CNE254 Chapter 4 6 Quizzes

Document Sample
CNE254 Chapter 4 6 Quizzes Powered By Docstoc
					CNE 254 Fundamentals of Network Security        Name:
Chapter 4 Quiz
Type Answers
Below                             Chapter 4: Monitoring Activity and Intrusion Detection

 1   Which of the following can be used to monitor a network for unauthorized activity?
     (Choose two.)
       1. VPN
       2. N-IDS
       3. H-IDS
       4. Network sniffer
     a. 1, 2
     b. 2, 3
     c. 2, 4
     d. 3, 4

 2   You’re the administrator for Acme Widgets. After attending a conference on buzzwords for
     management, your boss informs you that an IDS should be up and running on the network by
     the end of the week. Which of the following systems should be installed on a host to provide
     IDS capabilities?
     a. VPN
     b. Network sniffer
     c. N-IDS
     d. H-IDS

 3   Which of the following is an active response in an IDS?
     a. Sending an alert to a console
     b. Shunning
     c. Making an entry in the security audit file
     d. Reconfiguring a router to block an IP address

 4   A junior administrator bursts into your office with a report in his hand. He claims that he has
     found documentation proving that an intruder has been entering the network on a regular
     basis. Which of the following implementations of IDS detects intrusions based on previously
     established rules that are in place on your network?
     a. H-IDS
     b. N-IDS
     c. MD-IDS
     d. AD-IDS

 5   Which IDS function evaluates data collected from sensors?
                                            Page 1                                          Ch 1 Quiz
    b. Operator
    c. Analyzer
    d. Manager

6   During the creation of a new set of policies and procedures for network usage, your attention
    turns to role definition. By default, which of the following roles is responsible for reporting the
    results of an attack to a systems operator or administrator?
    a. Alert
    b. Manager
    c. Analyzer
    d. Data source

7   What is a system that is intended or designed to be broken into by an attacker called?
    a. Decoy
    b. Honey pot
    c. Honeybucket
    d. Spoofing system

8   An emergency meeting of all administrators has been called at MTS. It appears that an unau-
    thorized user has been routinely entering the network after hours. A response to this intrusion
    must be formulated by those assembled. What is the process of formulating a reaction to a
    computer attack officially called?
    a. Entrapment
    b. Enticement
    c. Incident response
    d. Evidence gathering

9   Which of the following is not a part of an incident response?
    a. Entrapment
    b. Identification
    c. Investigating
    d. Repairing

10 Your company is expanding into an older part of the building. The older portion has been
    declared historic by the local preservation commission, and you’re forbidden from running
    network cabling through any walls. The best solution appears to be to implement wireless net-
    working in that part of the building. The connection between wireless devices and the network
    is accomplished through the use of which protocol?
    a. WEP
    b. WAP
                                            Page 2                                           Ch 1 Quiz
    c. WOP
    d. WTLS

11 Which protocol operates on 2.4GHz and has a bandwidth of 1Mbps or 2Mbps?
    a. 802.11
    b. 802.11a
    c. 802.11b
    d. 802.11g

12 You’re outlining your plans for implementing a wireless network to upper management.
    Suddenly, a paranoid vice president brings up the question of security. Which protocol was
    designed to provide security to a wireless network that can be considered equivalent to the
    security of a wired network?
    a. IR
    b. WAP
    c. WEP
    d. WTLS

13 Which of the following is a primary vulnerability of a wireless environment?
    a. Decryption software
    b. IP spoofing
    c. Site survey
    d. A gap in the WAP

14 As the administrator for MTS, you want to create a policy banning the use of instant messag-
    ing, but you’re receiving considerable opposition from users. To lessen their resistance, you
    decide to educate them about the dangers inherent in IM. To which of the following types of
    attacks is IM vulnerable?
    a. IP spoofing
    b. Malicious code
    c. Replay attacks
    d. Man-in-the-middle attacks

15 What is the process of identifying the configuration of your network called?
    a. Jamming
    b. Footprinting
    c. Scanning
    d. Enumeration

16 During the annual performance review, you explain to your manager that you want to focus
                                          Page 3                                          Ch 1 Quiz
    this year on looking at multiple sources of information and determining what systems your
    users may be using. You think this is a necessary procedure for creating a secure environment.
    What is the process of identifying your network and its security posture called?
    a. Jamming
    b. Footprinting
    c. Scanning
    d. Enumeration

