Web Server Quiz

1. An outside auditor has been contracted to determine if weak passwords are being used on the
network. To do this, the auditor is running a password cracker against the master password file. Which of the following is this an example of?

Vulnerability assessment

Fingerprinting

Malware scan

Baselining

2. Multiple web servers are fed from a load balancer. Which of the following is this an example of?

RAID

Backup generator

Hot site

Redundant servers

3. Personal software firewalls can be updated automatically using:

Group policy.

Cookies.

Cross-site scripting.

Corporate hardware firewalls.

4. Which of the following is the primary purpose of an audit trail?

To detect when a user changes security permissions

To prevent a user from changing security permissions

To prevent a user from changing security settings

To detect the encryption algorithm used for files

5. All of the following security applications can proactively detect workstation anomalies EXCEPT:

Antivirus software.

NIDS.

Personal software firewall.

HIPS.

6. Password crackers:

Are sometimes able to crack both passwords and physical tokens.

Cannot exploit weaknesses in encryption algorithms.

Cannot be run remotely.

Are sometimes able to crack both Windows and UNIX passwords.

7. Which of the following tools would be BEST for monitoring changes to the approved system
baseline?

Enterprise resource planning software

Enterprise performance monitoring software

Enterprise antivirus software

Enterprise key management software

8. Which of the following describes the cryptographic algorithm employed by TLS to establish a
session key?

RSA

Diffie-Hellman

Blowfish

IKE

9. Which of the following describes how TLS protects against man-in-the-middle attacks?

The client compares the actual DNS name of the server to the DNS name on the certificate.

The client relies on the MD5 value sent by the server.

The client compares the server certificate with the certificate listed on the CRL.

The client relies on the MAC value sent by the server.

10. Which of the following describes a characteristic of the session key in an SSL connection?

It is symmetric.

It is a hash value.

It is asymmetric.

It is an elliptical curve.

11. A vulnerability has recently been identified for a servers OS. Which of the following describes the BEST course of action?

Shutdown all affected servers until management can be notified.

Visit a search engine and search for a possible patch.

Wait for an automatic update to be pushed out to the server from the manufacturer.

Visit the operating system manufacturers website for a possible patch.

12. A firewall differs from a NIDS in which of the following ways?

A firewall attempts to detect patterns and a NIDS operates on a rule list.

A firewall operates on a rule list and a NIDS attempts to detect patterns.

A firewall prevents inside attacks and a NIDS prevents outside attacks.

A firewall prevents outside attacks and a NIDS prevents inside attacks.

13. An accountant has logged onto the companys external banking website. An administrator using a TCP/IP monitoring tool discovers that the accountant was actually using a spoofed banking website. Which of the following could have caused this attack? (Select TWO).

Altered hosts file

Network mapper

Packet sniffing

DNS poisoning

Bluesnarfing

Submit

14. Logic bombs differ from worms in that:

Logic bombs cannot be sent through email.

Logic bombs cannot spread from computer to computer.

Logic bombs always contain a Trojan component.

Logic bombs always have a date or time component.

15. A periodic security audit of group policy can:

Show that data is being correctly backed up.

Show that PII data is being properly protected.

Show that virus definitions are up to date on all workstations.

Show that unnecessary services are blocked on workstations.