Accounting
Anthropology
Archaeology
Art History
Banking
Biology & Life Science
Business
Business Communication
Business Development
Business Ethics
Business Law
Chemistry
Communication
Computer Science
Counseling
Criminal Law
Curriculum & Instruction
Design
Earth Science
Economic
Education
Engineering
Finance
History & Theory
Humanities
Human Resource
International Business
Investments & Securities
Journalism
Law
Management
Marketing
Medicine
Medicine & Health Science
Nursing
Philosophy
Physic
Psychology
Real Estate
Science
Social Science
Sociology
Special Education
Speech
Visual Arts
Computer Science
Q:
A(n) ____________________ attack is typically intended to shut down a site or service but does not usually damage information or systems.
Q:
____________________ is a TCP/IP protocol that provides terminal emulation services over a network or the Internet.
Q:
One way to help reduce the _________________________ is to purchase systems that are designed to work together in an environment that enables easier and faster configuration.
Q:
____________________ security policies can often help to override politics that limit good security in an organization.
Q:
In operating systems, the built-in ____________________ account is typically deactivated or has a password.
Q:
A key characteristic of a(n) ____________________ network is the availability of different resources that enable users to fulfill business, research, and educational tasks.
Q:
The ____________________ allows you to set a password that governs access to the hard disk drive.
Q:
The ____________________ communicates with the BIOS, device drivers, and the API to perform operating system functions such as control of memory and storage.
Q:
A(n) ____________________ is ideal for providing security because it takes care of the computer's most basic input/output functions.
Q:
Is a virus hoax a virus?
Q:
Does a locked computer operations room guarantee the protection of a network server?
Q:
Is the cost of deploying security more expensive than the cost of not deploying security?
Q:
Do users need training in the use of security tools to help limit human failure and neglect?
Q:
Will a security policy help to overcome the human factors that diminish security in an organization?
Q:
Should security or system patches be installed immediately upon their release?
Q:
Do all networks have vulnerable points that require security?
Q:
Do the operating system device drivers coordinate operating system functions such as control of memory and storage?
Q:
Is using the monitoring software that comes with an operating system one of the best places to start when determining the performance and use of an operating system or network?
Q:
Is the goal of disaster recovery to enable you to restore systems and data without losing critical information?
Q:
In Linux, account security characteristics are controlled through the _____ file, which is normally available only to the system administrator.a. /etc/shadow b. /bin/shadow c. /etc/hostsd. /etc/passwd
Q:
A _____ is a fundamental component or container that holds information about all network resources that are grouped within it.a. workgroup b. directory service c. domaind. forest
Q:
What application protocol is being used in the figure above?a. TCP b. Telnet c. Pingd. Traceroute
Q:
What is displayed in the figure above?a. Resources in a LAN b. Resources in a WAN c. Resources in a MANd. Resources in an enterprise network
Q:
Which of the following components are found in section "A" in the figure above?a. Word processors d. Disk drivesb. Device drivers e. APIsc. Resource managers
Q:
Callback security is an example of _____ securitya. filtering b. remote access c. objectd. user level
Q:
Which organization was started by Coopers and Lybrand as the European Security Forum?
a. Forum of Incident Response and Security Teams
b. SysAdmin, Audit, Network, Security Institute
c. Information Security Forum
d. National Security Institute
Q:
Which organization offers training in security needs and hosts the Certified Protection Professional certification?