17 What is term used to mean that detection is undertaken while an event is happening?
    a. Real time
    b. Present time
    c. Active time
    d. Here-and-now

18 A user calls with a problem. Even though she has been told not to use instant messaging, she has
    been doing so. For some reason, she is now experiencing frequent interrupted sessions. You sus-
    pect an attack and inform her of this. What is the process of disrupting an IM session called?
    a. Jamming
    b. Site survey
    c. Broadcasting
    d. Incident response

19 You’ve just received a call from an IM user in your office who visited an advertised website.
    The user is complaining that his system is unresponsive and about a million web browser win-
    dows have opened on his screen. What type of attack has your user experienced?
    a. DoS
    b. IP spoofing
    c. Site survey
    d. Malicious code

20 A fellow administrator is reviewing the log files for the month when he calls you over. A num-
    ber of IDS entries don’t look right to him, and he wants to focus on those incidents. Which of
    the following terms best describes an occurrence of suspicious activity within a network?
    a. Event
    b. Episode
    c. Occurrence
    d. Enumeration

                                          Page 4                                          Ch 1 Quiz
on Detection

rized activity?

ence on buzzwords for
nning on the network by
led on a host to provide

d. He claims that he has
etwork on a regular
ons based on previously

                           Page 5   Ch 1 Quiz
rk usage, your attention
ponsible for reporting the

attacker called?

It appears that an unau-
esponse to this intrusion
 lating a reaction to a

der portion has been
rbidden from running
 implement wireless net-
 devices and the network

                             Page 6   Ch 1 Quiz
 pper management.
y. Which protocol was
ered equivalent to the

e use of instant messag-
en their resistance, you
f the following types of

that you want to focus
                           Page 7   Ch 1 Quiz
ng what systems your
ng a secure environment.

t is happening?

 instant messaging, she has
errupted sessions. You sus-
g an IM session called?

d an advertised website.
million web browser win-

he calls you over. A num-
hose incidents. Which of
 y within a network?

                              Page 8   Ch 1 Quiz
CNE 254 Fundamentals of Network Security         Name:
Chapter 5 Quiz
Type Answers
Below             Chapter 5: Implementing and Maintaining a Secure Network

 1   What is the process of establishing a standard for security referred to as?
     a. Hardening
     b. Baselining
     c. Security evaluation
     d. Methods research

 2   You’ve been chosen to lead a team of administrators in an attempt to increase security. You’re
     currently creating an outline of all the aspects of security that will need to be examined and
     acted upon. What is the process of improving security in a NOS referred to as?
     a. Hardening
     b. Encryption
     c. Networking
     d. Common Criteria

 3   What is the method of establishing a protocol connection to a controller called?
     a. Linkage
     b. Binding
     c. Networking
     d. Access control

 4   You’re evaluating the protocols in use on your network. After evaluation, you’ll make a
     recommendation to the vice president of IT on protocols that should be removed from the
     systems. Which of the following protocols shouldn’t be bound to TCP/IP, if at all possible,
     since it’s a well-established target of attackers?
     a. LDAP
     b. SMTP
     c. IPX/SPX
     d. NetBIOS

 5   What tool is used in Windows NT to monitor systems logs?
     a. IDS
     b. Syslog
     c. Event viewer
     d. Event timer

 6   Your organization has created a new overseer position, and licensing has suddenly become an
                                              Page 9                                       Ch 2 Quiz
     issue. Licenses need to be in existence and able to be readily produced for all proprietary soft-
     ware. Which of the following operating systems is an open source product and not considered
     a. Linux
     b. Mac OS
     c. Windows 2000
     d. Novell NetWare

7    Which filesystem was primarily intended for desktop system use and offers limited security?
     a. NFS
     b. FAT
     c. AFS
     d. NTFS

8    Your company has acquired a competitor’s business. You’ve been assigned the role of formu-
     lating a strategy by which the servers on your existing network will communicate with those
     on the newly acquired network. All you know about the competitor is that it’s using Novell’s
     newest filesystem and it’s a proprietary environment for servers. Which filesystem is used in
     NetWare servers?
     a. NSS
     b. AFS
     c. FAT
     d. NTFS

9    Which filesystem allows remote mounting of filesystems?
     a. FAT
     b. AFS
     c. NFS
     d. NTFS

10   The administrator at MTS was recently fired, and it has come to light that he didn’t install
     updates and fixes as they were released. As the newly hired administrator, your first priority
     is to bring all networked clients and servers up to date. What is a bundle of one or more system
     fixes in a single product called?
     a. Patch
     b. Hotfix
     c. Service pack
     d. System install

11   Which of the following statements is not true?
     a. You should share the root directory of a disk.
                                             Page 10                                          Ch 2 Quiz
     b. You should never share the root directory of a disk.
     c. Filesystems are frequently based on hierarchical models.
     d. You should apply the most restrictive access necessary for a shared directory.

