Q&A Hero

Computer Science

Q: Which variation on phishing modifies the user's host file to redirect traffic?a. spear phishing c. DNS phishingb. pharming d. hijacking
Q: Which of the following is NOT a step you should take to prevent attackers from exploiting SQL security holes?a. limit table access c. use standard naming conventionsb. use stored procedures d. place the database server in a DMZ
Q: What type of attack displays false information masquerading as legitimate data?a. Java applet c. buffer overflowb. phishing d. SQL injection
Q: What type of attack involves plaintext scripting that affects databases?a. phishing c. Java appletb. ActiveX control d. SQL injection
Q: What type of attack exploits a lack of bounds checking on the size of data stored in an array?a. buffer overflow c. phishingb. SQL injection d. ActiveX control
Q: What makes IP spoofing possible for computers on the Internet?a. network address translation c. the 32-bit address spaceb. the lack of authentication d. the DNS hierarchy
Q: What feature of the 13 DNS root servers enables any group of servers to act as a root server?a. multicast addressing c. anycast addressingb. broadcast addressing d. unicast addressing
Q: Which of the following is a highly secure public facility in which backbones have interconnected data lines and routers that exchange routing and traffic data?a. ISP c. NAPb. POP d. NSF
Q: Which of the following is true about the Internet?a. it is the same as the World Wide Web b. it was established in the mid-1960s c. it was developed by a network of banks and businessesd. it was originally built on an extended star topology
Q: Windows Basic Authentication requires that users enter a username and password and the password is transmitted using a hashing algorithm.
Q: The objective of a phishing attack is to entice e-mail recipients to click a bogus link where personal information can be stolen.
Q: SQL injection attacks are isolated to custom applications, so administrators can prevent them.
Q: Computers on the Internet are identified primarily by their IP address.
Q: The term Internet and World Wide Web are different terms that mean the same thing.
Q: What is an advantage of Kerberos authentication with respect to password security? Explain.
Q: How is authentication implemented in a VPN?
Q: What is AES and why is AES a better encryption method to use compared to DES?
Q: What four events occur when one IPsec-compliant computer connects to another?
Q: List two reasons IPsec has become the standard set of protocols for VPN security.
Q: Briefly describe the L2TP protocol.
Q: List two advantages and two disadvantages of VPNs.
Q: List four standard VPN protocols.
Q: Define virtual private network.
Q: a. AH f. ISAKMPb. ESP g. Kerberosc. GRE h. KDCd. IKE i. SSLe. IPsec j. TGT1/ an IPsec-related protocol that enables two computers to agree on security settings and establish a Security Association so that they can use Internet Key Exchange2/ an IPsec protocol that provides authentication of TCP/IP packets to ensure data integrity3/ a form of key exchange used to encrypt and decrypt data as it passes through a VPN tunnel4/ a digital token sent from the Authentication Server to the client5/ an IETF standard for secure authentication of requests for resource access6/ an IPsec protocol that encrypts the header and data components of TCP/IP packets7/ a protocol developed by Netscape Communications Corporation as a way of enabling Web servers and browsers to exchange encrypted information8/ a set of standard procedures that the IETF developed for enabling secure communication on the Internet9/ Kerberos component that holds secret keys for users, applications, services, or resources10/ a nonproprietary tunneling protocol that can encapsulate a variety of Network layer protocols
Q: TLS splits the input data in half and recombines it using a(n) ___________ function.
Q: While the AH ensures data integrity, confidentiality of data is provided by the __________ component of IPsec.
Q: The Internet Key ______________ protocol enables computers to make an SA.
Q: _________________ based VPNs are appropriate when the endpoints are controlled by different organizations and network administrators.
Q: Network gateways are ____________ of the VPN connection.
