Introduction of Information Security Systems Cis4385

1. Which if the undermenti mavind IPv6 address type is depute to multiple interfaces besides packets exit only be delivered to unmatched? a. Multicast b. Anycast c. Unicast d. Broadcast set1 intaker Responsesb. Anycast Feedbacka. An anycast address is assigned to a group of interfaces on multiple nodes. Packets atomic go 18 delivered to the archetypal interface only.2. Routers hold in at which OSI layer? a. Physical b. Trans wasting diseaser interface c. profit d. Session mark1 exploiter Responsesc. profit Feedbacka. Routers operate at the net profit layer making routing decisions based on IP addresses.3. Which of the next is non a private IPv4 address? claim altogether that take hold. a. 192. 168. 5. 60 b. 172. 25. 6. 4 c. 10. 0. 6. 5 d. 26. 68. 6. 1 story1 drug drug engager Responsesd. 26. 68. 6. 1 Feedbacka. The private IP address ranges atomic number 18 as follows. IP programme Assigned Range Class A 10. 0. 0. 0-10. 255. 255. 255 Class B 172. 16. 0. 0-172. 31. 255. 255 Class C 192. 168. 0. 0-192. 168. 255. 2554. What is a master of ceremonies that evaluates Internet requests from LAN devices against a set c tout ensembleed? a. Proxy b. Firew all in all c. Load balancer d. NAT server brand1 user Responsesa. Proxy Feedbacka. A server that evaluates Internet requests from LAN devices against a set of rules is called a procurator server. NAT servers per melodic phrase private to public address translation load balancers manage art amongst bunch phalanxs and a firewall filters dealings based on manner wineal comprise lists.5. Which type of device maintains aw arness of the stipulation of connections, thereby close outing IP spoofing antiaircraft guns? a. Stateless packet filtering firewall b. Stateful packet filtering firewall c. NAT filter d. Application-level access rate1 drug user Responsesb. Stateful packet filtering firewall Feedbacka. A stateful packet filtering firewall is one that monitors the state of ea ch(prenominal) connection by examining the header of each packet. Read thisChapter 2 why Security is NeededA stateless packet filtering firewall does non do this. NAT filters perform only private-to-public address translation. An application-level gateway provides protection to a specific application such as FTP.6. Which of the sp atomic number 18-time activity firewall work whole kit at the sitting layer of the OSI model? a. Application layer gateway b. Stateful filtering c. NAT d. Circuit-level gateway mark0 user Responsesc. NAT Feedbacka. Circuit-level gateways work at the Session spirit level of the OSI model and apply certification mechanisms when a transmission control protocol or UDP connection is established they act as a go between for the Transport and Application shapes in TCP/IP.After the connection has been made, packets locoweed flow between the hosts without merely checking. Circuit-level gateways hide information just about the private interlocking, however they do non filter individual packets.7. Which of the side by side(p) argon the two main functions of a proxy server? a. Caching of nett pages b. NAT c. athletic field earmark d. DHCP contour1 exploiter Responsesa. Caching of web pages,c. Domain trademark Feedbacka. A proxy server tells a cyberspace by keeping machines behind it anonymous it does this finished the use of NAT. It to a fault improves web public presentation by caching web pages from servers on the Internet for a set amount of time. b. A proxy server secures a lucre by keeping machines behind it anonymous it does this finished the use of NAT. It likewise improves web performance by caching web pages from servers on the Internet for a set amount of time.8. Which of the pursual devices dirty dog break but non resist fervencys across the entire internet? a. NIDS b. Host-based IDS c. NIPS d. Protocol Analyzer cast1 drug user Responsesa. NIDS Feedbacka. network Intrusion perception System s (NIDS) detect but do not prevent plan of attacks across the entire network. Host-based IDS nominate protect only the host on which it is installed. Network Intrusion Protection Systems (NIPS) prat detect and prevent attacks across the entire network. A Protocol Analyzer can capture traffic but not act upon it.9. When a NIPs blocks legitimate traffic, what is it known as? a. False negative b. squ ar negative c. False incontrovertible d. True positive grade1 exploiter Responsesc. False positive Feedbacka. A blocking of traffic is a positive action, and when it is in response to legitimate traffic, it is considered a put on action thus it is a false positive. A false negative would be when an action is not taken on traffic that is not legitimate. The different(a) two options are normal actions a real negative is the renting of legitimate traffic, whereas a true positive is the blocking of illegitimate traffic.10. Which of the next types of NIPS reacts to actions that dev iate from a baseline? a. Signature-based b. Heuristic c. Anomaly-based d. Bit blocker pattern1 substance abuser Responsesc. Anomaly-based Feedbacka. Anomaly-based NIPS recognizes traffic that is unusual and reports it. Signature-based NIPs are configured with the signatures of attacks. Heuristics looks for patterns in the traffic, whereas bit blocker is a not a type of NIPs.11. Which of the side by side(p)(a) brasss feat to stop the leakage of confidential selective information, a great deal concentrating on chats? a. DHCP b. DNS c. DLP d. STP degree1 user Responsesc. DLP Feedbacka. Data difference prevention (DLP) systems are designed to protect data by way of bailiwick audition. They are meant to stop the leakage of confidential data, often concentrating on communications. As such, they are often also referred to as data leak prevention (DLP) devices, information leak prevention (ILP) devices, and extrusion prevention systems.Regardless, they are intended to be employ to keep data from leaking past a computer system or network and into unwanted hands.12. When a company buys fire insurance they are ____________ essay. a. accepting b. avoiding c. transferring d. reducing horizontal surface1 user Responsesc. transferring Feedbacka. It is possible to transfer some risk to a third-party. An theoretical account of risk conveyance (also known as risk sharing) would be an organization that purchases insurance for a