3d033 2

100 Questions | Total Attempts: 32

SettingsSettingsSettings
Please wait...
Network Quizzes & Trivia

.


Questions and Answers
  • 1. 
    What provides protection of the base network perimeter using a protection device or system of devices?
    • A. 

      Network assurance.

    • B. 

      Network protection.

    • C. 

      Boundary protection.

    • D. 

      Information assurance.

  • 2. 
    What severity code applies to any vulnerability that provides information that gives an unauthorized person the means to circumvent security controls?
    • A. 

      Category I.

    • B. 

      Category II.

    • C. 

      Category III.

    • D. 

      Category IV.

  • 3. 
    What severity code applies to any vulnerability that provides information that potentially could lead to a compromise?
    • A. 

      Category I.

    • B. 

      Category II.

    • C. 

      Category III.

    • D. 

      Category IV.

  • 4. 
    What severity code applies to any vulnerability that, when resolved, will prevent the possibility of degraded security?
    • A. 

      Category I.

    • B. 

      Category II.

    • C. 

      Category III.

    • D. 

      Category IV.

  • 5. 
    How many Integrated Network and Operation Security Centers (INOSC) does the Air Force have?
    • A. 

      One.

    • B. 

      Two.

    • C. 

      Three.

    • D. 

      Four.

  • 6. 
    How many hours prior to change implementation does the Integrated Network Operations and Security Centers (INOSC) notify a base communications flight about removing unused filters?
    • A. 

      12 hours.

    • B. 

      24 hours.

    • C. 

      48 hours.

    • D. 

      72 hours.

  • 7. 
    What is the primary intrusion/misuse tool used in the Air Force Enterprise Network (AFEN)?
    • A. 

      Firewall.

    • B. 

      Proxy server.

    • C. 

      Intrusion detection system (IDS) software.

    • D. 

      Automated security incident measurement (ASIM).

  • 8. 
    An active intrusion detection system (IDS) is normally incorporated into
    • A. 

      Switches.

    • B. 

      Firewalls.

    • C. 

      Routers.

    • D. 

      Servers.

  • 9. 
    Which intrusion detection system (IDS) monitors network traffic and alerts administratorsabout suspicious traffic?
    • A. 

      Active IDS.

    • B. 

      Passive IDS.

    • C. 

      Host-based IDS.

    • D. 

      Network-based IDS.

  • 10. 
    Which intrusion detection system (IDS) examines servers or client computers for the patterns of an intrusion?
    • A. 

      Active IDS.

    • B. 

      Passive IDS.

    • C. 

      Host-based IDS.

    • D. 

      Network-based IDS.

  • 11. 
    When using an intrusion detection system (IDS), remember to
    • A. 

      Deploy one IDS for the entire network.

    • B. 

      Deploy IDS on 50 percent of the network segments.

    • C. 

      Consider using only a network-based IDS or host-based IDS.

    • D. 

      Use a centralized management console for system management.

  • 12. 
    The disadvantage of a host-based intrusion detection system (HIDS) is that it
    • A. 

      Can analyze any encrypted data if it is decrypted before reaching the target host

    • B. 

      Consumes resources on the host it resides on and slows that device down.

    • C. 

      Monitors log files for inadvisable settings or passwords.

    • D. 

      Monitors traffic on the host on which it is installed.

  • 13. 
    One advantage of a network-based intrusion detection system (NIDS) is that it
    • A. 

      Can decrypt data

    • B. 

      Uses very few network resources

    • C. 

      Monitors logs for policy violations.

    • D. 

      Can analyze encrypted network traffic.

  • 14. 
    What intrusion detection system (IDS) is not commonly used due to increasing cost of implementation?
    • A. 

      Host-based IDS.

    • B. 

      Network-based IDS.

    • C. 

      Hardware-based IDS.

    • D. 

      Application-based IDS.

  • 15. 
    Host-based intrusion detection systems (HIDS) are
    • A. 

      Active only.

    • B. 

      Passive only.

    • C. 

      Passive and active.

    • D. 

      Neither passive nor active.

  • 16. 
    A logical connection point for the transmission of information packets is known as a
    • A. 

      Entrance point.

    • B. 

      Service point.

    • C. 

      Protocol.

    • D. 

      Port.