12   Your company does electronic monitoring of individuals under house arrest around the world.
     Because of the sensitive nature of the business, you can’t afford any unnecessary downtime.
     What is the process of applying a repair to an operating system while the system stays in operations called?
     a. Hotfix
     b. File update
     c. Upgrading
     d. Service pack installation

13   What is the process of applying manual changes to a program called?
     a. Hotfix
     b. Patching
     c. Service pack
     d. Replacement

14   A newly hired junior administrator will assume your position temporarily while you attend a
     conference. You’re trying to explain the basics of security to her in as short a period of time
     as possible. Which of the following best describes an ACL?
     a. ACLs are used to authenticate users.
     b. ACLs aren’t used in modern systems.
     c. The ACL process is dynamic in nature.
     d. ACLs provide individual access control to resources.

15   What product verifies that files being received by an SMTP server contain no suspicious code?
     a. IDS
     b. E-mail virus filter
     c. Web virus filter
     d. Packet filter firewall

16   Users are complaining about name resolution problems suddenly occurring that were never an
     issue before. You suspect that an intruder has compromised the integrity of the DNS server on
     your network. What is one of the primary ways in which an attacker uses DNS?
     a. Network sniffing
     b. Network footprinting
     c. Database server lookup
     d. Registration counterfeiting

                                             Page 11                                         Ch 2 Quiz
17   LDAP is an example of which of the following?
     a. IDS
     b. Directory access protocol
     c. File server
     d. Tiered model application development environment

18   Your company is growing at a tremendous rate, and the need to hire specialists in various areas
     of IT is becoming apparent. You’re helping to write the newspaper ads that will be used to
     recruit new employees, and you want to make certain that applicants possess the skills you
     need. One knowledge area in which your organization is weak is database intelligence. What
     is the primary type of database used in applications today that you can mention in the ads?
     a. Network
     b. Archival
     c. Hierarchical
     d. Relational

19   The flexibility of relational databases in use today is a result of which of the following?
     a. SQL
     b. Forward projection
     c. Hard-coded queries
     d. Mixed model access

20   You’re redesigning your network in preparation for putting the company up for sale. The
     network, like all aspects of the company, needs to perform the best that it possibly can in order
     to be an asset to the sale. Which model is used to provide an intermediary server between the
     end user and the database?
     a. One-tiered
     b. Two-tiered
     c. Three-tiered
     d. Relational database

                                             Page 12                                          Ch 2 Quiz

ncrease security. You’re
 to be examined and

on, you’ll make a
 removed from the
IP, if at all possible,

as suddenly become an
                           Page 13   Ch 2 Quiz
for all proprietary soft-
uct and not considered

ffers limited security?

gned the role of formu-
mmunicate with those
hat it’s using Novell’s
h filesystem is used in

hat he didn’t install
 or, your first priority
e of one or more system

                            Page 14   Ch 2 Quiz
 rrest around the world.
 necessary downtime.
he system stays in operations called?

ily while you attend a
 hort a period of time

ain no suspicious code?

ring that were never an
y of the DNS server on

                                        Page 15   Ch 2 Quiz
ecialists in various areas
 that will be used to
ossess the skills you
ase intelligence. What
mention in the ads?

of the following?

 y up for sale. The
 it possibly can in order
ary server between the

                             Page 16   Ch 2 Quiz
CNE 254 Fundamentals of Network Security            Name:
Chapter 6 Quiz
Type Answers
Below                      Chapter 6: Securing the Network and Environment

  1   Which component of physical security addresses outer-level access control?
      a. Mantraps
      b. Perimeter security
      c. Security zones
      d. Locked doors

  2   You’ve been drafted for the safety committee. One of your first tasks is to inventory all the fire
      extinguishers and make certain the correct types are in the correct locations throughout the build-
      ing. Which of the following categories of fire extinguisher is intended for use on electrical fires?
      a. Type A
      b. Type B
      c. Type C
      d. Type D

