3D053 CDC Edit 02 Vol 2

Approved & Edited by ProProfs Editorial Team
The editorial team at ProProfs Quizzes consists of a select group of subject experts, trivia writers, and quiz masters who have authored over 10,000 quizzes taken by more than 100 million users. This team includes our in-house seasoned quiz moderators and subject matter experts. Our editorial experts, spread across the world, are rigorously trained using our comprehensive guidelines to ensure that you receive the highest quality quizzes.
Learn about Our Editorial Process
| By Rediculous
R
Rediculous
Community Contributor
Quizzes Created: 2 | Total Attempts: 1,188
Questions: 100 | Attempts: 531
SettingsSettingsSettings
Please wait...
Create your own Quiz
CDC Quizzes & Trivia

The is the URE's from vol 2, edit code 02 which became active after 4 April 2013

Questions and Answers
  • 1. 

    What provides protection of the base network perimeter using a protection device or system of devices?

    • A.

      Network assurance.

    • B.

      Network protection.

    • C.

      Boundary protection.

    • D.

      Information assurance.

    Correct Answer
    C. Boundary protection.
    Explanation
    Boundary protection refers to the practice of securing the base network perimeter using a protection device or system. This involves implementing measures such as firewalls, intrusion detection systems, and access control mechanisms to prevent unauthorized access and attacks from external sources. By establishing a clear boundary between the internal network and external networks, boundary protection helps to safeguard sensitive information and resources from potential threats.

    Rate this question:

  • 2. 

    What severity code applies to any vulnerability that provides information that gives an unauthorized person the means to circumvent security controls?

    • A.

      Category I.

    • B.

      Category II.

    • C.

      Category III.

    • D.

      Category IV.

    Correct Answer
    B. Category II.
    Explanation
    Category II applies to any vulnerability that provides information that gives an unauthorized person the means to circumvent security controls. This means that the vulnerability could potentially allow someone to bypass security measures and gain unauthorized access to sensitive information or systems.

    Rate this question:

  • 3. 

    What severity code applies to any vulnerability that provides information that potentially could lead to a compromise?

    • A.

      Category I.

    • B.

      Category II.

    • C.

      Category III.

    • D.

      Category IV.

    Correct Answer
    C. Category III.
    Explanation
    Category III applies to any vulnerability that provides information that potentially could lead to a compromise. This means that the vulnerability may expose sensitive information or allow an attacker to gain unauthorized access to a system or network. It is important to address and mitigate these vulnerabilities to prevent potential compromises and protect the confidentiality and integrity of the information.

    Rate this question:

  • 4. 

    What severity code applies to any vulnerability that, when resolved, will prevent the possibility of degraded security?

    • A.

      Category I.

    • B.

      Category II.

    • C.

      Category III.

    • D.

      Category IV.

    Correct Answer
    D. Category IV.
    Explanation
    Category IV applies to any vulnerability that, when resolved, will prevent the possibility of degraded security. This means that resolving a vulnerability in this category will ensure that the security of the system is not compromised or weakened in any way.

    Rate this question:

  • 5. 

    How many Integrated Network and Operation Security Centers (INOSC) does the Air Force have?

    • A.

      One.

    • B.

      Two.

    • C.

      Three.

    • D.

      Four.

    Correct Answer
    B. Two.
    Explanation
    The correct answer is Two. This suggests that the Air Force has two Integrated Network and Operation Security Centers (INOSC).

    Rate this question:

  • 6. 

    How many hours prior to change implementation does the Integrated Network Operations and Security Centers (INOSC) notify a base communications flight about removing unused filters?

    • A.

      12 hours.

    • B.

      24 hours.

    • C.

      48 hours.

    • D.

      72 hours.

    Correct Answer
    D. 72 hours.
    Explanation
    The INOSC notifies a base communications flight about removing unused filters 72 hours prior to change implementation. This allows the base communications flight enough time to prepare and coordinate the necessary actions for removing the filters.

    Rate this question:

  • 7. 

    What is the primary intrusion/misuse tool used in the Air Force Enterprise Network (AFEN)?

    • A.

      Firewall.

    • B.

      Proxy server.

    • C.

      Intrusion detection system (IDS) software.

    • D.

      Automated security incident measurement (ASIM).

    Correct Answer
    D. Automated security incident measurement (ASIM).
    Explanation
    Automated security incident measurement (ASIM) is the primary intrusion/misuse tool used in the Air Force Enterprise Network (AFEN). ASIM is a software system that monitors and analyzes network traffic to detect and respond to security incidents. It provides real-time visibility into network activity, identifies potential threats, and helps in preventing unauthorized access or misuse of the network. ASIM plays a crucial role in maintaining the security and integrity of the AFEN by continuously monitoring and analyzing network traffic for any suspicious or malicious activity.

