IT Security Mid Term
IT Security Basics
Questions and Answers
- 1.
Which protocol is responsible for resolving hardware addresses?
- A.
IP
- B.
TCP
- C.
ARP
- D.
UDP
- E.
DNS
Correct Answer
C. ARPExplanation
ARP (Address Resolution Protocol) is responsible for resolving hardware addresses. It is used to map an IP address to a physical or MAC address on a local network. When a device wants to send data to another device on the same network, it uses ARP to determine the MAC address of the destination device. This allows the data to be properly addressed and delivered to the correct device.Rate this question:
-
- 2.
What layer is the data actually transported on the network?
- A.
Presentation
- B.
Session
- C.
Transport
- D.
Physical
- E.
Application
- F.
Network
- G.
Data Link
Correct Answer
D. PhysicalExplanation
The data is actually transported on the network at the Physical layer. This layer is responsible for the physical transmission of data over the network, including the actual movement of bits through cables, wires, and other physical media. It deals with the electrical, mechanical, and physical aspects of data transmission, such as voltage levels, signal encoding, and physical connectors.Rate this question:
-
- 3.
What layer is responsible for the physical addressing? (Mac Address)
- A.
Session
- B.
Transport
- C.
Data Link
- D.
Presentation
Correct Answer
C. Data LinkExplanation
Provides connectivity & path selectionRate this question:
-
- 4.
What OSI Layer is repsonsible for determining protocol type to be used for communications.
- A.
Transport
- B.
Network
- C.
Physical
- D.
Data Link
Correct Answer
A. TransportExplanation
The Transport layer of the OSI model is responsible for determining the protocol type to be used for communications. This layer ensures that data is delivered reliably and error-free by establishing connections, managing flow control, and providing error recovery mechanisms. It also handles segmentation and reassembly of data packets. Therefore, the Transport layer is the correct answer for this question.Rate this question:
-
- 5.
The OSI Layer which provides data encryption is the:
- A.
Application Layer
- B.
Presentation Layer
- C.
Session Layer
- D.
Transport Layer
- E.
Network Layer
Correct Answer
B. Presentation LayerExplanation
The Presentation Layer of the OSI model is responsible for data encryption. It ensures that the data is properly formatted and encrypted before being transmitted to the receiving system. This layer takes care of encryption and decryption processes, allowing secure communication between the sender and receiver. It also handles data compression and decompression, as well as data conversion between different formats.Rate this question:
-
- 6.
Based on the highlighted portion of the captured packet below, the layer 4 protocal (transport layer) is?4500 0064 0000 4000 4001 b755 c0a8 0101
- A.
IP
- B.
UDP
- C.
TCP
- D.
ICMP
- E.
None of the above
Correct Answer
D. ICMPExplanation
The highlighted portion of the captured packet is "b755", which corresponds to the hexadecimal value for ICMP (Internet Control Message Protocol). ICMP operates at the network layer and is responsible for sending error messages and operational information about the network. Therefore, the correct answer is ICMP.Rate this question:
-
- 7.
Security goals are a balancing act between 3 key elements. What are these elements?
- A.
Security, Integrity, Functionality
- B.
Security, Ease of Use, Functionality
- C.
Availability, Ease of Use, Functionality
- D.
Confidentiality, Secuirty, Ease of Use
- E.
Confidentiality, Integrity, Availability
Correct Answer
B. Security, Ease of Use, FunctionalityExplanation
The three key elements in balancing security goals are security, ease of use, and functionality. Security ensures the protection of data and systems from unauthorized access or attacks. Ease of use focuses on making security measures user-friendly and accessible to users. Functionality ensures that security measures do not hinder the normal operation and functionality of systems and processes.Rate this question:
-
- 8.
In the Ethernet header what is the first frame in the field and how many bytes is it?
- A.
Type - 2 bytes
- B.
Data - 64 to 1500 bytes
- C.
Frame Check Sequence (FCS) - 4 bytes
- D.
Preamble - 8 bytes
- E.
