3D053 Vol 2
Settings
These are just unit review questions.
- 1.What severity code applies to any vulnerability that provides information that gives an unauthorized person the means to circumvent security controls?
- A.
I
- B.
II
- C.
III
- D.
IV
- 2.What severity code applies to any vulnerability that provides information that potentially could lead to a compromise?
- A.
I
- B.
II
- C.
III
- D.
IV
- 3.What severity code applies to any vulnerability that, when resolved, will prevent the possibility of degraded security?
- A.
I
- B.
II
- C.
III
- D.
IV
- 4.The integrated network operations and security center (INOSC) has several responsibilities except
- A.
Main sole administrative privileges on the firewall
- B.
Standardize, configure, back up, and otherwise the firewall
- C.
Maintain a single naming/configuration standard for boundary devices
- D.
Install patches or perform any upgrade provided by the AF Enterprise Network
- 5.Active intrusion detection system (IDS) blocks network traffic when it detects an intrusion. Normally, active IDSs are incorporated into
- A.
Switches
- B.
Firewalls
- C.
Routers
- D.
Servers
- 6.Which intrusion detection system (IDS) examines traffic for suspicious patterns?
- A.
Active IDS
- B.
Passive IDS
- C.
Hosted-based IDS
- D.
Network-based IDS
- 7.Which intrusion detection system (IDS) examines servers or client computers for the patterns of an intrusion?
- A.
Active IDS
- B.
Passive IDS
- C.
Host-based IDS
- D.
Network-based IDS
- 8.When using an intrusion detection system (IDS), remember to
- A.
Update IDS signatures periodically
- B.
Deploy one IDS for the entire network
- C.
Use a centralized management console for system management
- D.
Consider using either a network -based IDS or host-based IDS
- 9.The disadvantage of a host-based intrusion detection system (HIDS) is that it
- A.
Can analyze any encrypted data if it is decrypted before reaching the target host
- B.
Consumes resources on the host resides on and slows the device down
- C.
Monitors log files for inadvisable settings or passwords
- D.
Monitors traffic on the host which it is installed
- 10.The disadvantage of a network-based intrusion detection system (NIDS) is that it
- A.
Cannot analyze encrypted packets because it has no method for decrypting the data
- B.
Monitors log files for inadvisable settings or passwords
- C.
Monitors traffic on the network on which it is installed
- D.
Consumes very few network resources
- 11.Which intrusion detection system (IDS) uses software sensors?
- A.
Active IDS
- B.
Passive IDS
- C.
Host-based IDS
- D.
Network-based IDS
- 12.Which intrusion detection system (IDS) monitors packets for protocol anomalies and known virus signatures?
- A.
Active IDS
- B.
Passive IDS
- C.
Host-based IDS
- D.
Network-base IDS
- 13.Which port range constitutes well-known ports?
- A.
0-1023
- B.
1024-23535
- C.
23536-49151
- D.
49152-65535
- 14.Port Scanning
- A.
Is the act of sporadically scanning a computer's ports
- B.
Sends out a request to connect to any computer
- C.
Notes which ports responded to the scan
- D.
Is always malicious in nature
- 15.In which type of port scan does the scanner connect to the same port on more than one machine?
- A.
Strobe
- B.
Sweep
- C.
Stealth
- D.
Vanilla
- 16.Above which layer of the open systems integration (OSI) model are protocols designed to reside?
- A.
Presentation
- B.
Transport
- C.
Network
- D.
Session
- 17.Which organization has the responsibility of developing Air Force Ports, Protocols and Services (AF PPS) policies and procedures?
- A.
Air Force Network Integration Center (AFNIC)
- B.
Air Force Network Operations Center (AFNOSC)
- C.
Air Force Information, Services and Integration Directorate (SAF/XCIA)
- D.
Air Force Operations Commander (AFNetOps/CC)
- 18.Which organization has direct operational control of Air Force Ports, Protocols and Services (AF PPS)?
- A.
Air Force Network Integration Center (AFNIC)
- B.
Air Force Network Operations Center (AFNOSC)
- C.