    Rate this question:

  • 8. 

    An active intrusion detection system (IDS) is normally incorporated into

    • A.

      Switches.

    • B.

      Firewalls.

    • C.

      Routers.

    • D.

      Servers.

    Correct Answer
    B. Firewalls.
    Explanation
    An active intrusion detection system (IDS) is normally incorporated into firewalls. Firewalls act as a barrier between a trusted internal network and an untrusted external network, monitoring and controlling incoming and outgoing network traffic. By incorporating an IDS into firewalls, it allows for real-time monitoring and detection of any suspicious or malicious activities, providing an additional layer of security to the network. Switches, routers, and servers also play important roles in network security, but they do not typically include IDS functionality.

    Rate this question:

  • 9. 

    Which intrusion detection system (IDS) monitors network traffic and alerts administrators about suspicious traffic?

    • A.

      Active IDS.

    • B.

      Passive IDS.

    • C.

      Host-based IDS.

    • D.

      Network-based IDS.

    Correct Answer
    D. Network-based IDS.
    Explanation
    A network-based IDS is designed to monitor network traffic and identify any suspicious activity or anomalies. It analyzes the packets of data flowing through the network and compares them against a database of known attack patterns. When it detects any suspicious traffic, it generates alerts to notify administrators so that they can take appropriate action to mitigate the threat. Unlike a host-based IDS, which focuses on monitoring the activity on a specific host or device, a network-based IDS monitors the entire network, making it an effective tool for detecting and responding to network-level threats.

    Rate this question:

  • 10. 

    Which intrusion detection system (IDS) examines servers or client computers for the patterns of an intrusion?

    • A.

      Active IDS.

    • B.

      Passive IDS.

    • C.

      Host-based IDS.

    • D.

      Network-based IDS.

    Correct Answer
    C. Host-based IDS.
    Explanation
    A host-based IDS is an intrusion detection system that examines servers or client computers for the patterns of an intrusion. It focuses on the individual host or endpoint and monitors activities and events occurring on that specific system. This type of IDS is capable of detecting unauthorized access attempts, abnormal behavior, and malicious activities on the host, allowing for timely response and mitigation of potential threats.

    Rate this question:

  • 11. 

    When using an intrusion detection system (IDS), remember to

    • A.

      Deploy one IDS for the entire network.

    • B.

      Deploy IDS on 50 percent of the network segments.

    • C.

      Consider using only a network-based IDS or host-based IDS.

    • D.

      Use a centralized management console for system management.

    Correct Answer
    D. Use a centralized management console for system management.
    Explanation
    Using a centralized management console for system management is recommended when using an intrusion detection system (IDS). This allows for easier and more efficient management of the IDS across the entire network. It provides a single interface to monitor and control the IDS, making it easier to detect and respond to potential intrusions. By centralizing the management, it also ensures consistency in policies and configurations across the network, reducing the risk of oversight or misconfiguration.

    Rate this question:

  • 12. 

    The disadvantage of a host-based intrusion detection system (HIDS) is that it

    • A.

      Can analyze any encrypted data if it is decrypted before reaching the target host

    • B.

      Consumes resources on the host it resides on and slows that device down.

    • C.

      Monitors log files for inadvisable settings or passwords.

    • D.

      Monitors traffic on the host on which it is installed.

    Correct Answer
    B. Consumes resources on the host it resides on and slows that device down.
    Explanation
    A host-based intrusion detection system (HIDS) consumes resources on the host it resides on and slows that device down. This is because the HIDS needs to continuously monitor and analyze the activities and behaviors of the host in order to detect any potential intrusions or malicious activities. This constant monitoring and analysis can put a strain on the host's resources, such as CPU and memory, leading to decreased performance and slower operation of the device.

    Rate this question:

  • 13. 

    One advantage of a network-based intrusion detection system (NIDS) is that it

    • A.

      Can decrypt data

    • B.

      Uses very few network resources

    • C.

      Monitors logs for policy violations.

    • D.

      Can analyze encrypted network traffic.

    Correct Answer
    B. Uses very few network resources
    Explanation
    A network-based intrusion detection system (NIDS) that uses very few network resources is advantageous because it minimizes the impact on the network's performance and bandwidth. By efficiently utilizing network resources, the NIDS can effectively monitor and analyze network traffic without causing significant disruptions or slowing down the network. This enables continuous monitoring and detection of potential intrusions without negatively impacting the network's functionality.