Destination/Source Address - 6 bytes ea
Correct Answer
D. Preamble - 8 bytesExplanation
The first frame in the Ethernet header is the preamble, which is 8 bytes long. The preamble is used to synchronize the receiving and transmitting devices on the network. It consists of a pattern of alternating 1s and 0s, followed by a unique synchronization pattern. The preamble allows the receiving device to detect the beginning of a frame and adjust its clock to match the transmitting device.Rate this question:
-
- 9.
Of all the vulnerabilities listed below, which one is considered the hardest to properly protect against?
- A.
Low physical security
- B.
Active services
- C.
Open Ports
- D.
The human element
- E.
Bad passwords
Correct Answer
D. The human elementExplanation
The human element is considered the hardest vulnerability to properly protect against because humans are inherently prone to making mistakes, being manipulated, or falling victim to social engineering tactics. Unlike technical vulnerabilities like open ports or bad passwords, which can be addressed through technical solutions, the human element involves unpredictable behavior and decision-making, making it more challenging to mitigate. Organizations often need to invest in training, awareness programs, and strict policies to minimize the impact of human error or negligence on security.Rate this question:
-
- 10.
Each TCP session is uniquely identified by______in the TCP header.
- A.
Source and Destination IP
- B.
Source and Destination Port
- C.
Sequence Number
- D.
Connection Number
- E.
A &B only
Correct Answer
B. Source and Destination PortExplanation
Source/Destination Port - 16 bits eachRate this question:
-
- 11.
What does the Acknowledgement Number (32 bits) contain?
- A.
Value of next sequence number destination expects to receive and ACK flag
- B.
SYN bit of establishing connection
- C.
Initial sequence number
Correct Answer
A. Value of next sequence number destination expects to receive and ACK flagExplanation
The Acknowledgement Number (32 bits) contains the value of the next sequence number that the destination expects to receive, as well as the ACK flag. This number is used to acknowledge the receipt of data and to inform the sender of the next expected sequence number. The ACK flag indicates that the Acknowledgement Number field is valid and that the receiver has successfully received the previous data.Rate this question:
-
- 12.
Which of the following is not considered a valid reason why hackers attack systems?
- A.
Profie
- B.
Religious/Political/Ethical reasons
- C.
"Mount Everest" syndrome
- D.
Revenge
- E.
To secure it
Correct Answer
E. To secure itExplanation
Hackers attack systems for various reasons, such as personal gain, political or religious motivations, or seeking revenge. However, securing a system is not considered a valid reason for hackers to attack. Hackers typically exploit vulnerabilities in systems to gain unauthorized access or steal sensitive information, rather than to enhance the system's security.Rate this question:
-
- 13.
True or False: The procedure required before 2 hosts can exhange any data is a 3-way handshake?
- A.
True
- B.
False
Correct Answer
A. TrueExplanation
The statement is true. Before two hosts can exchange any data, they need to establish a connection through a process called a 3-way handshake. This involves three steps: the initiating host sends a synchronization (SYN) message to the receiving host, the receiving host responds with a SYN-ACK message, and finally, the initiating host sends an acknowledgment (ACK) message to the receiving host. This handshake ensures that both hosts are ready and willing to communicate, establishing a reliable connection before data transmission begins.Rate this question:
-
- 14.
Leaving the door to your server room open is an example of:
- A.
Threat
- B.
Vulnerability
- C.
Comprosmise
- D.
Risk
- E.
None of the above
Correct Answer
E. None of the aboveExplanation
Leaving the door to the server room open does not fall under any of the given options. It can be considered as a security incident or a breach in physical security measures. It may lead to potential threats, vulnerabilities, compromises, or risks, but it does not directly fit into any of the provided categories.Rate this question:
-
- 15.
Which of the following is NOT a fundamental principle of the Computer Security Triad?
- A.
Confidentialtiy
- B.
Ease of Use
- C.
Availability
- D.
Integrity
- E.
