Prog 450 Review Questions From Chapters 1-3, 5

58 Questions

Settings
Please wait...
Prog 450 Review Questions From Chapters 1-3, 5

Incomplete - currently only contains chapters 1 & 2


Questions and Answers
  • 1. 
    Name four goals of network security
  • 2. 
    Most network threats originate from which of the following?
    • A. 

      Inside the company

    • B. 

      Script kiddies

    • C. 

      Back doors

    • D. 

      Industrial spies

  • 3. 
    What are some of the reasons for network attacks?
    • A. 

      Industrial espionage

    • B. 

      Revenge

    • C. 

      Financial gain

    • D. 

      All of the above

  • 4. 
    The capability to prevent one participant in an electronic transaction from denying that it performed an action is called ____________.
    • A. 

      Plausible deniability

    • B. 

      Integrity

    • C. 

      Nonrepudiation

    • D. 

      Undeniability

  • 5. 
    Servers with outside access to the public should be located on __________. (Choose all that apply)
    • A. 

      Their own subnet

    • B. 

      A DMZ

    • C. 

      An internal LAN

    • D. 

      A network perimeter

  • 6. 
    Packet filters can block or allow transmission of packets based on which of the following criteria?  (Choose all that apply)
    • A. 

      Port number

    • B. 

      Open ports

    • C. 

      Time of access attempts

    • D. 

      IP address

  • 7. 
    An attacker who causes harm to systems in support of some principle is categorized as which of the following?
    • A. 

      Cracker

    • B. 

      Hacker

    • C. 

      Industrial spy

    • D. 

      Cyberterrorist

  • 8. 
    An IP address combined with a TCP/IP port number is called which of the following?
    • A. 

      Network address

    • B. 

      Socket

    • C. 

      Script

    • D. 

      Port ID

  • 9. 
    Firewall enforcement of policies is handled primarily through setting up packet-filtering rules, a set of which is contained in the _____________.
    • A. 

      Routing table

    • B. 

      Rule base

    • C. 

      Access control list

    • D. 

      Packet filter

  • 10. 
    An uninterruptible power supply is a component of _____________ security.
    • A. 

      Virtual

    • B. 

      Auditing

    • C. 

      Physical

    • D. 

      Password

  • 11. 
    The Stuxnet worm was designed to ____________>
    • A. 

      Shut down Internet DNS servers

    • B. 

      Disrupt computer-controlled industrial operations

    • C. 

      Steal financial information

    • D. 

      Be used by script kiddies

  • 12. 
    A packet filtering device evaluates data in the payload and compares it with a predefined set of rules.
    • A. 

      True

    • B. 

      False

  • 13. 
    • A. 

      Worm

    • B. 

      Virus

    • C. 

      Trojan horse

    • D. 

      SYN flood

  • 14. 
    In a restrictive firewall policy, what is the starting point for developing a rule base?
    • A. 

      Allow all traffic

    • B. 

      Block all traffic except specified types

    • C. 

      Allow all traffic except specified types

    • D. 

      Block all traffic

  • 15. 
    In an IDPS, specific indications of a possible attack are called _____________.
    • A. 

      Signatures

    • B. 

      Signals

    • C. 

      True positives

    • D. 

      Alerts

  • 16. 
    • A. 

      IPv6 uses DHCP for its configuration settings

    • B. 

      IPv6 uses a 128-bit address space

    • C. 

      IPv4 cannot support IPsec

    • D. 

      IPv6 incorporates IPsec

  • 17. 
    A Class C address has a first octet decimal range of ____________ to ____________.
    • A. 

      172, 191

    • B. 

      191, 224

    • C. 

      192, 239

    • D. 

      192, 223

  • 18. 
    Which of the following is a method of hiding internal host IP addresses? (Choose all that apply)
    • A. 

      Network Address Translation (NAT)

    • B. 

      Configuring the computer to insert a fake source IP address into outgoing messages

    • C. 

      Proxy servers

    • D. 

      Setting up software firewalls on all internal hosts

  • 19. 
    The Class A address of 127.0.0.1 is used for which of the following?
    • A. 

      Broadcasting to all hosts on a subnet

    • B. 

      Testing the local TCP/IP software implementation

    • C. 

      Experimentation

    • D. 

      Testing the local NIC

  • 20. 
    Why is UDP considered unreliable?
    • A. 

      The header does not contain a checksum

    • B. 

      The data is transmitted in clear text

    • C. 

      It is connectionless

    • D. 