    Rate this question:

  • 14. 

    What intrusion detection system (IDS) is not commonly used due to increasing cost of implementation?

    • A.

      Host-based IDS.

    • B.

      Network-based IDS.

    • C.

      Hardware-based IDS.

    • D.

      Application-based IDS.

    Correct Answer
    D. Application-based IDS.
    Explanation
    Application-based IDS is not commonly used due to the increasing cost of implementation. This is because application-based IDS requires the deployment of sensors or agents on each individual application, which can be expensive and time-consuming. In contrast, host-based IDS focuses on monitoring the activities and behaviors of individual hosts, network-based IDS monitors network traffic, and hardware-based IDS uses specialized hardware devices to detect intrusions. Application-based IDS is less commonly used due to its higher implementation costs.

    Rate this question:

  • 15. 

    Host-based intrusion detection systems (HIDS) are

    • A.

      Active only.

    • B.

      Passive only.

    • C.

      Passive and active.

    • D.

      Neither passive nor active.

    Correct Answer
    C. Passive and active.
    Explanation
    Host-based intrusion detection systems (HIDS) are considered both passive and active because they have the capability to monitor and analyze activities occurring on a specific host or system. The passive aspect involves the system's ability to passively monitor and collect data about events and behaviors on the host, such as log files, system calls, and network traffic. On the other hand, the active aspect refers to the system's ability to take actions in response to detected threats, such as sending alerts, blocking traffic, or initiating countermeasures. Therefore, HIDS can both passively observe and actively respond to potential intrusions.

    Rate this question:

  • 16. 

    A logical connection point for the transmission of information packets is known as a

    • A.

      Entrance point.

    • B.

      Service point.

    • C.

      Protocol.

    • D.

      Port.

    Correct Answer
    D. Port.
    Explanation
    A port is a logical connection point for the transmission of information packets. It serves as an interface between the computer and external devices or networks, allowing data to be sent and received. Ports are essential for establishing communication and facilitating the exchange of information between different systems or devices.

    Rate this question:

  • 17. 

    Above which layer of the open systems interconnect (OSI) model are protocols designed to reside?

    • A.

      Presentation.

    • B.

      Transport.

    • C.

      Network.

    • D.

      Session.

    Correct Answer
    D. Session.
    Explanation
    Protocols are designed to reside above the Session layer of the OSI model. The Session layer is responsible for establishing, managing, and terminating sessions between applications. It provides services such as session establishment, synchronization, and checkpointing. Protocols that reside above this layer handle tasks related to the presentation of data, such as data formatting, encryption, and compression. Therefore, the correct answer is Session.

    Rate this question:

  • 18. 

    Which is not a common service?

    • A.

      File transfer protocol (FTP).

    • B.

      Domain name service (DNS).

    • C.

      Hypertext transfer protocol (HTTP).

    • D.

      Open system interconnection (OSI).

    Correct Answer
    D. Open system interconnection (OSI).
    Explanation
    The Open System Interconnection (OSI) is not a common service. It is actually a conceptual framework that standardizes the functions of a communication system. It defines a set of protocols and specifications to enable different systems to communicate with each other. In contrast, FTP, DNS, and HTTP are all common services used in computer networks. FTP is used for transferring files between systems, DNS is used for translating domain names into IP addresses, and HTTP is used for transmitting web pages and other resources on the internet.

    Rate this question:

  • 19. 

    Which port range constitutes well-known ports?

    • A.

      0–1023.

    • B.

      1024–23535.

    • C.

      23536–49151.

    • D.

      49152–65535.

    Correct Answer
    A. 0–1023.
    Explanation
    The well-known ports range from 0-1023. These ports are reserved for specific services and protocols that are commonly used and recognized. They include ports for popular services like HTTP (port 80), FTP (port 21), and SSH (port 22). These ports are standardized and widely known, making them easily identifiable and accessible for network communication.

    Rate this question:

  • 20. 

    Which port is used for telnet?

    • A.

      7

    • B.

      20

    • C.

      23

    • D.

      53

    Correct Answer
    C. 23
    Explanation
    Port 23 is used for telnet. Telnet is a network protocol that allows users to remotely access and control devices or computers over a network. It provides a virtual terminal connection to the remote device, allowing users to execute commands and manage the device as if they were physically present. Port 23 is specifically designated for telnet communication, enabling the establishment of a connection between the local and remote devices for remote management and control purposes.

