Q&A Hero

Media Study

Q: You can quickly assess the general security posture of your Windows Vista PC by using the status check in the Windows Security Center.
Q: A company should decide upon a single security baseline for use with its client PCs.
Q: A shoulder surfing attack will not be successful unless the attacker can read the entire password.
Q: Rainbow tables contain lists of pre-computed password hashes that are indexed to expedite the password cracking process.
Q: There is a legitimate reason for systems administrators to crack user passwords.
Q: The password SeAtTle can be broken by a dictionary attack.
Q: ________ is a password-cracking method wherein the attacker tries all possible passwords, starting with single-character passwords. A) A dictionary attack B) A hybrid dictionary attack C) A combinatorial attack D) Brute-force guessing
Q: ________ is a password-cracking method wherein the attacker compares passwords to lists of common words. A) A dictionary attack B) A hybrid dictionary attack C) A combinatorial attack D) Brute-force guessing
Q: Password hashes are created when a password is passed from a user to a hashing function.
Q: Stealing the password file from a computer is safer than attempting to log in remotely.
Q: A DoS attack that uses TCP flags is called a ________ attack. A) half-open B) half-close C) Both A and B D) Neither A nor B
Q: Companies can nearly always stop DoS attacks without assistance from ISPs and other upstream agencies.
Q: Half-open TCP SYN attacks can be stopped by many border firewalls.
Q: Why is creating firewall policies desirable compared to just creating a list of ACL rules? A) Policies are more specific. B) Policies are easier to understand. C) Both A and B D) Neither A nor B
Q: What type of host may be placed in the DMZ? A) Public webservers B) Eternal DNS servers C) Both A and B D) Neither A nor B
Q: The ________ is a subnet that contains all of the servers and application proxy firewalls that must be accessible to the outside world. A) Internet subnet B) server subnet C) external subnet D) None of the above
Q: A router that connects to three subnets is called a ________ router. A) border B) internal C) application proxy D) None of the above
Q: It is easier to create appropriate ACL rules for server host firewalls than for border firewalls.
Q: ________ firewalls may be able to stop attacks by employees within the firm against internal site resources. A) Internal B) External C) UTM D) Border
Q: Zero-day attacks might be stopped by ________ detection. A) signature B) anomaly C) Both A and B D) Neither A nor B
Q: A ________ attack is an attack that is made before attack signatures for the threat are defined. A) zero-day B) vulnerability based C) stealth D) anomaly based
Q: ________ detection looks at traffic patterns for deviations from set norms. A) Signature B) Anomaly C) Both A and B D) Neither A nor B
Q: ________ detection looks for specific patterns in the network traffic to identify a threat. A) Signature B) Anomaly C) Both A and B D) Neither A nor B
Q: Firms can address the increasing ability of attackers to bypass the border firewalls by ________. A) hardening hosts B) having multiple border firewalls C) Both A and B D) Neither A nor B
Q: It is getting easier for attackers to bypass the border firewall.
Q: Reading firewall logs requires limited time in firewall administration.
Q: The basic strategy of log file reading is to determine what traffic is usual.
Q: Creating ACLs is the most time-consuming part of firewall management.
Q: The most time-consuming part of firewall management is ________. A) creating ACLs B) creating policies C) reading firewall logs D) None of the above
Q: Most firewall database policies include less than 5 rules.
Q: In a firewall policy database, the source field and destination field are fairly explanatory.
Q: The firewall should go through vulnerability testing after each change.
Q: Firewall policies should govern ________. A) configuration B) testing C) Both A and B D) Neither A nor B
Q: Centralized firewall management systems automatically create ACLs from policies.
Q: Firewall appliances need little or no hardening before they are installed.
Q: What time of filtering do UTM firewalls provide? A) IDS Service B) Antivirus filtering C) Both A and B D) Neither A nor B
Q: After an antivirus server performs filtering, it may ________. A) drop the object B) send the object to the firewall to pass to the destination C) pass the object to the destination directly D) All of the above
Q: Antivirus servers can only find viruses, not other types of malware.
Q: Antivirus servers can look for ________. A) viruses B) worms C) Trojan horses D) All of the above
Q: Which IPS response to an attack can do the most damage? A) Dropping packets B) Limiting suspicious traffic to a certain percentage of the total bandwidth C) Both A and B do equal amounts of damage D) Neither A nor B
Q: Which IPS response to an attack is the most effective in stopping attacks? A) Dropping packets B) Limiting suspicious traffic to a certain percentage of the total bandwidth C) Both A and B are equally effective D) Neither A nor B
