Beruflich Dokumente
Kultur Dokumente
A ping sweep
A) Sends ICMP echo requests to the target machine
B) Is an exploit that creates a denial of service (DoS) using ICMP echo requests
C) Is a method of clearing your network
D) Determines what services are running on a system
2.
What is an unstructured threat?
A) An attack that is uncoordinated, nonspecific, and lasts a short amount of time
B) An elite hacker who mounts an attack against a specific target
C) A poorly engineered building
D) A type of malicious code that formats the hard drive on a computer.
3.
In 2009 _______________ was cut and resulted in widespread phone and Internet
outages in the San Jose area of California.
4.
A successful attack on a network may adversely impact security in all the following ways
EXCEPT:
A) Loss of confidentiality
B) Loss of integrity
C) Loss of functionality
D) Loss of availability
5.
Which of the following is not one of the three general methods used in authentication?
A) Something you do
B) Something you have
C) Something you are
D) Something you know
6.
Authentication means that the person who sends and e-mail will be unable to deny
sending the e-mail.
A) True
B) False
7.
The first step an administrator can take to reduce possible attacks is to
A) Install a firewall
B) Ensure all patches for the operating system and applications are installed
C) Configure an intrusion detection system
D) Install anti-spyware software
Points Earned: 1.0/1.0
Correct Answer(s): B
8.
The term "script kiddies" refers to
A) A children's television show
B) A type of video game
C) A hacker of low-end technical ability
D) An Internet site for peer-to-peer music sharing
9.
As the level of sophistication of attacks _________, the level of knowledge necessary to
exploit vulnerabilities decreased.
10.
A person who tries to gradually obtain information necessary to compromise a network—
by first appealing for help, and then, if necessary, by a more aggressive approach—is a(n)
__________.
A) phreaker
B) social engineer
C) hacktivist
D) terrorist
12.
The ability to manage whether a subject can interact with an object is called
_______________.
13.
Fifty years ago, few people had access to a computer system or network, so securing
them was a relatively easy matter.
A) True
B) False
14.
Vladimir Levin was able to steal $10 Million from _______________ by using its cash
management system.
15.
The hacker was successful in breaching the firewall, the packet filtering router, and the
internal firewall, but was quickly detected and unable to get past the workstation personal
firewall. This is an example of what principle?
A) Job rotation
B) Layered security
C) Security through obscurity
D) Diversity of defense
What is the problem described by the van Eck phenomenon and studied under
TEMPEST?
A) Magnetic fields that interfere with signals crossing Local Area Network (LAN)
cables
B) Electromagnetic pulses destroying sensitive computer equipment
C) Piggybacking on electromagnetic communications
D) Electromagnetic eavesdropping
2.
Halon is effective at putting out fires and safe for humans but can damage equipment.
A) True
B) False
3.
Your boss needs instructions explaining the steps of how to send encrypted email
properly for all employees. You will need to create the _________.
A) procedure
B) policy
C) guideline
D) standard
4.
Voice recognition, iris scans, and facial geometry can be used for biometric access
controls.
A) True
B) False
5.
Shoulder surfing is when a person looks over the shoulder of another person while typing
pins or passwords.
A) True
B) False
7.
When an attacker attempts to get credit card numbers using telephone and voice
technologies, it's called
A) Phreaking
B) Telephishing
C) Vishing
D) Voicing
8.
One of the most effective tools for foiling the efforts of a social engineering attack is an
active security awareness program.
A) True
B) False
9.
The greatest danger to networks comes from
A) Attacks coming across the public switched telephone network
B) Natural disasters
C) Foreign hackers
D) Insiders
10.
When an attacker tries to position himself behind a user so that he can see what keys are
being typed or what information is on the screen is called _______________
11.
_______________ are mandatory elements regarding the implementation of a policy.
12.
Statements made by management that lays out the organization's position on an issue are
called ________.
A) procedures
B) policies
C) guidelines
D) standards
14.
_______________ is the simple tactic of following closely behind a person who has just
used their own access card or PIN to gain physical access to a room or building.
15.
_______________ are devices that have batteries that are used to keep equipment
running in the event of a power outage.
1.
_______________ is done by comparing the input plaintext to the output ciphertext to try
to determine the key used to encrypt the information.
3.
PKI can be used as a measure to trust individuals we do not know.
A) True
B) False
4.
