Вы находитесь на странице: 1из 11

exam preparation test - 2

: 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 ()
Question1
: 1
______ is equally or more important to security than running antivirus software
.

Patching
Detecting Spyware
Not Using Windows
Blocking Email Attachments
,

: 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 ()

exam preparation test - 2


: () 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 (
)
Question2
: 1
A false positive in a NIDS can be defined as
.

a. both types of listed alerts


b. an alert that indicates nefarious activity on a system that, upon
further inspection, turns out to represent legitimate network traffic
or behavior.
c. an alert that indicates nefarious activity on a system that is not
running on the network.
d. the lack of an alert for nefarious activity.
,

: () 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 (
)

exam preparation test - 2

: () 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 (
)
Question3
: 1
Which authentication will provide a username, a password and undergo a thumb print scan to access a
workstation?
.

The two-factor authentication best illustrates this scenario.


The Mutual authentication best illustrates this scenario.
The Kerberos authentication best illustrates this scenario.
The Biometric authentication best illustrates this scenario.
,

: () 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 (
)

exam preparation test - 2


: () 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 (
)
Question4
: 1
This is a common type of denial-of-service attack that involves sending more data to a network
address (or input more information into application) than the temporary data storage area is intended
to hold, thereby shutting down the service and possibly corrupting or overwriting valid data.
.

buffer overflow
Port scan
Brute force
ping sweep
,

: () 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 (
)

exam preparation test - 2

: () 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 (
)
Question5
: 1

there is no network connection between machines A and B, however,


a worm could propagatefrom A to B?
:

: () 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 (
)

exam preparation test - 2


: () 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 (
)
Question6
: 1
What is a good way to make users in a network safer in the internet
.

a. Set up a filtering proxy server so you can check all the incoming
traffic
b. Deny all internet access
c. Get a slow connnection so they cant download too much
,

: () 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 (
)

exam preparation test - 2


: () 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 (
)
Question7
: 1
In an IDS ______ detection compares current network traffic to a known-good baseline to look for
anything out of the ordinary
.

Hacker
Signature-Based
Intrusion
Anomaly-Based
,

: () 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 (
)

exam preparation test - 2


: () 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 (
)
Question8
: 1
One form of 'something you have' is the ________ and USB tokens
.

Smart card
Radio-frequency identification
password
Fingerprint
,

: () 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 (
)

exam preparation test - 2


: () 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 (
)
Question9
: 1
This electronic "credit card" establishes a user's credentials when doing business or other transactions
on the Web and is issued by a certification authority
.

smart card

ownership tag
private key
PIN
digital certificate
,

: () 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 (
)

exam preparation test - 2


: () 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 (
)
Question10
: 1
This technology is used to measure and analyze human body characteristics for authentication
purposes.
.

a. biometrics
b. anthropomorphism
c. optical character recognition
d. footprinting
,

: () 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 (
)

exam preparation test - 2


: () 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 (
)
Question11
: 1
What authentication model uses a smart card and a User ID/Password for accessing network
resources?
.

You should identify the Biometric authentication model.

You should identify the Mutual authentication model.


You should identify the Tokens authentication model.
You should identify the two-factor authentication model.
,

: () 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 (
)

exam preparation test - 2


: () 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 (
)
Question12
: 1
In computer security, this describes a non-technical kind of intrusion that relies heavily on human
interaction. It often involves tricking people into breaking their own security procedures.
.

Hacker
Nonrepudiation
Social engineering
Cracker
,

: () 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 (
)

exam preparation test - 2


: () 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 (
)
Question13
: 1
This is a security protocol that is located between the transport layer and application layer.
.

SSL
TCP/IP

HTTP
TCP
,

: () 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 (
)

exam preparation test - 2


: () 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 (
)
Question14
: 1
This type of intrusion relies on the intruder's ability to trick people into breaking normal security
procedures.
.

shoulder surfing
hijacking
replay attack
man in the middle
social engineering
,

: () 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 (
)

exam preparation test - 2


: () 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 (
)
Question15
: 1
This is one of the older and slower methods an intruder might use to scan a network to determine
which of a range of IP addresses map to live hosts.
.

TCP/IP scanning
Brute force cracking

Ping sweep
ICMP sweep
,

: () 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 (
)

exam preparation test - 2


: () 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 (
)
Question16
: 1
When considering antispam products, which of the following should you look for?
.

a. A high false-negative rate


b. A low false-positive rate
c. A 100% false-negative rate
d. A 0% false-positive rate
,

: () 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 (
)

exam preparation test - 2


: () 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 (
)
Question17
: 1
What is encryption strength is based on? Please select the best answer.
.

The strength of the algorithm, the length of the key, and the secrecy
of the key
The strength of the key, the length of the algorithm, and the privacy
of the key
The length of the key, the type of algorithm, and the strength of the
key

The privacy of the key, the length of the algorithm, and the strength
of the key
,

: () 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 (
)

exam preparation test - 2


: () 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 (
)
Question18
: 1
In which of the following attacks does the attacker capture a portion of the communication between
two parties, modifies it, and inserts it back into the network:
.

man-in-the-middle
denial-of-service
Spoofing
Sniffing
,

: () 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 (
)

exam preparation test - 2


: () 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 (
)
Question19
: 1
Which of the following commands uses correct syntax for matching the patterns bunk or bank at the
end of a line of text? Please select the best answer.
.

b[au]nk^
^b[au]nk
b[au]nk\$
b[au]nk$

: () 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 (
)

exam preparation test - 2


: () 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 (
)
Question20
: 1

Which of the following is an optional Secure Sockets Layer (SSL) service?


.

a. Data encryption.
b. None of the above
c. All of these services are, in fact, mandatory.
d. Server authentication.
e. All of the above.
f. Client authentication.
,

: () 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 (
)

exam preparation test - 2


: () 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 (
)
Question21
: 1
This is an electronic or paper log used to track computer activity.
.

a. weblog
b. audit trail
c. cookie
d. traceroute

: () 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 (
)

exam preparation test - 2


: () 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 (
)
Question22
: 1
What type of software should you run to check your email for malicious code?
.

Windows Update
Firewall
Intrusion Detection System
Antivirus
,

: () 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 (
)

exam preparation test - 2


: () 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23
Question23
: 1
When an attacker captures part of a communication and later sends the communication segment to
the server whilst pretending to be the user it is known as a
.

It is known as the TCP/IP spoofing attack.


It is known as the Replay attack.
It is known as the Man in the middle attack.
It is known as the Back door attack
,

: () 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23