Accountablility
Correct Answer
B. Ease of UseExplanation
The Computer Security Triad consists of three fundamental principles: confidentiality, availability, and integrity. These principles aim to protect information from unauthorized access, ensure that resources are accessible when needed, and maintain the accuracy and reliability of data. "Ease of Use" is not considered a fundamental principle of the triad, as it focuses more on user experience and convenience rather than the core principles of security.Rate this question:
-
- 16.
Preventing the unauthorized disclosure of information related to which specific goal of security?
- A.
Accountability
- B.
Integrity
- C.
Availability
- D.
Confidentiality
- E.
None of the above
Correct Answer
D. ConfidentialityExplanation
Confidentiality is the goal of security that aims to prevent the unauthorized disclosure of information. It ensures that sensitive or private information is only accessed by authorized individuals or entities. By maintaining confidentiality, organizations can protect valuable data from being accessed, viewed, or shared by unauthorized parties, thereby minimizing the risk of data breaches, identity theft, or other security incidents.Rate this question:
-
- 17.
In security environments, Authentication refers to:
- A.
Confirming your identity with an element unique to the individual
- B.
Supplying your identity
- C.
Using your identity to assign access rights
- D.
Tracking what users are doing while accessing the systems
- E.
None of the above
Correct Answer
A. Confirming your identity with an element unique to the individualExplanation
Authentication refers to the process of confirming one's identity with an element unique to the individual. This could involve providing a password, fingerprint, or other forms of biometric data to verify that the person accessing the system is indeed who they claim to be. By confirming the identity, the system can then grant appropriate access rights to the individual based on their authenticated identity.Rate this question:
-
- 18.
Which of the tools below is designed as a vulnerabiltiy scanner?
- A.
Nmap
- B.
Snort
- C.
Nessus
- D.
Nmap
- E.
Tcpdump
Correct Answer
C. NessusExplanation
Nessus is designed as a vulnerability scanner. It is a widely used tool that scans computer systems and networks to identify potential vulnerabilities and security issues. Nessus performs comprehensive scans, including port scanning, vulnerability assessment, and detection of misconfigurations. It provides detailed reports and recommendations to help users address and mitigate any identified vulnerabilities.Rate this question:
-
- 19.
What security term, coined by the SANS institute, is used to represent the optimal information security strategy?
- A.
Separtation of Privileges
- B.
Principle of Least Privileges
- C.
Defence in Depth
- D.
Security through obscurity
- E.
All of the above
Correct Answer
C. Defence in DepthExplanation
Defence in Depth is the correct answer because it refers to a strategy that involves implementing multiple layers of security controls to protect against potential threats. This approach ensures that even if one layer of defense is breached, there are additional layers in place to mitigate the risk and protect the system or data. It is a comprehensive and proactive strategy that aims to provide a strong and robust security posture. Separation of Privileges and Principle of Least Privileges are also important security principles, but they do not encompass the entire optimal information security strategy. Security through obscurity is not a recommended strategy as it relies on hiding information rather than implementing effective security measures.Rate this question:
-
- 20.
Which of the following is not considered a category of exploit?
- A.
Over the internet
- B.
Over the LAN
- C.
Locally
- D.
Offline
- E.
Ignorance
Correct Answer
E. IgnoranceExplanation
The given answer, "Ignorance," is not considered a category of exploit because it does not refer to a method or technique used to exploit vulnerabilities in a system. The other options, "Over the internet," "Over the LAN," "Locally," and "Offline," all describe different ways in which exploits can be carried out. Ignorance, on the other hand, refers to a lack of knowledge or awareness and does not directly relate to the act of exploiting vulnerabilities.Rate this question:
-
- 21.
_____reconnaissance is used by hackers for observing and learning about the target from afar, while______reconnaissance is used to gain more active and direct knowledge of the target.
- A.
Active, Passive
- B.
Passive, Active
- C.
Active, Submissive
- D.
Positive, Active
- E.