group of servers in a datac submit.The organization still takes on the risk of losing data in the case of server failure, thieving, and disaster, but transfers the risk of losing the money those servers are worth in the case they are lost.13. Which of the following processes block external files that use JavaScript or images from loading into the web browser? a. URL filtering b. capacitance filtering c. Malware inspection d. Blacklists arcdegree1 substance abuser Responsesb. satiate filtering Feedbacka. mental object filtering is a process that blocks external files that use JavaScript or images from loading into the browser. URL filtering blocks pages based on the URL.Malware inspection looks for malware based on a signature file, and blacklists are items to be denied by spam filters.14. Which of the following actions should not be taken for the inadvertence account on a network device? a. invalidate it. b. Change the rallying cry. c. Disable it. d. Leave it as is. scrape1 exploiter Responsesd. Leave it as is. Feedbacka. The default account has a well-known username and tidings, so it should be either deleted or disabled, or at a minimum its password should be changed.15. Firewall rules are typically based in all but which of the following? a. IP addresses b. MAC addresses c. Port numbers . Content type configuration1 User Responsesd. Content type Feedbacka. Firewall rules are typically based on IP addresses, MAC addresses, or port numbers, but they cannot filter for content.16. Which of the following is the target of a double tagging attack? a. VPNs b. VLANs c. Collision domains d. demilitarized zones spirit level1 User Responsesb. VLANs Feedbacka. A double tagging attack can change the attacker to view traffic from multiple VLANs.17. A network created to allow access to resources from the Internet, plot maintaining separation from the internal network is called a ______? a. VPN b. VLAN c. Honeypot d. DMZ print1User Responsesd. DMZ Feedbacka. When talking about computer warranter system, a Demilitarized Zone (DMZ) is a special theater of the network (sometimes referred to as a subnetwork) that houses servers which host information accessed by clients or other networks on the Internet, but which does not allow access to the internal network.18. How can access to the foreign wariness of a router be protected? a. Content filtering b. ACLs c. Firewalls d. IPS Grade0 User Responsesc. Firewalls Feedbacka. Remote access to a router is usually through with(p) via Telnet or S SH. The port utilize (vty line) can be secured using an access control list. The other options can all be used to help protect routers but not access the remote counselling function.19. You need to allow access from your network to all web sites. What port numbers should be heart-to-heart in the firewall? Choose all that apply. a. 25 b. 443 c. 80 d. 119 e. 22 f. 23 Grade1 User Responsesc. 80 Feedbacka. HTTP and HTTPS are the two services you need to allow access to use ports 80 and 443 respectively.20. Which of the following mitigation techniques can prevent MAC runoffing? a. Secure VLANs b. Prevent ICMP responses c. 802. 1x d. 802. 1q Grade1 User Responsesc. 802. 1x Feedbacka.MAC flooding, which involves overwhelming the reposition of the switch with MAC frames sourced from different MAC addresses, can be prevented by requiring authentication on each port through 802. 1x. Secure VLANs cannot prevent this because the frames dont need to enter a VLAN to cause the problem. ICMP is at mould 3, these frames are at Layer 2, and 802. 1q is a VLAN tagging protocol that does not prevent frames from entering the switch through access ports.21. Which of the following attacks cannot be mitigated with a flood guard? a. Smurf attack b. Fraggle c. Teardrop attack d. Session theft Grade1 User Responsesd.Session theft Feedbacka. The smurf, fraggle, and teardrop attacks all involve sending a flood of packets to a device, using different types of unshapely packets. A session theft attack is when a session cookie is stolen and used to evidence to a server.22. Loop protection is designed to address problems that occur with which device? a. Switch b. Hub c. Router d. Firewall Grade0 User Responsesb. Hub Feedbacka. Loops occur when switches confuse redundant connections causing a loop. Loop guard (or loop protection) can prevent loops on the switch.23. When creating an ACL which of the following statements is non true? a.The order of the rules is important for proper pr ocess b. You moldiness complicate a pass up all statement at the end of the rule set for proper functioning c. The more than specific rules should be placed at the beginning of the rule list d. Once created, the ACL must be applied to an interface Grade1 User Responsesb. You must intromit a defy all statement at the end of the rule set for proper functioning Feedbacka. There is an implied deny all statement at the end of each ACL and it is not unavoidable to include one.24. Which of the following is an character of insecure network bridging in a LAN? a. Laptop connected to a hotspot and an ad hoc network . Laptop connected to a wireless network and the wired LAN at the equivalent(p) time c. Router connected to two subnets d. PC connected with two NIC to the very(prenominal) LAN Grade1 User Responsesb. Laptop connected to a wireless network and the wired LAN at the said(prenominal) time Feedbacka. When a laptop connects to a wireless network and the wired LAN at the same time, it can create a bridge between the two allowing access to the LAN. The other scenarios do not create a certification problem for the LAN.25. When the administrator creates a rule on the firewall to prevent FTP traffic, this is a type of __________rule. . implicit deny b. implicit allow c. explicit deny d. explicit allow Grade1 User Responsesc. explicit deny Feedbacka. When traffic is specified to be prevented, it is an explicit deny. When it is denied but because it was not specifically allowed, that is an implicit deny.26. Network recover Control (NAC) is an example of_______________. a. role-based management b. rules-based management c. port-based access d. application layer filtering Grade1 User Responsesb. rules-based management Feedbacka. Network Access Control (NAC) uses rules by which connections to a network are governed.Computers attempting to connect to a network