      Routers typically drop a large number of UDP packets

  • 21. 
    In CIDR notation, the IP address and subnet mask 191.9.205.22  255.255.192.0 are written as __________________.
    • A. 

      191.9.205.22/19

    • B. 

      191.9.205.22/18

    • C. 

      191.9.205.22/17

    • D. 

      191.9.205.22/16

  • 22. 
    • A. 

      Routers drop packets that are too large.

    • B. 

      Routers bounce packets back to the sender to be resized.

    • C. 

      Routers adjust their MTUs to accommodate the oversized packet.

    • D. 

      Routers break packets into smaller pieces called fragments.

  • 23. 
    Which of the following is an IPv6 Protocol?  (Choose all that apply)
    • A. 

      Multicast Listening Detection

    • B. 

      IGMPv6

    • C. 

      Multicast Listener Discovery

    • D. 

      Neighbor Discovery

  • 24. 
    A DNS server translates ________________ to _______________.
    • A. 

      Encrypted IP addresses, clear text

    • B. 

      IP addresses, MAC addresses

    • C. 

      FQDNs, IP addresses

    • D. 

      Static addresses, DHCP

  • 25. 
    Why is fragmentation considered a security risk?
    • A. 

      Fragments numbered 0 contain port information

    • B. 

      Fragments numbered 1 or higher are passed through filters

    • C. 

      Fragmented packets cannot be assembled

    • D. 

      Fragmentation is frequently used

  • 26. 
    Which of the following is used for one-to-many communication, in which a single host can send packets to a group of recipients?
    • A. 

      Multicast

    • B. 

      Unicast

    • C. 

      Anycast

    • D. 

      Netcast

  • 27. 
    The number of TCP segments that can be sent before an acknowledgement must be received is determined by the ______________.
    • A. 

      Sequence number

    • B. 

      Sliding window size

    • C. 

      Transmission rate

    • D. 

      Port number in use for the session

  • 28. 
    • A. 

      SYN

    • B. 

      ACK

    • C. 

      RST

    • D. 

      FIN

  • 29. 
    An ICMPv6 header is indicated by a Next Header Value of ____________.
    • A. 

      60

    • B. 

      54

    • C. 

      58

    • D. 

      22

  • 30. 
    Compressing the IPv6 address 1080:0:0:0:8:800:200C:417A results in which of the following?
    • A. 

      1080::8:8:::2::C:417A

    • B. 

      1080::8:800:200C:417A

    • C. 

      1080::8:8::::20:C:417A

    • D. 

      :1080::8:800:200C:417A

  • 31. 
    Security devices on a network process digital information, such as text files and Web pages, in the same way.  However, which of the following pieces of information might they handle differently?
    • A. 

      Protocols

    • B. 

      TCP/IP Headers

    • C. 

      Attack signatures

    • D. 

      Port numbers

  • 32. 
    • A. 

      Attack signatures can be compared to lists of known attack signatures on the CVE Web site.

    • B. 

      Attack signatures can be compared to current network topology.

    • C. 

      Installing application patches can thwart a reported attack.

    • D. 

      Current network vulnerabilites can be used to generate application patches.

  • 33. 
    • A. 

      Logon attempts

    • B. 

      Message digest

    • C. 

      TCP options

    • D. 

      Ethernet interface number

  • 34. 
    • A. 

      Check string

    • B. 

      One-way hash

    • C. 

      Hexadecimal code

    • D. 

      Checksum

  • 35. 
    • A. 

      Fragments are crafted to be too large or too small

    • B. 

      The initial packet is missing

    • C. 

      The fragments arrive too slowly

    • D. 

      The final fragment sent is less than 400 bytes long.

  • 36. 
    • A. 

      One with the SYN/ACK flags set

    • B. 

      One with the ACK flag set

    • C. 

      One with the SYN flag set

    • D. 

      One with the ACK/PSH flags set

  • 37. 
    Which of the following is not required for a single-packet attack?  (Choose all that apply.)
    • A. 

      A source IP address

    • B. 

      A destination IP address

    • C. 

      An ICMP echo request

    • D. 

      An established connection

  • 38. 
    Which of the following is an example of a multiple packet attack?
    • A. 

      A fragment

    • B. 

      An ICMP flood

    • C. 

      A false Internet time stamp

    • D. 

      A packet with SYN/FIN/ACK flags set

  • 39. 
    What is the purpose of the 4-byte acknowledgement in a TCP header?
    • A. 

      It acknowledges receipt of the previous packet in the sequence.

    • B. 

      It acknowledges that a connection has been made.