    Rate this question:

  • 21. 

    Which port is used for hypertext transfer protocol (HTTP)?

    • A.

      21

    • B.

      22

    • C.

      60

    • D.

      80

    Correct Answer
    D. 80
    Explanation
    Port 80 is used for the hypertext transfer protocol (HTTP). This is the standard port for web traffic and is used to transmit data between web servers and web browsers. When a user enters a URL in a web browser, the browser sends an HTTP request to the web server on port 80. The web server then responds with the requested web page, which is displayed in the browser.

    Rate this question:

  • 22. 

    In which type of port scan does the scanner attempt to connect to all ports?

    • A.

      Sweep scan.

    • B.

      Vanilla scan.

    • C.

      Fragment packet scan.

    • D.

      File transfer protocol (FTP) bounce scan.

    Correct Answer
    B. Vanilla scan.
    Explanation
    A vanilla scan is a type of port scan where the scanner attempts to connect to all ports. This scan is called "vanilla" because it is a basic and straightforward approach to scanning. In a vanilla scan, the scanner sends connection requests to each port on the target system to determine which ports are open and available for communication. This type of scan is commonly used by network administrators and security professionals to assess the security of a network and identify any potential vulnerabilities.

    Rate this question:

  • 23. 

    Which type of scan is also known as a half open scan?

    • A.

      Fragment packets.

    • B.

      Synchronous (SYN) scan.

    • C.

      User datagram protocol (UDP) scan.

    • D.

      Transmission control protocol (TCP) scan.

    Correct Answer
    B. Synchronous (SYN) scan.
    Explanation
    A synchronous (SYN) scan is also known as a half open scan because it involves sending a SYN packet to the target host and waiting for a response. If the host responds with a SYN-ACK packet, it means the port is open. However, instead of completing the handshake by sending an ACK packet, the scanner sends a RST packet to reset the connection. This approach allows the scanner to determine if a port is open without fully establishing a connection, making it a half open scan.

    Rate this question:

  • 24. 

    What should you do with unused ports?

    • A.

      Monitor ports.

    • B.

      Keep ports open.

    • C.

      Keep ports closed.

    • D.

      Ensure all ports are used.

    Correct Answer
    C. Keep ports closed.
    Explanation
    The correct answer is to keep ports closed. Keeping ports closed is a security best practice as it helps to prevent unauthorized access and potential attacks on a network. Open ports can be exploited by hackers to gain access to a system or network, so it is important to only open ports that are necessary for the intended use. Monitoring ports is also important, but it is not the primary action to take with unused ports. Ensuring all ports are used is not necessary and can increase the risk of security vulnerabilities.

    Rate this question:

  • 25. 

    One of the responsibilities of the Air Force Network Operations Center (AFNOC) in implementation of ports, protocols, and services (PPS) is to

    • A.

      Maintain the AF PPS database.

    • B.

      Develop AF PPS policies and procedures.

    • C.

      Develop countermeasures on threats associated with PPS traversing the AF enclave boundaries.

    • D.

      Provide information on threats and vulnerabilities associated with PPS traversing the AF enclave boundaries.

    Correct Answer
    A. Maintain the AF PPS database.
    Explanation
    The AFNOC is responsible for maintaining the AF PPS database. This means that they are in charge of keeping the database up to date and ensuring that it contains accurate and relevant information about ports, protocols, and services used within the Air Force network. This is important for the overall security and functionality of the network, as it allows for proper management and control of these elements.

    Rate this question:

  • 26. 

    With which layer of the open systems interconnect (OSI) model does the simple network management protocol (SNMP) internet protocol (IP) layer coincide?

    • A.

      Layer 2.

    • B.

      Layer 3.

    • C.

      Layer 4.

    • D.

      Layer 5.

    Correct Answer
    B. Layer 3.
    Explanation
    The simple network management protocol (SNMP) operates at the network layer (Layer 3) of the OSI model. This layer is responsible for routing and forwarding data packets across different networks. SNMP uses the internet protocol (IP) to communicate and manage network devices such as routers, switches, and servers. Layer 2 is the data link layer, responsible for error-free transmission of data frames between adjacent network nodes. Layer 4 is the transport layer, responsible for end-to-end communication between hosts. Layer 5 is the session layer, responsible for establishing, managing, and terminating sessions between applications.

    Rate this question:

  • 27. 

    In what layer of the open system interconnect (OSI) model is simple network management protocol (SNMP) simply referred to as SNMP?

    • A.

      Network layer.

    • B.

      Transport layer.

    • C.