are denied access unless they comply with rules including levels of antivirus protection, system updat es, and so on effectively weeding out those who would perpetuate malicious attacks.27. What type of device is required for communication between VLANs? a. Hub b. Switch c. Router d. Firewall Grade1 User Responsesc. Router Feedbacka. Hosts in different VLANs are also in different subnets and routing must be performed for them to communicate.28. Which of the following would be least likely to be placed in the DMZ? a. Web server b. DNS server c. Domain controller d. FTP serverGrade1 User Responsesc. Domain controller Feedbacka. All the options except a domain controller are often placed in the DMZ so they are accessible to the out-of- penetration orb. A DC however is sensitive and should NOT be placed in the DMZ.29. Subnetting a network creates segmentation at which layer of the OSI model? a. Layer 1 b. Layer 2 c. Layer 3 d. Layer 4 Grade1 User Responsesc. Layer 3 Feedbacka. Subnetting a network creates segmentation using IP addresses, which is Layer 3.30. What service is required to represent multiple private IP addresses with a bingle public IP address? a. NAT b. DHCP c. DNS d. DLP Grade0User Responsesa. NAT Feedbacka. Network Address Translation (NAT) is required to represent multiple private IP addresses with a single public IP address. The specific form of NAT required to represent multiple private IP addresses with a single public IP address is called Port Address Translation (PAT).31. Which of the following is NOT a remote access protocol? a. MS-CHAP b. CHAP c. LDAP d. PAP Grade1 User Responsesc. LDAP Feedbacka. Lightweight Directory Access Protocol is used for accessing directory services such as Active Directory. It is not used in remote access. All other options are remote access protocols.32. Which of the following devices are susceptible to war dialing? a. Modems b. Firewalls c. Content filters d. Load balancers Grade0 User Responsesa. Modems Feedbacka. Any devices that accept phone calls such as modems or PBX systems with remote phone access are s usceptible to war dialing.33. When computers are not allowed to connect to the network without proper certification patches and virus updates, the network is using a form of _____________. a. PAT b. DAC c. NAC d. DMZ Grade0 User Responsesd. DMZ Feedbacka. Network Access Control (NAC) uses rules by which connections to a network are governed.Computers attempting to connect to a network are denied access unless they comply with rules including levels of antivirus protection, system updates, and so oneffectively weeding out those who would perpetuate malicious attacks.34. Which of the following items do not need to be changed on a new router to ensure secure router management? a. IP address b. Administrator name c. Administrator password d. IOS version Grade1 User Responsesd. IOS version Feedbacka. All the options except the IOS version can be set to defaults from the factory and should be changed because they are well known.35. Which of the following is NOT an example of overcast f iguring? a. SaaS b. IaaS c. PaaS d. BaaS Grade1 User Responsesd. BaaS Feedbacka. Software as a dish up (SaaS), radical as a Service (IaaS), and Platform as a Service (PaaS) are all forms of cloud computing.36. On which concept is cloud computing based? a. load balancing b. virtualization c. RAID d. DLP Grade1 User Responsesb. virtualization Feedbacka. All forms of cloud computing use virtualization.37. A terzetto legged security deposit is a form of ______________. a. VPN b. DMZ c. NAT d. ACL Grade1 User Responsesb. DMZ Feedbacka. A three-legged perimeter is a firewall or server with three NICs one pointed to the LAN, one to the Internet, and one to the DMZ.38. Which of the following is NOT a public assistance provided by subnetting? a. It increases security by compartmentalizing the network. b. It is a more efficient use of IP address space. c. It ignores distribute traffic and collisions. d. It eases administration of the network. Grade1 User Responsesd. It eases administra tion of the network. Feedbacka. Subnetting provides a number of benefits but easing administration is not one of them.39. Which of the following is the result of implementing VLANs? . Larger broadcast domains b. small collision domains c. Smaller broadcast domains d. Larger collision domains Grade1 User Responsesc. Smaller broadcast domains Feedbacka. VLANs break up the network into subnets and as such result in smaller broadcast domains.40. Which of the following services helps preserve public IP addresses? a. NAT b. DHCP c. DNS d. SLIP Grade0 User Responsesc. DNS Feedbacka. By allowing the use of private IP addresses inside each network and by representing those groups of private IP addresses with a single public IP address, public IP addresses are conserved by NAT.41. Which of the following remote access protocols are used with VPNs? Choose all that apply. a. PPTP b. PPP c. L2TP d. SLIP Grade1 User Responsesc. L2TP,d. SLIP Feedbacka. Point-to-Point Tunneling Protocol (PPTP) an d Layer Two Tunneling protocol (L2TP) are used with VPNs. PPP and SLIP are used for dial-up. /b. Point-to-Point Tunneling Protocol (PPTP) and Layer Two Tunneling protocol (L2TP) are used with VPNs. PPP and SLIP are used for dial-up.42. Which of the following security protocols operates at the network layer of the OSI model? a. IPSec b. SSH c. SSL d. TLS Grade1 User Responsesa. IPSec Feedbacka.One of the key features of IPSec is its operation at the network layer enabling it to protect any type of communication operating at the hurrying layers of the OSI model.43. Which of the following are components of SNMP? Choose all that apply. a. NMS b. IPSec c. actor d. CARP Grade1 User Responsesb. IPSec,c. Agent Feedbacka. The three components of SNMP are a network management system (NMS), agent bundle, and the managed device, where the agent software operates. /b. The three components of SNMP are a network management system (NMS), agent software, and the managed device, where the agent so ftware operates.44. SSL is designed as a secure replacement for which of the following? a. PPP b. Telnet c. TLS d. SSH Grade0 User Responsesd. SSH Feedbacka. SSL is designed as a secure replacement for Telnet, which commits in clear text.45. Which of the following protocols supersedes SSL? a. SSH b. TLS c. S/MIME d. EAP Grade0 User Responsesa. SSH Feedbacka. TLS 1. 