Module III Certification Quiz Part 2

62 Questions | By Vtgamer | Updated: Mar 15, 2022 | Attempts: 135

Questions

Settings

Create your own Quiz

SCOO certifiaction quiz for security plus test test and test some more

Questions and Answers

1.

Choose the network mapping tool (scanner) which uses ICMP (Internet Control Message Protocol)
- A.
  
  A ping scanner
- B.
  
  A share scanner
- C.
  
  A port scanner
- D.
  
  A map scanner
2.

Which of the following is a protocol analyzer?
- A.
  
  Nessus
- B.
  
  Cain _Abel
- C.
  
  WireShark
- D.
  
  John the Ripper
3.

Which of the following will require setting a baseline ?(select TWO)
- A.
  
  NIPS
- B.
  
  Anomaly-based monitoring
- C.
  
  Signature-based monitoring
- D.
  
  Behavior-based monitoring
4.

An organization needs to monitor all network traffic as it traverses their network. Which item should be used by the technician?
- A.
  
  Honeypot
- B.
  
  Protocol analyzer
- C.
  
  HIDS
- D.
  
  Content filter
5.

After implementing auditing on a file, which log will show unauthorized usage attempts?
- A.
  
  Application
- B.
  
  Security
- C.
  
  System
- D.
  
  Performance
6.

One of the below is a description for a password cracker, which one is it?
- A.
  
  A program that can locate and read a password file
- B.
  
  A program that provides software registration passwords or keys
- C.
  
  A program that performs comparative analysis
- D.
  
  A program that obtains privileged access to the system
7.

A honeypot is used to:
- A.
  
  Allow administrators a chance to observe an attack
- B.
  
  Trap attackers in a false network
- C.
  
  Provide an unauthorized u ser with a place to safely work
- D.
  
  Give an unauthorized user time to complete an attack
8.

Which of the following logs shows when the workstation was last shutdown?
- A.
  
  Security
- B.
  
  System
- C.
  
  Application
- D.
  
  DHCP
9.

Look at the following intrusion detection systems carefully, which one uses well defined models of how an attack occurs?
- A.
  
  Behavior
- B.
  
  Anomaly
- C.
  
  Signature
- D.
  
  Protocol
10.

Which of the following is a reason to use a vulnerability scanner?
- A.
  
  To assist with PKI implementation
- B.
  
  To assist with protocol analyzing
- C.
  
  To identify remove access policies
- D.
  
  To identify open ports on a system
11.

Password cracking tools are available worldwide over the Internet. Which one of the following items is a password cracking tool?
- A.
  
  John the Ripper
- B.
  
  Nessus
- C.
  
  AirSnort
- D.
  
  Wireshark
12.

While monitoring application activity and modification, which system should be used?
- A.
  
  NIDS
- B.
  
  RADIUS
- C.
  
  HIDS
- D.
  
  OVAL
13.

The NIC should be placed in which mode to monitor all network traffic while placing a NIDS onto the network?
- A.
  
  Half-duplex
- B.
  
  Full-duplex
- C.
  
  Auto
- D.
  
  Promiscuous
14.

Which method is the LEAST intrusive to check the environment for known software flaws?
- A.
  
  Vulnerability scanner
- B.
  
  Port scanner
- C.
  
  Protocol analyzer
- D.
  
  Penetration test
15.

A network administrator believes that PCs on the internal network may be acting as zombies participating in external DDoS attacks. Which item will most effectively confirm the administrator’s suspicions?
- A.
  
  AV server logs
- B.
  
  Firewall logs
- C.
  
  HIDS logs
- D.
  
  Proxy logs
16.

For the following items, which one is a collection of servers set up to attrack hackers?
- A.
  
  DMZ
- B.
  
  Honeynet
- C.
  
  Honeypot
- D.
  
  VLAN
17.

An Auditing system is necessary to detect intrusions on what part of the system?
- A.
  
  The files
- B.
  
  The system’s memory
- C.
  
  None of the above
- D.
  
  The operating system
18.

Which method could identify when unauthorized access has occurred?
- A.
  
  Implement session termination mechanism
- B.
  
  Implement two-factor authentication
- C.
  
  Implement session lock mechanism
- D.
  
  Implement previous logon notification
19.

Which of the following assessment tools would be MOST appropriate for determining if a password was being sent across the network in clear text?
- A.
  
  Protocol analyzer
- B.
  
  Password cracker
- C.
  
  Vulnerability scanner
- D.
  
  Port scanner
20.

Which is the primary objective to implement performance monitoring applications on network systems from a security standpoint?
- A.
  
  To detect integrity degradations to network attached storage
- B.
  
  To detect availability degradations caused by attackers
- C.
  
  To detect host intrusions from external networks
- D.
  
  To detect network intrusions from external attackers
21.

Which security application can not proactively detect workstation anomalies?
- A.
  
  NIDS
- B.
  
  Antivirus software
- C.
  
  HIPS
- D.
  
  Personal software firewall
22.

A protocol analyzer will most likely detect which security related anomalies?
- A.
  
  Many malformed or fragmented packets
- B.
  
  Passive sniffing of local network traffic
- C.
  
  Disabled network interface on a server
- D.
  
  Decryption of encrypted network traffic
23.

What should be taken into consideration while executing proper logging procedures? (Select TWO).
- A.
  
  The information that is needed to reconstruct events
- B.
  
  The virtual memory allocated on the log server
- C.
  
  The password requirements for user accounts
- D.
  
  The amount of disk space required
24.

John works as a network administrator for his company. He uses a tool to check SMTP, DNS, AND POP3 and ICMP packets on the network. This is an example of which of the following?
- A.
  
  A vulnerability scan
- B.
  
  A penetration test
- C.
  
  A port scanner
- D.
  
  A protocol analyzer
25.

One type of port scan can determine which ports are in a listening state on the network, and can then perform a two-way handshake. Which type of port scan can perform this set of actions?
- A.
  
  TCP connect scan
- B.
  
  TCP (Transmission Control Protocol) SYN (Synchronize) scan
- C.
  
  TCP null scan
- D.
  
  TCP fin scan