      Application layer.

    • D.

      Presentation layer.

    Correct Answer
    C. Application layer.
    Explanation
    SNMP, which stands for Simple Network Management Protocol, is a protocol used for managing and monitoring network devices. It operates at the application layer of the OSI model. The application layer is responsible for providing network services to user applications, and SNMP fits into this category as it allows network administrators to manage and monitor network devices. The network layer deals with routing and addressing, the transport layer handles the reliable delivery of data, and the presentation layer is responsible for data formatting and encryption. Therefore, the correct layer for SNMP is the application layer.

    Rate this question:

  • 28. 

    What is the default read community string of a simple network management protocol (SNMP) agent?

    • A.

      SECURE.

    • B.

      PUBLIC.

    • C.

      PRIVATE.

    • D.

      UNSECURE.

    Correct Answer
    B. PUBLIC.
    Explanation
    The default read community string of a Simple Network Management Protocol (SNMP) agent is "PUBLIC." The read community string is used for read-only access to SNMP devices and allows users to retrieve information from the agent. The "PUBLIC" community string is widely known and used as the default value in many SNMP agents, but it is recommended to change it to a more secure string to prevent unauthorized access to the SNMP agent.

    Rate this question:

  • 29. 

    To limit the risks associated with using simple network management protocol (SNMP)

    • A.

      Keep devices requiring SNMP together with those that do not pass through virtual local area networks (VLAN).

    • B.

      Use access control lists on SNMP agents to accept SNMP messages from all SNMP managers.

    • C.

      Disable all SNMP devices/services if not required.

    • D.

      Enable the set community strings if possible.

    Correct Answer
    C. Disable all SNMP devices/services if not required.
    Explanation
    Disabling all SNMP devices/services if not required is the correct answer because it helps to limit the risks associated with using SNMP. By disabling SNMP on devices that do not require it, potential vulnerabilities and attack vectors are eliminated. This reduces the potential for unauthorized access, data breaches, and other security risks. Disabling unnecessary SNMP devices/services is a proactive measure to enhance network security and protect sensitive information.

    Rate this question:

  • 30. 

    Community string passwords should be changed at least every

    • A.

      30 days.

    • B.

      60 days.

    • C.

      90 days.

    • D.

      120 days.

    Correct Answer
    C. 90 days.
    Explanation
    Community string passwords should be changed at least every 90 days. This is because community string passwords are used in Simple Network Management Protocol (SNMP) to authenticate and authorize network management systems. Regularly changing these passwords helps to ensure the security of the network by reducing the risk of unauthorized access. Changing the passwords every 90 days strikes a balance between maintaining security and minimizing the inconvenience of frequent password changes.

    Rate this question:

  • 31. 

    Which tool is not used to test your simple network management protocol (SNMP) security?

    • A.

      SNMPutil.

    • B.

      SolarWinds.

    • C.

      WU_PingProPack.

    • D.

      Security mapper (SMAP).

    Correct Answer
    D. Security mapper (SMAP).
    Explanation
    The correct answer is Security mapper (SMAP). Security mapper (SMAP) is not used to test SNMP security. SNMPutil, SolarWinds, and WU_PingProPack are all tools that can be used to test SNMP security.

    Rate this question:

  • 32. 

    Which is not a primary focus of intrusion detection and prevention systems (IDPS)?

    • A.

      Reporting incidents to security administrators.

    • B.

      Reconfiguring equipment after an incident.

    • C.

      Identifying possible incidents.

    • D.

      Attempting to stop incidents.

    Correct Answer
    B. Reconfiguring equipment after an incident.
    Explanation
    Intrusion detection and prevention systems (IDPS) are primarily designed to identify possible incidents and attempt to stop them. They focus on detecting and preventing unauthorized access or malicious activities within a network or system. Reporting incidents to security administrators is also an important function of IDPS as it allows for timely response and mitigation. However, reconfiguring equipment after an incident is not a primary focus of IDPS. While it may be necessary to make changes to the system to prevent future incidents, the main goal of IDPS is to detect and prevent intrusions rather than reconfigure equipment.

    Rate this question:

  • 33. 

    Which open source host-based intrusion detection system (HIDS) performs log analysis, file integrity checking, policy monitoring, root kit detection, real-time alerting and active response?

    • A.

      Snort.

    • B.

      Intruder alert (ITA).

    • C.

      Open source security (OSSEC).

    • D.

      Open source security (OSSEC).