Q: What was created to address the problem of remote clients not meeting an organization's VPN security standards?a. split tunneling c. IPsec filtersb. VPN quarantine d. GRE isolation
Q: Which of the following is a disadvantage of putting the VPN on a firewall?a. centralized control of network access security b. more configuration mistakes c. VPN and firewall use the same configuration toolsd. Internet and VPN traffic compete for resources
Q: Which VPN topology is also known as a hub-and-spoke configuration?a. bus c. starb. partial mesh d. full mesh
Q: Which of the following is an improvement of TLS over SSL?a. requires less processing power b. uses a single hashing algorithm for all the data c. uses only asymmetric encryptiond. adds a hashed message authentication code
Q: Which of the following is true about SSL?a. it uses shared-key encryption only b. it uses sockets to communicate between client and server c. it operates at the Data Link layerd. it uses IPsec to provide authentication
Q: What are the two modes in which IPsec can be configured to run?a. transit and gateway c. header and payloadb. client and server d. tunnel and transport
Q: Which IPsec component authenticates TCP/IP packets to ensure data integrity?a. AH c. IKEb. ESP d. ISAKMP
Q: Which IPsec component is software that handles the tasks of encrypting, authenticating,decrypting, and checking packets?a. ISAKMP c. IPsec driverb. IKE d. Oakley protocol
Q: Which of the following is defined as a relationship between two or more entities that describes how they will use the security services to communicate?a. pairing c. internet key exchangeb. security association d. tunnel
Q: Which VPN protocol works at Layer 3 and can encrypt the entire TCP/IP packet?a. PPTP c. IPsecb. L2TP d. SSL
Q: Which VPN protocol uses UDP port 1701 and does not provide confidentiality and authentication?a. IPsec c. PPTPb. L2TP d. SSL
Q: Which VPN protocol is a poor choice for high-performance networks with many hosts due to vulnerabilities in MS-CHAP?a. SSL c. IPsecb. L2TP d. PPTP
Q: Which VPN protocol leverages Web-based applications?a. PPTP c. SSLb. L2TP d. IPsec
Q: Which activity performed by VPNs encloses a packet within another packet?a. address translation c. authenticationb. encryption d. encapsulation
Q: Which of the following is true about using VPNs?a. more expensive than leased lines b. can use an existing broadband connection c. usually higher performance than leased linesd. not dependent on an ISP
Q: Which of the following is NOT a factor a secure VPN design should address?a. encryption c. nonrepudiationb. authentication d. performance
Q: Which of the following is true about software VPNs?a. more cost-effective than hardware VPNs b. best when all router and firewall hardware is the same c. usually less flexible than hardware VPNsd. configuration is easy since there is no OS to rely upon
Q: Which of the following is NOT true about a hardware VPN?a. should be the first choice for fast-growing networks b. can handle more traffic than software VPNs c. have more security vulnerabilities than software VPNsd. create a gateway-to-gateway VPN
Q: Which of the following is a type of VPN connection?a. site-to-server c. server-to-clientb. client-to-site d. remote gateway
Q: Which of the following is NOT an essential element of a VPN?a. VPN server c. VPN clientb. tunnel d. authentication server
Q: If you use Windows RRAS for your VPN, you will need a third-party RADIUS server if you want to use RADIUS for authentication.
Q: IPsec has become the standard set of protocols for VPN security.
Q: Standards and protocols used in VPNs are in their infancy and seldom used.
Q: Hardware VPNs create a gateway-to-gateway VPN.
Q: Another name for a VPN connection is tunnel.
Q: What is a honeypot and how is one used to help protect the network?
Q: What are the 8 general steps for creating a bastion host?
Q: What is a bastion host and how is one typically configured?
Q: What are the primary and secondary goals of modern proxy servers?
Q: What is a reverse firewall and why would you use one?
Q: How can using two firewalls help in protecting your network?
Q: How does a server farm and load-balancing software figure into the multiple DMZ/firewall configuration?
Q: How does a screened host setup differ from a dual-homed host configuration? Why might you choose this configuration?
