visitors to the building must be logged in and escorted by an employee at all times.
True

Which of the following is the most fundamental aspect of security?
Implementing an IDS

All employees within a company must have access to the server room.
False

Which of the following best describes risk assessment.
Evaluating the security of a network

Which of the following is the least necessary security device/software
Encryption for all internal transmissions

Virus attacks utilize uncommon ports to gain access to a system.
True

You should have a document that lists physical security is in place
True

Ports 1 through 1024 are NOT assigned and used for well-known protocols
False

What is NOT a primary reason for documenting your security activity and audits?
To demonstrate how much work the network administrators usually do

Open Web Application Security Project is the standard for risk assessment.
False

Which U.S. standard should you consult to guide you in developing security policies?
NIST SP 800-14

ISO 27035 describes incident management.
True

Which standard defines Management System Auditing?
ISO 27007

PCI DSS is a proprietary information security standard for organisations that handle cardholder data.
True

Which U.S. standard covers risk assessment?
NIST SP 800-30

NIST SP 800-30 Rev.1 is a standard for conducting risk assessments.
True

What is the acronym of GDPR?
General Data Protection Regulation

What standard should you consult for managing incident response?
ISO 27035

What does the Step 3 in NIST 800-30 Rev.1 clarifies?
Threat Identification

Which of the following describes ISO 27003?
ISMS Implementation

How should a company test the integrity of its backup data
Restoring the backup

What is a mantrap?
A double door facility used for physical access control

Cameras must be placed so that they have an unobstructed view of the areas you want to monitor.
True

Which of the following is NOT considered a disaster?
Server Maintenance

A common method of securing building access is to have a locked door or barrier requiring employee ID.
True

The disaster recovery plan has as a major goal to get the organisation back to full functionality.
True

Which RAID level offers dual parity
6

The plan for recovering from an IT disaster and having the IT infrastructure back in operation is called?
DRP

Which RAID level uses mirroring?
1

RAID 0 does not offer fault tolerance
True

From a port scanning you identified that port 88 is open. What does this tell you?
The target system uses Kerberos authentication

If you send a SYN to an open port what is the correct response?
SYN/ACK

Which of the following is the most reliable type of scan?
SYN

Trying to identify machines on a target network is called?
Enumeration

Julie has been hired to perform a penetration test on xyz.com.
Passive Information Gathering