a. Computer Emergency Response Team Coordination Center
b. InfraGard
c. Information Systems Security Association
d. American Society for Industrial Security
Q:
Which of the following is a key element used in a wireless attack?a. Omnidirectional antenna b. Wireless NIC c. Passwordsd. Only a and be. a, b, and c
Q:
What port do Telnet applications use for communication?a. 20 b. 21 c. 23d. 25
Q:
What port does DNS use?a. 21 b. 23 c. 53d. 110
Q:
How many ports are there in UDP and TCP?a. 6,550 b. 63,353 c. 65,535d. 165,550
Q:
What type of port might be used during a port-scanning attack?a. Serial b. Parallel c. UDPd. USB
Q:
Using _____, an attacker can initiate access to a computer or can appear as just another transmission to a computer from a legitimate source that is already connected.a. buffering b. denial of service c. wormsd. spoofing
Q:
Attackers may get through a specific NAT device by using a form of source routing called _____.a. a macro b. spoofing c. loose source record routed. multiplexing
Q:
_____ can translate an IP address from a private network to a different address used on a public network or the Internet.a. Routers b. Proxy servers c. Network address translationd. Packet filters
Q:
In a source routing attack, the attacker modifies the _____ and routing information to make a packet appear to come from a different source, such as one that is already trusted for communications on a network.a. destination address b. source address c. destination headerd. source data
Q:
The traceroute troubleshooting utility can be used by which of the following operating systems?a. UNIX b. Mac OS c. Netwared. Windowse. All of the above
Q:
What type of attack occurs when the computer originating the attack causes several other computers to send attack packets?a. Distributed denial of service b. Dormant denial of service c. Duplicated denial of serviced. Distributed destruction of service
Q:
A _____ attack is used to interfere with normal access to a network host, Web site, or service, by flooding a network with useless information or with frames or packets containing errors that are not identified by a particular network service.a. virus b. buffer c. denial of serviced. port scanning
Q:
What type of attack has occurred when an attacker gains access to a computer through the use of a hidden program?a. Trojan horse b. Buffer c. Wormd. Source routing
Q:
What type of attack has occurred when a logged-on computer is used when that person is not present?a. Spoofingb. Denial of service c. Bufferd. Standalone workstation
Q:
Which of the following is part of the total cost of ownership of a computer network?a. Hardware b. Software c. User support costsd. Maintenancee. All of the above
Q:
Which of the following is a cost of deploying security within an organization?a. Testing security systems b. Training users c. Training consultantsd. Both a and be. Both a and c
Q:
At a minimum, how many groups does training involve within an organization?a. 1 b. 2 c. 3d. 4
Q:
Which of the following is a reason for the failure to fully use the security features of an operating system or network?
a. Lack of time
b. Inadequate training or knowledge of the features
c. A history of doing things only in a specific way
d. All of the above
Q:
_____ consists of a chain of activities that is necessary to complete a task, such as filling out and transmitting forms, entering data, updating databases, and creating new files.a. Ensuring privacy b. Workflow c. Protecting informationd. Compensating for human error
Q:
Which of the following information about us should be kept private?a. Family information b. Employment information c. Student informationd. Both a and be. a, b, and c
Q:
Statistics from the CSI suggest that the number of people working as computer security professionals has been increasing by _____ percent a year since 1998.a. 30 b. 50 c. 75d. 100
Q:
One WAN is composed of two or more LANs or MANs that are connected across a distance of more than approximately _____ miles.a. 10 b. 30 c. 50d. 100
Q:
Most of the first computer networks transmitted data over _____.a. telephone lines b. fiber optics c. copper wiresd. frame relay
Q:
The _____ translates information from the kernel and device drivers so the application can use it.a. RPC b. API c. BIOSd. resource manager
Q:
Operating system and network security is the ability to do which of the following reliably to information?a. Store b. Modifyc. Protectd. Grant access toe. All of the above
Q:
According to a recent survey performed by the CSI, what percentage of computer security professionals have reported security breaches in their systems?a. 50 b. 65 c. 80d. 90
Q:
A _____ is software or hardware placed between two or more networks that selectively allows or denies access.a. gateway b. filter c. firewalld. DMZ
Q:
Employing disaster recovery is vital when a hard disk is damaged or crashes and must be replaced. _________________________
Q:
Directories or folders and network printers are two important examples of resources that can be shared. _________________________
Q:
Remote access security involves requiring a user account and password to access a particular operating system or to be validated to access a network through a directory service. _________________________
Q:
Hardeninginvolves taking specific actions to block or prevent attacks by means of operating system and network security methods. _________________________
Q:
Attacks on wireless networks are sometimes called auto-jacks, because the attacker may drive around an area in a car, using a portable computer to attempt to pick up a wireless signal. _________________________
Q:
A(n) socket is like a virtual circuit between two services or processes communicating between two different computers or network devices. _________________________
Q:
Using spoofing, an attacker can initiate access to a computer or can appear as just another transmission to a computer from a legitimate source that is already connected. _________________________
Q:
In LinkState routing, the sender of a packet specifies the precise path that the packet will take to reach its destination. _________________________
Q:
Ping is a utility that network users and administrators frequently use to test a network connection. _________________________
Q:
Many systems use datasets to store data until it is ready to be used. _________________________
Q:
WEP is a wireless communications authentication method.
Q:
In order to successfully use logon security, users must be taught to keep their passwords confidential and to choose passwords that are difficult to guess.
Q:
Strobe and Nmap are two popular port-scanning programs that are used to find open ports on a remote system.
Q:
Source routing attacks are used to interfere with normal access to a network host, Web site, or service by flooding a network with useless information.
Q:
The Trojan horse program Trojan.Idly is designed to give the attacker command line access to the remote operating system.
Q:
NDS is a directory service used by Windows 2003 Server to provide a central listing of resources.
