logo image

Ctc 452 Midterm II

Which of the following is NOT a phase in the system development life cycle?
a. need assessment
b. security audit
c. system implementation
d. performance monitoring
b. security audit
Which of the following is considered an asset?
a. hacker
b. unpatched Web server
c. disgruntled employee
d. intellectual property
d. intellectual property
What is considered the first step in formulating a security policy?
a. risk analysis
b. elimination of threats
c. risk reduction
d. system monitoring
a. risk analysis
Which of the following is NOT among the six factors needed to create a risk analysis?
a. threats
b. consequences
c. personal profiles
d. probabilities
c. personal profiles
Which of the following would be considered a vulnerability?
a. installation of a firewall
b. antivirus software
c. Internet-connected computer
d. spyware
c. Internet-connected computer
Which is the best defines residual risk?
a. risk that occurs as a result of new vulnerabilities
b. the amount of risk remaining after countermeasure are implemented
c. a vulnerability for which the risk has been reduced to zero
d. the cost of implementing solutions to an assess risk
b. the amount of risk remaining after countermeasures are implemented
Which of the following is a network’s ability to detect attacks when they occur and to evaluate the extent of damage and compromise?
a. resistance
b. recovery
c. recognition
d. reliability
c. recognition
Which is the best defined as the ability of a system to continue operations despite a failure?
a. fault tolerance
b. vulnerabilities analysis
c. reliability audit
d. adaptation and evolution
a. fault tolerance
Which of the following is NOT a step in threat and risk assessment?
a. Asset definition
b. Recommendation
c. Resolution
d. Threat assessment
c. Resolution
Which of the following best describes a Monte Carlos simulation?
a. a technique for simulating an attack on a system
b. a formula that estimates the cost of countermeasures
c. a procedural system that simulates a catastrophe
d. an analytical method that simulates a real-life system for risk analysis
d. an analytical method that simulates a real-life system for risk analysis
Which of the following shows how devices are connected and includes an IP allocation register?
a. hardware inventory
b. topology map
c. asset table
d. security policy
b. topology map
Which of the following defines how employees should use the organization’s computing resources?
a. Network and Internet Policy
b. Email and Spam Policy
c. Computing and Resource Policy
d. Acceptable Use Policy
d. Acceptable Use Policy
Which of the following requires you to assist police by appearing in court or producing evidence?
a. subpoena
b. search warrant
c. the 4th amendment
d. de facto agent
a. subpoena
Which of the following best describes ROI?
a. the chance that a threat will result in lost money
b. how long before an investment will pay for itself
c. the cost of mitigating a threat
d. the benefits of setting security priorities
b. how long before an investment will pay for itself
The process of reviewing records of network computer activity is called which of the following?
a. monitoring
b. archiving
c. auditing
d. recording
c. auditing
What makes IP spoofing possible for computers on the Internet?
a. network address translation
b. the lack of authentication
c. the 32-bit address space
d. the DNS hierarchy
b. the lack of authentication
What type of attack exploits a lack of bounds checking on the size of data stored in an array?
a. buffer overflow
b. SQL injection
c. phishing
d. ActiveX control
a. buffer overflow
What type of attack involves plaintext scripting that affects database?
a. phishing
b. ActiveX control
c. Java applet
d. SQL injection
d. SQL injection
What type of attack displays false information masquerading as legitimate data?
a. Java applet
b. phishing
c. buffer overflow
d. SQL inection
b. phishing
Which of the following is NOT a step you should take to prevent attackers from exploiting SQL security holes?
a. limit table
b. use stored procedures
c. use standard naming conventions
d. place the database server in a DMZ
C. use standard naming conventions
Which variation on phishing modifies the user’s host file to redirect traffic?
a. spear phishing
b. pharming
c. DNS phishing
d. hijacking
b. pharming
What type of DNS server is authoritative for a specific domain?
a. primary
b. secondary
c. read-only
d. initial
a. primary
What is zone transfer?
a. the movement of e-mail from one domain to another
b. updating a secondary DNS server
c. backing up an SQL data file
d. copying host file data to another system
b. updating a secondary DNS server
What type of DNS configuration prevents internal zone information from being stored on an Internet-accessible server?
a. read-only zone
b. anti-phishing DNS
c. caching DNS zone
d. split-DNS architecture
d. split-DNS architecture
Which of the following is a top-level digital certificate in the PKI chain?
a. security-aware resolver
b. trust anchor
c. DNSSEC resolver
d. RRSIG record
b. trust anchor
Which aspect of hardening a Window Web server allows you to restrict access to the web server based on IP address?
a. authentication
b. NTFS permissions
c. access control
d. data confidentiality
c. access control
Which of the following is NOT a recommended security setting for Apache Web servers?
a. harden the underlying OS
b. create Web groups
c. use the default standard Web page error messages
d. disable HTTP traces
c. use the default standard Web page error messages
Which VPN protocol leverages Web-based applicaitons?
a. PPTP
b. L2TP
C. SSL
d. IPsec
C. SSL
