Securty + Ch. 2-6 Test

30 Questions | Total Attempts: 85

SettingsSettingsSettings
Security Plus Quizzes & Trivia

Questions and Answers
  • 1. 
    USB devices with a virus delivery mechanism are an example of which of the following security threats?
    • A. 

      Adware

    • B. 

      Trojan Horse

    • C. 

      Botnets

    • D. 

      Logic Bombs

  • 2. 
    Cellphones with network access and the ability to store data files are susceptible to which of the following risks?
    • A. 

      Input validation errors

    • B. 

      SMTP open relays

    • C. 

      Viruses

    • D. 

      Logic Bombs

  • 3. 
    Which of the following is a malicious program used to capture information from an infected computer?
    • A. 

      Trojan

    • B. 

      Botnet

    • C. 

      Worm

    • D. 

      Virus

  • 4. 
    Mitigating security risks by updating and applying hotfixes is part of:
    • A. 

      Patch Management

    • B. 

      Vulnerability Scanning

    • C. 

      Baseline Reporting

    • D. 

      Penetration Testing

  • 5. 
    When reviewing IDS logs, the security administrator notices many events pertaining to a "NOOP sled".  Which of the following attacks is occuring?
    • A. 

      Man-in-the-middle

    • B. 

      SQL injection

    • C. 

      Buffer overflow

    • D. 

      Session hijacking

  • 6. 
    Which of the following is the main difference between a hotfix and a patch
    • A. 

      Hotfixes follow a predetermined release schedule while patches do not

    • B. 

      Hotfixes are smaller than patches

    • C. 

      Hotfixes may be released at anytime and will later be included in a patch

    • D. 

      Patches can only be applied after obtaining proper approval, hotfixes do not need management approval.

  • 7. 
    A vulnerability assessment was conducted against a network.  One of the findings indicated an out-dated version of software.  This is an example of weak:
    • A. 

      Security policies

    • B. 

      Patch management

    • C. 

      Acceptable use policies

    • D. 

      Configuration baselines

  • 8. 
    Which of the following should a technician deploy to detect malicious changes to the system an configuration?
    • A. 

      Pop-up blocker

    • B. 

      File integrity checker

    • C. 

      Anti-spyware

    • D. 

      Firewall

  • 9. 
    Which of the following solutions would a company be MOST likely to choose if they wanted to conserve rack space in the data center and also be able to manage various resources on the servers?
    • A. 

      Install manageable, centralized power and cooling system

    • B. 

      Server virtualization

    • C. 

      Different virtual machines on a local workstation

    • D. 

      Centalize all blade servers and chassis within one or two racks

  • 10. 
    which of the following characteristics distinguishes a virus from a rootkit,  spyware, and adware?
    • A. 

      Eavesdropping

    • B. 

      Process hiding

    • C. 

      Self-replication

    • D. 

      Popup displays

  • 11. 
    Monitoring a computer's log and critcal files is part of the functionality of a
    • A. 

      NIPS

    • B. 

      HIDS

    • C. 

      Firewall

    • D. 

      Honeypot

  • 12. 
    Which of the following can be implemented as an OS hardening practice to mitigate risk?
    • A. 

      Domain name kiting

    • B. 

      Removable storage

    • C. 

      Input validation

    • D. 

      Security templates

  • 13. 
    Which of the following is often bundled with freely downloaded software
    • A. 

      Cookies

    • B. 

      Logic bomb

    • C. 

      Adware

    • D. 

      Spam

  • 14. 
    Every company workstation contains the same software prior to being assigned to workers.  Which of the following software options would give remote users the needed protections from outside attackers when they are outside the company's internal network?
    • A. 

      HIDS

    • B. 

      Vulnerability scanner

    • C. 

      Personal firewall

    • D. 

      NIPS

  • 15. 
    A security administrator is analyzing the packet capture from an IDS triggered filter.  The packet capture shows the following string: <scrip>source=http://www.evilsite.jp/evil.js</script> Which of the following attacks is occuring?
    • A. 

      SQL injection

    • B. 

      Redirection attack

    • C. 

      Cross-site scripting

    • D. 

      Data label challenges

  • 16. 
    Management would like to know if anyone is attempting to access files on the company file server.  Which of the following could be deployed to BEST provide this information?
    • A. 

      Software firewall

    • B. 

      Hardware firewall

    • C. 

      HIDS

    • D. 

      NIDS

  • 17. 
    Which of the following is a benefit of utilizing virtualization technology?
    • A. 

      Lowered cost of the host machine

    • B. 

      Less overhead of software licensing

    • C. 

      Streamline systems to a single OS

    • D. 

      Fewer systems to monitor physical access

  • 18. 
    Which of the following would MOST likely contain a &;SCRIPT> tag?
    • A. 

      Cookies

    • B. 

      XSS

    • C. 

      DOS

    • D. 

      Buffer overflow

  • 19. 
    A security administrator is analyzing the packetcapture from an IDS triggered filter.  The packet capture shows the following string: a or1==1-- Which of the following attacks is occuring?
    • A. 

      Cross-site scripting

    • B. 

      XML injection

    • C. 

      Buffer overflow

    • D. 

      SQL injection

  • 20. 
    Which of the following should a security administrator implement to ensure there are no security holes in the OS?
    • A. 

      Encryption protocols

    • B. 

      Firewall definitions

    • C. 

      Patch management

    • D. 

      Virus definitions

  • 21. 
    Several PCs are running extremely slow all of a sudden.  Users of the PCs that they do a lot of web browsing and explain that a disgruntled employee from their department was recently fired.  The security administrator observes that all of the PCs are attempting to open a large number of connections to the same destination.  Which of the following is MOST likely the issue?
    • A. 

      A logic bomb has been installed by the former employee.

    • B. 

      A man-in-the-middle attack is taking place

    • C. 

      The PCs have downloaded adware

    • D. 

      The PCs are being used in a botnet

  • 22. 
    Which of the following has a programmer MOST likely failed to consider if a user entering improper input is able to compromise the integrity of data?
    • A. 

      SDLM

    • B. 

      Error handling

    • C. 

      Data formatting

    • D. 

      Input validation

  • 23. 
    Which of the following should be implemented on a mobile phone to help prevent a conversation from being captured?
    • A. 

      Device encryption

    • B. 

      Voice encryption

    • C. 

      GPS tracking

    • D. 

      Sniffer

  • 24. 
    Which of the following helps prevent a system from being fingerprinted?
    • A. 

      Personal firewall

    • B. 

      Complex passwords

    • C. 

      Anti-spam software

    • D. 

      OS patching

  • 25. 
    Which of the following is a malicious program that infects a host computer and has the ability to replicate itself
    • A. 

      Spyware

    • B. 

      Virus

    • C. 

      Rootkit

    • D. 

      Spam

Back to Top Back to top