Air Force Information, Services and Integration Directorate (SAF/XCIA)
- D.
Air Force Operations Commander (AFNetOps/CC)
- 19.What is the default read community string of a simple network management protocol (SNMP) agent?
- A.
Private
- B.
Public
- C.
Secure
- D.
Unsecure
- 20.To limit the risks associated with using simple network management protocols (SNMP),
- A.
Use access control lists on SNMP agents to accept SNMP messages from all SNMP managers
- B.
Keep devices requiring SNMP together with those that do not through VLANs
- C.
Disable all SNMP devices/services if not required
- D.
Enable the set community strings if possible
- 21.Which port tool is not used to test your simple network management protocol (SNMP) security?
- A.
WU_PingProPackage
- B.
SolarWinds
- C.
SNMPutil
- D.
Security Mapper (SMAP)
- 22.Which open source network-based intrusion detection system performs packet logging and real-time traffic analysis as well as protocol analysis, content searching/matching, and active blocking or passive detecting of a variety of attacks and probes?
- A.
Snort
- B.
Open source security (OSSEC)
- C.
Host based security system (HBSS)
- D.
Intruder alert (ITA)
- 23.Which network-based security tool is a hardware and software and software system that sits on AF networks "listening" for "suspicious activity" that is characteristic of intruder techniques?
- A.
Snort
- B.
Automatic Security Incident Measurement (ASIM)
- C.
Enterprise Security Manager (ESM)
- D.
Internet Security Scanner (ISS)
- 24.Which security tool is designed to manage sensitive data and enforce security policies across a full range of client/server platforms?
- A.
Snort
- B.
Automatic Security Incident Measurement (ASIM)
- C.
Enterprise Security Manager (EDM)
- D.
Internet Security Scanner (ISS)
- 25.Integration of the capabilities of personnel, operations, and technology, and the evolution to network centric warfare best describes what concept?
- A.
Firewalls
- B.
Information condition (INFOCON)
- C.
Security tools
- D.
Defense in depth
- 26.Restricting what traffic travels in and out of the network best describes what concept?
- A.
Firewalls
- B.
Internet Security Scanner
- C.
Security tools
- D.
Defense in depth
- 27.You can implement all of the following security features to help define our internet protocol (IP) telephony systems from attackers except
- A.
Consolidating your voice with your data using virtual local area network (VLAN)
- B.
Enabling access control lists (ACL) on firewalls, routers, an switches.
- C.
Deploying protection from dynamic host configuration protocol (DHCP) spoofing
- D.
Enabling port security access to only allow the required devices needed by the client.
- 28.The use of two or more network interface cards (NIC) best describes which type of firewall?
- A.
Network-level
- B.
Application-level
- C.
Corporate/enterprise
- D.
Personal/small office home office (SOHO)
- 29.Which type of firewall is typically used when speed is essential?
- A.
Network-level
- B.
Application-level
- C.
Corporate/enterprise
- D.
Personal/small office home office (SOHO)
- 30.Which type of firewall views information as a data stream and not as a series of packets?
- A.
Network-level
- B.
Application-level
- C.
Corporate/enterprise
- D.
Personal/small office home office (SOHO)
- 31.What was the previous name for what is now called the McAfee Firewall Enterprise?
- A.
Sidewinder
- B.
Death Star
- C.
Blue Coat
- D.
Viper
- 32.Most of the firewall implementations you will encounter will be found at the
- A.
Integrated network operation security center (INOSC)
- B.
Air Force network operating center (AFNOC)
- C.
Based-level
- D.
Major command (MAJCOM)
- 33.Which McAfee Firewall Enterprise management interface is the graphical software that runs a windows computer within your network?
- A.
Control center
- B.
Admin console
- C.
Command center
- D.
Command-line interface (CLI)
- 34.Which firewall management interface menu option views the association between MAC addresses on the firewall and its corresponding internet protocol (IP) address?
- A.
Address Resolution Protocol (ARP)
- B.
Getroute
- C.
Ping host
- D.