2, the latest version, is used when establishing an HTTPS connection and supersedes SSLv3.46. The operation of which of the following protocols makes the SYN flood attack possible? a. IPX/SPX b. AppleTalk c. TCP/IP d. RIP Grade1 User Responsesc. TCP/IP Feedbacka.TCP/IP uses a multilateral handshake for its connection, and the SYN flood attack attempts to take advantage of the operation of this connection operation.47. Which of the following provides secure web access? a. SFTP b. HTTP c. HTTPS d. SSH Grade1 User Responsesc. HTTPS Feedbacka. HTTPS uses port 443 and is the standard for secure web access.48. SCP is a secure counterpart protocol that uses the port of which other protocol for transfers? a. HTTPS b. SSH c. SSL d. FTPS Grade0 User Responsesd. FTPS Feedbacka. Secure copy (SCP) is another example of a protocol that uses another protocol (and its corresponding port). It uses SSH and ultimately uses port 22 to transfer data.49. Which of the following protocols is abused when a ping flood occurs? a. SNMP b. IGMP c. ICMP d. EIGRP Grade0 User Responsesa. SNMP Feedbacka. ping floods use ICMP echo request packets aimed at the target.50. Which of the following security mechanisms are built into IPv6? a. IPSec b. SSL c. HTTPS d. EAP Grade1 User Responsesa. IPSec Feedbacka. IPv6 has IPSec support built in.51. What method is used by SSL to obtain and validate certificates? a. SPI b. PKI c. TLS d. EAP Grade1 User Responsesb. PKI Feedbacka.SSL and TLS use a public Key Infrastructure (PKI) to obtain and validate certificates.52. What port number does FTPS use to protect the transmission? a. 21 b. 88 c. 443 d. 445 Grade0 User Responsesa. 21 Feedbacka. FTPS uses SSL or TLS over port 443 to make a secure connection.53. Which of the following protocols uses port 22, normally used by SSH, to make a secure connection? a. FTPS b. SCP c. SFTP d. SSL Grade0 User Responsesb. SCP Feedbacka. Secure FTP (SFTP) uses port 22, the port for SSH, which is why it is also sometimes called SSH FTP.54. Which protocol uses ports 161 and 162? a. SMTP b. IMAP4 . SNMP d. IGMP Grade0 User Responsesa. SMTP Feedbacka. SNMP is used to salt away information about and make changes to devices on the network. It uses ports 161 and 162.55. Which protocol uses the same port as HTTPS? a. SCP b. FTPS c. SFTP d. IMAP4 Grade0 User Responsesc. SFTP Feedbacka. FTP secure (FTPS) uses port 443, which is also used by HTTPS.56. Which protocol uses port 69? a. SCP b. FTPS c. TFTP d. IMAP4 Grade1 User Responsesc. TFTP Feedbacka. TFTP uses port 69.57. What port number is used by Telnet? a. 80 b. 443 c. 21 d. 23 Grade1 User Res ponsesd. 23 Feedbacka. Port 23 is used by Telnet.58. Which port does HTTP use? a. 80 b. 443 c. 21 d. 23 Grade0 User Responsesb. 443 Feedbacka. HTTP uses port 80.59. Which port does SCP use to transfer data? a. 80 b. 22 c. 21 d. 23 Grade0 User Responsesc. 21 Feedbacka. SCP uses SSH and thus port 22 to transfer data.60. Which protocol uses port 443? a. HTTPS b. FTPS c. TFTP d. IMAP4 Grade1 User Responsesa. HTTPS Feedbacka. HTTPS uses port 443.61. Which two protocols use port 22? a. HTTPS b. FTPS c. SSH d. SCP Grade2 User Responsesc. SSH,d. SCP Feedbacka. SCP uses SSH and thus port 22 to transfer data, so both(prenominal) protocols use this port. b. SCP uses SSH and thus port 22 to transfer data, so both protocols use this port.62. Which ports does the NetBIOS protocol uses? Choose all that apply. a. 138 b. 139 c. 137 d. 140 Grade3 User Responsesa. 138,b. 139,c. 137 Feedbacka. The NetBIOS protocol uses ports 137 through 139. /b. The NetBIOS protocol uses ports 137 through 139. /c. The NetBIOS protocol uses ports 137 through 139.63. What protocol uses port 53? a. HTTPS b. FTPS c. SSH d. DNS Grade0 User Responsesb. FTPS Feedbacka. DNS uses port 53.64. Which port number does RDP use? a. 3389 b. 1723 c. 1701 d. 140 Grade1 User Responsesa. 3389 Feedbacka. Port 3389 is used for Remote Desktop (RDP).65. What protocol uses port 25? a. HTTPS b. SMTP c. SSH d. DNS Grade1 User Responsesb. SMTP Feedbacka. SMTP uses port 25.66. Which of the following statements is true regarding WPA and WPA2? (Choose all that apply. ) a. WPA uses 256-bit encoding. b. WPA2 uses 128-bit encryption. c. WPA uses TKIP. d. WPA2 uses AES. Grade2 User Responsesc. WPA uses TKIP. ,d. WPA2 uses AES. Feedbacka. WPA uses TKIP 128-bit encryption, whereas WPA2 uses 256-bit AES. /b. WPA uses TKIP 128-bit encryption, whereas WPA2 uses 256-bit AES.67. Which statement is NOT true with regard to WPA2? a. Uses AES encryption b. Meets requirements of 802. 11i c. Uses TKIP encryption d. Uses 256 bit encryption Gr ade1 User Responsesc. Uses TKIP encryption Feedbacka. WPA uses TKIP but WPA2 uses AES.68. Which of the following is the security provided in the original 802. 11 standard? a. WPA b. WPA2 c. WEP d. CCMP Grade1 User Responsesc. WEP Feedbacka. Wired Equivalent silence (WEP) is the security provided in the original 802. 11 standard.69. What is the authentication system that calls for a supplicant, authenticator, and authentication server called? . EAP b. WPA c. WPA2 d. WEP Grade1 User Responsesa. EAP Feedbacka. Extensible stylemark Protocol (EAP) is an authentication system that calls for a supplicant, authenticator, and authentication server.70. Which of the following implementations of EAP requires certificates on the client and the server? a. EAP-FAST b. EAP-TTLS c. PEAP d. EAP-TLS Grade1 User Responsesd. EAP-TLS Feedbacka. EAP-TLS requires certificates on the client and the server.71. Which of the following versions of EAP is cisco proprietary? a. LEAP b. EAP-TTLS c. PEAP d. EAP-T LS Grade1 User Responsesa. LEAP Feedbacka. Lightweight EAP is a version that works only on Cisco devices unless the device is from a partner that participates in the Cisco Compatible Extensions program.72. Why are MAC filters not effective in preventing access to the WLAN? a. The MAC addresses of allowed devices are contained in the beacon fire frames sent by the AP. b. The MAC addresses of allowed devices are contained in any frames sent by the allowed device. c. The administrative effort to maintain the MAC list is prohibitive. d. If the user changes his MAC address, the filter will disallow entry. Grade1 User Responsesb.The MAC addresses of allowed devices are contained in any