IT SecurITy Mid Term

52 Questions | Total Attempts: 83

SettingsSettingsSettings
Please wait...
IT SecurITy Mid Term

IT Security Basics


Questions and Answers
  • 1. 
    Which protocol is responsible for resolving hardware addresses?
    • A. 

      IP

    • B. 

      TCP

    • C. 

      ARP

    • D. 

      UDP

    • E. 

      DNS

  • 2. 
    What layer is the data actually transported on the network?
    • A. 

      Presentation

    • B. 

      Session

    • C. 

      Transport

    • D. 

      Physical

    • E. 

      Application

    • F. 

      Network

    • G. 

      Data Link

  • 3. 
    What layer is responsible for the physical addressing? (Mac Address)
    • A. 

      Session

    • B. 

      Transport

    • C. 

      Data Link

    • D. 

      Presentation

  • 4. 
    What OSI Layer is repsonsible for determining protocol type to be used for communications.
    • A. 

      Transport

    • B. 

      Network

    • C. 

      Physical

    • D. 

      Data Link

  • 5. 
    The OSI Layer which provides data encryption is the:
    • A. 

      Application Layer

    • B. 

      Presentation Layer

    • C. 

      Session Layer

    • D. 

      Transport Layer

    • E. 

      Network Layer

  • 6. 
    Based on the highlighted portion of the captured packet below, the layer 4 protocal (transport layer) is?4500 0064 0000 4000 4001 b755 c0a8 0101
    • A. 

      IP

    • B. 

      UDP

    • C. 

      TCP

    • D. 

      ICMP

    • E. 

      None of the above

  • 7. 
    Security goals are a balancing act between 3 key elements. What are these elements?
    • A. 

      Security, Integrity, Functionality

    • B. 

      Security, Ease of Use, Functionality

    • C. 

      Availability, Ease of Use, Functionality

    • D. 

      Confidentiality, Secuirty, Ease of Use

    • E. 

      Confidentiality, Integrity, Availability

  • 8. 
    In the Ethernet header what is the first frame in the field and how many bytes is it?
    • A. 

      Type - 2 bytes

    • B. 

      Data - 64 to 1500 bytes

    • C. 

      Frame Check Sequence (FCS) - 4 bytes

    • D. 

      Preamble - 8 bytes

    • E. 

      Destination/Source Address - 6 bytes ea

  • 9. 
    Of all the vulnerabilities listed below, which one is considered the hardest to properly protect against?
    • A. 

      Low physical security

    • B. 

      Active services

    • C. 

      Open Ports

    • D. 

      The human element

    • E. 

      Bad passwords

  • 10. 
    Each TCP session is uniquely identified by______in the TCP header.
    • A. 

      Source and Destination IP

    • B. 

      Source and Destination Port

    • C. 

      Sequence Number

    • D. 

      Connection Number

    • E. 

      A &B only

  • 11. 
    What does the Acknowledgement Number (32 bits) contain?
    • A. 

      Value of next sequence number destination expects to receive and ACK flag

    • B. 

      SYN bit of establishing connection

    • C. 

      Initial sequence number

  • 12. 
    Which of the following is not considered a valid reason why hackers attack systems?
    • A. 

      Profie

    • B. 

      Religious/Political/Ethical reasons

    • C. 

      "Mount Everest" syndrome

    • D. 

      Revenge

    • E. 

      To secure it

  • 13. 
    True or False: The procedure required before 2 hosts can exhange any data is a 3-way handshake?
    • A. 

      True

    • B. 

      False

  • 14. 
    Leaving the door to your server room open is an example of:
    • A. 

      Threat

    • B. 

      Vulnerability

    • C. 

      Comprosmise

    • D. 

      Risk

    • E. 

      None of the above

  • 15. 
    Which of the following is NOT a fundamental principle of the Computer Security Triad?
    • A. 

      Confidentialtiy

    • B. 

      Ease of Use

    • C. 

      Availability

    • D. 

      Integrity

    • E. 

      Accountablility

  • 16. 
    Preventing the unauthorized disclosure of information related to which specific goal of security?
    • A. 

      Accountability

    • B. 

      Integrity

    • C. 

      Availability

    • D. 

      Confidentiality

    • E. 

      None of the above

  • 17. 
    In security environments, Authentication refers to:
    • A. 

      Confirming your identity with an element unique to the individual

    • B. 

      Supplying your identity

    • C. 

      Using your identity to assign access rights

    • D. 

      Tracking what users are doing while accessing the systems

    • E. 

      None of the above

  • 18. 
    Which of the tools below is designed as a vulnerabiltiy scanner?
    • A. 

      Nmap

    • B. 

      Snort

    • C. 

      Nessus

    • D. 

      Nmap

    • E. 

      Tcpdump

  • 19. 
    What security term, coined by the SANS institute, is used to represent the optimal information security strategy?
    • A. 

      Separtation of Privileges

    • B. 

      Principle of Least Privileges

    • C. 

      Defence in Depth

    • D. 

      Security through obscurity

    • E. 

      All of the above

  • 20. 
    Which of the following is not considered a category of exploit?
    • A. 

      Over the internet

    • B. 

      Over the LAN

    • C. 

      Locally

    • D. 

      Offline

    • E. 

      Ignorance

  • 21. 
    _____reconnaissance is used by hackers for observing and learning about the target from afar, while______reconnaissance is used to gain more active and direct knowledge of the target.
    • A. 

      Active, Passive

    • B. 

      Passive, Active

    • C. 

      Active, Submissive

    • D. 

      Positive, Active

    • E. 

      None of the above

  • 22. 
    Which of the software tools below is desinged as an Intrusion Detection System?
    • A. 

      Ping

    • B. 

      Snort

    • C. 

      Nessus

    • D. 

      Ethereal

    • E. 

      Tcpdump

  • 23. 
    In security environments, Identification is the process of:
    • A. 

      Confirming your identity with an element unique to the person

    • B. 

      Supplying your identity

    • C. 

      Using your identity to assign access rights

    • D. 

      Tracking what users are doing while accessing the systems

    • E. 

      None of the above

  • 24. 
    Which one of the following mechanisms can hackers use to defeat Availability
    • A. 

      Destruction

    • B. 

      Integrity

    • C. 

      Alteration

    • D. 

      Disclosure

    • E. 

      Confidentiality

  • 25. 
    It is possible for you to capture packets that are not destined for your machine.
    • A. 

      True

    • B. 

      False

Back to Top Back to top