Q&A Hero

Networking

Q: Which of the following is NOT a step in threat and risk assessment?a. Asset definition c. Resolutionb. Recommendation d. Threat assessment
Q: Which is best defined as the ability of a system to continue operations despite a failure?a. fault tolerance c. reliability auditb. survivability analysis d. adaptation and evolution
Q: Which of the following is a network's ability to detect attacks when they occur and to evaluate the extent of damage and compromise?a. resistance c. recognitionb. recovery d. reliability
Q: How can you harden a DNS server using the split DNS architecture?
Q: What are the four guidelines for employees to follow to prevent phishing attacks?
Q: What are the characteristics of a corporate phishing e-mail? List three of them.
Q: List three of the steps you should take to close potential holes against SQL injection attacks.
Q: What is a buffer overflow attack?
Q: What routing protocol is usually used on the Internet? Why is the information used by the protocol vulnerable to compromise?
Q: What is the DNS hierarchical system? Include a discussion of root servers in your answer.
Q: What is the Internet backbone? Describe how routers work with the Internet backbone.
Q: What is the origin and structure of the Internet? Include some of the services it provides and the protocols they use.
Q: a. anycast addressing f. security-aware resolverb. DNSSEC g. spear phishingc. network access points h. slit DNS architectured. pharming i. split brain DNS architecturee. POP ISPs j. zone transfer1/ a variation of phishing that intercepts traffic to a legitimate Web site andredirects it to a phony replica site2/ a network architecture that divides DNS services between two servers3/ a network addressing scheme that allows DNS services to be decentralized among a group of servers, regardless of their location4/ a computing system that is compliant with DNSSEC and that attempts to resolve a fully qualified domain name to an IP address5/ a protocol designed to improve DNS security by using cryptography to ensure DNS integrity and authentication6/ the communication of a zone file from the primary DNS server to secondaryDNS servers for updating7/ ISP facilities that provide connectivity to the Internet for business, education, and home users8/ a network architecture that uses a single DNS domain with a DNS server on the organization's DMZ for Internet services and a DNS server on the internal network for service to internal hosts9/ a variation of phishing directed at specific users instead of using spam e-mail.10/ highly secure public facilities where commercial Internet backbones and ISPs exchange routing and traffic data
Q: The _______________ Web Server is the most widely used Web server application.
Q: The goal of _____________ is to provide authentication of DNS data and ensure integrity of DNS data.
Q: A _______________ applet is a small program sometimes used as embedded code in Web pages.
Q: A critical buffer component is the function _________ and buffer overflows are usually aimed at this component.
Q: ____________ are networks of zombie computers that magnify the scope and intensity of an attack.
Q: DNS _____________ poisoning steers unsuspecting victims to a server of the attacker's choice instead of the intended Web site.
Q: The lack of authentication for computers on the Internet make IP _____________ possible, which is a change in the IP addresses in the headers of malicious packets.
Q: _______________________ is a name-resolution service that translates domain names to IP addresses.
Q: ___________ direct network traffic to its destination on the Internet using tables and protocols.
Q: The Internet tier system starts with a backbone network connected via _____________________ to regional Internet service providers.