frames sent by the allowed device. Feedbacka. The MAC addresses of allowed devices are contained in any frames sent by the allowed device and can be seen by those using wireless protocol analyzers. The MAC address can then be spoofed for entry.73. Which of the following frame types contain the SSID? (Choos e all that apply. ) a. Beacon frames b. Data frames c. Association frames d. Authentication frames Grade3 User Responsesb. Data frames,c. Association frames,d. Authentication frames Feedbacka. The SSID is contained in all frames.If the SSID is hidden, it is removed only from the beacon frames. /b. The SSID is contained in all frames. If the SSID is hidden, it is removed only from the beacon frames. /c. The SSID is contained in all frames. If the SSID is hidden, it is removed only from the beacon frames.74. TKIP was designed to correct the shortcomings of which of the following? a. EAP b. WPA c. WEP d. WPA2 Grade1 User Responsesc. WEP Feedbacka. TKIP was designed to correct the shortcomings of WEP. It was a temporary solution for use until the 802. 1x standard was completed.75. Which of the following encryption protocols is used with WPA2? . TKIP b. CCMP c. WEP d. DES Grade1 User Responsesb. CCMP Feedbacka. Counter Mode with Cipher Block Chaining nitty-gritty Authentication Code Pro tocol (CCMP) is the encryption protocol used with WPA2. It addresses the vulnerabilities of TKIP and meets requirements of IEEE 802. 11i.76. Which antenna types would be best for do the signal away from the front of the building for security purposes while still providing reporting in the other part of the building? (Choose all that apply. ) a. Yagi b. Omni c. Parabolic dish d. Semidirectional Grade2 User Responsesa. Yagi,d. Semidirectional Feedbacka.You can use a yagi antenna, which is a type of semidirectional antenna, to shape the coverage area as called for in the scenario. /b. You can use a yagi antenna, which is a type of semidirectional antenna, to shape the coverage area as called for in the scenario.77. How can you keep the existing radiation pattern of the antenna while reducing the coverage area? a. Increase the power of the transmitter. b. Decrease the power of the transmitter. c. Change the polarity of the antenna. d. Remove one of the attenuators from the line. Grade 1 User Responsesb. Decrease the power of the transmitter.Feedbacka. Reducing the power level maintains the radiation pattern while making the area of radiation smaller.78. What organization created WPA? a. FCC b. Wi-Fi compact c. IEEE d. ISO Grade1 User Responsesb. Wi-Fi Alliance Feedbacka. The Wi-Fi Alliance created WPA to address the weaknesses of WEP.79. To which standard is WPA2 designed to stick to? a. 802. 16 b. 802. 11f c. 802. 11i d. 802. 11e Grade1 User Responsesc. 802. 11i Feedbacka. WPA2 is designed to adhere to the 802. 11i security standard.80. Which of the following is the weakest form of security? a. TKIP b. WPA c. WEP d. EAP Grade1User Responsesc. WEP Feedbacka. WEP is the weakest form of security. It has been cracked and is not suitable for opening move WLANs.81. A ______________ attack intercepts all data between a client and a server. a. DDoS b. Man-in-the- diaphragm c. Replay d. Smurf Grade1 User Responsesb. Man-in-the-middle Feedbacka. Man-in-the-middle is a type of active interception. If successful, all communications now go through the MITM attacking computer.82. When a group of compromised systems attack a single target it is a called a _______________ attack. a. DDoS b. Man-in-the middle c. Replay d. Smurf Grade1User Responsesa. DDoS Feedbacka. A distributed denial-of-service attack occurs when a group of compromised systems launches a DDoS attack on a single target.83. When valid data transmissions are maliciously or fraudulently repeated, it is called a _______________ attack. a. DDoS b. man-in-the middle c. replay d. smurf Grade1 User Responsesc. replay Feedbacka. When valid data transmissions are maliciously or fraudulently repeated, it is a called a replay attack.84. What attack sends tremendous amounts of ICMP echoes, broadcasting the ICMP echo requests to every computer on its network or subnetwork? a.DDoS b. Man-in-the middle c. Replay d. Smurf Grade1 User Responsesd. Smurf Feedbacka. A smurf attack sends large amounts of ICMP echoes, broadcasting the ICMP echo requests to every computer on its network or subnetwork. The ICMP request is sent to a broadcast address. When all hosts receive the ICMP broadcast request, these host send ICMP replies to the source address, which has been set to the address of the target.85. ever-changing your MAC address to that of another host is called ___________________. a. spear phishing b. spoofing c. pharming d. vishing Grade1 User Responsesb. spoofing Feedbacka.Spoofing is when an attacker chase the IP or MAC address of another computer.86. Which of the following is more an aggravation than an attack? a. calamus phishing b. Spoofing c. email d. Vishing Grade1 User Responsesc. Spam Feedbacka. Spam or unwanted email is more an aggravation than an attack.87. Which of the following uses instant messaging as its vehicle? a. Spim b. Spoofing c. Phishing d. Vishing Grade1 User Responsesa. Spim Feedbacka. Spam Over Instant Messaging (SPIM) uses IM to deliver the spam.88 . When VoIP phone calls are used in the pursuit of sociable engineering, it is called__________. a. spim b. poofing c. phishing d. vishing Grade1 User Responsesd. vishing Feedbacka. Vishing is phishing performed with VoIP calls, which are harder to trace than regular calls.89. What type of attack is an advanced survey that tries to get around firewalls and look for open ports? a. DDoS b. Man-in-the-middle c. Xmas attack d. Smurf Grade1 User Responsesc. Xmas attack Feedbacka. normally using Nmap, the Xmas attack is an advanced scan that tries to get around firewalls and look for open ports.90. __________________ is when an attacker redirects one websites traffic to another bogus and possibly malicious website. a.DDoS b. Pharming c. Xmas attack d. Smurf Grade1 User Responsesb. Pharming Feedbacka. Host files and vulnerable DNS software can also be victims of pharming attacks. Pharming is when an attacker redirects one websites traffic to another bogus and possibly malicious website. P harming can be prevented by carefully monitoring DNS configurations and host