RESTRICTED - EXAMINATION

Network Security Exemplifier Questions Paper 2

1. MODIS Defence Vision is to produce battle-winning people and equipment that are: a. Capable of building for the future b. Fit for the challenge of today c. Ready for the tasks of tomorrow d. All of the above. 2. Agile exploitation of our Information Operations capabilities improve: a. Offensive and Defensive mechanisms b. Information Assurance and its Security c. Effectiveness and Efficiency d. Economy and Scale 3. Realising the Defence Information Vision as stated in MODIS is achieved by: a. Collective pursuit of better decisions b. Collective Information c. Collective use of our enterprises d. Collective usage of our experiences 4. The MOD now recognise Information as a: a. Strategic Business Service b. An Enterprise Objective c. A Business Asset d. Exploitative Object 5. Information Assurance provides: a. Fundamental Quality to all our Defence Programmes b. Effective and Timely Exploitation of our Information c. Absolute Security d. Information Risk Exposure 6. Information system risk is managed pragmatically by: a. Cost Efficiencies b. Information Services c. Information Management d. Information Assurance 7. The Assured Domain Element Structure could be also seen as: a. Architecture b. Chaos c. Unorganised d. Unavailable

Page 1 of 12 RESTRICTED - EXAMINATION

RESTRICTED - EXAMINATION 8. An element of MoDs Information Defence Strategy is: a. Information Exploitation b. Enterprise Architecture c. Information Management d. Enterprise Risk Management 9. The Enterprise Model (Business Owners view) represents which stakeholder? a. The Executive Management b. The Operations Management c. The Business Systems Architect d. The Information Systems Architect 10. Within the Architecture of the CIS domain; Users, Support and Services Providers are motivated by: a. Business Rules Model b. Business Goals, Vision and Strategies c. Procedures and System Enforced Rules d. Rules Implemented in Programs 11. Business Continuity is inclusive of which element of CND a. System Clampdown b. CIS Resilience c. Accreditation d. Redundancy 12. Which element of CIS Security is considered a part of CND? a. COMSEC b. EMSEC c. CIS Resilience d. Offline Analysis 13. Which of the following is not a CND element of CIS Security? a. Network Monitoring & Protection b. Non-Network IT security c. Vulnerability analysis d. Anti-Virus 14. Information Recovery is an important element of which CIS Security domain? a. COMPUSEC b. INFOSEC c. Information Assurance d. Business Continuity 15. CIS Resilience has two elements, Redundancy and _________? a. System Recovery b. Diversity c. Robustness d. CIS Risk Management

Page 2 of 12 RESTRICTED - EXAMINATION

RESTRICTED - EXAMINATION 16. What is the correct order from top to bottom of the Information Stack? a. IT, IS, IA, IM, IX b. IX, IM, IA, IS, IT c. IT, IS, IM, IA, IX d. IX, IA, IM, IS, IT 17. Information can be seen as: a. About Something b. As Something c. For Something d. All the above 18. Without the timely and effective use of Information, our decisions may become jaded, inappropriate or suspect, consequently we need our information to be: a. Clear, Accurate, Trusted and Compromised b. Clear, Accurate, Untrusted and Compromised c. Trusted, Uncompromised, Authorised and Accurate d. Trusted, Uncompromised, Unauthorised and Accurate 19. The Strategic Positioning of Security (SPS) has 4 elements describing the Environment; these are: a. Efficiency, Effectiveness, Equality and Evolution b. Exploited, Evolutionary, Expensive and Expansive c. Exploited, Effectiveness, Expensive and Efficient d. Effective, Evolutionary, Expansive and Expensive 20. The Strategic Positioning of Security (SPS) has3 elements describing the Strategic Purpose; these are: a. Confidentiality, Integrity and Availability b. Effective, Demonstrative and Capable c. Culture, Capability and Environment d. Situational Aware, Effective and Domain Based 21. Which of the following use routers with packet filtering rules to allow or deny access based on source address, destination address, or port number? a. Application layer firewall b. Packet filtering firewall c. Router enhanced firewall d. IP enabled firewall

