Sei sulla pagina 1di 37

1.

A ping sweep
A) Sends ICMP echo requests to the target machine
B) Is an exploit that creates a denial of service (DoS) using ICMP echo requests
C) Is a method of clearing your network
D) Determines what services are running on a system

Points Earned: 1.0/1.0


Correct Answer(s): A

2.
What is an unstructured threat?
A) An attack that is uncoordinated, nonspecific, and lasts a short amount of time
B) An elite hacker who mounts an attack against a specific target
C) A poorly engineered building
D) A type of malicious code that formats the hard drive on a computer.

Points Earned: 1.0/1.0


Correct Answer(s): A

3.
In 2009 _______________ was cut and resulted in widespread phone and Internet
outages in the San Jose area of California.

Points Earned: 1.0/1.0


Correct Answer(s): Fiber cable

4.
A successful attack on a network may adversely impact security in all the following ways
EXCEPT:
A) Loss of confidentiality
B) Loss of integrity
C) Loss of functionality
D) Loss of availability

Points Earned: 1.0/1.0


Correct Answer(s): C

5.
Which of the following is not one of the three general methods used in authentication?
A) Something you do
B) Something you have
C) Something you are
D) Something you know

Points Earned: 1.0/1.0


Correct Answer(s): A

6.
Authentication means that the person who sends and e-mail will be unable to deny
sending the e-mail.
A) True
B) False

Points Earned: 1.0/1.0


Correct Answer(s): False

7.
The first step an administrator can take to reduce possible attacks is to
A) Install a firewall
B) Ensure all patches for the operating system and applications are installed
C) Configure an intrusion detection system
D) Install anti-spyware software
Points Earned: 1.0/1.0
Correct Answer(s): B

8.
The term "script kiddies" refers to
A) A children's television show
B) A type of video game
C) A hacker of low-end technical ability
D) An Internet site for peer-to-peer music sharing

Points Earned: 1.0/1.0


Correct Answer(s): C

9.
As the level of sophistication of attacks _________, the level of knowledge necessary to
exploit vulnerabilities decreased.

Points Earned: 1.0/1.0


Correct Answer(s): increased

10.
A person who tries to gradually obtain information necessary to compromise a network—
by first appealing for help, and then, if necessary, by a more aggressive approach—is a(n)
__________.
A) phreaker
B) social engineer
C) hacktivist
D) terrorist

Points Earned: 1.0/1.0


Correct Answer(s): B
11.
Ensuring that users have access only to the files they need to complete their tasks is an
example of which principle?
A) Least privilege
B) Implicit deny
C) Keep it simple
D) Separation of duties

Points Earned: 1.0/1.0


Correct Answer(s): A

12.
The ability to manage whether a subject can interact with an object is called
_______________.

Points Earned: 1.0/1.0


Correct Answer(s): access control

13.
Fifty years ago, few people had access to a computer system or network, so securing
them was a relatively easy matter.
A) True
B) False

Points Earned: 1.0/1.0


Correct Answer(s): True

14.
Vladimir Levin was able to steal $10 Million from _______________ by using its cash
management system.

Points Earned: 1.0/1.0


Correct Answer(s): Citibank

15.
The hacker was successful in breaching the firewall, the packet filtering router, and the
internal firewall, but was quickly detected and unable to get past the workstation personal
firewall. This is an example of what principle?
A) Job rotation
B) Layered security
C) Security through obscurity
D) Diversity of defense

Points Earned: 1.0/1.0


Correct Answer(s): B

What is the problem described by the van Eck phenomenon and studied under
TEMPEST?
A) Magnetic fields that interfere with signals crossing Local Area Network (LAN)
cables
B) Electromagnetic pulses destroying sensitive computer equipment
C) Piggybacking on electromagnetic communications
D) Electromagnetic eavesdropping