files.91. ___________ is when a person that is not normally classical to a server manages to get administrative permissions to resources. a. Whaling b. Pharming c. gig phishing d. Privilege escalation Grade1 User Responsesd. Privilege escalation Feedbacka.Privilege escalation is when a person that is not normally authorized to a server manages to get administrative permissions to resources.92. Which problem is the most difficult to contend with? a. Malicious insider little terror b. Fraggle attack c. Distributed denial-of-service d. Whaling Grade1 User Responsesa. Malicious insider threat Feedbacka. Because the attacker al shewy is inside the network with company knowledge, a malicious insider threat is the most difficult to contend with.93. What type of attack can DNS poisoning lead to? a. Whaling b. Pharming c. Spear phishing d. Privilege escalation Grade0User Responsesc. Spear phishing Feedbacka. Pharm ing attacks lead users from a legitimate website to a malicious touch. The easiest way to do this is to poison the DNS cache so that the DNS server sends them to the malicious site.94. Strong remark validation can help prevent ____________________. a. bluesnarfing b. SQL injection c. session highjacking d. header manipulation Grade0 User Responsesc. session highjacking Feedbacka. SQL injection attacks user stimulation in web forms that is not correctly filtered. This can be prevented with input validations.95. LDAP injection is an attack on __________________servers. . SQL b. directory c. web d. email Grade1 User Responsesb. directory Feedbacka. Lightweight Directory Access Protocol is a protocol used to maintain a directory of information such as user accounts or other types of objects.96. XML injection can be prevented with __________________. a. IDS b. IPS c. input validation d. complex passwords Grade0 User Responsesd. complex passwords Feedbacka. The best way to protect again st this (and all code injection techniques for that matter) is to incorporate strong input validation.97. The .. / attack is also known as ________________. a. irectory crossbeam b. SQL injection c. session highjacking d. header manipulation Grade1 User Responsesa. directory traversal Feedbacka. Directory traversal, or the .. / (dot dot slash) attack is a method to access unauthorized parent (or worse, root) directories.98. _____________ is when commands and command syntax are entered into an application or OS. a. Directory traversal b. Command injection c. Command highjacking d. Code manipulation Grade1 User Responsesb. Command injection Feedbacka. Command injection is when commands and command syntax are entered into an application or OS.99. Buffer inundations operate against the _________ of the computer. a. NIC b. disk c. CPU d. memory Grade1 User Responsesd. memory Feedbacka. A buffer photoflood is when a process stores data outside of the memory that the developer intended .100. What is the difference between an XSS and XSRF attack? a. The XSS attack exploits the self-assertion a users browser has in a website, whereas the XSFR attack exploits the authority that a website has in a users browser. b. The XSFR attack exploits the trust a users browser has in a website, whereas the XSS attack exploits the trust that a website has in a users browser. . The XSS attack creates a buffer overflow on the website, whereas the XSFR attack creates a buffer overflow on the client. d. The XSS attack creates a buffer overflow on the client, whereas the XSFR attack creates a buffer overflow on the website. Grade1 User Responsesa. The XSS attack exploits the trust a users browser has in a website, whereas the XSFR attack exploits the trust that a website has in a users browser. Feedbacka. The XSS attack exploits the trust a users browser has in a website. The converse of this the XSRF attack exploits the trust that a website has in a users browser. In this attack (al so known as a one-click attack), the users browser is compromised and transmits unauthorized commands to the website.101. _______________ are placed by programmers, knowingly or inadvertently, to revolve normal authentication and other security mechanisms in place. a. Landing spots b. Backdoors c. Hotspots d. Code heels Grade1 User Responsesb. Backdoors Feedbacka. Backdoors are placed by programmers, knowingly or inadvertently, to bypass normal authentication and other security mechanisms in place.102. An XSS attack is also called a(n) __________________ attack. a. Zero day b. Command injection . Xmas d. Cross site scripting Grade1 User Responsesd. Cross site scripting Feedbacka. XSS attacks, also called cross site scripting attacks, exploit the trust a users browser has in a website through code injection, often in webforms.103. ______________can be used by spyware and can track people without their permission. a. MAC addresses b. Cookies c. IP addresses d. Attachments Grade1 User Responsesb. Cookies Feedbacka. Cookies are text files placed on the client computer that store information about it, which could include your computers browsing habits and possibly user credentials.104. Which of the following attachments is the riskiest to open? a.. exe b.. pdf c.. doc d.. txt Grade1 User Responsesa.. exe Feedbacka. A . exe or executable file is one that contains a program that will do something, perhaps malicious to the computer.105. Stolen cookies can be used to launch a(n) ____________________. a. XSS attack b. SQL injection c. session highjack d. header manipulation Grade1 User Responsesc. session highjack Feedbacka. Session cookies authenticate you to a server and can be used to highjack your session.106. Header manipulation alters information in ______________ headers. a. LDAP b. file c. HTTP . SQL Grade1 User Responsesc. HTTP Feedbacka. Header manipulation alters information in HTTP headers and falsifies access.107. An ActiveX control is an example of a(n) _ ________________. a. cookie b. add-on c. cipher d. virus Grade1 User Responsesb. add-on Feedbacka. You can enable and disable add-on programs such as ActiveX controls in the Programs tab by clicking the Manage add-ons button in Internet Explorer.108. When an attack targets an operating system vulnerability that is still unknown to the world in general, it is called a __________. a. P2P attack b. zero day attack c. whaling attack d. DDoS attack Grade1User Responsesb. zero day