None of the above
Correct Answer
B. Passive, ActiveExplanation
Passive reconnaissance is used by hackers for observing and learning about the target from afar, while active reconnaissance is used to gain more active and direct knowledge of the target.Rate this question:
-
- 22.
Which of the software tools below is desinged as an Intrusion Detection System?
- A.
Ping
- B.
Snort
- C.
Nessus
- D.
Ethereal
- E.
Tcpdump
Correct Answer
B. SnortExplanation
Snort is designed as an Intrusion Detection System. Snort is an open-source network intrusion prevention and detection system that analyzes network traffic and detects suspicious activities or potential security threats. It monitors network packets in real-time, looking for patterns and signatures that match known attack patterns. Snort can also be configured to generate alerts or take action when it detects a potential intrusion, making it a valuable tool for network security monitoring and incident response.Rate this question:
-
- 23.
In security environments, Identification is the process of:
- A.
Confirming your identity with an element unique to the person
- B.
Supplying your identity
- C.
Using your identity to assign access rights
- D.
Tracking what users are doing while accessing the systems
- E.
None of the above
Correct Answer
B. Supplying your identityExplanation
In security environments, the process of Identification involves supplying your identity. This means providing information or credentials that establish who you are, such as a username, password, or biometric data. It is the initial step in the authentication process, where the system verifies if the supplied identity matches the stored identity for granting access rights. Confirmation of identity with a unique element, assigning access rights, and tracking user activities are different steps in the overall security process but not specifically related to the process of identification.Rate this question:
-
- 24.
Which one of the following mechanisms can hackers use to defeat Availability
- A.
Destruction
- B.
Integrity
- C.
Alteration
- D.
Disclosure
- E.
Confidentiality
Correct Answer
A. DestructionExplanation
Hackers can use the mechanism of destruction to defeat availability. Destruction refers to the act of causing damage or loss to a system or its data, making it unavailable for its intended users. By intentionally deleting or corrupting critical files or disrupting the functioning of a system, hackers can effectively render it inaccessible or unusable, thereby defeating its availability. This can have severe consequences for organizations or individuals who rely on the availability of their systems or data for normal operations.Rate this question:
-
- 25.
It is possible for you to capture packets that are not destined for your machine.
- A.
True
- B.
False
Correct Answer
A. TrueExplanation
It is possible to capture packets that are not destined for your machine because of the way network traffic works. When packets are sent over a network, they are often broadcasted or sent to multiple machines. This means that even if a packet is not specifically intended for your machine, it can still be captured and read by network monitoring tools or devices. This is commonly used for network troubleshooting, security analysis, or monitoring network traffic.Rate this question:
-
- 26.
What portions of a packet are packet sniffers designed to analyze and interpret?
- A.
IP header content
- B.
Layer 4 Protocol header (TCP, UDP, ICMP, etc) content
- C.
Data Payload
- D.
Layer 5, 6 and 7 information
- E.
A & B only
Correct Answer
E. A & B onlyExplanation
Packet sniffers are designed to analyze and interpret the IP header content and Layer 4 Protocol header (TCP, UDP, ICMP, etc) content of a packet. These tools capture network traffic and examine the information within these headers to gain insights into the source and destination IP addresses, port numbers, and other network protocol details. By analyzing these headers, packet sniffers can help identify network issues, troubleshoot problems, and detect suspicious activities or security threats. Layer 5, 6, and 7 information refers to higher-level application data, which is not typically analyzed by packet sniffers.Rate this question:
-
- 27.
Which of the CIA Triad elements is responsible for ensuring that information is not disclosed to unauthorized users?
- A.
Confidentiality
- B.
Availability
- C.
Accessiblity
- D.
Functionality
- E.
Integrity
Correct Answer
A. ConfidentialityExplanation
Confidentiality is the correct answer because it is the element of the CIA Triad that focuses on preventing unauthorized disclosure of information. It ensures that sensitive data is only accessed by authorized individuals and protects it from being accessed, viewed, or disclosed to unauthorized users. By implementing measures such as encryption, access controls, and secure communication channels, confidentiality safeguards the privacy and confidentiality of information.Rate this question:
-
- 28.