Points Earned: 1.0/1.0


Correct Answer(s): D

2.
Halon is effective at putting out fires and safe for humans but can damage equipment.
A) True
B) False

Points Earned: 1.0/1.0


Correct Answer(s): False

3.
Your boss needs instructions explaining the steps of how to send encrypted email
properly for all employees. You will need to create the _________.
A) procedure
B) policy
C) guideline
D) standard

Points Earned: 1.0/1.0


Correct Answer(s): A

4.
Voice recognition, iris scans, and facial geometry can be used for biometric access
controls.
A) True
B) False

Points Earned: 1.0/1.0


Correct Answer(s): True

5.
Shoulder surfing is when a person looks over the shoulder of another person while typing
pins or passwords.
A) True
B) False

Points Earned: 1.0/1.0


Correct Answer(s): True
6.
Standards are recommendations relating to a policy.
A) True
B) False

Points Earned: 1.0/1.0


Correct Answer(s): False

7.
When an attacker attempts to get credit card numbers using telephone and voice
technologies, it's called
A) Phreaking
B) Telephishing
C) Vishing
D) Voicing

Points Earned: 1.0/1.0


Correct Answer(s): C

8.
One of the most effective tools for foiling the efforts of a social engineering attack is an
active security awareness program.
A) True
B) False

Points Earned: 1.0/1.0


Correct Answer(s): True

9.
The greatest danger to networks comes from
A) Attacks coming across the public switched telephone network
B) Natural disasters
C) Foreign hackers
D) Insiders

Points Earned: 1.0/1.0


Correct Answer(s): D

10.
When an attacker tries to position himself behind a user so that he can see what keys are
being typed or what information is on the screen is called _______________

Points Earned: 1.0/1.0


Correct Answer(s): shoulder surfing

11.
_______________ are mandatory elements regarding the implementation of a policy.

Points Earned: 1.0/1.0


Correct Answer(s): Standards

12.
Statements made by management that lays out the organization's position on an issue are
called ________.
A) procedures
B) policies
C) guidelines
D) standards

Points Earned: 1.0/1.0


Correct Answer(s): B
13.
All of the following are characteristics of a strong password EXCEPT:
A) Contains special characters, i.e., *%$#@
B) Contains numbers and letters
C) Contains an uncommon dictionary word
D) Contains at least eight characters

Points Earned: 1.0/1.0


Correct Answer(s): C

14.
_______________ is the simple tactic of following closely behind a person who has just
used their own access card or PIN to gain physical access to a room or building.

Points Earned: 1.0/1.0


Correct Answer(s): Piggybacking

15.
_______________ are devices that have batteries that are used to keep equipment
running in the event of a power outage.

Points Earned: 1.0/1.0


Correct Answer(s): UPS

1.
_______________ is done by comparing the input plaintext to the output ciphertext to try
to determine the key used to encrypt the information.

Points Earned: 1.0/1.0


Correct Answer(s): Differential cryptanalysis
2.
The art of secret writing that enables an individual to hide the contents of a message from
all but the intended recipient is called
A) Key management
B) Steganography
C) Cryptanalysis
D) Cryptography

Points Earned: 0.0/1.0


Correct Answer(s): D

3.
PKI can be used as a measure to trust individuals we do not know.
A) True
B) False

Points Earned: 1.0/1.0


Correct Answer(s): True

4.
Keyspace refers to
A) All possible key values
B) The number of keys needed to encrypt or decrypt a message
C) The location where keys are stored
D) The portion of the algorithm that the key connects with to encrypt or decrypt a
message

Points Earned: 1.0/1.0


Correct Answer(s): A

5.
The benefit of SHA-1 over MD5 is that it is resistant to a collision attack.
A) True
B) False

Points Earned: 1.0/1.0


Correct Answer(s): False

6.
All of the following are asymmetric encryption algorithms EXCEPT:
A) ECC
B) RSA
C) 3DES
D) ElGamal

Points Earned: 1.0/1.0


Correct Answer(s): C

7.
The process for protecting intellectual property from unauthorized used is called
A) Digital signatures
B) Digital rights management
C) Key escrow
D) Anti-pirating management