Page 3 of 12 RESTRICTED - EXAMINATION

RESTRICTED - EXAMINATION 22. Routers work at the Network Layer of the International Standards Organization /Open Systems Interconnection (ISO/OSI) established sequence of OSI Layers. What is the correct and complete OSI sequence in order from user interface (Layer 7) to the delivery of binary bits (Layer 1)? a. Physical Layer, Network Layer, Data Link Layer, Transport Layer, Session Layer, Presentation Layer, Application Layer b. Application Layer, Presentation Layer, Session Layer, Transport Layer, Network Layer, Data Link Layer, Physical Layer c. Application Layer, Physical Layer, Session Layer, Transport Layer, Network Layer, Data Link Layer, Presentation Layer d. Physical Layer, Data Link Layer, Network Layer, Transport Layer, Session Layer, Presentation Layer, Application Layer 23. You manage a company network and the network budget. You want to minimize costs, but desire to prevent crackers from sniffing your local network (LAN). Which of the following devices would you recommend to meet your goals? a. Hub b. Switch c. Router d. Firewall 24. Which of the following is actually considered a critical wireless device? a. AP b. WAP c. WEP d. WLAN 25. Modems can be configured to automatically answer any incoming call. Many user computers have modems installed from the manufacturer. What is the greatest security risk when dealing with modems in this situation? a. Remote access without network administrator knowledge b. Local access without network administrator knowledge c. Client access without network administrator knowledge d. Server access without network administrator knowledge 26. Which of the following devices have similar security concerns because they provide file sharing, network connection, and application services? (Select all that apply.) a. Switches and Network Interface Cards b. Routers and Firewalls c. Workstations and Servers d. Servers and Routers 27. Your unit has decided to dispose of a few of the older computers that once stored critical data. What should you do first? a. Use Western Digital Clear (wdclear) to low-level format the hard disk b. Use FIPS to overwrite all data on the hard disk with zeroes c. Use a demagnetizer to demagnetize the hard disk d. Remove all the files and folders on the hard disk Page 4 of 12 RESTRICTED - EXAMINATION

RESTRICTED - EXAMINATION 28. Which of the following terms could be considered security zones? (Select all that apply.) a. Intranet b. Internet c. DMZ d. All the above 29. Which one of the following is software used to logically connect workgroups, thereby improving network performance for group members in different physical locations? a. Virtual Private Network (VPN) b. Virtual Local Area Network (VLAN) c. Remote Authentication Dial-in User Service (RADIUS) d. Network Address Translation (NAT) 30. What is the primary purpose for Network Address Translation (NAT)? a. Multiple users sharing one IP address for Instant Messenger (IM) b. Hiding the IP addresses of the internal network from those outside of the network c. Showing the IP addresses of the external network to clients on the internal network d. Single users gaining access to multiple email accounts 31. IDS may be configured to report attack occurrences. You just received a notification that an attack occurred, but after checking, you find that it really wasn't an attack at all. What is the term for this type of alarm? a. True positive b. False positive c. True negative d. False negative

32. Which type of network device is characterized by the following description: Used to fool crackers, allowing them to continue an attack on a sacrificial computer that contains fictitious information? a. Fake firewall b. Rogue router c. Intrusion Prevention System d. Honey pot 33. Which of the following items relates to the fundamental principal of implementing security measures on computer equipment to ensure that minimum standards are being met? a. Security baselines b. Security policies c. Security standards d. Security countermeasures

Page 5 of 12 RESTRICTED - EXAMINATION

RESTRICTED - EXAMINATION 34. Your network administrator has installed a network-based IDS and a honey pot on the network. What is the written plan called that indicates who will monitor these tools and how users should react once a malicious attack has occurred? a. Active response b. Incident response c. Monitoring and response d. Security alert and response 35. The security functionality defines the expected activities of a security mechanism and assurance defines: a. The controls the security mechanism will enforce b. The data classification after the security mechanism has been implemented c. The confidence of the security the mechanism is providing d. Cost/benefit relationship 36. Which of the following is not a purpose of doing a risk analysis? a. Delegate responsibility b. Quantify impact of potential threats c. Identify risks d. Define the balance between the impact of a risk and the cost of the necessary countermeasures 37. What are security policies? a. Step-by-step direction on how to accomplish security tasks b. General guidelines used to accomplish a specific security level c. Broad, high-level statements from management d. Detailed documents explaining how security incidents should be handled. 38. Which of the following is a legal term that pertains to a company or individual taking reasonable actions and is used to determine liability? a. Standards b. Due process c. Due care d. Downstream liabilities 39. Which of the following was the first mathematical model of a multilevel security policy used to define the concepts of a secure state and mode of access, and to outline rules of access? a. Biba b. Bell-LaPadula c. Clark-Wilson d. Brewer and Nash

Page 6 of 12 RESTRICTED - EXAMINATION

RESTRICTED - EXAMINATION 40. The NEC has three domains, which domain(s) covers the possibility of CNA and the countermeasures to be employed. a. People b. Network c. Information d. All 3 domains 41. Which of the following is not considered as a factor of Risk? a. Threats b. Impact c. Vulnerabilities d. Assurance 42. Which of the following devices is specially designed to forward packets to specific ports based on the packet's address? a. Specialty hub b. Switching hub c. Port hub d. Filtering hub 43. Your company receives Internet access through a network or gateway server. Which of the following devices is best suited to protect resources and subnet your LAN directly on the network server? a. DSL modem b. A multi-homed firewall c. VLAN d. A brouter that acts both as a bridge and a router 44. Firewalls are designed to perform all the following except: a. Limiting security exposures b. Logging Internet activity c. Enforcing the organization's security policy d. Protecting against viruses 45. Stateful firewalls may filter connection-oriented packets that are potential intrusions to the LAN. Which of the following types of packets can a stateful packet filter deny? a. UDP b. TCP c. IP d. ICMP 46. Which of the following systems run an application layer firewall using Proxy software? a. Proxy NAT b. Proxy client c. Client 32 d. Proxy server