Q: If an IPS identifies an attack, it can ________. A) drop the attack packet(s) B) limit suspicious traffic to a certain percentage of the total bandwidth C) Both A and B D) Neither A nor B
Q: ________ do not drop packets. A) IDSs B) IPSs C) Firewalls D) All of the above drop packets.
Q: ________ drop packets. A) IDSs B) IPSs C) Both A and B D) Neither A nor B
Q: IDSs need to filter individual packets rather than packet streams.
Q: Firewalls do not stop provable attack packets
Q: What type of filtering do IDSs do? A) Packet stream analysis B) SPI filtering C) Both A and B D) Neither A nor B
Q: What type of filtering do IDSs do? A) Deep packet inspection B) SPI filtering C) Both A and B D) Neither A nor B
Q: Bandwidth limitation for certain types of traffic is less risky than dropping packets.
Q: IDSs drop packets that are merely suspicious.
Q: IDSs tend to issue many false negatives.
Q: ________ drop packets. A) Firewalls B) IDSs C) Both A and B D) Neither A nor B
Q: Stateful packet inspection firewalls use relay operation with two connections per client/server pair.
Q: Automatic protections for application proxy firewalls include ________. A) protocol fidelity B) header destruction C) Both A and B D) Neither A nor B
Q: Stateful packet inspection firewalls ________. A) always do application content filtering B) have the slow speed of relay operation C) Both A and B D) Neither A nor B
Q: Application proxy firewalls can always examine application layer content.
Q: Today, application proxy firewalls are commonly used ________. A) to protect internal clients from malicious external servers B) as main border firewalls C) Both A and B D) Neither A nor B
Q: Nearly all applications can be proxied effectively.
Q: If you will proxy 8 different applications, you will need ________ proxy programs. A) 2 B) 4 C) 6 D) 8
Q: If you will proxy four different applications, how many proxy programs will you need? A) 1 B) 2 C) 4 D) 8
Q: An application proxy firewall needs have multiple proxy programs if it is to filter multiple application protocols.
Q: ________ firewalls always examine application messages in depth. A) Static packet filtering B) SPI C) Application proxy D) All of the above
Q: The NAT firewall places only the internal socket in the translation table.
Q: There is(are) ________ NAT traversal method(s). A) 1 B) 2 C) 7 D) several
Q: NAT is able to stop ________. A) scanning probes B) sniffers from learning anything about the internal IP address of internal hosts C) Both A and B D) Neither A nor B
Q: Nearly all main border walls today use ________ filtering. A) unified threat management B) stateful packet inspection C) static packet inspection D) All of the above
Q: The combination of high safety and low cost makes SPI firewalls extremely popular.
Q: Main border firewalls rarely use stateful packet inspection.
Q: Attacks other than application level attacks usually fail to get through SPI firewalls.
Q: Stateful packet inspection firewalls are ________. A) expensive B) fairly safe in practice C) Both A and B D) Neither A nor B
Q: In ingress and egress filtering, an SPI firewall always considers its ACL rules when a new packet arrives that does not attempt to open a connection.
Q: In ingress and egress filtering, an SPI firewall always considers its ACL rules when a new packet arrives that attempts to open a connection.
Q: The last egress ACL rule in a border firewall is DENY ALL.
Q: It is better to have an ACL that permits access to a single internal webserver than one that allows access to all internal webservers.
Q: Both TCP and UDP can be used by an application .
Q: A ________ port number designates a specific application running on a server. A) well-known B) ephemeral C) Both A and B D) Neither A nor B
Q: Ingress ACL rules typically permit a specific type of internally originated connection to outside resources.
Q: Ingress ACL rules typically permit a specific type of externally originated connection to network resources.
Q: Which of the following is one of the two simple DEFAULT SPI firewall rules for packets that attempt to open connections? A) Permit all attempts to open a connection from an internal host to an external host B) Permit all attempts from external hosts to open a connection with an internal host C) Both A and B D) Neither A nor B
Q: SPI firewalls can handle both ICMP and UDP.
1 2 3 27

Subjects

Accounting Anthropology Archaeology Art History Banking Biology & Life Science Business Business Communication Business Development Business Ethics Business Law Chemistry Communication Computer Science Counseling Criminal Law Curriculum & Instruction Design Earth Science Economic Education Engineering Finance History & Theory Humanities Human Resource International Business Investments & Securities Journalism Law Management Marketing Medicine Medicine & Health Science Nursing Philosophy Physic Psychology Real Estate Science Social Science Sociology Special Education Speech Visual Arts