Which of the following software tools are not effective for security purposes?
- A.
Ping
- B.
Traceroute
- C.
Route
- D.
NMap
- E.
None of the above
Correct Answer
E. None of the aboveExplanation
The given question asks about software tools that are not effective for security purposes. The options provided are Ping, Traceroute, Route, NMap, and none of the above. The correct answer is "none of the above" because all of the mentioned software tools can be effectively used for security purposes. Ping can be used to test the reachability of a host and check for network connectivity issues. Traceroute helps in identifying the path packets take to reach a destination, which can be useful for detecting any unauthorized hops. Route allows for managing and viewing the network routing table. NMap is a powerful network scanning tool that can be used for security auditing and vulnerability assessment.Rate this question:
-
- 29.
In security environments, Accountability means:
- A.
Confirming you identity with an element unique to the person
- B.
Supplying your identity
- C.
Using your identity to assign access rights
- D.
Tracking what users are doing while accessing the systems
- E.
None of the above
Correct Answer
D. Tracking what users are doing while accessing the systemsExplanation
Accountability in security environments refers to the practice of tracking and monitoring the actions of users while they are accessing systems. This involves keeping a record of their activities, such as the files they access, changes they make, or any suspicious behavior they exhibit. By tracking user actions, organizations can ensure that individuals are held responsible for their actions and can identify any unauthorized or malicious activities. This helps to maintain the security and integrity of the systems and prevent potential security breaches.Rate this question:
-
- 30.
Which of the following software tools are considered to have packet sniffer capabilities? (Select all that apply)
- A.
Ping
- B.
Snort
- C.
NMap
- D.
Ethereal
- E.
Tcpdump
Correct Answer(s)
B. Snort
D. EtherealExplanation
Snort and Ethereal are considered to have packet sniffer capabilities. Snort is an open-source network intrusion detection system that can analyze network traffic in real-time and detect suspicious activities. Ethereal, also known as Wireshark, is a network protocol analyzer that captures and analyzes network packets. Both Snort and Ethereal can intercept and analyze network traffic, making them effective tools for packet sniffing.Rate this question:
-
- 31.
______is considered a high-end packet sniffer, while_______is a strong vulnerability scanner.
- A.
Ethereal, Nmap
- B.
Nmap, Tcpdump
- C.
Tcpdump, Nessus
- D.
Ethereal, Nessus
- E.
Ethereal, Snort
Correct Answer
D. Ethereal, NessusExplanation
Ethereal is considered a high-end packet sniffer because it is a powerful network protocol analyzer that can capture and analyze network traffic. Nessus, on the other hand, is a strong vulnerability scanner that can identify vulnerabilities in network devices and systems. It scans for weaknesses and provides detailed reports on potential security issues.Rate this question:
-
- 32.
Based on the highlighted portion of the captured below, the network protocol is?4500 0064 0000 4000 4001 b755 c0a8 0101
- A.
TCP
- B.
ICMP
- C.
UDP
- D.
IP
- E.
ARP
Correct Answer
D. IPExplanation
The highlighted portion of the captured data "4500" indicates the IP version used, which is IPv4. This suggests that the network protocol being used is IP (Internet Protocol), as IPv4 is one of the main protocols used for communication over the internet. TCP, ICMP, UDP, and ARP are all protocols that operate at a higher level and rely on IP for their communication.Rate this question:
-
- 33.
It is possible to notice someone using a packet sniffer on the network.
- A.
True
- B.
False
Correct Answer
A. TrueExplanation
It is possible to notice someone using a packet sniffer on the network because packet sniffing involves intercepting and analyzing network traffic. This activity can be detected through various means such as network monitoring tools, intrusion detection systems, or suspicious network behavior. Additionally, network administrators can implement security measures to detect and prevent unauthorized packet sniffing activities.Rate this question:
-
- 34.
What are the elements that make up the Hackers DAD Triad? (Select 3)
- A.