Points Earned: 1.0/1.0


Correct Answer(s): B

8.
What is a certificate authority?
A) An entity that generates electronic credentials
B) An entity that requires proof of identity from the individual requesting a
certificate
C) A centralized directory in which the registered certificate is stored
D) An entity that generates a digitally signed identification certificate

Points Earned: 1.0/1.0


Correct Answer(s): D

9.
Hiding a text file in a jpg file is an example of steganography.
A) True
B) False

Points Earned: 1.0/1.0


Correct Answer(s): True

10.
The encryption method based on the idea of using a shared key for encryption and
decryption of data is
A) Symmetric encryption
B) Elliptical curve encryption
C) Hashing function
D) Asymmetric encryption

Points Earned: 1.0/1.0


Correct Answer(s): A

11.
The term used to describe a centralized directory that can be accessed by a subset of
individuals is _______________

Points Earned: 1.0/1.0


Correct Answer(s): certificate repository
12.
The cipher that replaces each letter of the alphabet with a different letter (not in
sequence) is a
A) Substitution cipher
B) Vigenère cipher
C) Shift cipher
D) Transposition cipher

Points Earned: 0.0/1.0


Correct Answer(s): A

13.
All of the following are cryptographic applications EXCEPT:
A) FreeOTFE
B) PGP
C) StegDetect
D) GnuPG

Points Earned: 1.0/1.0


Correct Answer(s): C

14.
How is an outsourced CA different from a public CA?
A) It provides dedicated services, and possibly equipment, to an individual
company.
B) The CA is implemented, maintained, and controlled by the company that
implemented it.
C) The CA is already established and being used by many individuals and
companies.
D) The CA provides more flexibility for companies.
Points Earned: 1.0/1.0
Correct Answer(s): A

15.
The difference between centralized and decentralized infrastructures is
A) In a decentralized infrastructure, the certificate may have an extended lifetime.
B) The network administrator sets up the distribution points in centralized
infrastructures.
C) The location where the cryptographic key is generated and stored is different.
D) The key pairs and certificates do not have a set lifetime in centralized
infrastructures.

Points Earned: 0.0/1.0


Correct Answer(s): C

1.
What is PKCS?
A) A method of private cryptography used by the military
B) A method of encrypting e-mail from the IRS
C) One of the standards used in implementing a public key infrastructure
D) The method of encryption that used a 40 bit encryption key

Points Earned: 1.0/1.0


Correct Answer(s): C

2.
PKI stands for _______________

Points Earned: 1.0/1.0


Correct Answer(s): public key infrastructure

3.
For products evaluated by Common Criteria, the highest level of assurance is
A) EAL 7
B) EAL 1
C) EAL9
D) EAL 8

Points Earned: 1.0/1.0


Correct Answer(s): A

4.
WEP uses public key encryption so it has secure wireless communications.
A) True
B) False

Points Earned: 1.0/1.0


Correct Answer(s): False

5.
A mantrap is used to prevent piggybacking.
A) True
B) False

Points Earned: 1.0/1.0


Correct Answer(s): True

6.
Theft of the computer, using a boot disk to simply erase all data on the drives, or simply
unplugging computers are all effective for ___________.

Points Earned: 1.0/1.0


Correct Answer(s): denial of service
7.
A false positive is when a biometric is scanned and allows access—when it was not the
person who has authorization.
A) True
B) False

Points Earned: 1.0/1.0


Correct Answer(s): True

8.
What is PKIX?
A) The method of encryption that uses a 40 bit encryption key
B) One of the standards used in implementing a public key infrastructure
C) A method of encrypting e-mail from the IRS
D) A method of private cryptography used by the military

Points Earned: 1.0/1.0


Correct Answer(s): B

9.
_______________ is the process is taking the entire contents of a hard drive and copying
them to a single file on a different media.