  • 17. 
    Above which layer of the open systems interconnect (OSI) model are protocols designed to reside?
    • A. 

      Presentation.

    • B. 

      Transport.

    • C. 

      Network.

    • D. 

      Session.

  • 18. 
    Which is not a common service?
    • A. 

      File transfer protocol (FTP).

    • B. 

      Domain name service (DNS).

    • C. 

      Hypertext transfer protocol (HTTP).

    • D. 

      Open system interconnection (OSI).

  • 19. 
    Which port range constitutes well-known ports?
    • A. 

      0–1023.

    • B. 

      1024–23535.

    • C. 

      23536–49151.

    • D. 

      49152–65535.

  • 20. 
    Which port is used for telnet?
    • A. 

      7

    • B. 

      20

    • C. 

      23

    • D. 

      53

  • 21. 
    Which port is used for hypertext transfer protocol (HTTP)?
    • A. 

      21

    • B. 

      22

    • C. 

      60

    • D. 

      80

  • 22. 
    In which type of port scan does the scanner attempt to connect to all ports?
    • A. 

      Sweep scan.

    • B. 

      Vanilla scan.

    • C. 

      Fragment packet scan.

    • D. 

      File transfer protocol (FTP) bounce scan.

  • 23. 
    Which type of scan is also known as a half open scan?
    • A. 

      Fragment packets.

    • B. 

      Synchronous (SYN) scan.

    • C. 

      User datagram protocol (UDP) scan.

    • D. 

      Transmission control protocol (TCP) scan.

  • 24. 
    What should you do with unused ports?
    • A. 

      Monitor ports.

    • B. 

      Keep ports open.

    • C. 

      Keep ports closed.

    • D. 

      Ensure all ports are used.

  • 25. 
    One of the responsibilities of the Air Force Network Operations Center (AFNOC) in implementation of ports, protocols, and services (PPS) is to
    • A. 

      Maintain the AF PPS database.

    • B. 

      Develop AF PPS policies and procedures.

    • C. 

      Develop countermeasures on threats associated with PPS traversing the AF enclave boundaries.

    • D. 

      Provide information on threats and vulnerabilities associated with PPS traversing the AF enclave boundaries.

  • 26. 
    With which layer of the open systems interconnect (OSI) model does the simple network management protocol (SNMP) internet protocol (IP) layer coincide?
    • A. 

      Layer 2.

    • B. 

      Layer 3.

    • C. 

      Layer 4.

    • D. 

      Layer 5.

  • 27. 
    In what layer of the open system interconnect (OSI) model is simple network management protocol (SNMP) simply referred to as SNMP?
    • A. 

      Network layer.

    • B. 

      Transport layer.

    • C. 

      Application layer.

    • D. 

      Presentation layer.

  • 28. 
    What is the default read community string of a simple network management protocol (SNMP) agent?
    • A. 

      SECURE.

    • B. 

      PUBLIC.

    • C. 

      PRIVATE.

    • D. 

      UNSECURE.

  • 29. 
    To limit the risks associated with using simple network management protocol (SNMP)
    • A. 

      Keep devices requiring SNMP together with those that do not pass through virtual local area networks (VLAN).

    • B. 

      Use access control lists on SNMP agents to accept SNMP messages from all SNMP managers.

    • C. 

      Disable all SNMP devices/services if not required.

    • D. 

      Enable the set community strings if possible.

  • 30. 
    Community string passwords should be changed at least every
    • A. 

      30 days.

    • B. 

      60 days.

    • C. 

      90 days.

    • D. 

      120 days.

  • 31. 
    Which tool is not used to test your simple network management protocol (SNMP) security?
    • A. 

      SNMPutil.

    • B. 

      SolarWinds.

    • C. 

      WU_PingProPack.

    • D. 

      Security mapper (SMAP).

  • 32. 
    Which is not a primary focus of intrusion detection and prevention systems (IDPS)?
    • A. 

      Reporting incidents to security administrators.

    • B. 

      Reconfiguring equipment after an incident.

    • C. 

      Identifying possible incidents.

    • D. 

      Attempting to stop incidents.

  • 33. 
    Which open source host-based intrusion detection system (HIDS) performs log analysis, fileintegrity checking, policy monitoring, root kit detection, real-time alerting and active response?
    • A. 

      Snort.

    • B. 

      Intruder alert (ITA).

    • C. 

      Open source security (OSSEC).

    • D. 

      Host based security system(HBSS).

  • 34. 
    The vulnerabilities detected by Internet security scanner (ISS) are classified
    • A. 

      Secret

    • B. 

      Sensitive

    • C. 

      Confidential

    • D. 

      For Official Use Only (FOUO)

  • 35. 
    Why should Internet security scanner (ISS) scans not be used on medical equipment?
    • A. 

      Other scans are cheaper to run.

    • B. 

      The increasing costs of using ISS.

    • C. 

      It can place patients at risk and interrupt medical services.

    • D. 

      It is not compatible with medical equipment software.

  • 36. 
    Which is not a software component of Intruder Alert (ITA)?
    • A. 

      User

    • B. 

      Agent

    • C. 

      Manager

    • D. 

      Administrator

  • 37. 
    How many agents can an Intruder Alert (ITA) manager have?
    • A. 

      100

    • B. 

      150

    • C. 

      200

    • D. 

      250

  • 38. 
    What serves as the Intruder Alert administrator (ITA) command center?
    • A. 

      ITA agent.

    • B. 

      ITA event viewer.

    • C. 

      ITA administrator

    • D. 

      ITA privileged user

  • 39. 
    Which is considered the workhorse of the Enterprise Security Manager (ESM) system?
    • A. 

      ESM agent.

    • B. 

      ESM manager.

    • C. 

      ESM administrator.

    • D. 

      ESM graphical user interface (GUI) console.

  • 40. 
    Network security starts with
    • A. 

      A mindset.

    • B. 

      Configuring firewalls

    • C. 

      Activation of host-based intrusion detection system (HIDS).

    • D. 

      Activation of network-based intrusion detection system (NIDS).

  • 41. 
    Integration of the capabilities of personnel, operations, and technology, and supports the evolution to network centric warfare best describes which concept?
    • A. 

      Firewalls.

    • B. 

      Security tools.

    • C. 

      Defense-in-depth.

    • D. 

      Information condition (INFOCON).

  • 42. 
    What term is used to describe the technology for transmitting voice communications over a data network using open-standard-base internet protocol (IP)?
    • A. 

      IP telephony.

    • B. 

      Network telephony.

    • C. 

      Voice protection system.

    • D. 

      Voice over Internet Protocol (VoIP).

  • 43. 
    You can implement all of the following security features to help defend internet protocol (IP) telephony systems from attackers except
    • A. 

      Enabling access control lists (ACL) on firewalls, routers, and switches.

    • B. 

      Deploying protection from dynamic host configuration protocol (DHCP) spoofing.

    • C. 

      Consolidating your voice with your data using virtual local area networks (VLAN).

    • D. 

      Enabling port security access to only allow the required devices needed by the client.

  • 44. 
    At which open systems interconnect (OSI) layer does a packet filter gateway operate?
    • A. 

      2

    • B. 

      3

    • C. 

      4

    • D. 

      5

  • 45. 
    Which type of firewall is typically used when speed is essential?
    • A. 

      Network-level.

    • B. 

      Application-level.

    • C. 

      Corporate/enterprise.

    • D. 

      Personal/small office home office (SOHO).

  • 46. 
    At which open systems interconnect (OSI) layer does an application-level firewall operate?
    • A. 

      4

    • B. 

      5

    • C. 

      6

    • D. 

      7

  • 47. 
    Which type of firewall views information as a data stream and not as a series of packets?
    • A. 

      Network-level.

    • B. 

      Application-level.

    • C. 

      Corporate/enterprise.

    • D. 

      Personal/small office home office (SOHO).

  • 48. 
    Most firewall implementations that you will encounter will be found at the
    • A. 

      Base-level.

    • B. 

      Major command (MAJCOM).

    • C. 

      Air Force Network Operating Center (AFNOC).

    • D. 

      Integrated Network Operation and Security Center (INOSC).

  • 49. 
    Which cannot be used to manage a McAfee Firewall Enterprise?
    • A. 

      Control center.

    • B. 

      Admin console.

    • C. 

      Configuration center.

    • D. 

      Command line interface

  • 50. 
    Which McAfee Firewall Enterprise management interface is the graphical software that runs a Windows computer within your network?
    • A. 

      Control center.