Q: Describe the setup in which a dual-homed host is used. What are the limitations of this configuration?
Q: a. dual-homed host f. reverse firewallb. load-balancing software g. screened hostc. many-to-one NAT h. screening routerd. one-to-one NAT i. server farme. proxy server j. three-pronged firewall1/ a process that uses the source and destination TCP and UDP port addresses to map traffic between internal and external hosts2/ a device that filters outgoing connections3/ a group of servers connected in a subnet that work together to receive requests4/ the process of mapping one internal IP address to one external IP address5/ a firewall with separate interfaces connected to an untrusted network, a semitrusted network, and a trusted network6/ a computer configured with more than one network interface7/ a host in which one interface is connected to an internal network and the other interface is connected to a router to an untrusted network8/ software that forwards packets to and from the network being protected andcaches Web pages to speed up network performance9/ software that prioritizes and schedules requests and then distributes them to servers in a server cluster based on each server's current load and processing power10/ a router placed between an untrusted network and an internal network
Q: You can ______________ a bastion host by removing unnecessary accounts and services.
Q: A primary goal of proxy servers is to provide security at the _______________ layer.
Q: A DMZ is a subnet of _____________ accessible servers placed outside the internal network.
Q: In a screened ____________ setup, a router is added between the host and the Internet to carry out IP packet filtering.
Q: A _______________ router determines whether to allow or deny packets based on their source and destination IP addresses.
Q: Which type of translation should you use if you need 50 computers in the corporate network to be able to access the Internet using a single public IP address?a. one-to-one NAT c. one-to-many NATb. port address translation d. DMZ proxy translation
Q: Which type of NAT is typically used on devices in the DMZ?a. one-to-one NAT c. one-to-many NATb. port address translation d. many-to-one NAT
Q: Which of the following is true about private IP addresses?a. they are assigned by the IANA c. they are targeted by attackersb. they are not routable on the Internet d. NAT was designed to conserve them
Q: Why is a bastion host the system most likely to be attacked?a. it has weak security c. it is available to external usersb. it contains company documents d. it contains the default administrator account
Q: What is the term used for a computer placed on the network perimeter that is meant to attract attackers?a. bastion host c. proxy decoyb. honeypot d. virtual server
Q: What is a step you can take to harden a bastion host?a. enable additional services to serve as honeypots b. open several ports to confuse attackers c. configure several extra accounts with complex passwordsd. remove unnecessary services
Q: What is a critical step you should take on the OS you choose for a bastion host?a. ensure all security patches are installed b. make sure it is the latest OS version c. choose an obscure OS with which attackers are unfamiliard. customize the OS for bastion operation
Q: Which of the following best describes a bastion host?a. a host with two or more network interfaces b. a computer on the perimeter network that is highly protected c. a computer running a standard OS that also has proxy software installedd. a computer running only embedded firmware
Q: Which of the following is a disadvantage of using a proxy server?a. shields internal host IP addresses c. may require client configurationb. slows Web page access d. can"t filter based on packet content
Q: Which network device works at the Application layer by reconstructing packets and forwarding them to Web servers?a. Layer 7 switch c. proxy serverb. translating gateway d. ICMP redirector
Q: Which type of security device can speed up Web page retrieval and shield hosts on the internal network?a. caching firewall c. caching-only DNS serverb. proxy server d. DMZ intermediary
1 2 3 99

Subjects

Accounting Anthropology Archaeology Art History Banking Biology & Life Science Business Business Communication Business Development Business Ethics Business Law Chemistry Communication Computer Science Counseling Criminal Law Curriculum & Instruction Design Earth Science Economic Education Engineering Finance History & Theory Humanities Human Resource International Business Investments & Securities Journalism Law Management Marketing Medicine Medicine & Health Science Nursing Philosophy Physic Psychology Real Estate Science Social Science Sociology Special Education Speech Visual Arts