Which VPN protocol is a poor choice for high-performance network with many hosts due to vulnerabilities in MS-CHAP?
a. SSL
b. L2TP
c. IPsec
d. PPTP
d. PPTP
Which VPN protocol used UDP 1701 and does not provide confidentiality and authentication?
a. IPsec
b. L2TP
c. PPTP
d. SSL
b. L2TP
Which VPN protocol works at Layer 3 and can encrypt the entire TCP/IP packet?
a. PPTP
b. L2TP
c. IPsec
d. SSL
c. IPsec
Which of the following is defined as realation ship between two or more entities that describes how they will use the security services to communicate?
a. pairing
b. security association
c. internet key exchange
d. tunnel
ANS: B PTS:1 REF: 394
b. security association
Which IPsec component is software that handles the tasks of encrypting, authenticating, descrying, and checking packets?
a. ISAKMP
b. IKE
c. IPsec driver
d. Oakley protocol
c. IPsec driver
Which IPsec component authentication TCP/IP packets to ensure data integrity?
a. AH
b. ESP
c. IKE
d. ISAKMP
a. AH
What are the two modes in which IPsec can be configured to run?
a. transit and gateway
b. client and server
c. header and payload
d. tunnel and transport
d. tunnel and transport
Which of the following is true about SSL?
a. it uses shared-key encryption only
b. it uses sockets to communicate between client and server
c. it operates at the Data Link layer
d. it uses IPsec to provide authentication
b. it uses sockets to communicate between client and server
Which of the following is an improvement of TLS over SSL?
a. requires less processing power
b. uses a single hashing algorithm for all the data
c. uses only asymmetric encryption
d. adds a hashed message authentication code
d. adds a hashed message authentication code
Which VPN topology is also known as a hub-and-spoke configuration?
a. bus
b. partial mesh
c. star
d. full mesh
c. star
Which of the following is a disadvantage of putting the VPN on a firewall?
a. centralized control of network access security
b. more configuration mistakes
c. VPN and firewall use the same configuration tools
d. Internet and VPN traffic compete for resources
d. Internet and VPN traffic compete for resources
What was created to address the problem of remote clients not meeting an organization’s VPN security standards?
a. split
b. VPN quarantine
c. IPsec filters
d. GRE isolation
b. VPN quarantine
Which of the following is best described as software that prioritizes and schedules requests and then distributes them to servers based on each server’s current load and processing power.
a. server pooling software
b. traffic distribution filter
c. priority server farm
d. load-balancing software
d. load-balancing software
Where should network management systems generally be placed?
a. out of band
b. in the DMZ
c. on the perimeter
d. in the server farm
a. out of band
In what type of attack are zombies usually put to use?
a. buffer overrun
b. virus
c. DDoS
d. spoofing
c. DDoS
What should you consider installing if you want to inspect packets as they leave the network?
a. security workstation
b. RIP router
c. filtering proxy
d. reverse firewall
d. reverse firewall
Which type of firewall configuration protects public servers by isolating them from the internal network?
a. screened subnet DMZ
b. dual-homed host
c. screening router
d. reverse firewall
a. screened subnet DMZ
Which type of security device can speed up Web page retrieval and shield hosts on internal network?
a. caching firewall
b. proxy server
c. caching-only DNS server
d. DMZ intermediary
b. proxy server
Which network device works at the Application layer by reconstructing packets and forwarding them to Web servers?
a. Layer 7 switch
b. translation gateway
c. proxy server
d. ICMP redirector
c. proxy server
Which of the following is a disadvantage of using a proxy server?
a. shields internal host IP address
b. slows Web page access
c. may require client configuration
d. cannot filter based on packet content
c. may require client configuration
Which of the following best describes a bastion host?
a. a host with two or more network interfaces
b. a computer on the perimeter network that is highly protected
c. a computer running a standard OS that also has proxy software installed
d. a computer running only embedded firmware
ANS: B PTS;1 REF: 359
b. a computer on the perimeter network that is highly protected
What is a critical step you should take on the OS you choose for a bastion host?
a. ensure all security patches are installed
b. make sure it is the last OS version
c. choose an obscure OS with which attackers are unfamiliar
d. customize the OS for bastion operation
a. ensure all security patches are installed

Need essay sample on "Ctc 452 Midterm II"? We will write a custom essay sample specifically for you for only $ 13.90/page

Can’t wait to take that assignment burden offyour shoulders?

Let us know what it is and we will show you how it can be done!
×
Sorry, but copying text is forbidden on this website. If you need this or any other sample, please register

Already on Businessays? Login here

No, thanks. I prefer suffering on my own
Sorry, but copying text is forbidden on this website. If you need this or any other sample register now and get a free access to all papers, carefully proofread and edited by our experts.
Sign in / Sign up
No, thanks. I prefer suffering on my own
Not quite the topic you need?
We would be happy to write it
Join and witness the magic
Service Open At All Times
|
Complete Buyer Protection
|
Plagiarism-Free Writing

Emily from Businessays

Hi there, would you like to get such a paper? How about receiving a customized one? Check it out https://goo.gl/chNgQy

We use cookies to give you the best experience possible. By continuing we’ll assume you’re on board with our cookie policy