    Correct Answer
    C. Open source security (OSSEC).
    Explanation
    Open source security (OSSEC) is the correct answer because it is an open source host-based intrusion detection system (HIDS) that performs various security functions such as log analysis, file integrity checking, policy monitoring, root kit detection, real-time alerting, and active response. Snort is a popular open source network intrusion detection system (NIDS) and does not provide all the mentioned functionalities. Intruder alert (ITA) is not a recognized open source HIDS.

    Rate this question:

  • 34. 

    The vulnerabilities detected by Internet security scanner (ISS) are classified

    • A.

      Secret

    • B.

      Sensitive

    • C.

      Confidential

    • D.

      For Official Use Only (FOUO)

    Correct Answer
    B. Sensitive
    Explanation
    The vulnerabilities detected by Internet security scanner (ISS) are classified as "Sensitive" because they involve potential weaknesses or flaws in a system that could be exploited by attackers. These vulnerabilities may allow unauthorized access, data breaches, or other security breaches, making them sensitive information that needs to be addressed and resolved promptly to protect the system and its data.

    Rate this question:

  • 35. 

    Why should Internet security scanner (ISS) scans not be used on medical equipment?

    • A.

      Other scans are cheaper to run.

    • B.

      The increasing costs of using ISS.

    • C.

      It can place patients at risk and interrupt medical services.

    • D.

      It is not compatible with medical equipment software.

    Correct Answer
    B. The increasing costs of using ISS.
    Explanation
    The explanation for the correct answer is that the increasing costs of using ISS is the reason why Internet security scanner (ISS) scans should not be used on medical equipment. This implies that there are other scans available that are cheaper to run, and using ISS would result in higher expenses. Therefore, it is more cost-effective to opt for alternative scanning methods.

    Rate this question:

  • 36. 

    Which is not a software component of Intruder Alert (ITA)?

    • A.

      User

    • B.

      Agent

    • C.

      Manager

    • D.

      Administrator

    Correct Answer
    A. User
    Explanation
    The user is not a software component of Intruder Alert (ITA). The user refers to the individual who interacts with the software, rather than being a component of the software itself. The other options, Agent, Manager, and Administrator, are all software components that play specific roles within the Intruder Alert system.

    Rate this question:

  • 37. 

    How many agents can an Intruder Alert (ITA) manager have?

    • A.

      100

    • B.

      150

    • C.

      200

    • D.

      250

    Correct Answer
    A. 100
    Explanation
    The Intruder Alert (ITA) manager can have a maximum of 100 agents.

    Rate this question:

  • 38. 

    What serves as the Intruder Alert administrator (ITA) command center?

    • A.

      ITA agent.

    • B.

      ITA event viewer.

    • C.

      ITA administrator

    • D.

      ITA privileged user

    Correct Answer
    C. ITA administrator
    Explanation
    The ITA administrator serves as the command center for the Intruder Alert administrator. They are responsible for overseeing and managing the ITA system, including monitoring and responding to intrusion alerts, coordinating with ITA agents, and ensuring the overall security of the system. As the administrator, they have the authority and privileges to make necessary decisions and take appropriate actions to maintain the integrity and effectiveness of the Intruder Alert system.

    Rate this question:

  • 39. 

    Which is considered the workhorse of the Enterprise Security Manager (ESM) system?

    • A.

      ESM agent.

    • B.

      ESM manager.

    • C.

      ESM administrator.

    • D.

      ESM graphical user interface (GUI) console.

    Correct Answer
    A. ESM agent.
    Explanation
    The ESM agent is considered the workhorse of the Enterprise Security Manager (ESM) system because it is responsible for collecting and analyzing security event data from various sources within the network. The ESM agent continuously monitors the network, detects any security threats or anomalies, and sends this information to the ESM manager for further analysis and response. It acts as the main component that performs the essential tasks of data collection and event management in the ESM system.

    Rate this question:

  • 40. 

    Network security starts with

    • A.

      A mindset.

    • B.

      Configuring firewalls

    • C.

      Activation of host-based intrusion detection system (HIDS).

    • D.

      Activation of network-based intrusion detection system (NIDS).

    Correct Answer
    A. A mindset.
    Explanation
    The correct answer is "a mindset." This is because network security is not just about implementing technical measures like configuring firewalls or activating intrusion detection systems. It requires individuals to have a proactive and vigilant mindset towards identifying and addressing potential security risks. This mindset involves understanding the importance of security, staying updated with the latest threats, following best practices, and being cautious while handling sensitive information. Without this mindset, even the most advanced security technologies may not be effective in protecting a network.

    Rate this question:

  • 41. 