attack Feedbacka. A zero day attack targets an operating system vulnerability that is still unknown to the world in general.109. __________________is a concept that refers to the monitoring of data in use, data in motion, and data at rest. a. DLP b. DHCP c. DEP d. DMS Grade1 User Responsesa. DLP Feedbacka. Data Loss Prevention (DLP) is a concept that refers to the monitoring of data in use, data in motion, and data at rest. It does this through content inspection and is designed to prevent unauthorized use of da ta as well as prevent the leakage of data outside the computer (or network) that it resides.110. Which form of DLP is typically installed in data centers or server rooms? a. Endpoint DLP b. Network DLP c. Storage DLP d. Comprehensive DLP Grade1 User Responsesc. Storage DLP Feedbacka. Storage DLP systems are typically installed in data centers or server rooms as software that inspect data at rest.111. Which of the following is an example of drive encryption? a. AppLocker b. BitLocker c. Windows defender d. Trusted Platform Module Grade1 User Responsesb. BitLocker Feedbacka. To encrypt an entire hard disk, you need some kind of full disk encryption software.Several are currently available on the market one developed by Microsoft is called BitLocker.112. The beauty of hardware-based encryption devices such as HSM (and TPM) is that it is ____________ than software encryption. a. more difficult to crack b. easier to use than software encryption c. faster than software encryption d. can b e used to calculate data other than encryption keys Grade1 User Responsesc. faster than software encryption Feedbacka. Hardware security modules (HSMs) are somatic devices that act as secure cryptoprocessors.This means that they are used for encryption during secure login/authentication processes, during digital signings of data, and for payment security systems. The beauty of hardware-based encryption devices such as HSM (and TPM) is that it is faster than software encryption.113. A _________________ is a chip residing on the motherboard that actually stores the encrypted keys. a. DLP b. DHCP c. DEP d. TPM Grade1 User Responsesd. TPM Feedbacka. A Trusted Platform Module (TPM) chip is one residing on the motherboard that actually stores the encrypted keys.114. Which of the following is NOT required to encrypt the entire disk in Windows?Choose all that apply. a. TPM chip or USB key b. A hard drive with two volumes c. HSM Module d. Cryptoprocessor Grade2 User Responsesc. HSM Module,d . Cryptoprocessor Feedbacka. Hardware security modules (HSMs) are physical devices that act as secure cryptoprocessors however, they are NOT a part of encrypting the entire disk in Windows. /b. Hardware security modules (HSMs) are physical devices that act as secure cryptoprocessors however, they are NOT a part of encrypting the entire disk in Windows.115. Probably the most important security care with cloud computing is _______________. . less secure connections b. loss of physical control of data c. weak authentication d. bug exploitation Grade1 User Responsesb. loss of physical control of data Feedbacka. Probably the most important security control concern is the physical control of data that is lost when an organization makes use of cloud computing.116. Which of the following is NOT a solution to security electric outlets surrounding cloud computing? a. Complex passwords b. Strong authentication methods c. Standardization of computer programing d. Multiple firewalls Grade1 Us er Responsesd. Multiple firewalls Feedbacka. Solutions to these security issues include complex passwords, strong authentication methods, encryption, and standardization of programming.117. Which form of DLP is typically installed on individual computers? a. Endpoint DLP b. Network DLP c. Storage DLP d. Comprehensive DLP Grade1 User Responsesa. Endpoint DLP Feedbacka. Endpoint DLP systems run on an individual computer and are usually software-based. They monitor data in use such as email communications and can control what information flows between various users.118. Where could you disable the use of removable media on a computer? a. maneuver manager . BIOS c. Control panel d. Programs and features Grade1 User Responsesb. BIOS Feedbacka. BIOS settings can be used to reduce the risk of infiltration including disabling removable media including the floppy drives and eSATA and USB ports.119. What are two shortcomings of using BitLocker drive encryption? a. Weak encryption b. Expensiv e c. transaction suffers d. Shorter drive life Grade2 User Responsesc. Performance suffers,d. Shorter drive life Feedbacka. A drive encrypted with BitLocker usually suffers in performance compared to a nonencrypted drive and could have a shorter shelf life as well. /b. A drive encrypted with BitLocker usually suffers in performance compared to a nonencrypted drive and could have a shorter shelf life as well.120. Which form of DLP is typically installed on the perimeter of the network? a. Endpoint DLP b. Network DLP c. Storage DLP d. Comprehensive DLP Grade1 User Responsesb. Network DLP Feedbacka. Network DLP systems can be software or hardware solutions that are often installed on the perimeter of the network. They inspect data that is in motion.121. Software as a service (SaaS) is a type of _____________ computing. a. HSM b. cloud c. role-based d. TPM Grade1 User Responsesb. cloudFeedbacka. Software as a Service (SaaS) is the most commonly used and recognize example of cloud comp uting. SaaS is when users access applications over the Internet that are provided by a third party.122. Which form of DLP inspects ONLY data in motion? a. Endpoint DLP b. Network DLP c. Storage DLP d. Comprehensive DLP Grade1 User Responsesb. Network DLP Feedbacka. Network DLP systems can be software or hardware solutions that are often installed on the perimeter of the network. They inspect data that is in motion.123. Which of the following is NOT an example of cloud services? a. SaaS b. IaaS c. PaaS d. BaaS Grade1User Responsesd. BaaS Feedbacka. Examples of cloud services include Software as a Service (SaaS), Infrastructure as a Service (IaaS), and Platform as a Service (PaaS).124. When an electronic control suffers an error, reports the error, and shuts down, it is called_____________. a. Failopen b. Failsafe c. Failclose d. Failshut Grade1 User