Keyspace refers to
A) All possible key values
B) The number of keys needed to encrypt or decrypt a message
C) The location where keys are stored
D) The portion of the algorithm that the key connects with to encrypt or decrypt a
message
5.
The benefit of SHA-1 over MD5 is that it is resistant to a collision attack.
A) True
B) False
6.
All of the following are asymmetric encryption algorithms EXCEPT:
A) ECC
B) RSA
C) 3DES
D) ElGamal
7.
The process for protecting intellectual property from unauthorized used is called
A) Digital signatures
B) Digital rights management
C) Key escrow
D) Anti-pirating management
8.
What is a certificate authority?
A) An entity that generates electronic credentials
B) An entity that requires proof of identity from the individual requesting a
certificate
C) A centralized directory in which the registered certificate is stored
D) An entity that generates a digitally signed identification certificate
9.
Hiding a text file in a jpg file is an example of steganography.
A) True
B) False
10.
The encryption method based on the idea of using a shared key for encryption and
decryption of data is
A) Symmetric encryption
B) Elliptical curve encryption
C) Hashing function
D) Asymmetric encryption
11.
The term used to describe a centralized directory that can be accessed by a subset of
individuals is _______________
13.
All of the following are cryptographic applications EXCEPT:
A) FreeOTFE
B) PGP
C) StegDetect
D) GnuPG
14.
How is an outsourced CA different from a public CA?
A) It provides dedicated services, and possibly equipment, to an individual
company.
B) The CA is implemented, maintained, and controlled by the company that
implemented it.
C) The CA is already established and being used by many individuals and
companies.
D) The CA provides more flexibility for companies.
Points Earned: 1.0/1.0
Correct Answer(s): A
15.
The difference between centralized and decentralized infrastructures is
A) In a decentralized infrastructure, the certificate may have an extended lifetime.
B) The network administrator sets up the distribution points in centralized
infrastructures.
C) The location where the cryptographic key is generated and stored is different.
D) The key pairs and certificates do not have a set lifetime in centralized
infrastructures.
1.
What is PKCS?
A) A method of private cryptography used by the military
B) A method of encrypting e-mail from the IRS
C) One of the standards used in implementing a public key infrastructure
D) The method of encryption that used a 40 bit encryption key
2.
PKI stands for _______________
3.
For products evaluated by Common Criteria, the highest level of assurance is
A) EAL 7
B) EAL 1
C) EAL9
D) EAL 8
4.
WEP uses public key encryption so it has secure wireless communications.
A) True
B) False
5.
A mantrap is used to prevent piggybacking.
A) True
B) False
6.
Theft of the computer, using a boot disk to simply erase all data on the drives, or simply
unplugging computers are all effective for ___________.
8.
What is PKIX?
A) The method of encryption that uses a 40 bit encryption key
B) One of the standards used in implementing a public key infrastructure
C) A method of encrypting e-mail from the IRS
D) A method of private cryptography used by the military
9.
_______________ is the process is taking the entire contents of a hard drive and copying
them to a single file on a different media.
10.
The X.905 standard specifies formats for public key certificates.
A) True
B) False
11.
An ionization fire detection device
A) Detects smoke
B) Provides advanced warning for smoldering fires
C) Detects fast burning fires
D) Detects heat
12.
_______________ is used to encrypt web traffic and uses port 443.
13.
Pretty good privacy (or PGP) is
A) A privacy group that fights against the government
B) A password management system
C) A common encryption method for e-mail
D) A method of security an operating system kernel
15.
A popular program used to encrypt and decrypt e-mail and files is _______________.
1.
Which transport layer protocol is connection oriented?
A) UDP
B) IP
C) TCP
D) ICMP
2.
Which operating system is immune to virus attacks?
A) Windows 7
B) Red Hat Linux
C) Mac OS X
D) No operating system is immune.
3.
The buffer between the outer network where there are no controls and the inner secure
network is referred to as the
A) DMZ
B) Intranet
C) Internet
D) Extranet
4.
The correct sequence of the three-way handshake is
A) SYN/ACK, SYN/ACK, SYN/ACK
B) ACK, SYN/ACK, SYN
C) SYN, SYN/ACK, ACK
D) SYN/SYN, ACK/ACK, SYN/SYN
5.
_______________ is the protocol used to resolve an IP address to a MAC address.
6.
