3D053 Vol 2

70 Questions

Settings
Please wait...
3D053 Vol 2

These are just unit review questions.


Questions and Answers
  • 1. 
    What severity code applies to any vulnerability that provides information that gives an unauthorized person the means to circumvent security  controls?
    • A. 

      I

    • B. 

      II

    • C. 

      III

    • D. 

      IV

  • 2. 
    What severity code applies to any vulnerability that provides information that potentially could lead to a compromise?
    • A. 

      I

    • B. 

      II

    • C. 

      III

    • D. 

      IV

  • 3. 
    What severity code applies to any vulnerability that, when resolved, will prevent the possibility of degraded security?
    • A. 

      I

    • B. 

      II

    • C. 

      III

    • D. 

      IV

  • 4. 
    The integrated network operations and security center (INOSC) has several responsibilities except
    • A. 

      Main sole administrative privileges on the firewall

    • B. 

      Standardize, configure, back up, and otherwise the firewall

    • C. 

      Maintain a single naming/configuration standard for boundary devices

    • D. 

      Install patches or perform any upgrade provided by the AF Enterprise Network

  • 5. 
    Active intrusion detection system (IDS) blocks network traffic when it detects an intrusion. Normally, active IDSs are incorporated into
    • A. 

      Switches

    • B. 

      Firewalls

    • C. 

      Routers

    • D. 

      Servers

  • 6. 
    Which intrusion detection system (IDS) examines traffic for suspicious patterns?
    • A. 

      Active IDS

    • B. 

      Passive IDS

    • C. 

      Hosted-based IDS

    • D. 

      Network-based IDS

  • 7. 
    Which intrusion detection system (IDS) examines servers or client computers for the patterns of an intrusion?
    • A. 

      Active IDS

    • B. 

      Passive IDS

    • C. 

      Host-based IDS

    • D. 

      Network-based IDS

  • 8. 
    When using an intrusion detection system (IDS), remember to
    • A. 

      Update IDS signatures periodically

    • B. 

      Deploy one IDS for the entire network

    • C. 

      Use a centralized management console for system management

    • D. 

      Consider using either a network -based IDS or host-based IDS

  • 9. 
    The disadvantage of a host-based intrusion detection system (HIDS) is that it
    • A. 

      Can analyze any encrypted data if it is decrypted before reaching the target host

    • B. 

      Consumes resources on the host resides on and slows the device down

    • C. 

      Monitors log files for inadvisable settings or passwords

    • D. 

      Monitors traffic on the host which it is installed

  • 10. 
    The disadvantage of a network-based intrusion detection system  (NIDS) is that it
    • A. 

      Cannot analyze encrypted packets because it has no method for decrypting the data

    • B. 

      Monitors log files for inadvisable settings or passwords

    • C. 

      Monitors traffic on the network on which it is installed

    • D. 

      Consumes very few network resources

  • 11. 
    Which intrusion detection system (IDS) uses software sensors?
    • A. 

      Active IDS

    • B. 

      Passive IDS

    • C. 

      Host-based IDS

    • D. 

      Network-based IDS

  • 12. 
    Which intrusion detection system (IDS) monitors packets for protocol anomalies and known virus signatures?
    • A. 

      Active IDS

    • B. 

      Passive IDS

    • C. 

      Host-based IDS

    • D. 

      Network-base IDS

  • 13. 
    Which port range constitutes well-known ports?
    • A. 

      0-1023

    • B. 

      1024-23535

    • C. 

      23536-49151

    • D. 

      49152-65535

  • 14. 
    Port Scanning
    • A. 

      Is the act of sporadically scanning a computer's ports

    • B. 

      Sends out a request to connect to any computer

    • C. 

      Notes which ports responded to the scan

    • D. 

      Is always malicious in nature

  • 15. 
    In which type of port scan does the scanner connect to the same port on more than one machine?
    • A. 

      Strobe

    • B. 

      Sweep

    • C. 

      Stealth

    • D. 

      Vanilla

  • 16. 
    Above which layer of the open systems integration (OSI) model are protocols designed to reside?
    • A. 

      Presentation

    • B. 

      Transport

    • C. 

      Network

    • D. 

      Session

  • 17. 
    Which organization has the responsibility of developing Air Force Ports, Protocols and Services (AF PPS) policies and procedures?
    • A. 

      Air Force Network Integration Center (AFNIC)

    • B. 

      Air Force Network Operations Center (AFNOSC)

    • C. 

      Air Force Information, Services and Integration Directorate (SAF/XCIA)

    • D. 

      Air Force Operations Commander (AFNetOps/CC)

  • 18. 
    Which organization has direct operational control of Air Force Ports, Protocols and Services (AF PPS)?
    • A. 

      Air Force Network Integration Center (AFNIC)

    • B. 