Responsesb. Failsafe Feedbacka. When the control fails and shuts down, it is a failsafe. When it fails and leaves a vulnerable system, i t is a failopen.125. What should be the first thing you check when an intrusion has been detected? a. Firewall logs b. Server logs c. Workstation logs d.Security patches Grade1 User Responsesa. Firewall logs Feedbacka. Logging is also important when it comes to a firewall. Firewall logs should be the first thing you check when an intrusion has been detected. You should know how to access the logs and how to read them.126. Which log on a Windows server is where you could learn if Joe logged in today? a. Applications b. System c. Security d. DNS Grade1 User Responsesc. Security Feedbacka. The security log contains entries about logins and access to resources both successful and unsuccessful.127. Which of the following is NOT an example of physical security? a. Mantraps b.Security logs c. Video surveillance d. Hardware locks Grade1 User Responsesb. Security logs Feedbacka. Security logs track activities on the network which is logical not physical security.128. Which of the following i s NOT a type of door lock? a. Cipher b. Keyed c. Cardkey d. Mantrap Grade1 User Responsesd. Mantrap Feedbacka. A mantrap is a two door system designed to prevent tailgating.129. Which of the following is NOT an example of operating system annealing? a. Disabling unnecessary services b. Removing the NIC c. Protecting management interfaces d. Password protection Grade1 User Responsesb. Removing the NIC Feedbacka.Hardening the system should not reduce its functionality, and removing the NIC would do that.130. Which of the following standards is often referred to as port-based security? a. 802. 1x b. 802. 11 c. 802. 11n d. 802. 1 Grade1 User Responsesa. 802. 1x Feedbacka. 802. 1x enforces perimeter security by keeping the port of the station closed until authentication is complete.131. In which type of monitoring is network traffic analyzed for predetermined attack patterns? a. Signature-based monitoring b. Anomaly-based monitoring c. Behavior-based monitoring d. Reactive-based monitor ing Grade1 User Responsesa. Signature-based monitoringFeedbacka. Network traffic is analyzed for predetermined attack patterns. These attack patterns are known as signatures.132. A(n) __________________ uses baseline reporting and other analyses to discover vulnerabilities and weaknesses in systems. a. NAT b. resort hotel c. SLA d. PSK Grade1 User Responsesb. SPA Feedbacka. The security posture can be defined as the risk level to which a system, or other technology element, is exposed. Security Posture Assessments (SPA) use baseline reporting and other analyses to discover vulnerabilities and weaknesses in systems.133. Which of the following indicate a problem currently occurring? . Trends b. Baselines c. Alarms d. Averts Grade1 User Responsesc. Alarms Feedbacka. Although alerts indicate an issue that MAY need attention, alarms indicate a problem currently occurring.134. Which of the following are detection controls? (Choose all that apply. ) a. IDS b. IPS c. Video cameras d. Securi ty guard Grade2 User Responsesa. IDS,c. Video cameras Feedbacka. Detection controls, such as Intrusion Detection systems and video cameras record only activity they do not prevent it. /b. Detection controls, such as Intrusion Detection systems and video cameras record only activity they do not prevent it.135. Which of the following is designed to prevent tailgating? a. Mantraps b. Security logs c. Video surveillance d. Hardware locks Grade1 User Responsesa. Mantraps Feedbacka. Mantraps use double doors to prevent tailgating.136. Which of the following is a proximity reader? a. a security bill sticker that transmits the location of the holder b. a device that tracks how close an individual is c. a security nib reader that can read the card from a distance d. a card reader that locks the door when the holder is a certain distance from the door Grade1 User Responsesc. security card reader that can read the card from a distance Feedbacka. These cards use radio waves to transmit to the reader.137. By frequently updating systems and by employing other methods such as group policies and baselining, you _____________ the systems. a. brace b. harden c. virtualize d. hardline Grade1 User Responsesb. harden Feedbacka. By frequently updating systems and by employing other methods such as group policies and baselining, you harden the system.138. Installing service packs is a part of the ___________ process. a. baselining b. hardening c. marking . security templating Grade1 User Responsesb. hardening Feedbacka. Hardening the OS is accomplished through the use of service packs, patch management, hotfixes, group policies, security templates, and configuration baselines.139. ______________ can be describe as unauthorized WAPs that inadvertently enable access to secure networks. a. Rogue access points b. Evil twin c. War driver d. Phisher Grade1 User Responsesa. Rogue access points Feedbacka. Rogue access points can be described as unauthorized wireless access points/route rs that enable access to secure networks.They differ from an Evil twin in that an Evil twin is strategically placed for the purpose of accessing the network or performing a high jacking attack, whereas rogue access points generally may be placed by employees for their convenience.140. Which wireless attacks include the introduction of radio interference? a. Rogue Access Point b. Evil twin c. War driver d. Bluesnarfing Grade1 User Responsesb. Evil twin Feedbacka. The evil twin attack includes jamming the network to cause the station to associate with the evil twin AP.141. When executing the Evil twin attack, what value must match on the Evil twin and the legitimate AP? . IP address b. SSID c. MAC address d. Admin password Grade1 User Responsesb. SSID Feedbacka. The Evil twin attack includes jamming the network to cause the stations to associate with the Evil twin AP. The stations will not roam to the Evil twin unless the SSID is the same as the legitimate AP.142. ________________ is when a person attempts to access a wireless network, usually while ride in a vehicle. a. War chalking b. Radiophishing c. War capricious d. Bluesnarfing Grade1 User Responsesc. War driving Feedbacka. War driving is when a person attempts to access a wireless