DNS resolves a domain name to an IP address.
A) True
B) False
7.
Managing the endpoints on a case-by-case basis as they connect is a security
methodology known as _______________.
8.
Which protocol is responsible for resolving an IP address to a MAC address?
A) DNS
B) ICMP
C) RARP
D) ARP
9.
_______________ translates private (nonroutable) IP addresses into public (routable) IP
addresses.
11.
Preventing physical access to a server by an unauthorized individual is the
A) An organization's least important concern
B) Primary security concern for a system administrator
C) Reason we implement firewalls
D) Responsibility of the CFO of an organization
12.
The series of worldwide interconnected networks is referred to as the
A) Extranet
B) Intranet
C) DMZ
D) Internet
14.
Which transport layer protocol is connectionless?
A) IP
B) TCP
C) ICMP
D) UDP
15.
What protocol is used to manage IP address space?
A) DHCP
B) SNMP
C) ICMP
D) TCP
1.
_______________ is a modulation type that spreads the traffic sent over the entire
bandwidth.
2.
_______________ is the granting of specific permissions based on the privileges held by
the account.
3.
A door that requires a thumbprint, key card, and password is an example of
A) Mutual authentication
B) Multifactor authentication
C) Single sign-on
D) Dual access control
4.
One of the fundamental design aspects of TACACS+ is the separation of authentication,
authorization, and accounting.
A) True
B) False
6.
Which of the following protocols involves a three-way handshake and uses a shared
secret key for communication?
A) S/Telnet
B) PAP
C) TCP
D) CHAP
7.
_______________ authentication is a term that describes the use of more than one
authentication mechanism at the same time.
8.
The three major components of the SSH protocol are the
A) User Datagram Protocol, User Encryption Protocol, and Connection Protocol
B) Transport Layer Protocol, User Authentication Protocol, and Connection
Protocol
C) User Datagram Protocol, User Authentication Protocol, and Connection
Protocol
D) Transport Layer Protocol, User Encryption Protocol, and Connection Protocol
9.
The security concern over the so-called WAP gap is when
A) WAP protocol is susceptible to Gateway Acquisition Pilfering (gap).
B) WAP gateways have a significant lag and hold the messages long enough for
them to be decrypted by attackers.
C) The encryption fails to translate from one encryption scheme to another.
D) WAP gateways perform translation from one encryption standard to another all
messages are seen in plaintext by the WAP gateway.
10.
Physical access to a machine will enable an attacker to bypass any security measure that
has been placed on that machine.
A) True
B) False
11.
_______________ multiplexes or separates the data to be transmitted into smaller chunks
and then transmits the chunks on several sub channels.
12.
_______________ describes a process in which each side of an electronic
communication verifies the authenticity of the other.
13.
Which type of access control would allow the company to restrict employee access to the
payroll file after hours or on weekends?
A) Discretionary access control
B) Rule-based access control
C) Role-based access control
D) Mandatory access control
14.
Security issues associated with WTLS include which of the following?
A) The specifications do not allow connections without high security.
B) Clients with low memory or CPU capabilities cannot support encryption.
C) WTLS cannot cope with limited processor capacity.
D) WTLS cannot cope with small amounts of memory.
15.
In _______________, the attacker uses a Bluetooth to establish a serial connection to the
device.
1.
The biggest change that has occurred in security over the last 30 years has been the
change in the computing environment from small, tightly contained mainframes to a
highly widespread network of much larger systems.
A) True
B) False
2.
A successful attack on a network may adversely impact security in all the following ways
EXCEPT:
A) Loss of confidentiality
B) Loss of integrity
C) Loss of functionality
D) Loss of availability
3.
As the level of sophistication of attacks has increased,
A) The level of knowledge necessary to exploit vulnerabilities has increased
B) The level of knowledge necessary to exploit vulnerabilities has decreased
C) The level of skill necessary to exploit vulnerabilities has increased
D) The amount of exploit software available on the Internet has decreased
4.
The IDS fails to alert on an intruder's ping sweep and port scan. This is a failure of which
element of the operational model of computer security?
A) Protection
B) Prevention
C) Detection
D) Response
5.
___________ places the focus on the security processes and the actual data.
A) Computer security
B) Network security
C) Information assurance
D) Communications security
6.