Traceroute
- 35.What is the default firewall shutdown option?
- A.
Halt system
- B.
Power down system
- C.
Reboot to operational kernel
- D.
Shutdown to emergency maintenance mode
- 36.Which firewall shutdown option is useful if you need to connect directly to the firewall to access the basic input/output systems (BIOS)?
- A.
Halt system
- B.
Power down system
- C.
Reboot to operational kernel
- D.
Shutdown to emergency maintenance mode
- 37.A firewall burb can best be defined as
- A.
A network stack
- B.
A security policy
- C.
A set of one or more interfaces
- D.
A particular installation of a firewall
- 38.Use the high availability shared cluster addresses dialog box to do all the following except
- A.
Configure the shared cluster address
- B.
Specify or sending and receiving heartbeats
- C.
Handle the fastest network traffic on your appliance
- D.
Isolate the cluster address from the domain name server (DNS) and default routers
- 39.What does a firewall support that improves systems performance by lessening the load place on the system kernel?
- A.
Domain name server (DNS)
- B.
Burbs
- C.
Proxies
- D.
Fast path sessions
- 40.Which Berkeley Internet Name Domain (BIND) server is responsible for zone transfers?
- A.
Named
- B.
Cache-Only
- C.
Master/Primary
- D.
Slave/Secondary
- 41.For what Berkeley Internet Name Domain (BIND) server type can there be as many servers as needed in a domain?
- A.
Named
- B.
Cache-Only
- C.
Master/Primary
- D.
Slave/Secondary
- 42.In regards to Berkeley Internet Name Domain (BIND) system files, items stored in the domain name server (DNS) database best describes
- A.
Resource records
- B.
Point (PTR) records
- C.
Zone records
- D.
Root cache
- 43.Which Berkeley Internet Name Domain (BIND) system file provide reverse mapping?
- A.
Resource records
- B.
Pointer (PTR) records
- C.
Zone records
- D.
Root cache
- 44.Which flexible command line can be used to gather information form domain name servers (DNS)?
- A.
NSlookup
- B.
Server
- C.
Yype
- D.
Dig
- 45.Which name server is the only one that should have changes to domain name server (DNS) data?
- A.
Named
- B.
Cache-Only
- C.
Master/Primary
- D.
Slave/Secondary
- 46.What term is used for a domain name server (DNS) architecture when one or more name servers reside behind a firewall, and contain an "inside" hostname and IP address?
- A.
Split
- B.
Dual
- C.
Secure
- D.
Generic
- 47.Which access control list (ACL) restricts packets into or out of a given layer 3 interface?
- A.
Port Access Control (PACL)
- B.
Router Access Control List (RACL)
- C.
Virtual Local Area Network Access Control List (VACL)
- D.
Firewall Access Control List (FACL)
- 48.Who approves or disapproves IS (including software and services) connections to the Air Force Global Information Grid (AF GIG) and accepts any risk created by the approved connections?
- A.
Air Force Network Operations Command (AFNetOps/CC)
- B.
Air Force Information Warfare Center/Information Operations Directorate (AFIWC/IO)
- C.
Air Force Network Operations Center (AFNOC)
- D.
23 Information Operations Squadron (IOS)
- 49.Who reports all backdoors and unauthorized connections to Air Force networks discovered during the course of operations?
- A.
Air Force Network Operations Command (AFNetOps/CC)
- B.
Air Force Information Warfare Center/Information Operations Directorate (AFIWC/IO)
- C.
Air Force Network Operations Center (AFNOC)
- D.
23 Information Operations Squadron (IOS)
- 50.Which is not a category of software package available today used that is used to detect and monitor network activity?
- A.
Intrusion detection
- B.
Packet-capture
- C.
Filters/triggers
- D.
Firewalls
- 51.While monitoring your network, a guideline you should remember is to
- A.
Observer regular network traffic and look for anomalies
- B.
Review logs and network statistics at least annually
- C.
Set triggers for unique intrusions
- D.
Use a single master intrusion detection system (IDS) product
- 52.Which mail system components sends or retrieves mail between the other agents using specific protocols?