Q:
When new operating system software is purchased, it should be tested rigorously for security and reliability.
Q:
A MAN typically goes up to a distance of about 50 miles.
Q:
The API is software that resides between the application software and the operating system kernel.
Q:
In the world of computers and networks, the operating system provides both the lock and the key to information.
Q:
Match the following acronyms to the appropriate definition.a. CSLIP f. PAPb. CMS g. PPTPc. HTTPS h. SSLd. IAS i. SMBe. MIME j. TAPI1/ Used to establish and maintain security for RAS, Internet, and VPN access2/ An interface for communications line devices3/ Used by S-HTTP for encapsulating information in an encrypted format4/ Used by Windows-based systems to enable sharing files and printers5/ A nonencrypted plaintext password authentication protocol6/ Uses RSA encryption along with digital certificates7/ Compresses header information in each packet sent across a remote link8/ A protocol used with SMTP9/ Enables connectivity to a network through the Internet, intranets, and VPNs10/ Uses Secure Sockets Layer to implement security
Q:
Match the following terms to the appropriate definition.a. 802.1i f. ESS topologyb. 802.1x g. IAPPc. ARQ h. SSIDd. Cell i. TDDe. DSSS j. WEP1/ A port-based form of authentication2/ Uses the same encryption key at both stations that are communicating3/ Uses access points to provide a larger service area than an IBSS topology4/ A communications method used by Bluetooth5/ 802.11b technique that spreads data across any of up to 14 channels6/ Used to define a logical network for member devices7/ An 802.11 error-handling technique8/ A roaming protocol for wireless networks9/ Implements the TKIP10/ The broadcast area around an access point
Q:
Match the following terms to the appropriate definition.a. Border gateway f. IPXb. Circuit-level gateway g. NetBEUIc. CRC h. RIPd. DMZ i. TCPe. ICMP j. UDP1/ Provides for reliable end-to-end delivery of data by controlling data flow2/ A portion of a network that exists between two or more networks that have different security measures in place3/ Used to communicate the entire contents of routing tables to other routers4/ A calculated value used to determine if a transmission error has occurred5/ A protocol that incorporates NetBIOS for communications across a network6/ Creates a secure virtual circuit through an internal network to a client computer on an external network7/ Developed by Novell for use with its NetWare server operating system8/ Configured to control the traffic that is permitted across a border9/ Provides for low-overhead connectionless communications10/ Used for building tables of information about the computers on a network
Q:
Match the following terms to the appropriate definitions.a. ACL f. NFSb. DACL g. NDPSc. Local group h. RPCd. Global group i. SACLe. Map j. Universal group1/ Determines events associated with an object to be audited for user activity2/ A list of users or groups that are allowed or denied permissions to an object3/ Enable printers to attach to the network as agents4/ Typically contains user accounts from its home domain5/ Provides access to resources in any domain within a Windows AD forest6/ Attaching to a shared resource, and using it as though it were a local resource7/ Enables one computer to use services and software on another computer8/ Used to manage resources on a workstation9/ Used by a Linux computer to mount a partition on another Linux computer10/ A list of all security properties that have been set up for a particular object
Q:
Match the following terms to the appropriate definitions.a. AES f. NTLMb. CFS g. PAMc. EFS h. PPPd. EAP i. PPTPe. MPPE j. SSH1/ A multipurpose authentication method2/ A module that can be installed in Linux without rewriting existing system code3/ Adopted by the U.S. government to replace DES and 3DES4/ Communications protocol that supports TCP/IP, NetBEUI, and IPX/SPX5/ Used by Microsoft for remote communications over PPP or PPTP6/ Communications protocol that enables Internet connections to VPNs7/ Enables Linux and UNIX disk file systems and NFS files to be encrypted8/ Authentication developed for UNIX/Linux to provide authentication security9/ Logon authentication compatible with all Windows operating systems10/ Enables a user to encrypt the contents of a folder or a file
Q:
Match the following terms to the appropriate definitions.a. ASR Set f. digital signatureb. back door g. driver signingc. boot disk h. ERDd. boot sector i. MBRe. cookie j. spyware1/ A removable disk used to boot an operating system2/ The process of placing a digital signature in a device driver3/ A code that is placed in a file to verify its authenticity4/ A set of instructions used to find and load the operating system5/ A secret avenue into an operating system that bypasses normal security6/ In Windows 2000, a disk that contains repair and backup information7/ Information that a Web server stores on a client computer8/ Captures information about cookies sent between a Web server and a client9/ Backup media needed to start a failed Windows XP Pro system10/ The beginning of a disk where code to start up the operating system is stored