Q: Which of the following is NOT a recommended security setting for Apache Web servers?a. harden the underlying OS c. use the default standard Web page error messagesb. create Web groups d. disable HTTP traces
Q: Which aspect of hardening a Windows Web server allows you to restrict access to the web server based on IP address?a. authentication c. access controlb. NTFS permissions d. data confidentiality
Q: Which of the following is a top-level digital certificate in the PKI chain?a. security-aware resolver c. DNSSEC resolverb. trust anchor d. RRSIG record
Q: What type of DNS configuration prevents internal zone information from being stored on an Internet-accessible server?a. read-only zone c. caching DNS zoneb. anti-phishing DNS d. split-DNS architecture
Q: What is a zone transfer?a. the movement of e-mail from one domain to another b. updating a secondary DNS server c. backing up an SQL data filed. copying host file data to another system
Q: What type of DNS server is authoritative for a specific domain?a. primary c. read-onlyb. secondary d. initial
Q: Which variation on phishing modifies the user's host file to redirect traffic?a. spear phishing c. DNS phishingb. pharming d. hijacking
Q: Which of the following is NOT a step you should take to prevent attackers from exploiting SQL security holes?a. limit table access c. use standard naming conventionsb. use stored procedures d. place the database server in a DMZ
Q: What type of attack displays false information masquerading as legitimate data?a. Java applet c. buffer overflowb. phishing d. SQL injection
Q: What type of attack involves plaintext scripting that affects databases?a. phishing c. Java appletb. ActiveX control d. SQL injection
Q: What type of attack exploits a lack of bounds checking on the size of data stored in an array?a. buffer overflow c. phishingb. SQL injection d. ActiveX control
Q: What makes IP spoofing possible for computers on the Internet?a. network address translation c. the 32-bit address spaceb. the lack of authentication d. the DNS hierarchy
Q: What feature of the 13 DNS root servers enables any group of servers to act as a root server?a. multicast addressing c. anycast addressingb. broadcast addressing d. unicast addressing
Q: Which of the following is a highly secure public facility in which backbones have interconnected data lines and routers that exchange routing and traffic data?a. ISP c. NAPb. POP d. NSF
Q: Which of the following is true about the Internet?a. it is the same as the World Wide Web b. it was established in the mid-1960s c. it was developed by a network of banks and businessesd. it was originally built on an extended star topology
Q: Windows Basic Authentication requires that users enter a username and password and the password is transmitted using a hashing algorithm.
Q: The objective of a phishing attack is to entice e-mail recipients to click a bogus link where personal information can be stolen.
Q: SQL injection attacks are isolated to custom applications, so administrators can prevent them.
Q: Computers on the Internet are identified primarily by their IP address.
Q: The term Internet and World Wide Web are different terms that mean the same thing.
Q: What is an advantage of Kerberos authentication with respect to password security? Explain.
Q: How is authentication implemented in a VPN?
Q: What is AES and why is AES a better encryption method to use compared to DES?
Q: What four events occur when one IPsec-compliant computer connects to another?
Q: List two reasons IPsec has become the standard set of protocols for VPN security.
Q: Briefly describe the L2TP protocol.
Q: List two advantages and two disadvantages of VPNs.
Q: List four standard VPN protocols.
Q: Define virtual private network.
Q: a. AH f. ISAKMPb. ESP g. Kerberosc. GRE h. KDCd. IKE i. SSLe. IPsec j. TGT1/ an IPsec-related protocol that enables two computers to agree on security settings and establish a Security Association so that they can use Internet Key Exchange2/ an IPsec protocol that provides authentication of TCP/IP packets to ensure data integrity3/ a form of key exchange used to encrypt and decrypt data as it passes through a VPN tunnel4/ a digital token sent from the Authentication Server to the client5/ an IETF standard for secure authentication of requests for resource access6/ an IPsec protocol that encrypts the header and data components of TCP/IP packets7/ a protocol developed by Netscape Communications Corporation as a way of enabling Web servers and browsers to exchange encrypted information8/ a set of standard procedures that the IETF developed for enabling secure communication on the Internet9/ Kerberos component that holds secret keys for users, applications, services, or resources10/ a nonproprietary tunneling protocol that can encapsulate a variety of Network layer protocols
Q: TLS splits the input data in half and recombines it using a(n) ___________ function.
Q: While the AH ensures data integrity, confidentiality of data is provided by the __________ component of IPsec.
Q: The Internet Key ______________ protocol enables computers to make an SA.
Q: _________________ based VPNs are appropriate when the endpoints are controlled by different organizations and network administrators.
Q: Network gateways are ____________ of the VPN connection.