Points Earned: 1.0/1.0


Correct Answer(s): Drive imaging

10.
The X.905 standard specifies formats for public key certificates.
A) True
B) False

Points Earned: 1.0/1.0


Correct Answer(s): False

11.
An ionization fire detection device
A) Detects smoke
B) Provides advanced warning for smoldering fires
C) Detects fast burning fires
D) Detects heat

Points Earned: 1.0/1.0


Correct Answer(s): C

12.
_______________ is used to encrypt web traffic and uses port 443.

Points Earned: 1.0/1.0


Correct Answer(s): HTTPS

13.
Pretty good privacy (or PGP) is
A) A privacy group that fights against the government
B) A password management system
C) A common encryption method for e-mail
D) A method of security an operating system kernel

Points Earned: 1.0/1.0


Correct Answer(s): C
14.
_______________ is a message specification extension to the MIME standard, used to
provide a way to send and receive signed and encrypted MIME data.

Points Earned: 1.0/1.0


Correct Answer(s): S/MIME

15.
A popular program used to encrypt and decrypt e-mail and files is _______________.

Points Earned: 1.0/1.0


Correct Answer(s): Pretty Good Privacy (PGP)

1.
Which transport layer protocol is connection oriented?
A) UDP
B) IP
C) TCP
D) ICMP

Points Earned: 1.0/1.0


Correct Answer(s): C

2.
Which operating system is immune to virus attacks?
A) Windows 7
B) Red Hat Linux
C) Mac OS X
D) No operating system is immune.

Points Earned: 1.0/1.0


Correct Answer(s): D

3.
The buffer between the outer network where there are no controls and the inner secure
network is referred to as the
A) DMZ
B) Intranet
C) Internet
D) Extranet

Points Earned: 1.0/1.0


Correct Answer(s): A

4.
The correct sequence of the three-way handshake is
A) SYN/ACK, SYN/ACK, SYN/ACK
B) ACK, SYN/ACK, SYN
C) SYN, SYN/ACK, ACK
D) SYN/SYN, ACK/ACK, SYN/SYN

Points Earned: 1.0/1.0


Correct Answer(s): C

5.
_______________ is the protocol used to resolve an IP address to a MAC address.

Points Earned: 1.0/1.0


Correct Answer(s): Address Resolution Protocol (ARP)

6.
DNS resolves a domain name to an IP address.
A) True
B) False

Points Earned: 1.0/1.0


Correct Answer(s): True

7.
Managing the endpoints on a case-by-case basis as they connect is a security
methodology known as _______________.

Points Earned: 1.0/1.0


Correct Answer(s): network access control

8.
Which protocol is responsible for resolving an IP address to a MAC address?
A) DNS
B) ICMP
C) RARP
D) ARP

Points Earned: 1.0/1.0


Correct Answer(s): D

9.
_______________ translates private (nonroutable) IP addresses into public (routable) IP
addresses.

Points Earned: 1.0/1.0


Correct Answer(s): Network Address Translation (NAT)
10.
What is called when network components are connected to each other in a closed loop,
with each device directly connected to two other devices.
A) Hybrid
B) Star
C) Bus
D) Ring

Points Earned: 1.0/1.0


Correct Answer(s): D

11.
Preventing physical access to a server by an unauthorized individual is the
A) An organization's least important concern
B) Primary security concern for a system administrator
C) Reason we implement firewalls
D) Responsibility of the CFO of an organization

Points Earned: 1.0/1.0


Correct Answer(s): B

12.
The series of worldwide interconnected networks is referred to as the
A) Extranet
B) Intranet
C) DMZ
D) Internet

Points Earned: 1.0/1.0


Correct Answer(s): D
13.
A ________ is a network typically smaller in terms of size and geographic coverage and
consist of two or more connected devices. Home or office networks are typically
classified as this type of network.
A) office area network
B) wide area network
C) local area network
D) internal area network

Points Earned: 1.0/1.0


Correct Answer(s): C

14.
Which transport layer protocol is connectionless?
A) IP
B) TCP
C) ICMP
D) UDP

Points Earned: 1.0/1.0


Correct Answer(s): D

15.
What protocol is used to manage IP address space?
A) DHCP
B) SNMP
C) ICMP
D) TCP

Points Earned: 1.0/1.0


Correct Answer(s): A

1.
_______________ is a modulation type that spreads the traffic sent over the entire
bandwidth.