  3   Which of the following won’t reduce EMI?
      a. Humidity control
      b. Physical shielding
      c. Physical location
      d. Overhauling worn motors

  4   You’re the administrator for MTS. You’re creating a team that will report to you, and you’re
      attempting to divide the responsibilities for security among individual members. Similarly,
      which of the following access methods breaks a large area into smaller areas that can be mon-
      itored individually?
      a. Floor
      b. Zone
      c. Partition
      d. Perimeter

  5   Which of the following is equivalent to building walls in an office building from a network
      a. Partitioning
      b. IDS systems
      c. Security zones
      d. Perimeter security

                                                 Page 17                                          Ch 3 Quiz
6    After a number of minor incidents at your company, physical security has suddenly increased
     in priority. No unauthorized personnel should be allowed access to the servers or worksta-
     tions. The process of preventing access to computer systems in a building is called what?
     a. IDS systems
     b. Security zones
     c. Access control
     d. Perimeter security

7    Which of the following is an example of perimeter security?
     a. Elevator
     b. Locked computer room
     c. Chain link fence
     d. Video camera

8    You’re the leader of the security committee at ACME. After a move to a new facility, you’re
     installing a new security monitoring system throughout. Which of the following best describes
     a motion detector mounted in the corner of a hallway?
     a. Security zone
     b. IDS system
     c. Perimeter security
     d. Partitioning

9    Which technology uses a physical characteristic to establish identity?
     a. Smart card
     b. Biometrics
     c. Surveillance
     d. CHAP authenticator

10   As part of your training program, you’re trying to educate users on the importance of security.
     You explain to them that not every attack depends on implementing advanced technological
     methods. Some attacks, you explain, take advantage of human shortcomings to gain access
     that should otherwise be denied. What term do you use to describe attacks of this type?
     a. Biometrics
     b. IDS system
     c. Social engineering
     d. Perimeter security

11   Wireless cells have which of the following characteristics?
     a. High levels of security
     b. Line-of-site communications
     c. Automatic position location
                                                Page 18                                        Ch 3 Quiz
     d. High-power portable devices

12   You’re attempting to sell upper management on the concept of adopting GSM technology. It
     promises to provide encryption as well as international usability, and it’s an example of which
     a. Security zones
     b. Cell technology
     c. Perimeter security
     d. Surveillance system

13   The process of reducing or eliminating susceptibility to outside interference is called what?
     a. EMI
     b. Shielding
     c. TEMPEST
     d. Desensitization

14   You work for an electronics company that has just created a device that emits less RF than any
     competitors’ product. Given the enormous importance of this invention and of the marketing
     benefits it could offer, you want to have the product certified. Which certification is used to
     indicate minimal electronic emissions?
     a. RFI
     b. EMI
     c. CC EAL 4
     d. TEMPEST

15   Which term defines the process of a WAP losing sensitivity due to RFI?
     a. EMI pickup
     b. RFI desensitization
     c. Access control
     d. TEMPEST

16   Due to growth beyond current capacity, a new server room is being built. As a manager, you
     want to make certain that all the necessary safety elements exist in the room when it’s finished.
     Which fire-suppression system works best when used in an enclosed area by displacing the air
     around a fire?
     a. Gas-based
     b. Water-based
     c. Fixed system
     d. Overhead sprinklers

                                                Page 19                                         Ch 3 Quiz
17   The CBF identifies which aspects of a business?
     a. BIA
     b. Access control
     c. Critical access points
     d. Essential business functions

18   You’re the chief security contact for MTS. One of your primary tasks is to document every-
     thing related to security and create a manual that can be used to manage the company in your
     absence. Which documents should be referenced in your manual as the ones that identify the
     methods used to accomplish a given task?
     a. BIA
     b. Policies
     c. Standards
     d. Guidelines

19   Which classification of information designates that information can be released on a restricted
     basis to outside organizations?
     a. Full distribution
     b. Private information
     c. Limited distribution
     d. Restricted information

20   You’ve recently been hired by ACME to do a security audit. The managers of this company feel
     that their current security measures are inadequate. Which information access control prevents
     users from writing information down to a lower level of security and prevents users from read-
     ing above their level of security?
     a. Biba model
     b. Clark-Wilson model
     c. Noninterference model
     d. Bell La-Padula model

                                               Page 20                                         Ch 3 Quiz

Shared By: