system security

profilemrwatts22
questions.docx

1. (TCO 1) According to the video in Week 1, what are the typical steps used to compromise an organization? (Points : 5)

       Attack, Scanning, Footprinting, Enumeration        Footprinting, Scanning, Enumeration, Attack        Scanning, Enumeration, Attack, Footprinting        Footprinting, Attack, Scanning, Enumeration

Question 2. 2. (TCO 1) Which is the correct malware propagation method combination? (Points : 5)

       Virus/Worm: Copies itself to shares and vulnerable services        Trojan: Copies itself to shares and vulnerable services        Virus/Worm: Pretends to be a useful program        Trojan: Encrypts the hard drive and demands payment to unencrypt

Question 3. 3. (TCO 2) Three techniques that should be part of every network design include which of the following? (Points : 5)

       Packet filter, bastion host, circuit level firewalls        DMZs, Proxy servers, NAT        Firestarter, Norton personal firewall, Outpost personal firewall        IP spoofing, SYN floods, Ping floods

Question 4. 4. (TCO 2) Which network design is usually used to separate and protect private from public network resources? (Points : 5)

       Hardware and software firewalls        Patch management        DMZ        Stateful packet inspection

Question 5. 5. (TCO 3) Which is NOT a consideration for which kind of firewall that should be implemented? (Points : 5)

       Size of network        Need to connect multiple LANs into a single WAN        Skill of administrator        Cost vs. benefit

Question 6. 6. (TCO 3) The most basic type of firewall is known as? (Points : 5)

       Packet Filter        Application Proxy        Circuit gateway        Stateful packet inspection

Question 7. 7. (TCO 4) If an intrusion-detection system detects a series of ICMP packets sent to each port, from the same IP address, it might indicate _____. (Points : 5)

       Distributed Denial of Service attack in progress        scanning of the system for vulnerabilities prior to an attack        the system has been infiltrated by an outsider        Trojan Horse/virus infection sending information back home

Question 8. 8. (TCO 4) Attempts by an intruder to determine information about a system, prior to the start of an intrusion attack, is called _____. (Points : 5)

       deflecting        detecting        footprinting        infiltration

Question 9. 9. (TCO 5) Which of the following is the most secure encryption method? (Points : 5)

       Caesar Cipher        AES        Multi alphabet substitution        DES

Question 10. 10. (TCO 5) Which of the following is a widely used public key system that is considered by many experts to be very secure, and is available as a plug-in for Netscape Messenger, MSN Messenger, and other communication software? (Points : 5)

       AES        Blowfish        IDEA        PGP

Question 11. 11. (TCO 6) Which common VPN technology supports five authentication methods? (Points : 5)

       IPSec        L2TP        PPP        PPTP

Question 12. 12. (TCO 6) A good definition of VPNs is that they are a combination of which of the following? (Points : 5)

       Internet, leased lines, direct access, dial up        Tunneling, encryption, authentication, access control        Tunneling, dial up, authentication, Cisco, SNORT        Encryption, leased lines, ISP, piggy backing

Question 13. 13. (TCO 7) Which Trojan horse is a small, self-installing remote administration system, which permits a user to control the infected system across a TCP/IP connection? (Points : 5)

       Back Orifice        Dropper        NetBus        Spybot

Question 14. 14. (TCO 7) Which of the following is a possible result of a Trojan horse infection? (Points : 5)

       installing front doors and executing XML attacks        installing back doors to allow access to the system        installing IRC for email relays        using as a proxy for searching for google hacks

Question 15. 15. (TCO 8) What Windows account types are most attractive to attackers? (Points : 5)

       Administrators, IUSR, ASP.NET, Database accounts        Guests, Dead users, Default users, Backdoors        Root, apache, sysadam, SU        DC security, HIsecdc, Hisecws, Securews

Question 16. 16. (TCO 8) Which of the following would NOT be a default account on a Windows machine? (Points : 5)

       ASP.NET        Administrator        IUSR_machine name        username

Question 17. 17. (TCO 9) Which of the following security templates are included in Windows servers? (Points : 5)

       DC security, HIsecdc, Hisecws, Securews        HIsecdc, Hisecws, Websec, IPSec        DC security Securews, Rootsec, Supersec        Rootsec, Supersec Websec, IPSec

Question 18. 18. (TCO 9) Why does the textbook author state that technology alone is not a panacea for network security problems? (Points : 5)

       Advances in technology occur too rapidly for security pros to keep up with them.        Improvements in technology actually create the most security problems.        Technology cannot be effective if people do not follow appropriate procedures.        The author actually does say that technology solves network security problems.

Question 19. 19. (TCO 10) Which of the 6 P's of an initial assessment requires an onsite inspection? (Points : 5)

       Patch        Policies        Physical        Ports

Question 20. 20. (TCO 10) Which of the following is the first step in assessing a system? (Points : 5)

       Threat Identification        System Characterization        Control Analysis        Likelihood Determination

1. (TCO 10, 9, 11) What steps should an organization follow if it finds it is penetrated by an attacker? (Points : 20)

             

Question 2. 2. (TCO 10,11,12) Assess the pros and cons of Apache vs. IIS. Consider web server setup, ease of use, and cost, among others.  (Points : 20)

             

Question 3. 3. (TCO 8, 10, 11) How does IP spoofing work?  How should organizations defend against IP spoofing? (Points : 20)

             

Question 4. 4. (TCO 8, 10, 11) How should an organization determine which patches to apply, and ports to close on their servers and workstations? How do they verify that they are actually patched and closed? (Points : 20)

             

Question 5. 5. (TCO 8, 10, 12) Assess specific procedures to harden an Apache Web Server. (Points : 20)