Disclosure
- B.
Denial of Service
- C.
Alteration
- D.
Destruction
- E.
Obscurity
Correct Answer(s)
A. Disclosure
C. Alteration
D. DestructionExplanation
The elements that make up the Hackers DAD Triad are disclosure, alteration, and destruction. Disclosure refers to unauthorized access or exposure of sensitive information. Alteration involves unauthorized modification or manipulation of data or systems. Destruction refers to the intentional deletion or corruption of data or systems. These three elements represent the main objectives of hackers when they target a system or network.Rate this question:
-
- 35.
The support group has been tasked to ensure that the new Intranet web server is accessible to employees, both internal and external, 99.999% of the time. What security goal does this represent.
- A.
Confidentiality
- B.
Availability
- C.
Integrity
- D.
Accountability
- E.
Disclosure
Correct Answer
B. AvailabilityExplanation
The goal of ensuring that the new Intranet web server is accessible to employees, both internal and external, 99.999% of the time represents the security goal of Availability. This means that the support group is focused on making sure that the server is consistently and reliably accessible to authorized users, without any significant downtime or interruptions.Rate this question:
-
- 36.
Packet sniffing is a form of:
- A.
Active Reconnaissance
- B.
Passive Reconnaissance
- C.
IP Spoofing
- D.
Exploiting a system
- E.
None of the above
Correct Answer
B. Passive ReconnaissanceExplanation
Packet sniffing is a form of passive reconnaissance because it involves the interception and analysis of network traffic without actively engaging with the target system. By capturing and examining packets, an attacker can gather information about the network, identify vulnerabilities, and potentially gain unauthorized access to sensitive data. Unlike active reconnaissance techniques, such as port scanning or vulnerability scanning, packet sniffing does not involve any direct interaction with the target system.Rate this question:
-
- 37.
You've captured a packet from the network using TCPDUMP, but it's in raw hex format. Which of the following is the first part of the information in the packet concerned with?
- A.
Protocol (TCP, UDP, ICMP, etc) header
- B.
IP Header
- C.
Payload
- D.
MAC header
- E.
None of the above
Correct Answer
B. IP HeaderExplanation
The IP header is the first part of the information in the packet concerned with. The IP header contains important information such as the source and destination IP addresses, protocol version, header length, type of service, and other fields necessary for routing and delivering the packet to its destination. It is located at the beginning of the packet and is crucial for the proper functioning of the network communication.Rate this question:
-
- 38.
Which of the following is NOT a security mechanism that can be used to support the 3 elements of the CIA Triad?
- A.
Identification
- B.
Granularity
- C.
Authentication
- D.
Authorization
- E.
Accountability
Correct Answer
B. GranularityExplanation
Granularity is not a security mechanism that can be used to support the three elements of the CIA Triad. The CIA Triad consists of confidentiality, integrity, and availability, which are the core principles of information security. Identification, authentication, authorization, and accountability are all security mechanisms that help enforce these principles. However, granularity refers to the level of detail at which access controls are applied, and it is not a security mechanism itself.Rate this question:
-
- 39.
Packet sniffers can read and display/interpret the payload contained in a packet for you.
- A.
True
- B.
False
Correct Answer
A. TrueExplanation
Packet sniffers are network tools that capture and analyze network traffic. They can intercept and read the contents of packets, including the payload, which is the actual data being transmitted. By capturing and analyzing packets, packet sniffers can provide insights into network activity, help diagnose network issues, and even capture sensitive information. Therefore, it is true that packet sniffers can read and display/interpret the payload contained in a packet.Rate this question:
-
- 40.
Which of the authentication methods below will ensure the strongest degree of authentication to access a system?
- A.
Token-based authentication
- B.
Password authentication
- C.
Biometric authentication
- D.
Multi-factor authentication
- E.