    • B. 

      Admin console.

    • C. 

      Configuration center.

    • D. 

      Command line interface.

  • 51. 
    Which firewall management interface menu option views the association between media access control (MAC) addresses on the firewall and its corresponding internet protocol (IP) address?
    • A. 

      Getroute.

    • B. 

      Ping host.

    • C. 

      Traceroute.

    • D. 

      Address resolution protocol.

  • 52. 
    Which firewall management interface menu option tests interface connectivity?
    • A. 

      Ping host.

    • B. 

      Domain name server lookup.

    • C. 

      Address resolution protocol (ARP).

    • D. 

      Transmission control protocol dump.

  • 53. 
    Which is not an administrator role on the McAfee Firewall Enterprise?
    • A. 

      Admin.

    • B. 

      Adminro.

    • C. 

      No admin privileges.

    • D. 

      Basic admin privileges.

  • 54. 
    Which firewall admin role is generally used to temporarily disable an administrator account?
    • A. 

      Admin.

    • B. 

      Adminro.

    • C. 

      Adminda.

    • D. 

      No admin privileges.

  • 55. 
    A burb can best be defined as a
    • A. 

      Network stack.

    • B. 

      Security policy.

    • C. 

      Set of one or more interfaces.

    • D. 

      Particular installation of a firewall.

  • 56. 
    Why is it not common to use external burb-to internal burb?
    • A. 

      High cost.

    • B. 

      High security risks.

    • C. 

      Difficult to administer.

    • D. 

      Cannot be configured on AF networks.

  • 57. 
    What does a firewall support that improves system performance by lessening the loadplaced on the system kernel?
    • A. 

      Proxies.

    • B. 

      Burbs.

    • C. 

      Fast Path sessions.

    • D. 

      Domain name server (DNS).

  • 58. 
    Each time data needs to pass between the network and a proxy, the boundary between the kernel and the user space must be crossed. This is known as a
    • A. 

      Exchange action.

    • B. 

      Context switch.

    • C. 

      Cross talk.

    • D. 

      Telnet.

  • 59. 
    A domain name server (DNS) maintains the cross-reference between domain names and their corresponding
    • A. 

      Internet protocol (IP) address.

    • B. 

      Access control list (ACL) entries.

    • C. 

      Router ACL configuration settings.

    • D. 

      Media access control (MAC) address.

  • 60. 
    What does a forward zone provide?
    • A. 

      Name to Internet protocol (IP) address mapping.

    • B. 

      IP address to name mapping.

    • C. 

      Name to domain mapping.

    • D. 

      IP to domain mapping

  • 61. 
    Over what transmission control protocol (TCP) port do zone transfers occur?
    • A. 

      21

    • B. 

      22

    • C. 

      53

    • D. 

      54

  • 62. 
    What term is used for a domain name server (DNS) architecture when one or more name servers reside behind a firewall, and contain an “inside” hostname and Internet protocol (IP) address information?
    • A. 

      Split

    • B. 

      Dual

    • C. 

      Secure

    • D. 

      Generic

  • 63. 
    How many domain name server (DNS) name server(s) are registered as authoritative for each Integrated Network Operation and Security Center (INOSC)?
    • A. 

      One

    • B. 

      Two

    • C. 

      Three

    • D. 

      Four

  • 64. 
    An access control list (ACL) is essentially
    • A. 

      Lists of permissions stating who can access what.

    • B. 

      Groups of computer names.

    • C. 

      List of network resources.

    • D. 

      Groups of users.

  • 65. 
    Which type of attack causes the connection queues on the router or switch to fill up and deny service to legitimate transmission control protocol (TCP) traffic?
    • A. 

      TCP message attack.

    • B. 

      Inbound traceroute attack.

    • C. 

      Local area network attack.

    • D. 

      TCP Synchronous (SYN) attack.

  • 66. 
    Which message type should not be allowed for inbound Internet control message protocol (ICMP) traffic?
    • A. 

      Traceroute.

    • B. 

      Time exceeded.

    • C. 

      Parameter problem.

    • D. 

      Destination unreachable.

  • 67. 
    What can an attacker use to create a map of the protected network behind the router or firewall?
    • A. 

      Ping.

    • B. 

      Traceroute.

    • C. 

      Echo reply.

    • D. 