    Integration of the capabilities of personnel, operations, and technology, and supports the evolution to network centric warfare best describes which concept?

    • A.

      Firewalls.

    • B.

      Security tools.

    • C.

      Defense-in-depth.

    • D.

      Information condition (INFOCON).

    Correct Answer
    C. Defense-in-depth.
    Explanation
    The concept that best describes the integration of the capabilities of personnel, operations, and technology, and supports the evolution to network centric warfare is defense-in-depth. Defense-in-depth is a strategy that involves layering multiple security measures to protect a network or system. It combines various security tools, firewalls, and information condition (INFOCON) to create a comprehensive defense system. This approach ensures that even if one layer is breached, there are multiple layers of defense to prevent further attacks and minimize the impact of any potential breach.

    Rate this question:

  • 42. 

    What term is used to describe the technology for transmitting voice communications over a data network using open-standard-base internet protocol (IP)?

    • A.

      IP telephony.

    • B.

      Network telephony.

    • C.

      Voice protection system.

    • D.

      Voice over Internet Protocol (VoIP).

    Correct Answer
    A. IP telephony.
    Explanation
    IP telephony is the correct answer because it accurately describes the technology for transmitting voice communications over a data network using open-standard-base internet protocol (IP). IP telephony, also known as Voice over Internet Protocol (VoIP), allows for voice calls to be made over the internet rather than traditional telephone lines, making it a more cost-effective and flexible solution for communication.

    Rate this question:

  • 43. 

    You can implement all of the following security features to help defend internet protocol (IP) telephony systems from attackers except

    • A.

      Enabling access control lists (ACL) on firewalls, routers, and switches.

    • B.

      Deploying protection from dynamic host configuration protocol (DHCP) spoofing.

    • C.

      Consolidating your voice with your data using virtual local area networks (VLAN).

    • D.

      Enabling port security access to only allow the required devices needed by the client.

    Correct Answer
    C. Consolidating your voice with your data using virtual local area networks (VLAN).
    Explanation
    The correct answer is consolidating your voice with your data using virtual local area networks (VLAN). This is because consolidating voice and data traffic on the same VLAN can increase the risk of attacks and compromises the security of the IP telephony system. By separating voice and data traffic using separate VLANs, it helps to enhance security by isolating and protecting the voice traffic from potential threats.

    Rate this question:

  • 44. 

    At which open systems interconnect (OSI) layer does a packet filter gateway operate?

    • A.

      2

    • B.

      3

    • C.

      4

    • D.

      5

    Correct Answer
    B. 3
    Explanation
    A packet filter gateway operates at the third layer of the OSI model, which is the network layer. This layer is responsible for routing and forwarding data packets across different networks. A packet filter gateway examines the headers of incoming packets and makes decisions based on predetermined rules, such as allowing or blocking certain types of traffic. By operating at the network layer, a packet filter gateway can effectively filter and control network traffic based on IP addresses, ports, and other network-level information.

    Rate this question:

  • 45. 

    Which type of firewall is typically used when speed is essential?

    • A.

      Network-level.

    • B.

      Application-level.

    • C.

      Corporate/enterprise.

    • D.

      Personal/small office home office (SOHO).

    Correct Answer
    A. Network-level.
    Explanation
    Network-level firewalls are typically used when speed is essential because they operate at the network layer of the OSI model. They focus on filtering and inspecting network traffic based on IP addresses, ports, and protocols, which allows them to process large amounts of data quickly. In contrast, application-level firewalls operate at the application layer and perform more in-depth analysis of network traffic, which can slow down the processing speed. Therefore, network-level firewalls are the preferred choice when speed is a priority.

    Rate this question:

  • 46. 

    At which open systems interconnect (OSI) layer does an application-level firewall operate?

    • A.

      4

    • B.

      5

    • C.

      6

    • D.

      7

    Correct Answer
    D. 7
    Explanation
    An application-level firewall operates at the seventh layer of the OSI model, which is the application layer. This layer is responsible for managing communication between applications and end-users. An application-level firewall can monitor and filter network traffic based on specific application protocols, such as HTTP, FTP, or SMTP. By operating at this layer, the firewall can provide more granular control over network traffic and enforce security policies based on application-specific rules and behaviors.

    Rate this question:

  • 47. 

    Which type of firewall views information as a data stream and not as a series of packets?

    • A.

      Network-level.

    • B.

      Application-level.

    • C.

      Corporate/enterprise.

    • D.

      Personal/small office home office (SOHO).