Page 7 of 12 RESTRICTED - EXAMINATION

RESTRICTED - EXAMINATION 47. Which of the following use routers with packet filtering rules to allow or deny access based on source address, destination address, or port number? a. Application layer firewall b. Packet filtering firewall c. Router enhanced firewall d. IP enabled firewall 48. Which of the following firewalls keeps track of the connection state? a. Application layer firewall b. Packet filtering firewall c. Router enhanced firewall d. Stateful packet filtering firewall 49. Which of following devices discriminates between multicast and unicast packets? a. Multicast switch b. Bicast switch c. Bicast router d. Multicast router 50. Your primary concern is LAN security. You want to subnet your internal network with a device that provides security and stability. Which of the following devices do you choose to meet these needs? a. Static router b. Dynamic router c. Static switch d. Dynamic switch 51. Which of the following is the most difficult to configure, but safest device to use on a LAN? a. Static router b. IP enabled router c. Dynamic router d. RIP enabled router 52. Which of the following statements are true about routers and bridges? a. Bridges connect two networks at the Data Link Layer b. Bridges are types of inexpensive routers c. Routers are improved bridges d. Routers connect two networks at the Network Layer
53.The GASSP is: a. The General Assurance System Security Policies b. The Generally Accepted System Security Principles c. The General Assurance System Security Principles d. The Generally Accepted System Security Policies

Page 8 of 12 RESTRICTED - EXAMINATION

RESTRICTED - EXAMINATION 54. Remember, routers work at the Network Layer of the International Standards Organization/Open Systems Interconnection (ISO/OSI) established sequence of OSI Layers. What is the correct and complete OSI sequence in order from user interface (Layer 7) to the delivery of binary bits (Layer 1)? a. Physical Layer, Network Layer, Data Link Layer, Transport Layer, Session Layer, Presentation Layer, Application Layer b. Application Layer, Presentation Layer, Session Layer, Transport Layer, Network Layer, Data Link Layer, Physical Layer c. Application Layer, Physical Layer, Session Layer, Transport Layer, Network Layer, Data Link Layer, Presentation Layer d. Physical Layer, Data Link Layer, Network Layer, Session Layer, Transport Layer, Presentation Layer, Application Layer 55. Most networks employ devices for routing services. Routers work at which of the following OSI layers? a. Transport b. Network c. Presentation d. Session
56.Information security managers are often motivated by which of the following? a. Concern for the well-being of society b. Governmental regulation c. Fear of unwanted publicity d. All of the above are motivating factors 57.You manage a company network and the network budget. You want to minimize costs, but desire to prevent crackers from sniffing your local network (LAN). Which of the following devices would you recommend to meet your goals? a. Hub b. Switch c. Router d. Firewall 58.Which of the following is a MODIS element? a. Application Service Provision b. MODAF c. Information Exploitation d. WLAN 59. In establishing a high system assurance design one aspect is the performance requirements that specify the range of scaling over which the system should meet specific throughput and response criteria. Which of the following is not one of the remaining 3 aspects of system assurance? a. Reliability b. Failure response c. Accountability d. Quality of service

Page 9 of 12 RESTRICTED - EXAMINATION

RESTRICTED - EXAMINATION
60.A Topic not included within the umbrella of information security is: a. Incident response b. Key management c. Electronic forensics d. Security testing

Page 10 of 12 RESTRICTED - EXAMINATION

RESTRICTED - EXAMINATION Unit 13 Part A Answer Sheet

Candidate No: .
Question

1. 2. 3. 4. 5. 6. 7. 8. 9. 10. 11. 12. 13. 14. 15. 16. 17. 18. 19. 20.

MARK Answer A B C D A B C D A B C D A B C D A B C D A B C D A B C D A B C D A B C D A B C D

Question

31. 32. 33. 34. 35. 36. 37. 38. 39. 40. 41. 42. 43. 44. 45. 46. 47. 48. 49. 50.

MARK Answer A B C D A B C D A B C D A B C D A B C D A B C D A B C D A B C D A B C D A B C D

A B C D A B C D A B C D A B C D A B C D A B C D A B C D A B C D A B C D A B C D

A B C D A B C D A B C D A B C D A B C D A B C D A B C D A B C D A B C D A B C D

Page 11 of 12 RESTRICTED - EXAMINATION

RESTRICTED - EXAMINATION

21. 22. 23. 24. 25. 26. 27. 28. 29. 30.

A B C D A B C D A B C D A B C D A B C D A B C D A B C D A B C D A B C D A B C D

51. 52. 53. 54. 55. 56. 57. 58 59. 60.

A B C D A B C D A B C D A B C D A B C D A B C D A B C D A B C D A B C D A B C D

Page 12 of 12 RESTRICTED - EXAMINATION