Q&A Hero

Computer Science

Q: Which of the following is a security-related reason for monitoring and evaluating network traffic?a. to determine if your IDPS signatures are working well b. to create substantial data to analyze c. to optimize your router and switch protocolsd. to see how many files employees download form the Internet
Q: Which of the following is a benefit of using centralized data collection to manage sensor data?a. less network traffic c. data stays on the local networkb. less administrative time d. must use a VPN to transport data
Q: Which of the following is NOT a type of event that you would normally monitor?a. user account creation c. antivirus scanningb. e-mail attachment handling d. access to shared folders
Q: Which of the following is NOT typically an aspect of a security event management program?a. monitoring events c. managing data from sensorsb. managing IDPS firmware d. managing change
Q: Since system intrusions take place over a very short period of time, there is no need to maintain IDPS log data for more than a few hours.
Q: An IDPS must have enough memory to maintain connection state information.
Q: Nonrepudiation is the use of encryption methods to ensure the confidentiality of data.
Q: An operational audit looks for accounts that have weak or blank passwords.
Q: Security auditing is the process of documenting countermeasures put in place due to attacks on the network.
Q: Change management should be used before making changes to firewall or IDPS rules that affect users.
Q: Most IDPSs use random ports to transfer security data, thereby making it difficult for attackers to exploit.
Q: In centralized data collection, data from sensors go to security managers at each corporate office.
Q: One of the events you should continually monitor is logins.
Q: Network protection is something you should implement initially and then only make changes if there is a serious security breach.
Q: Which best defines residual risk?a. risk that occurs as a result of new vulnerabilities b. the amount of risk remaining after countermeasures are implemented c. a vulnerability for which the risk has been reduced to zerod. the cost of implementing solutions to an assessed risk
Q: Which of the following would be considered a vulnerability?a. installation of a firewall c. Internet-connected computerb. antivirus software d. spyware
Q: Which of the following is NOT among the six factors needed to create a risk analysis?a. threats c. personnel profilesb. consequences d. probabilities
Q: What is considered the first step in formulating a security policy?a. risk analysis c. risk reductionb. elimination of threats d. system monitoring
Q: Which of the following is considered an asset?a. hacker c. disgruntled employeeb. unpatched Web server d. intellectual property
Q: Which of the following is NOT a phase in the system development life cycle?a. needs assessment c. system implementationb. security audit d. performance monitoring
Q: An extranet is a backup network that you can use if the main network fails.
Q: The people that manage security for the organization should not be same people that conduct risk analysis.
Q: The first step in SNA is the survivability analysis.
Q: The first phase of the system development life cycle is needs assessment.
Q: Once written, a security policy should not be altered so that you can maintain consistency.
Q: What are the three levels of escalation of threat or security incidents? Describe them.
Q: What is a server security policy? List at least three areas the policy should address.
Q: Describe a remote access and wireless connection policy and the use of role-based authentication. Include two-factor authentication in your discussion.
Q: What points should a third-party access policy include? List at least three.
Q: What is the purpose of a privileged access policy?
Q: What should you do if a security policy violation involves a criminal offense? Include the Fourth Amendment in your discussion.
Q: What are three questions you should ask in deciding how your organization should perform risk analysis?
Q: What are three areas in which the use of encryption should be considered to maintain confidentiality?
Q: What are the four steps of Threat and Risk Assessment?
Q: a. extranet f. search warrantb. network assets g. subpoenac. privileged access policy h. tunneling protocolsd. risk management i. two-factor authenticatione. role-based authentication j. vulnerabilities1/ a process of analyzing the threats an organization faces2/ a legal document that requires a person to appear in court, provide testimony,or cooperate with law enforcement3/ situations or conditions that increase threats, which in turn increase risk4/ a method of authentication that grants users limited system access based on their assigned role in the company5/ authentication that requires more than one form of verification for a user to be granted access6/ routers, cables, bastion hosts, servers, and firewall components that enable employees to communicate with one another7/ a legal document issued by a court that allows authorities to search a particular place for specific evidence8/ a private network that a company sets up as an extension of its corporate intranet9/ network protocols that encapsulate (wrap) one protocol or session inside another10/ a document that details additional access options and responsibilities of users with privileged access to resources
Q: The portion of a security policy that describes who responds when there has been a security breach is called the ______________ response section.
Q: VPNs create a _____________ to transport information through public communications media.
Q: Search warrants and subpoenas were developed in response to the _____________ Amendment which protects U.S. residents against illegal search and seizure.
Q: ________________ clauses exist in acceptable use policies so that companies can discipline employees whose computer activities interfere with productivity.
Q: By providing _________________ through backup systems, you ensure information remains accessible if primary systems go offline.
Q: SNA starts with the assumption that a system or network will be ________________.
Q: ____________________ risk is the amount of risk left over after countermeasures are implemented.
Q: Your exposure to risk increases if your organization has one or more factors that increase _____________ probabilities.
Q: The process called _____________ analysis determines the threats an organization faces.
Q: The __________________ phase of the system development life cycle can lead you to the needs assessment phase where the cycle begins again.