      Air Force Network Operations Center (AFNOSC)

    • C. 

      Air Force Information, Services and Integration Directorate (SAF/XCIA)

    • D. 

      Air Force Operations Commander (AFNetOps/CC)

  • 19. 
    What is the default read community string of a simple network management protocol (SNMP) agent?
    • A. 

      Private

    • B. 

      Public

    • C. 

      Secure

    • D. 

      Unsecure

  • 20. 
    To limit the risks associated with using simple network management protocols (SNMP),
    • A. 

      Use access control lists on SNMP agents to accept SNMP messages from all SNMP managers

    • B. 

      Keep devices requiring SNMP together with those that do not through VLANs

    • C. 

      Disable all SNMP devices/services if not required

    • D. 

      Enable the set community strings if possible

  • 21. 
    Which port tool is not used to test your simple network management protocol (SNMP) security?
    • A. 

      WU_PingProPackage

    • B. 

      SolarWinds

    • C. 

      SNMPutil

    • D. 

      Security Mapper (SMAP)

  • 22. 
    Which open source network-based intrusion detection system performs packet logging and real-time traffic analysis as well as protocol analysis, content searching/matching, and active blocking or passive detecting of a variety of attacks and probes?
    • A. 

      Snort

    • B. 

      Open source security (OSSEC)

    • C. 

      Host based security system (HBSS)

    • D. 

      Intruder alert (ITA)

  • 23. 
    Which network-based security tool is a hardware and software and software system that sits on AF networks "listening" for "suspicious activity" that is characteristic of intruder techniques?
    • A. 

      Snort

    • B. 

      Automatic Security Incident Measurement (ASIM)

    • C. 

      Enterprise Security Manager (ESM)

    • D. 

      Internet Security Scanner (ISS)

  • 24. 
    Which security tool is designed to manage sensitive data and enforce security policies across a full range of client/server platforms?
    • A. 

      Snort

    • B. 

      Automatic Security Incident Measurement (ASIM)

    • C. 

      Enterprise Security Manager (EDM)

    • D. 

      Internet Security Scanner (ISS)

  • 25. 
    Integration of the capabilities of personnel, operations, and technology, and the evolution to network centric warfare best describes what concept?
    • A. 

      Firewalls

    • B. 

      Information condition (INFOCON)

    • C. 

      Security tools

    • D. 

      Defense in depth

  • 26. 
    Restricting what traffic travels in and out of the network best describes what concept?
    • A. 

      Firewalls

    • B. 

      Internet Security Scanner

    • C. 

      Security tools

    • D. 

      Defense in depth

  • 27. 
    You can implement all of the following security features to help define our internet protocol (IP) telephony systems from attackers except
    • A. 

      Consolidating your voice with your data using virtual local area network (VLAN)

    • B. 

      Enabling access control lists (ACL) on firewalls, routers, an switches.

    • C. 

      Deploying protection from dynamic host configuration protocol (DHCP) spoofing

    • D. 

      Enabling port security access to only allow the required devices needed by the client.

  • 28. 
    The use of two or more network interface cards (NIC) best describes which type of firewall?
    • A. 

      Network-level

    • B. 

      Application-level

    • C. 

      Corporate/enterprise

    • D. 

      Personal/small office home office (SOHO)

  • 29. 
    Which type of firewall is typically used when speed is essential?
    • A. 

      Network-level

    • B. 

      Application-level

    • C. 

      Corporate/enterprise

    • D. 

      Personal/small office home office (SOHO)

  • 30. 
    Which type of firewall views information as a data stream and not as a series of packets?
    • A. 

      Network-level

    • B. 

      Application-level

    • C. 

      Corporate/enterprise

    • D. 

      Personal/small office home office (SOHO)

  • 31. 
    What was the previous name for what is now called the McAfee Firewall Enterprise?
    • A. 

      Sidewinder

    • B. 

      Death Star

    • C. 

      Blue Coat

    • D. 

      Viper

  • 32. 
    Most of the firewall implementations you will encounter will be found at the
    • A. 

      Integrated network operation security center (INOSC)

    • B. 

      Air Force network operating center (AFNOC)

    • C. 

      Based-level

    • D. 

      Major command (MAJCOM)

  • 33. 
    Which McAfee Firewall Enterprise management interface is the graphical software that runs a windows computer within your network?
    • A. 

      Control center

    • B. 

      Admin console

    • C. 

      Command center

    • D. 

      Command-line interface (CLI)

  • 34. 
    Which firewall management interface menu option views the association between MAC addresses on the firewall and its corresponding internet protocol (IP) address?
    • A. 

      Address Resolution Protocol (ARP)

    • B. 

      Getroute

    • C. 

      Ping host

    • D. 