    Correct Answer
    B. Application-level.
    Explanation
    An application-level firewall views information as a data stream rather than a series of packets. This type of firewall operates at the application layer of the network protocol stack, allowing it to examine the content and behavior of specific applications. It can inspect and control the data being transmitted, making it more effective at detecting and preventing application-layer attacks. Network-level firewalls, on the other hand, focus on packet-level filtering and do not have the ability to analyze the content of the data stream. Corporate/enterprise and personal/small office home office (SOHO) firewalls refer to the scale or deployment context of the firewall, rather than the specific way they view information.

    Rate this question:

  • 48. 

    Most firewall implementations that you will encounter will be found at the

    • A.

      Base-level.

    • B.

      Major command (MAJCOM).

    • C.

      Air Force Network Operating Center (AFNOC).

    • D.

      Integrated Network Operation and Security Center (INOSC).

    Correct Answer
    D. Integrated Network Operation and Security Center (INOSC).
    Explanation
    The correct answer is Integrated Network Operation and Security Center (INOSC). This is because INOSC is responsible for the management and operation of the network infrastructure, including firewalls, within an organization. It is a centralized location where network security is monitored and maintained. The other options, base-level and major command, do not specifically refer to the management of firewalls and network security.

    Rate this question:

  • 49. 

    Which cannot be used to manage a McAfee Firewall Enterprise?

    • A.

      Control center.

    • B.

      Admin console.

    • C.

      Configuration center.

    • D.

      Command line interface

    Correct Answer
    C. Configuration center.
    Explanation
    The Configuration center cannot be used to manage a McAfee Firewall Enterprise. The Control center is a centralized management console that provides real-time monitoring and control of the firewall. The Admin console is used for user management and access control. The Command line interface allows for advanced configuration and troubleshooting. However, the Configuration center is not a valid option as it does not exist or have a specific purpose in managing a McAfee Firewall Enterprise.

    Rate this question:

  • 50. 

    Which McAfee Firewall Enterprise management interface is the graphical software that runs a Windows computer within your network?

    • A.

      Control center.

    • B.

      Admin console.

    • C.

      Configuration center.

    • D.

      Command line interface.

    Correct Answer
    B. Admin console.
    Explanation
    The Admin console of McAfee Firewall Enterprise is the graphical software that runs on a Windows computer within your network. It provides a user-friendly interface for managing and configuring the firewall settings and policies. The Admin console allows administrators to monitor network traffic, create rules, and perform other administrative tasks to ensure the security of the network.

    Rate this question:

Quiz Review Timeline +

Our quizzes are rigorously reviewed, monitored and continuously updated by our expert board to maintain accuracy, relevance, and timeliness.

  • Current Version
  • Mar 15, 2023
    Quiz Edited by
    ProProfs Editorial Team
  • Apr 28, 2013
    Quiz Created by
    Rediculous

Related Topics

Recent Quizzes

2T271 CDC Quiz Practice Questions! 2T271 CDC Quiz Practice Questions!
Take The 3D1X1 CDC Set 1 Practice Paper Questions! Take The 3D1X1 CDC Set 1 Practice Paper Questions!
CDC 1C873 RAWs UREs Quiz: Vol.1 Questions CDC 1C873 RAWs UREs Quiz: Vol.1 Questions
3F351 CDC URE 5 Practice Test! 3F351 CDC URE 5 Practice Test!
3F351 CDC's URE 4 Quiz Questions! Trivia 3F351 CDC's URE 4 Quiz Questions! Trivia
3F351 CDC URE 3 Practice Questions! Trivia 3F351 CDC URE 3 Practice Questions! Trivia
Trivia: 3D152 CDC Vol 1 And 2 URE's! Quiz Trivia: 3D152 CDC Vol 1 And 2 URE's! Quiz
3F351 CDCs URE 2 Practice Questions! 3F351 CDCs URE 2 Practice Questions!
CDC 2T251 Volume 3 CDC 2T251 Volume 3

Featured Quizzes

Can You Guess These Asian's Nationality? Can You Guess These Asian's Nationality?
Articles Quiz With Answers Articles Quiz With Answers
What Should I Be When I Grow Up? Quiz What Should I Be When I Grow Up? Quiz
Which Premier League Team Should I Support? Which Premier League Team Should I Support?
Which Movie Character Are You? Which Movie Character Are You?
What Ethnicity Do I Look Like? Quiz What Ethnicity Do I Look Like? Quiz

Popular Topics

+ Show more
Back to Top Back to top
Advertisement
×

Wait!
Here's an interesting quiz for you.

We have other quizzes matching your interest.