    • C. 

      It verifies that the source and destination IP addresses are correct.

    • D. 

      It acknowledges the ID number the packet is using.

  • 40. 
    Which of the following is the correct order in which TCP flags appear during the initiation of a normal connection?
    • A. 

      SYN, ACK, FIN, RST

    • B. 

      SYN, PSH, ACK, RST

    • C. 

      SYN, SYN/ACK, ACK

    • D. 

      SYN, PSH, ACK, FIN

  • 41. 
    Which protocol uses one port number to establish a connection and a different port number to transfer data?
    • A. 

      TCP/IP

    • B. 

      FTP

    • C. 

      HTTP

    • D. 

      ICMP

  • 42. 
    Which of the following is an example of a reconnaissance traffic signature?
    • A. 

      Trojan program

    • B. 

      Ping sweep

    • C. 

      Denial of service

    • D. 

      Ping of Death

  • 43. 
    Which program keeps track of services and ports made available through Remote Procedure Calls?
    • A. 

      Network Information System

    • B. 

      Network File System

    • C. 

      Network File Sharing

    • D. 

      Portmapper

  • 44. 
    To avoid attacks that use advanced evasion techniques, such as path obfuscation, CGI scripts, and packet injection, you must do which of the following?
    • A. 

      Watch your log files closely

    • B. 

      Install additional IDPS sensors

    • C. 

      Keep your anti-adware software updated

    • D. 

      Keep your IDPS signature files updated.

  • 45. 
    Which of the following features distinguishes IPv6 from IPv4?
    • A. 

      IPv6 fragmentation occurs on IPv6-compliant routers

    • B. 

      IPv4 is unfragmentable

    • C. 

      IPv6 fragmentation occurs only at the source node

    • D. 

      IPv6 maximum fragment size is larger than its IPv6 counterpart

  • 46. 
    • A. 

      Pseudorandom number generators

    • B. 

      Hashing functions

    • C. 

      Feistel networks

    • D. 

      Side channels

  • 47. 
    • A. 

      128 or 256 bits

    • B. 

      128, 192, or 256 bits

    • C. 

      Variable

    • D. 

      128 bits

  • 48. 
    Which of the following issues public and private key pairs?
    • A. 

      Certificate publisher

    • B. 

      Certification authority

    • C. 

      Certificate revocation list

    • D. 

      Certificate store

  • 49. 
    • A. 

      Certificate revocation list

    • B. 

      Certification authority

    • C. 

      Certificate publisher

    • D. 

      Registration authority

  • 50. 
    Which of the following is a symmetric algorithm that is not considered safe for encryption use?
    • A. 

      AES

    • B. 

      Diffie-Hellman

    • C. 

      DES

    • D. 

      RSA

  • 51. 
    In digital signatures, which of the following values is compared to verify a message's integrity?
    • A. 

      Public key

    • B. 

      Message digest

    • C. 

      Private key

    • D. 

      Certificate

  • 52. 
    • A. 

      The symmetric algorithm encrypts data faster than the asymmetric algorithm.

    • B. 

      The asymmetric algorithm encrypts data faster than the symmetric algorithm.

    • C. 

      The symmetric and asymmetric algorithms work at the same speed to encrypt data.

    • D. 

      The faster an asymmetric algorithm works, the stronger its encryption.

  • 53. 
    • A. 

      SSL

    • B. 

      SSH

    • C. 

      TLS

    • D. 

      WPA

  • 54. 
    • A. 

      IPsec is fast and supported universally.

    • B. 

      IPsec supports IPv4 and IPv6.

    • C. 

      IPsec is implemented at Layer 2.

    • D. 

      IPsec can encrypt the entire packet.

  • 55. 
    Which of the following components enables IPsec to use Diffie-Hellman to create keys?
    • A. 

      Internet Key Exchange

    • B. 

      Internet Security Association Key Management Protocol

    • C. 

      Oakley

    • D. 

      IPsec driver

  • 56. 
    Authentication Header verifies the integrity of TCP/IP packets by signing them with a digital signature.
    • A. 

      True

    • B. 

      False

  • 57. 
    In tunnel mode, Encapsulating Security Payload encrypts which of the following?
    • A. 

      Packet header

    • B. 

      Data

    • C. 

      Both the header and the data

    • D. 

      Neither the header nor the data

  • 58. 
    Which of the following attacks might have the potential to exploit AES
    • A. 

      PRNG

    • B. 

      Visual cryptanalysis

    • C. 

      Chosen ciphertext

    • D. 

      XSL