      Traceroute

  • 35. 
    What is the default firewall shutdown option?
    • A. 

      Halt system

    • B. 

      Power down system

    • C. 

      Reboot to operational kernel

    • D. 

      Shutdown to emergency maintenance mode

  • 36. 
    Which firewall shutdown option is useful if you need to connect directly to the firewall to access the basic input/output systems (BIOS)?
    • A. 

      Halt system

    • B. 

      Power down system

    • C. 

      Reboot to operational kernel

    • D. 

      Shutdown to emergency maintenance mode

  • 37. 
    A firewall burb can best be defined as
    • A. 

      A network stack

    • B. 

      A security policy

    • C. 

      A set of one or more interfaces

    • D. 

      A particular installation of a firewall

  • 38. 
    Use the high availability shared cluster addresses dialog box to do all the following except
    • A. 

      Configure the shared cluster address

    • B. 

      Specify or sending and receiving heartbeats

    • C. 

      Handle the fastest network traffic on your appliance

    • D. 

      Isolate the cluster address from the domain name server (DNS) and default routers

  • 39. 
    What does a firewall support that improves systems performance by lessening the load place on the system kernel?
    • A. 

      Domain name server (DNS)

    • B. 

      Burbs

    • C. 

      Proxies

    • D. 

      Fast path sessions

  • 40. 
    Which Berkeley Internet Name Domain (BIND) server is responsible for zone transfers?
    • A. 

      Named

    • B. 

      Cache-Only

    • C. 

      Master/Primary

    • D. 

      Slave/Secondary

  • 41. 
    For what Berkeley Internet Name Domain (BIND) server type can there be as many servers as needed in a domain?
    • A. 

      Named

    • B. 

      Cache-Only

    • C. 

      Master/Primary

    • D. 

      Slave/Secondary

  • 42. 
    In regards to Berkeley Internet Name Domain (BIND) system files, items stored in the domain name server  (DNS) database best describes
    • A. 

      Resource records

    • B. 

      Point (PTR) records

    • C. 

      Zone records

    • D. 

      Root cache

  • 43. 
    Which Berkeley Internet Name Domain (BIND) system file provide reverse mapping?
    • A. 

      Resource records

    • B. 

      Pointer (PTR) records

    • C. 

      Zone records

    • D. 

      Root cache

  • 44. 
    Which flexible command line can be used to gather information form domain name servers (DNS)?
    • A. 

      NSlookup

    • B. 

      Server

    • C. 

      Yype

    • D. 

      Dig

  • 45. 
    Which name server is the only one  that should have changes to domain name server (DNS) data?
    • A. 

      Named

    • B. 

      Cache-Only

    • C. 

      Master/Primary

    • D. 

      Slave/Secondary

  • 46. 
    What term is used for a domain name server (DNS) architecture when one or more name servers reside behind a firewall, and contain an "inside" hostname and IP address?
    • A. 

      Split

    • B. 

      Dual

    • C. 

      Secure

    • D. 

      Generic

  • 47. 
    Which access control list (ACL) restricts packets into or out of a given layer 3 interface?
    • A. 

      Port Access Control (PACL)

    • B. 

      Router Access Control List (RACL)

    • C. 

      Virtual Local Area Network Access Control List (VACL)

    • D. 

      Firewall Access Control List (FACL)

  • 48. 
    Who approves or disapproves IS (including software and services) connections to the Air Force Global Information  Grid (AF GIG) and accepts any risk created by the approved connections?
    • A. 

      Air Force Network Operations Command (AFNetOps/CC)

    • B. 

      Air Force Information Warfare Center/Information Operations Directorate (AFIWC/IO)

    • C. 

      Air Force Network Operations Center (AFNOC)

    • D. 

      23 Information Operations Squadron (IOS)

  • 49. 
    Who reports all backdoors and unauthorized connections to Air Force networks discovered during the course of operations?
    • A. 

      Air Force Network Operations Command (AFNetOps/CC)

    • B. 

      Air Force Information Warfare Center/Information Operations Directorate (AFIWC/IO)

    • C. 

      Air Force Network Operations Center (AFNOC)

    • D. 

      23 Information Operations Squadron (IOS)

  • 50. 
    Which is not a category of software package available today used that is used to detect and monitor network activity?
    • A. 

      Intrusion detection

    • B. 

      Packet-capture

    • C. 

      Filters/triggers

    • D. 

      Firewalls

  • 51. 
    While monitoring your network, a guideline you should remember is to
    • A. 

      Observer regular network traffic and look for anomalies

    • B. 

      Review logs and network statistics at least annually

    • C. 

      Set triggers for unique intrusions

    • D. 

      Use a single master intrusion detection system (IDS) product

  • 52. 
    Which mail system components sends or retrieves mail between the other agents using specific protocols?
    • A. 