Points Earned: 1.0/1.0


Correct Answer(s): Direct-sequence spread spectrum (DSSS)

2.
_______________ is the granting of specific permissions based on the privileges held by
the account.

Points Earned: 0.0/1.0


Correct Answer(s): Authorization

3.
A door that requires a thumbprint, key card, and password is an example of
A) Mutual authentication
B) Multifactor authentication
C) Single sign-on
D) Dual access control

Points Earned: 1.0/1.0


Correct Answer(s): B

4.
One of the fundamental design aspects of TACACS+ is the separation of authentication,
authorization, and accounting.
A) True
B) False

Points Earned: 1.0/1.0


Correct Answer(s): True
5.
Because the security of wireless LANs is ineffective, many users have switched to a
layered security approach.
A) True
B) False

Points Earned: 1.0/1.0


Correct Answer(s): True

6.
Which of the following protocols involves a three-way handshake and uses a shared
secret key for communication?
A) S/Telnet
B) PAP
C) TCP
D) CHAP

Points Earned: 1.0/1.0


Correct Answer(s): D

7.
_______________ authentication is a term that describes the use of more than one
authentication mechanism at the same time.

Points Earned: 1.0/1.0


Correct Answer(s): Multifactor

8.
The three major components of the SSH protocol are the
A) User Datagram Protocol, User Encryption Protocol, and Connection Protocol
B) Transport Layer Protocol, User Authentication Protocol, and Connection
Protocol
C) User Datagram Protocol, User Authentication Protocol, and Connection
Protocol
D) Transport Layer Protocol, User Encryption Protocol, and Connection Protocol

Points Earned: 1.0/1.0


Correct Answer(s): B

9.
The security concern over the so-called WAP gap is when
A) WAP protocol is susceptible to Gateway Acquisition Pilfering (gap).
B) WAP gateways have a significant lag and hold the messages long enough for
them to be decrypted by attackers.
C) The encryption fails to translate from one encryption scheme to another.
D) WAP gateways perform translation from one encryption standard to another all
messages are seen in plaintext by the WAP gateway.

Points Earned: 1.0/1.0


Correct Answer(s): D

10.
Physical access to a machine will enable an attacker to bypass any security measure that
has been placed on that machine.
A) True
B) False

Points Earned: 1.0/1.0


Correct Answer(s): True

11.
_______________ multiplexes or separates the data to be transmitted into smaller chunks
and then transmits the chunks on several sub channels.

Points Earned: 1.0/1.0


Correct Answer(s): Orthogonal frequency division multiplexing (OFDM)

12.
_______________ describes a process in which each side of an electronic
communication verifies the authenticity of the other.

Points Earned: 1.0/1.0


Correct Answer(s): Mutual authentication

13.
Which type of access control would allow the company to restrict employee access to the
payroll file after hours or on weekends?
A) Discretionary access control
B) Rule-based access control
C) Role-based access control
D) Mandatory access control

Points Earned: 1.0/1.0


Correct Answer(s): B

14.
Security issues associated with WTLS include which of the following?
A) The specifications do not allow connections without high security.
B) Clients with low memory or CPU capabilities cannot support encryption.
C) WTLS cannot cope with limited processor capacity.
D) WTLS cannot cope with small amounts of memory.