Q: What was created to address the problem of remote clients not meeting an organization's VPN security standards?a. split tunneling c. IPsec filtersb. VPN quarantine d. GRE isolation
Q: Which of the following is a disadvantage of putting the VPN on a firewall?a. centralized control of network access security b. more configuration mistakes c. VPN and firewall use the same configuration toolsd. Internet and VPN traffic compete for resources
Q: Which VPN topology is also known as a hub-and-spoke configuration?a. bus c. starb. partial mesh d. full mesh
Q: Which of the following is an improvement of TLS over SSL?a. requires less processing power b. uses a single hashing algorithm for all the data c. uses only asymmetric encryptiond. adds a hashed message authentication code
Q: Which of the following is true about SSL?a. it uses shared-key encryption only b. it uses sockets to communicate between client and server c. it operates at the Data Link layerd. it uses IPsec to provide authentication
Q: What are the two modes in which IPsec can be configured to run?a. transit and gateway c. header and payloadb. client and server d. tunnel and transport
Q: Which IPsec component authenticates TCP/IP packets to ensure data integrity?a. AH c. IKEb. ESP d. ISAKMP
Q: Which IPsec component is software that handles the tasks of encrypting, authenticating,decrypting, and checking packets?a. ISAKMP c. IPsec driverb. IKE d. Oakley protocol
Q: Which of the following is defined as a relationship between two or more entities that describes how they will use the security services to communicate?a. pairing c. internet key exchangeb. security association d. tunnel
Q: Which VPN protocol works at Layer 3 and can encrypt the entire TCP/IP packet?a. PPTP c. IPsecb. L2TP d. SSL
Q: Which VPN protocol uses UDP port 1701 and does not provide confidentiality and authentication?a. IPsec c. PPTPb. L2TP d. SSL
Q: Which VPN protocol is a poor choice for high-performance networks with many hosts due to vulnerabilities in MS-CHAP?a. SSL c. IPsecb. L2TP d. PPTP
Q: Which VPN protocol leverages Web-based applications?a. PPTP c. SSLb. L2TP d. IPsec
Q: Which activity performed by VPNs encloses a packet within another packet?a. address translation c. authenticationb. encryption d. encapsulation
Q: Which of the following is true about using VPNs?a. more expensive than leased lines b. can use an existing broadband connection c. usually higher performance than leased linesd. not dependent on an ISP
Q: Which of the following is NOT a factor a secure VPN design should address?a. encryption c. nonrepudiationb. authentication d. performance
Q: Which of the following is true about software VPNs?a. more cost-effective than hardware VPNs b. best when all router and firewall hardware is the same c. usually less flexible than hardware VPNsd. configuration is easy since there is no OS to rely upon
Q: Which of the following is NOT true about a hardware VPN?a. should be the first choice for fast-growing networks b. can handle more traffic than software VPNs c. have more security vulnerabilities than software VPNsd. create a gateway-to-gateway VPN
Q: Which of the following is a type of VPN connection?a. site-to-server c. server-to-clientb. client-to-site d. remote gateway
Q: Which of the following is NOT an essential element of a VPN?a. VPN server c. VPN clientb. tunnel d. authentication server
Q: If you use Windows RRAS for your VPN, you will need a third-party RADIUS server if you want to use RADIUS for authentication.
Q: IPsec has become the standard set of protocols for VPN security.
1 2 3 25

Subjects

Accounting Anthropology Archaeology Art History Banking Biology & Life Science Business Business Communication Business Development Business Ethics Business Law Chemistry Communication Computer Science Counseling Criminal Law Curriculum & Instruction Design Earth Science Economic Education Engineering Finance History & Theory Humanities Human Resource International Business Investments & Securities Journalism Law Management Marketing Medicine Medicine & Health Science Nursing Philosophy Physic Psychology Real Estate Science Social Science Sociology Special Education Speech Visual Arts