      Transport agent

    • B. 

      Delivery agent

    • C. 

      Security agent

    • D. 

      User agent

  • 53. 
    Which email server relays all email entering or exiting the local network?
    • A. 

      Exchange server

    • B. 

      Sendmail server

    • C. 

      Simple message transfer protocol (SMTP) server

    • D. 

      Proxy server

  • 54. 
    Which email server delivers all outgoing email to the mail relay server?
    • A. 

      Exchange server

    • B. 

      Sendmail server

    • C. 

      Simple mail transfer protocol (SMTP) server

    • D. 

      Proxy server

  • 55. 
    When using transparent mail services, the following mail filtering features are available except
    • A. 

      Message attachment filtering

    • B. 

      Destination address filtering

    • C. 

      Command filtering

    • D. 

      Header filtering

  • 56. 
    When using secure split mail services, all external simple message transfer protocol (SMTP) hosts will connect to the firewall's
    • A. 

      Local servers

    • B. 

      Non-internet server

    • C. 

      Internal sendmail server

    • D. 

      External sendmail server

  • 57. 
    Message that are sent to the person administering a mail system are generally addressed to 
    • A. 

      Domain.admin

    • B. 

      Administrator

    • C. 

      Postmaster

    • D. 

      Mail-host

  • 58. 
    Proxies do not 
    • A. 

      Block unwanted or malicious downloads

    • B. 

      Protect copyrighted media and intellectual property

    • C. 

      Prevent organizations from obtaining visibility of users

    • D. 

      Block webmail and instant messaging (IM) virus propagation

  • 59. 
    When the cached information is verified to be up-to-date, the proxy has ensured information?
    • A. 

      Currency

    • B. 

      Freshness

    • C. 

      Timeliness

    • D. 

      Authenticity

  • 60. 
    Which proxy is located near the web server and acts as an intermediary between a web server and the internet?
    • A. 

      Reverse proxy

    • B. 

      Forward proxy

    • C. 

      Application proxy

    • D. 

      Software-based proxy

  • 61. 
    What type of proxy must be run because of an attacker's potential to exploit an operating system?
    • A. 

      Reverse proxy

    • B. 

      Forward proxy

    • C. 

      Application proxy

    • D. 

      Software-based proxy

  • 62. 
    The vulnerabilities of voice and data converged networks were highlighted in a report released by the 
    • A. 

      President's National Security Telecommunications Advisory Committee

    • B. 

      Air Force Information Warfare Battlelab

    • C. 

      Air Force Network Integration Center

    • D. 

      Cryptographic Systems Group

  • 63. 
    Who owns the Enterprise Telephony Management system?
    • A. 

      Unix

    • B. 

      McAfee

    • C. 

      Microsoft

    • D. 

      SecureLogix

  • 64. 
    During the initial research for voice system security, who recognized that the most common security threats could be addressed by voice protection systems (VPS)?
    • A. 

      President's National Security Telecommunications Advisory Committee

    • B. 

      The Air Force Information Warfare Battlelab

    • C. 

      The Air Force Network Integration Center

    • D. 

      The Cryptographic Systems Group

  • 65. 
    All of the following are characteristics and capabilities of a Voice Protection System (VPS)  except
    • A. 

      Securing communications

    • B. 

      Enabling of real-time event notifications

    • C. 

      Centralizing yet distributing management

    • D. 

      Detecting and blocking all inbound and outbound modem connections

  • 66. 
    Which Voice Protection System (VPS) application provides allows you to view real-time monitoring and policy processing, view system diagnostics, and the VPS rules-based policy applications?
    • A. 

      Performance Manager

    • B. 

      Directory Manager

    • C. 

      System Console

    • D. 

      Usage Manager

  • 67. 
    Which Voice Protection System (VPS) application generates reports of VPS system activity, policy processing, telecom cost accounting, and resource utilization?
    • A. 

      Performance Manager

    • B. 

      Directory Manager

    • C. 

      System Console

    • D. 

      Usage Manager

  • 68. 
    All of the following are Voice Protection System (VPS) policy types except
    • A. 

      Intrusion Protection System (IPS)

    • B. 

      Voice

    • C. 

      Firewall

    • D. 

      Recording

  • 69. 
    Voice Protection System (VPS) reports provides full-service reporting package that enables you to do all the following except
    • A. 

      View telecom resource use

    • B. 

      Track phone network usage

    • C. 

      Provide conversation transcripts

    • D. 

      Report on service performance and call quality

  • 70. 
    Which Voice Protection System (VPS) tree pane contains predefined Report Templates, Elements, and Date Ranges provided with your system?
    • A. 

      User

    • B. 

      PUBLIC

    • C. 

      SecureLogix

    • D. 

      Administrators