Points Earned: 1.0/1.0


Correct Answer(s): B

15.
In _______________, the attacker uses a Bluetooth to establish a serial connection to the
device.

Points Earned: 1.0/1.0


Correct Answer(s): bluebugging

1.
The biggest change that has occurred in security over the last 30 years has been the
change in the computing environment from small, tightly contained mainframes to a
highly widespread network of much larger systems.
A) True
B) False

Points Earned: 0.0/1.0


Correct Answer(s): False

2.
A successful attack on a network may adversely impact security in all the following ways
EXCEPT:
A) Loss of confidentiality
B) Loss of integrity
C) Loss of functionality
D) Loss of availability

Points Earned: 1.0/1.0


Correct Answer(s): C

3.
As the level of sophistication of attacks has increased,
A) The level of knowledge necessary to exploit vulnerabilities has increased
B) The level of knowledge necessary to exploit vulnerabilities has decreased
C) The level of skill necessary to exploit vulnerabilities has increased
D) The amount of exploit software available on the Internet has decreased

Points Earned: 1.0/1.0


Correct Answer(s): B

4.
The IDS fails to alert on an intruder's ping sweep and port scan. This is a failure of which
element of the operational model of computer security?
A) Protection
B) Prevention
C) Detection
D) Response

Points Earned: 0.0/1.0


Correct Answer(s): C

5.
___________ places the focus on the security processes and the actual data.
A) Computer security
B) Network security
C) Information assurance
D) Communications security

Points Earned: 1.0/1.0


Correct Answer(s): C

6.
A company doing business online conducted all financial transactions over the Internet
without any encryption. As a result, customer information such as credit card numbers,
expiration dates, and the security codes found on the back of the credit cards was stolen.
This is a violation of which policy?
A) Due diligence
B) Due process
C) Need to know
D) Acceptable use

Points Earned: 1.0/1.0


Correct Answer(s): A

7.
_______________ is a set of elements that can lead to the specific identity of a person.

Points Earned: 0.0/1.0


Correct Answer(s): Personally identifiable information (PII)

8.
Which type of backup copies all files, but only since the last full backup?
A) Full
B) Differential
C) Incremental
D) Delta

Points Earned: 0.0/1.0


Correct Answer(s): B

9.
A(n) _______________ is a special mathematical function that performs a one-way
encryption.
Points Earned: 1.0/1.0
Correct Answer(s): hashing function

10.
_______________ is the simple tactic of following closely behind a person who has just
used their own access card or PIN to gain physical access to a room or building.

Points Earned: 1.0/1.0


Correct Answer(s): Piggybacking

11.
Which of the following is NOT an example of a poor security practice?
A) The user does not follow established security policies or processes.
B) A result of a lack of security policies, procedures or training within the user's
organization.
C) An employee does not allow a person he is talking to, to enter a secured area
behind him before showing proper credentials.
D) An employee creates on good password and then uses it for all accounts.

Points Earned: 1.0/1.0


Correct Answer(s): C

12.
Leaving sensitive information in a car is appropriate if the doors are locked and the files
are not in plain view.
A) True
B) False

Points Earned: 1.0/1.0


Correct Answer(s): False
13.
Cryptography can be used to protect confidentiality and integrity as well be used to
implement nonrepudiation, authentication, key escrow, digital signatures, and digital
rights management.
A) True
B) False

Points Earned: 1.0/1.0


Correct Answer(s): True

14.
The art of secret writing that enables an individual to hide the contents of a message from
all but the intended recipient is called
A) Steganography
B) Cryptanalysis
C) Cryptography
D) Key management

Points Earned: 1.0/1.0


Correct Answer(s): C

15.
_______________ puts the plaintext through a simplified cipher to try to deduce what the
key is likely to be in a full version of the cipher.

Points Earned: 1.0/1.0


Correct Answer(s): Linear cryptanalysis

16.
_______________ is the PKI component that accepts a request for a digital certificate
and performs the necessary steps of registering and authenticating the person requesting
the certificate.
Points Earned: 1.0/1.0
Correct Answer(s): Registration authority

17.
What is a certificate repository?
A) A directory that calculates a message digest for the certificate
B) An entity that generates electronic credentials
C) A directory that requires a centralized infrastructure
D) A centralized directory in which the registered certificate is stored