A company doing business online conducted all financial transactions over the Internet
without any encryption. As a result, customer information such as credit card numbers,
expiration dates, and the security codes found on the back of the credit cards was stolen.
This is a violation of which policy?
A) Due diligence
B) Due process
C) Need to know
D) Acceptable use
7.
_______________ is a set of elements that can lead to the specific identity of a person.
8.
Which type of backup copies all files, but only since the last full backup?
A) Full
B) Differential
C) Incremental
D) Delta
9.
A(n) _______________ is a special mathematical function that performs a one-way
encryption.
Points Earned: 1.0/1.0
Correct Answer(s): hashing function
10.
_______________ is the simple tactic of following closely behind a person who has just
used their own access card or PIN to gain physical access to a room or building.
11.
Which of the following is NOT an example of a poor security practice?
A) The user does not follow established security policies or processes.
B) A result of a lack of security policies, procedures or training within the user's
organization.
C) An employee does not allow a person he is talking to, to enter a secured area
behind him before showing proper credentials.
D) An employee creates on good password and then uses it for all accounts.
12.
Leaving sensitive information in a car is appropriate if the doors are locked and the files
are not in plain view.
A) True
B) False
14.
The art of secret writing that enables an individual to hide the contents of a message from
all but the intended recipient is called
A) Steganography
B) Cryptanalysis
C) Cryptography
D) Key management
15.
_______________ puts the plaintext through a simplified cipher to try to deduce what the
key is likely to be in a full version of the cipher.
16.
_______________ is the PKI component that accepts a request for a digital certificate
and performs the necessary steps of registering and authenticating the person requesting
the certificate.
Points Earned: 1.0/1.0
Correct Answer(s): Registration authority
17.
What is a certificate repository?
A) A directory that calculates a message digest for the certificate
B) An entity that generates electronic credentials
C) A directory that requires a centralized infrastructure
D) A centralized directory in which the registered certificate is stored
18.
An in-house certificate authority is
A) A CA that is already established and being used by many individuals and
companies
B) A certificate authority that is maintained and controlled by the company that
C) implemented it
D) A CA that provides dedicated services, and possibly equipment, to an
individual company
E) A CA that provides more flexibility for companies
19.
The current version of S/MIME is version 2.
A) True
B) False
20.
What are the SSL and TLS used for?
A) A means of securing application programs on the system
B) To secure communication over the internet
C) A method to change from one form of PKI infrastructure to another
D) A secure way to reduce the amount of SPAM a system receives
21.
The _______________ protocol was introduced by Netscape as a means of providing
secure connections between the client and server for exchanging information.
22.
What kind of copy is a drive image?
A) Bit-by-bit copy
B) File-by-file copy
C) Partition copy
D) A copy of all images on the drive
23.
A mantrap is used to prevent piggybacking.
A) True
B) False
24.
One drawback to water-based fire suppression systems is that they
A) Can be toxic to humans
B) Can cause more damage to equipment
C) Are the most expensive type of suppression system
D) Are not useful against type A fires
25.
Which of the following is not a private IP address?
A) 10.100.200.100
B) 172.32.32.21
C) 192.168.1.1
D) 192.168.254.254
26.
Local packet delivery (where packets are delivered on a LAN) uses ________ addresses
to send packets.
27.
LAN and WAN networks can be connected.
A) True
B) False
28.
_____________ is/are computers in a network that host applications and data for
everyone to share.
A) Linux boxes
B) Servers
C) Firewalls
D) Cryptography
29.
Hubs are the most common device used for connecting computers on a local area
network.
A) True
B) False
31.
Which type of access control would be used to grant permissions based on the duties that
must be performed?
A) Mandatory access control
B) Discretionary access control
C) Role-based access control
D) Rule-based access control
32.
_______________ authentication is a term that describes the use of more than one
authentication mechanism at the same time.
33.
What does SSH stand for?
A) Simple Security Hardware
B) Secure Socket Help
C) Secure Shell
D) Scientifically Secure Hard Drive
34.
A new standard for sending packetized data traffic over radio waves in the unlicensed 2.4
GHz band is
A) WAP
B) WTLS
C) 802.11b
D) 804.11b
35.
_______________ protocol can support a wide variety of authentication methods and
also fits well into existing authentication systems like RADIUS.
36.
802.1x is not is not compatible with RADIUS or LDAP.
A) True
B) False