Module III Certification Quiz Part 2

62 Questions | Total Attempts: 125

SettingsSettingsSettings
Please wait...
Module Quizzes & Trivia

SCOO certifiaction quiz for security plus test test and test some more


Questions and Answers
  • 1. 
      Choose the network mapping tool (scanner) which uses ICMP (Internet Control Message Protocol)
    • A. 

      A ping scanner

    • B. 

      A share scanner

    • C. 

      A port scanner

    • D. 

      A map scanner

  • 2. 
      Which of the following is a protocol analyzer?
    • A. 

      Nessus

    • B. 

      Cain _Abel

    • C. 

      WireShark

    • D. 

      John the Ripper

  • 3. 
      Which of the following will require setting a baseline ?(select TWO)
    • A. 

      NIPS

    • B. 

      Anomaly-based monitoring

    • C. 

      Signature-based monitoring

    • D. 

      Behavior-based monitoring

  • 4. 
      An organization needs to monitor all network traffic as it traverses their network. Which item should be used by the technician?
    • A. 

      Honeypot

    • B. 

      Protocol analyzer

    • C. 

      HIDS

    • D. 

      Content filter

  • 5. 
      After implementing auditing on a file, which log will show unauthorized usage attempts?
    • A. 

      Application

    • B. 

      Security

    • C. 

      System

    • D. 

      Performance

  • 6. 
      One of the below is a description for a password cracker, which one is it?
    • A. 

      A program that can locate and read a password file

    • B. 

      A program that provides software registration passwords or keys

    • C. 

      A program that performs comparative analysis

    • D. 

      A program that obtains privileged access to the system

  • 7. 
      A honeypot is used to:
    • A. 

      Allow administrators a chance to observe an attack

    • B. 

      Trap attackers in a false network

    • C. 

      Provide an unauthorized u ser with a place to safely work

    • D. 

      Give an unauthorized user time to complete an attack

  • 8. 
      Which of the following logs shows when the workstation was last shutdown?
    • A. 

      Security

    • B. 

      System

    • C. 

      Application

    • D. 

      DHCP

  • 9. 
      Look at the following intrusion detection systems carefully, which one uses well defined models of how an attack occurs?
    • A. 

      Behavior

    • B. 

      Anomaly

    • C. 

      Signature

    • D. 

      Protocol

  • 10. 
      Which of the following is a reason to use a vulnerability scanner?
    • A. 

      To assist with PKI implementation

    • B. 

      To assist with protocol analyzing

    • C. 

      To identify remove access policies

    • D. 

      To identify open ports on a system

  • 11. 
      Password cracking tools are available worldwide over the Internet. Which one of the following items is a password cracking tool?
    • A. 

      John the Ripper

    • B. 

      Nessus

    • C. 

      AirSnort

    • D. 

      Wireshark

  • 12. 
      While monitoring application activity and modification, which system should be used?
    • A. 

      NIDS

    • B. 

      RADIUS

    • C. 

      HIDS

    • D. 

      OVAL

  • 13. 
      The NIC should be placed in which mode to monitor all network traffic while placing a NIDS onto the network?
    • A. 

      Half-duplex

    • B. 

      Full-duplex

    • C. 

      Auto

    • D. 

      Promiscuous

  • 14. 
      Which method is the LEAST intrusive to check the environment for known software flaws?
    • A. 

      Vulnerability scanner

    • B. 

      Port scanner

    • C. 

      Protocol analyzer

    • D. 

      Penetration test

  • 15. 
      A network administrator believes that PCs on the internal network may be acting as zombies participating in external DDoS attacks. Which item will most effectively confirm the administrator’s suspicions?
    • A. 

      AV server logs

    • B. 

      Firewall logs

    • C. 

      HIDS logs

    • D. 

      Proxy logs

  • 16. 
      For the following items, which one is a collection of servers set up to attrack hackers?
    • A. 

      DMZ

    • B. 

      Honeynet

    • C. 

      Honeypot

    • D. 

      VLAN

  • 17. 
      An Auditing system is necessary to detect intrusions on what part of the system?
    • A. 

      The files

    • B. 

      The system’s memory

    • C. 

      None of the above

    • D. 

      The operating system

  • 18. 
      Which method could identify when unauthorized access has occurred?
    • A. 

      Implement session termination mechanism

    • B. 

      Implement two-factor authentication

    • C. 

      Implement session lock mechanism

    • D. 

      Implement previous logon notification

  • 19. 
      Which of the following assessment tools would be MOST appropriate for determining if a password was being sent across the network in clear text?
    • A. 

      Protocol analyzer

    • B. 

      Password cracker

    • C. 

      Vulnerability scanner

    • D. 

      Port scanner

  • 20. 
      Which is the primary objective to implement performance monitoring applications on network systems from a security standpoint?
    • A. 

      To detect integrity degradations to network attached storage

    • B. 

      To detect availability degradations caused by attackers

    • C. 

      To detect host intrusions from external networks

    • D. 

      To detect network intrusions from external attackers

  • 21. 
      Which security application can not proactively detect workstation anomalies?
    • A. 

      NIDS

    • B. 

      Antivirus software

    • C. 

      HIPS

    • D. 

      Personal software firewall

  • 22. 
      A protocol analyzer will most likely detect which security related anomalies?
    • A. 

      Many malformed or fragmented packets

    • B. 

      Passive sniffing of local network traffic

    • C. 

      Disabled network interface on a server

    • D. 

      Decryption of encrypted network traffic

  • 23. 
      What should be taken into consideration while executing proper logging procedures? (Select TWO).
    • A. 

      The information that is needed to reconstruct events

    • B. 

      The virtual memory allocated on the log server

    • C. 

      The password requirements for user accounts

    • D. 

      The amount of disk space required

  • 24. 
      John works as a network administrator for his company. He uses a tool to check SMTP, DNS, AND POP3 and ICMP packets on the network. This is an example of which of the following?
    • A. 

      A vulnerability scan

    • B. 

      A penetration test

    • C. 

      A port scanner

    • D. 

      A protocol analyzer

  • 25. 
      One type of port scan can determine which ports are in a listening state on the network, and can then perform a two-way handshake. Which type of port scan can perform this set of actions?
    • A. 

      TCP connect scan

    • B. 

      TCP (Transmission Control Protocol) SYN (Synchronize) scan

    • C. 

      TCP null scan

    • D. 

      TCP fin scan

Back to Top Back to top