Q: The process of reviewing records of network computer activity is called which of the following?a. monitoring c. auditingb. archiving d. recording
Q: Which of the following best describes ROI?a. the chance that a threat will result in lost money b. how long before an investment will pay for itself c. the cost of mitigating a threatd. the benefits of setting security priorities
Q: Which of the following requires you to assist police by appearing in court or producing evidence?a. subpoena c. the 4th amendmentb. search warrant d. de facto agent
Q: Which of the following defines how employees should use the organization's computing resources?a. Network and Internet Policy c. Computing and Resource Policyb. Email and Spam Policy d. Acceptable Use Policy
Q: Which of the following shows how devices are connected and includes an IP allocation register?a. hardware inventory c. asset tableb. topology map d. security policy
Q: Which of the following best describes a Monte Carlo simulation?a. a technique for simulating an attack on a system b. a formula that estimates the cost of countermeasures c. a procedural system that simulates a catastrophed. an analytical method that simulates a real-life system for risk analysis
Q: Which of the following is NOT a step in threat and risk assessment?a. Asset definition c. Resolutionb. Recommendation d. Threat assessment
Q: Which is best defined as the ability of a system to continue operations despite a failure?a. fault tolerance c. reliability auditb. survivability analysis d. adaptation and evolution
Q: Which of the following is a network's ability to detect attacks when they occur and to evaluate the extent of damage and compromise?a. resistance c. recognitionb. recovery d. reliability
Q: How can you harden a DNS server using the split DNS architecture?
Q: What are the four guidelines for employees to follow to prevent phishing attacks?
Q: What are the characteristics of a corporate phishing e-mail? List three of them.
Q: List three of the steps you should take to close potential holes against SQL injection attacks.
Q: What is a buffer overflow attack?
Q: What routing protocol is usually used on the Internet? Why is the information used by the protocol vulnerable to compromise?
Q: What is the DNS hierarchical system? Include a discussion of root servers in your answer.
Q: What is the Internet backbone? Describe how routers work with the Internet backbone.
Q: What is the origin and structure of the Internet? Include some of the services it provides and the protocols they use.
Q: a. anycast addressing f. security-aware resolverb. DNSSEC g. spear phishingc. network access points h. slit DNS architectured. pharming i. split brain DNS architecturee. POP ISPs j. zone transfer1/ a variation of phishing that intercepts traffic to a legitimate Web site andredirects it to a phony replica site2/ a network architecture that divides DNS services between two servers3/ a network addressing scheme that allows DNS services to be decentralized among a group of servers, regardless of their location4/ a computing system that is compliant with DNSSEC and that attempts to resolve a fully qualified domain name to an IP address5/ a protocol designed to improve DNS security by using cryptography to ensure DNS integrity and authentication6/ the communication of a zone file from the primary DNS server to secondaryDNS servers for updating7/ ISP facilities that provide connectivity to the Internet for business, education, and home users8/ a network architecture that uses a single DNS domain with a DNS server on the organization's DMZ for Internet services and a DNS server on the internal network for service to internal hosts9/ a variation of phishing directed at specific users instead of using spam e-mail.10/ highly secure public facilities where commercial Internet backbones and ISPs exchange routing and traffic data
Q: The _______________ Web Server is the most widely used Web server application.
Q: The goal of _____________ is to provide authentication of DNS data and ensure integrity of DNS data.
Q: A _______________ applet is a small program sometimes used as embedded code in Web pages.
Q: A critical buffer component is the function _________ and buffer overflows are usually aimed at this component.
Q: ____________ are networks of zombie computers that magnify the scope and intensity of an attack.
Q: DNS _____________ poisoning steers unsuspecting victims to a server of the attacker's choice instead of the intended Web site.
Q: The lack of authentication for computers on the Internet make IP _____________ possible, which is a change in the IP addresses in the headers of malicious packets.
Q: _______________________ is a name-resolution service that translates domain names to IP addresses.
Q: ___________ direct network traffic to its destination on the Internet using tables and protocols.
Q: The Internet tier system starts with a backbone network connected via _____________________ to regional Internet service providers.
Q: Which of the following is NOT a recommended security setting for Apache Web servers?a. harden the underlying OS c. use the default standard Web page error messagesb. create Web groups d. disable HTTP traces
Q: Which aspect of hardening a Windows Web server allows you to restrict access to the web server based on IP address?a. authentication c. access controlb. NTFS permissions d. data confidentiality
Q: Which of the following is a top-level digital certificate in the PKI chain?a. security-aware resolver c. DNSSEC resolverb. trust anchor d. RRSIG record
Q: What type of DNS configuration prevents internal zone information from being stored on an Internet-accessible server?a. read-only zone c. caching DNS zoneb. anti-phishing DNS d. split-DNS architecture
Q: What is a zone transfer?a. the movement of e-mail from one domain to another b. updating a secondary DNS server c. backing up an SQL data filed. copying host file data to another system
Q: What type of DNS server is authoritative for a specific domain?a. primary c. read-onlyb. secondary d. initial
1 2 3 99

Subjects

Accounting Anthropology Archaeology Art History Banking Biology & Life Science Business Business Communication Business Development Business Ethics Business Law Chemistry Communication Computer Science Counseling Criminal Law Curriculum & Instruction Design Earth Science Economic Education Engineering Finance History & Theory Humanities Human Resource International Business Investments & Securities Journalism Law Management Marketing Medicine Medicine & Health Science Nursing Philosophy Physic Psychology Real Estate Science Social Science Sociology Special Education Speech Visual Arts