None of the above
Correct Answer
D. Multi-factor authenticationExplanation
Multi-factor authentication is the correct answer because it combines multiple authentication methods, such as passwords, tokens, and biometrics, to provide the highest level of security. By requiring users to provide multiple forms of identification, it significantly reduces the risk of unauthorized access to a system. This ensures a stronger degree of authentication compared to token-based, password-based, or biometric authentication alone.Rate this question:
-
- 41.
In security environments, Authorization refers to:
- A.
Confirming your identity with an element unique to the person
- B.
Supplying your identity
- C.
Using your identity to assign access rights
- D.
Tracking what users are doing while accessing the systems
- E.
None of the above
Correct Answer
C. Using your identity to assign access rightsExplanation
Authorization in security environments refers to the process of using an individual's identity to assign access rights. This means that once a person's identity is confirmed, they are granted specific permissions and privileges to access certain resources or perform certain actions within a system. This ensures that only authorized individuals can access sensitive information or carry out certain tasks, enhancing security and preventing unauthorized access.Rate this question:
-
- 42.
In order for a packet sniffer to work properly, it needs to put the NIC card into ______mode.
- A.
Listening
- B.
Prometric
- C.
Promiscuous
- D.
Normal
- E.
None of the above
Correct Answer
C. PromiscuousExplanation
A packet sniffer needs to put the NIC card into promiscuous mode in order to work properly. Promiscuous mode allows the NIC card to capture and analyze all network traffic passing through it, including packets not intended for the device. This mode is essential for packet sniffers as it enables them to intercept and analyze all network communications for troubleshooting, monitoring, or security purposes.Rate this question:
-
- 43.
A small company is looking to implement a protocol to exchange large financial transaction information on a semi-regular basis. Their primary concern is security, with performance being a close second. Which layer 4 protocol should they implement?
- A.
TCP
- B.
UDP
- C.
IP
- D.
ICMP
- E.
None of the above
Correct Answer
A. TCPExplanation
The small company should implement TCP as the layer 4 protocol. TCP provides reliable and secure communication by establishing a connection between the sender and receiver, ensuring that all packets are received in the correct order and without errors. This makes it ideal for exchanging large financial transaction information where security is a primary concern. Additionally, TCP also offers flow control and congestion control mechanisms, which help in optimizing performance. UDP, IP, and ICMP do not provide the same level of reliability and security as TCP, making them less suitable for the company's requirements.Rate this question:
-
- 44.
Which of the CIA Triad elements is responsible for ensuring that legitimate users maintain access to information and resources they require access to?
- A.
Accountability
- B.
Availability
- C.
Integrity
- D.
Confidentiality
- E.
Security
Correct Answer
B. AvailabilityExplanation
Availability is the correct answer because it refers to the element of the CIA Triad that ensures that legitimate users have access to the information and resources they need. Availability focuses on preventing unauthorized disruptions or denials of service, ensuring that systems and data are accessible and usable when needed. It involves implementing measures such as redundancy, backup systems, and disaster recovery plans to maintain continuous access to information and resources.Rate this question:
-
- 45.
Which of the following security goals provides a means for objective verificaiton of a user's identity?
- A.
Authorization
- B.
Authentication
- C.
Verification
- D.
Identification
- E.
Clarification
Correct Answer
B. AuthenticationExplanation
Authentication is the correct answer because it is the security goal that provides a means for objective verification of a user's identity. Authentication is the process of verifying the identity of a user or entity, typically through the use of credentials such as passwords, biometrics, or security tokens. It ensures that the user is who they claim to be before granting them access to a system or resource.Rate this question:
-
- 46.
A threat becomes a risk only when it is identified as being linked to a specific vulnerability?
- A.
True
- B.
False
Correct Answer
A. TrueExplanation
A threat can be defined as a potential danger or harm that could exploit a vulnerability in a system or organization. However, it is only when this threat is identified and recognized as being connected to a specific vulnerability that it becomes a risk. In other words, the presence of a threat alone does not automatically constitute a risk. It is the combination of a threat and a vulnerability that creates the potential for harm or damage, making the statement "A threat becomes a risk only when it is identified as being linked to a specific vulnerability" true.Rate this question:
-
- 47.