- A.
Transport agent
- B.
Delivery agent
- C.
Security agent
- D.
User agent
- 53.Which email server relays all email entering or exiting the local network?
- A.
Exchange server
- B.
Sendmail server
- C.
Simple message transfer protocol (SMTP) server
- D.
Proxy server
- 54.Which email server delivers all outgoing email to the mail relay server?
- A.
Exchange server
- B.
Sendmail server
- C.
Simple mail transfer protocol (SMTP) server
- D.
Proxy server
- 55.When using transparent mail services, the following mail filtering features are available except
- A.
Message attachment filtering
- B.
Destination address filtering
- C.
Command filtering
- D.
Header filtering
- 56.When using secure split mail services, all external simple message transfer protocol (SMTP) hosts will connect to the firewall's
- A.
Local servers
- B.
Non-internet server
- C.
Internal sendmail server
- D.
External sendmail server
- 57.Message that are sent to the person administering a mail system are generally addressed to
- A.
Domain.admin
- B.
Administrator
- C.
Postmaster
- D.
Mail-host
- 58.Proxies do not
- A.
Block unwanted or malicious downloads
- B.
Protect copyrighted media and intellectual property
- C.
Prevent organizations from obtaining visibility of users
- D.
Block webmail and instant messaging (IM) virus propagation
- 59.When the cached information is verified to be up-to-date, the proxy has ensured information?
- A.
Currency
- B.
Freshness
- C.
Timeliness
- D.
Authenticity
- 60.Which proxy is located near the web server and acts as an intermediary between a web server and the internet?
- A.
Reverse proxy
- B.
Forward proxy
- C.
Application proxy
- D.
Software-based proxy
- 61.What type of proxy must be run because of an attacker's potential to exploit an operating system?
- A.
Reverse proxy
- B.
Forward proxy
- C.
Application proxy
- D.
Software-based proxy
- 62.The vulnerabilities of voice and data converged networks were highlighted in a report released by the
- A.
President's National Security Telecommunications Advisory Committee
- B.
Air Force Information Warfare Battlelab
- C.
Air Force Network Integration Center
- D.
Cryptographic Systems Group
- 63.Who owns the Enterprise Telephony Management system?
- A.
Unix
- B.
McAfee
- C.
Microsoft
- D.
SecureLogix
- 64.During the initial research for voice system security, who recognized that the most common security threats could be addressed by voice protection systems (VPS)?
- A.
President's National Security Telecommunications Advisory Committee
- B.
The Air Force Information Warfare Battlelab
- C.
The Air Force Network Integration Center
- D.
The Cryptographic Systems Group
- 65.All of the following are characteristics and capabilities of a Voice Protection System (VPS) except
- A.
Securing communications
- B.
Enabling of real-time event notifications
- C.
Centralizing yet distributing management
- D.
Detecting and blocking all inbound and outbound modem connections
- 66.Which Voice Protection System (VPS) application provides allows you to view real-time monitoring and policy processing, view system diagnostics, and the VPS rules-based policy applications?
- A.
Performance Manager
- B.
Directory Manager
- C.
System Console
- D.
Usage Manager
- 67.Which Voice Protection System (VPS) application generates reports of VPS system activity, policy processing, telecom cost accounting, and resource utilization?
- A.
Performance Manager
- B.
Directory Manager
- C.
System Console
- D.
Usage Manager
- 68.All of the following are Voice Protection System (VPS) policy types except
- A.
Intrusion Protection System (IPS)
- B.
Voice
- C.
Firewall
- D.
Recording
- 69.Voice Protection System (VPS) reports provides full-service reporting package that enables you to do all the following except
- A.
View telecom resource use
- B.
Track phone network usage
- C.
Provide conversation transcripts
- D.
Report on service performance and call quality
- 70.Which Voice Protection System (VPS) tree pane contains predefined Report Templates, Elements, and Date Ranges provided with your system?
- A.
User
- B.
PUBLIC
- C.
SecureLogix
- D.
Administrators
Back to top