Points Earned: 1.0/1.0


Correct Answer(s): D

18.
An in-house certificate authority is
A) A CA that is already established and being used by many individuals and
companies
B) A certificate authority that is maintained and controlled by the company that
C) implemented it
D) A CA that provides dedicated services, and possibly equipment, to an
individual company
E) A CA that provides more flexibility for companies

Points Earned: 1.0/1.0


Correct Answer(s): B

19.
The current version of S/MIME is version 2.
A) True
B) False

Points Earned: 1.0/1.0


Correct Answer(s): False

20.
What are the SSL and TLS used for?
A) A means of securing application programs on the system
B) To secure communication over the internet
C) A method to change from one form of PKI infrastructure to another
D) A secure way to reduce the amount of SPAM a system receives

Points Earned: 1.0/1.0


Correct Answer(s): B

21.
The _______________ protocol was introduced by Netscape as a means of providing
secure connections between the client and server for exchanging information.

Points Earned: 1.0/1.0


Correct Answer(s): SSL

22.
What kind of copy is a drive image?
A) Bit-by-bit copy
B) File-by-file copy
C) Partition copy
D) A copy of all images on the drive

Points Earned: 1.0/1.0


Correct Answer(s): A

23.
A mantrap is used to prevent piggybacking.
A) True
B) False

Points Earned: 1.0/1.0


Correct Answer(s): True

24.
One drawback to water-based fire suppression systems is that they
A) Can be toxic to humans
B) Can cause more damage to equipment
C) Are the most expensive type of suppression system
D) Are not useful against type A fires

Points Earned: 1.0/1.0


Correct Answer(s): B

25.
Which of the following is not a private IP address?
A) 10.100.200.100
B) 172.32.32.21
C) 192.168.1.1
D) 192.168.254.254

Points Earned: 1.0/1.0


Correct Answer(s): B

26.
Local packet delivery (where packets are delivered on a LAN) uses ________ addresses
to send packets.

Points Earned: 1.0/1.0


Correct Answer(s): Machine Access Control (MAC)

27.
LAN and WAN networks can be connected.
A) True
B) False

Points Earned: 1.0/1.0


Correct Answer(s): True

28.
_____________ is/are computers in a network that host applications and data for
everyone to share.
A) Linux boxes
B) Servers
C) Firewalls
D) Cryptography

Points Earned: 1.0/1.0


Correct Answer(s): B

29.
Hubs are the most common device used for connecting computers on a local area
network.
A) True
B) False

Points Earned: 1.0/1.0


Correct Answer(s): False
30.
Preventing physical access to a server by an unauthorized individual is the
A) Responsibility of the CFO of an organization
B) Primary security concern for a system administrator
C) An organization's least important concern
D) Reason we implement firewalls

Points Earned: 1.0/1.0


Correct Answer(s): B

31.
Which type of access control would be used to grant permissions based on the duties that
must be performed?
A) Mandatory access control
B) Discretionary access control
C) Role-based access control
D) Rule-based access control

Points Earned: 1.0/1.0


Correct Answer(s): C

32.
_______________ authentication is a term that describes the use of more than one
authentication mechanism at the same time.

Points Earned: 1.0/1.0


Correct Answer(s): Multifactor

33.
What does SSH stand for?
A) Simple Security Hardware
B) Secure Socket Help
C) Secure Shell
D) Scientifically Secure Hard Drive

Points Earned: 1.0/1.0


Correct Answer(s): C

34.
A new standard for sending packetized data traffic over radio waves in the unlicensed 2.4
GHz band is
A) WAP
B) WTLS
C) 802.11b
D) 804.11b

Points Earned: 1.0/1.0


Correct Answer(s): C

35.
_______________ protocol can support a wide variety of authentication methods and
also fits well into existing authentication systems like RADIUS.

Points Earned: 0.0/1.0


Correct Answer(s): 802.1X

36.
802.1x is not is not compatible with RADIUS or LDAP.
A) True
B) False

Points Earned: 1.0/1.0


Correct Answer(s): False

Potrebbero piacerti anche