Based on the highlighted portion of the captured packet code below, what protocol is identified as being used in the payload portion of this IP packet?4500 0064 0000 4000 4001 b755 c0a8 0101
- A.
IP
- B.
UDP
- C.
TCP
- D.
ICMP
- E.
None of the above
Correct Answer
D. ICMPExplanation
The highlighted portion of the captured packet code "4001" corresponds to the protocol field in the IP header. In this case, the value "4001" indicates that the protocol being used in the payload portion of this IP packet is ICMP (Internet Control Message Protocol). ICMP is typically used for diagnostic or control purposes in IP networks, such as error reporting or network congestion notification.Rate this question:
-
- 48.
The TCP three-way handshake used to open a TCP connection uses 3 packets. What 2 flags are required to be set across these 3 packets? (Select all that apply)
- A.
SYN Flag
- B.
Payload Flag
- C.
FIN Flag
- D.
ACK Flag
- E.
RST Flag
Correct Answer(s)
A. SYN Flag
D. ACK FlagExplanation
The TCP three-way handshake is a process used to establish a TCP connection between two devices. The first packet sent by the client includes the SYN (synchronize) flag, indicating its intention to initiate a connection. The second packet sent by the server includes the SYN flag as well, confirming the client's request and also includes the ACK (acknowledge) flag, acknowledging the receipt of the client's packet. The third packet sent by the client includes the ACK flag, confirming the receipt of the server's packet. Therefore, the two flags required to be set across these three packets are the SYN flag and the ACK flag.Rate this question:
-
- 49.
When using a packet sniffer,what parts of the packet can you see through the software? (Select all that apply)
- A.
IP Header content
- B.
MAC Address
- C.
Payload
- D.
Protocol header
- E.
All of the above
Correct Answer
E. All of the aboveExplanation
When using a packet sniffer, you can see all of the above parts of the packet through the software. A packet sniffer is a tool used to capture and analyze network traffic. It intercepts and logs network packets, allowing you to view the contents of the packets. This includes the IP header content, MAC address, payload, and protocol header. By capturing and analyzing these parts of the packet, you can gain insights into network activity, troubleshoot network issues, and identify potential security threats.Rate this question:
-
- 50.
The TCP three-way handshake used to close a TCP connection uses 3 packets. What 2 flags are required to be set across these 3 packets? (Select all that apply)
- A.
SYN Flag
- B.
Payload Flag
- C.
FIN Flag
- D.
ACK Flag
- E.
RST Flag
Correct Answer(s)
C. FIN Flag
D. ACK FlagExplanation
During the TCP three-way handshake used to close a TCP connection, the FIN (Finish) flag is used to initiate the connection termination process. It indicates that the sender has finished sending data. The ACK (Acknowledgment) flag is used to acknowledge the receipt of the FIN flag and confirms the termination of the connection. Therefore, the two flags required to be set across these three packets are the FIN flag and the ACK flag.Rate this question:
-
Quiz Review Timeline +
Our quizzes are rigorously reviewed, monitored and continuously updated by our expert board to maintain accuracy, relevance, and timeliness.
-
Current Version
-
Mar 20, 2023Quiz Edited by
ProProfs Editorial Team -
Nov 01, 2010Quiz Created by
Wxb167
- Binary Code Quizzes
- Computer Concept Quizzes
- Computer Essential Quizzes
- Computer Forensics Quizzes
- Computer Hardware Quizzes
- Computer Networking Quizzes
- Computer Parts Quizzes
- Computer Programming Quizzes
- Computer Science Quizzes
- Computer Shortcut Key Quizzes
- Computer Skills Quizzes
- Computer Virus Quizzes
- Data Quizzes
- Data Security Quizzes
- Hacking Quizzes
- HCI Quizzes
- Malware Quizzes
- Microprocessor Quizzes
- Network Quizzes
- Operating System Quizzes
- Phishing Quizzes
- Programming Language Quizzes
- Software Quizzes
Back to top