      Domain name server (DNS) lookup.

  • 68. 
    Internet protocol (IP) filters start by blocking
    • A. 

      No traffic.

    • B. 

      All traffic.

    • C. 

      Inbound traffic

    • D. 

      Outbound traffic.

  • 69. 
    Who approves or disapproves information systems (including software and services) connections to the Air Force Global Information Grid (AF-GIG) and accepts any risk created by the approved connections?
    • A. 

      Information Operations Squadron (IOS).

    • B. 

      Air Force Network Operations (AFNetOps).

    • C. 

      Air Force Network Operation Center (AFNOC).

    • D. 

      Air Force Information Warfare Center (AFIWC).

  • 70. 
    What does packet capture software do with the packet information it captures?
    • A. 

      Immediately analyzes information.

    • B. 

      Stores packets for later viewing and analysis.

    • C. 

      Immediately sends the information to the firewall.

    • D. 

      Stores packets until a filter is ready to receive the information.

  • 71. 
    The uniqueness of the Air Force Microsoft Exchange and simple message transfer protocol (SMTP) mail relay system is that mail servers
    • A. 

      For each MAJCOM reside at the MAJCOM

    • B. 

      Are managed by the MAJCOM.

    • C. 

      For each base reside at the base.

    • D. 

      Are managed at base level.

  • 72. 
    Which e-mail server relays all e-mail entering or exiting the local network?
    • A. 

      Proxy server.

    • B. 

      Sendmail server

    • C. 

      Exchange server.

    • D. 

      Simple message transfer protocol (SMTP) server

  • 73. 
    Which e-mail server delivers all outgoing e-mail to the mail relay server?
    • A. 

      Simple message transfer protocol (SMTP) server.

    • B. 

      Exchange server.

    • C. 

      Sendmail server.

    • D. 

      Proxy server.

  • 74. 
    What server functions as a simple message transfer protocol (SMTP) gateway and virus scanner?
    • A. 

      External domain name server (DNS).

    • B. 

      Mail relay server.

    • C. 

      Internal DNS.

    • D. 

      Proxy server.

  • 75. 
    Which is not one of the key features of Symantec Mail Security for simple message transfer protocol (SMS SMTP)?
    • A. 

      Internet protocol (IP) filtering.

    • B. 

      Spyware/adware protection.

    • C. 

      Antispam technology

    • D. 

      Virus protection

  • 76. 
    The McAfee Firewall Enterprise simple message transfer protocol (SMTP) proxy is best used as a
    • A. 

      Rear line defense

    • B. 

      Frontline defense.

    • C. 

      Second line defense

    • D. 

      Front and rear line defense

  • 77. 
    When using secure split mail services, all external simple message transfer protocol (SMTP) hosts will connect to the firewall’s
    • A. 

      Local server

    • B. 

      Non-Internet server.

    • C. 

      Internal sendmail server.

    • D. 

      External sendmail server

  • 78. 
    Which is not a separate sendmail server used in secure split simple message transfer protocol (SMTP) services?
    • A. 

      Local.

    • B. 

      Internal.

    • C. 

      External.

    • D. 

      Network.

  • 79. 
    By default, a system checks the mail queues for mail that cannot be delivered on the first attempt every
    • A. 

      5 minutes.

    • B. 

      10 minutes.

    • C. 

      30 minutes.

    • D. 

      60 minutes.

  • 80. 
    When a client connects to a proxy server and requests a web page, the proxy server evaluates the request according to
    • A. 

      Filtering rules

    • B. 

      Administration rules.

    • C. 

      Forward addressing rules.

    • D. 

      Internet protocol (IP) filter rules.

  • 81. 
    Proxies do not
    • A. 

      Block unwanted or malicious downloads.

    • B. 

      Protect copyrighted media and intellectual property.

    • C. 

      Prevent organizations from obtaining visibility of users.

    • D. 

      Block webmail and instant messaging (IM) virus propagation.

  • 82. 
    What is the function in which certain pieces of data from a web page are stored in the firewall to facilitate faster future requests for the same information?
    • A. 

      Zoning

    • B. 

      Caching

    • C. 

      Proxy service.

    • D. 

      Firewall service

  • 83. 
    When the cached information is verified to be up-to-date, the proxy has ensured information
    • A. 

      Currency.

    • B. 

      Freshness.

    • C. 

      Timeliness.

    • D. 

      Authenticity

  • 84. 
    What type of proxy is located near the user/client and acts as an intermediary between a client and content server to protect the clients internet protocol (IP) address?
    • A. 

      Reverse proxy

    • B. 

      Forward proxy.

    • C. 

      Application proxy

    • D. 

      Software-based proxy

  • 85. 
    External clients request content directly from which proxy type?
    • A. 

      Reverse proxy

    • B. 

      Forward proxy.

    • C. 

      Application proxy

    • D. 

      Software-based proxy.

  • 86. 
    The vulnerabilities of voice and data converged networks were highlighted in a report released by the
    • A. 

      President’s National Security Telecommunications Advisory Committee.

    • B. 

      Air Force Information Warfare Battle Lab.

    • C. 

      Air Force Network Integration Center (AFNIC).

    • D. 

      Cryptographic Systems Group.

  • 87. 
    What should security policies encompass to help mitigate the threat of convergence?
    • A. 

      Data networks only.

    • B. 

      Voice networks only.

    • C. 

      Both voice and data networks.

    • D. 

      Neither voice nor data networks.

  • 88. 
    What provides enterprise wide visibility into telecom resource utilization, phone network usage, and incidents of toll fraud?
    • A. 

      Public Switched Telephone Network (PSTN) system.

    • B. 

      Enterprise Telephony Management (ETM) system.

    • C. 

      Voice over Internet protocol (VoIP) system.

    • D. 

      Time Division Multiplexing (TDM) system.

  • 89. 
    What voice protection system (VPS) component will only be installed on trunks or individual lines that are purchased or leased by the government?
    • A. 

      Server.

    • B. 

      Firewall.

    • C. 

      Software.

    • D. 

      Appliance.

  • 90. 
    What are attempts to gain access to a switch system by posing as an authorized user?
    • A. 

      Toll fraud.

    • B. 

      War dialing.

    • C. 

      Masquerades.

    • D. 

      Denial of service (DoS).

  • 91. 
    Which is not a voice protection system (VPS) application or tool?
    • A. 

      System console

    • B. 

      Directory manager

    • C. 

      Performance manager.

    • D. 

      Administrative manager

  • 92. 
    What is the launch pad for voice protection system (VPS) applications?
    • A. 

      System console

    • B. 

      Directory manager

    • C. 

      Performance manager

    • D. 

      Administrative manager.

  • 93. 
    Which voice protection system (VPS) application allows you to view real-time monitoring and policy processing, view system diagnostics, and use the VPS rules-based policy applications?
    • A. 

      Administrative manager.

    • B. 

      Performance manager.

    • C. 

      Directory manager

    • D. 

      System console.

  • 94. 
    Which is not listed in the performance manager tree-pane?
    • A. 

      Spans.

    • B. 

      Policies.

    • C. 

      Permissions.

    • D. 

      Configurations.

  • 95. 
    What is used to import and manage phone numbers in the voice protection system (VPS)?
    • A. 

      Administrative manager.

    • B. 

      Performance manager

    • C. 

      Directory manager

    • D. 

      System console.

  • 96. 
    Which voice protection system (VPS) toolbar icon is used to open the Database Properties Management Tool?
    • A. 

      VPS server properties.

    • B. 

      Server management.

    • C. 

      User management.

    • D. 

      Connect.

  • 97. 
    Firewall policy processing compares specific attributes of a call against a series of
    • A. 

      Rules.

    • B. 

      Access lists.

    • C. 

      Permissions.

    • D. 

      Internet protocol (IP) addresses.

  • 98. 
    By default, how often does the intrusion prevention system (IPS) policies polling engine execute to evaluate thresholds?
    • A. 

      5 minutes.

    • B. 

      10 minutes.

    • C. 

      15 minutes.

    • D. 

      30 minutes.

  • 99. 
    Voice protection system (VPS) reports are generated from the VPS
    • A. 

      Performance manager

    • B. 

      Directory manager

    • C. 

      System console.

    • D. 

      Usage manager

  • 100. 
    Which provides a call accounting, reporting analysis for enterprise voice networks?
    • A. 

      Performance manager

    • B. 

      Directory manager.

    • C. 

      System console

    • D. 

      Usage manager