All Docs Merged

QUESTION 1
1. Which term describes programs used to control access to computer resources, enforce
policies, audit usage, and provide billing information?
Traffic congestion
Certificate authority (CA)
Authentication, authorization, and accounting (AAA) services
Trusted roots list
5.00000 points
QUESTION 2
1. Which of the following refers to the malicious insertion of scripting code onto a vulnerable
Web site?
Insertion attack
Upstream filtering
Keystroke logger
Cross-site scripting (XSS)
5.00000 points
QUESTION 3
1. Which name is given to a VPN created between a client and a server either within the same
local network or across a WAN link or intermediary network to support secure client
interaction with the services of a resource host?
Site-to-site VPN
Software VPN
Client-to-server VPN
Keyspace
5.00000 points
QUESTION 4
1. Which name is given to a rogue program that automatically dials a modem to a pre-defined
number to auto-download additional malware to the victim or to upload stolen data from
the victim?
Adware
Sector
Spyware
Dialer
5.00000 points
QUESTION 5
1. Which term describes a network, network link, or channel located between the endpoints
of a VPN?
One-way function
Host-to-host network
Site-to-site network
Intermediary network
5.00000 points
QUESTION 6
1. Which of the following is given to a software interface with a system that allows code
execution?
Intentional Electromagnetic Interference (IEMI)
National Institute of Standards and Technology (NIST)
Proxy
Command shell
5.00000 points
QUESTION 7
1. Which of the following terms describes hiding information from unauthorized third
parties?
Virtual Private Network (VPN)
Split tunnel
Cryptography
Authentication, Authorization, and Accounting (AAA) Services
5.00000 points
QUESTION 8
1. Which of the following is not a type of malware?
Virus
Worm
Chip creep
Trojan horse
5.00000 points
QUESTION 9
1. A dedicated connection is always off and available for immediate transmission of data only
when there is an emergency.
True
False
5.00000 points
QUESTION 10
1. Which term is a form of exploitation in which an unauthorized or rogue DNS server
responds to DNS queries with false resolutions?
DNS poisoning
DNS spoofing
Banner grabbing
Dumpster diving
5.00000 points
QUESTION 11
1. Which of the following us an intentional discharge made to damage or destroy electronic
equipment ranging from cell phones to computers and servers?
Session hijacking
Virus
Intentional electromagnetic interference (IEMI)
Chip creep
5.00000 points
QUESTION 12
1. Hashing verifies data integrity by using algorithms to produce unique numbers from
datasets known as hash values.
True
False
5.00000 points
QUESTION 13
1. Which term refers to a type of business telephone network?
Private Branch Exchange (PBX)
Host-to-site VPN
Rekeying
Virtual private network (VPN)
5.00000 points
QUESTION 14
1. Which name is given to the information related to the owners and managers of a domain
name accessed through the domain registrar’s Web sites and Whois lookups?
Domain registration
USENET newsgroup
Wrapper
5.00000 points
QUESTION 15
1. Which term describes a form of security defense that focuses on discouraging a perpetrator
with physical harm, social disgrace, and legal consequences?
Buffer overflow
Firewall
Deterrent
Dumpster diving
5.00000 points
QUESTION 16
1. Which term is used to describe a feature added to the NTFS file system to support files
from POSIX, OS/2, and Macintosh?
Deterrent
Adware
Hierarchical file system (HFS)
Alternate data stream (ADS)
5.00000 points
QUESTION 17
1. A split tunnel is a VPN connection that allows simultaneous access to the secured VPN link
and unsecured access to the Internet across the same connection.
True
False
5.00000 points
QUESTION 18
1. Which term describes a VPN created between two individual hosts across a local or
intermediary network?
VPN appliance
Host-to-host VPN
Hash
Site-to-site VPN
5.00000 points
QUESTION 19
1. Which of the following is a form of exploitation in which the data on a DNS server is
falsified so that subsequent responses to DNS resolution queries are incorrect?
Dumpster diving
DNS poisoning
Banner grabbing
Dialer
5.00000 points
QUESTION 20
1. Reconnaissance is the act of learning as much as possible about a target before attempting
attacks.
True
False
Question 1 5 pts
Which of the following describes AppleTalk?
A legacy protocol used in networks hosting mainly Macintosh computers
A policy that allows employees, contractors, and others to connect their own computers,
smartphones, and other devices to their organizationsâ€™ networks
An application-programming interface (API) developed by IBM in 1985 to emulate

NetBIOS on a token ring network
An Application Layer protocol used by e-mail clients to receive messages from an e-mail
server
Flag this Question

Question 2 5 pts
All of the following are advantages of a defense-in-depth security design except which one?
Defense in depth avoids single points of failure.
Defense in depth keeps senior management out of the activities of the security department.
Defense in depth divides and conquers, which separates projects into smaller pieces.
Defense in depth filters user interactions.
Flag this Question

Question 3 5 pts
Which of the following is a portion of a software system that unauthenticated users can run?
Bring Your Own Device (BYOD)
Attack surface
Post Office Protocol (POP)

Modeling
Flag this Question

Question 4 5 pts
Which of the following refers to the end userâ€™s desktop devices such as a desktop computer,
laptop, VoIP telephone, or other endpoint device?
LAN Domain
Workstation Domain
WAN Domain
Remote Access Domain
Flag this Question

Question 5 5 pts
Which of the following refers to the entity responsible for global coordination of IP addressing,
DNS root, and other Internet protocol resources?
AppleTalk
Internet Assigned Numbers Authority (IANA)

NetBIOS Extended User Interface (NetBEUI)
Flag this Question

Question 6 5 pts
Which of the following is not a characteristic of a private address?
They are leased.
They require translation.
They can be mixed with public addresses.

They are isolated from the Internet.
Flag this Question

Question 7 5 pts
Which term describes a form of security based on hiding details of a system, or creating
convolutions that are difficult to understand?
Firewall
Modeling
Security through obscurity
Flag this Question

Question 8 5 pts
What attack cracks a password or encryption key by trying all possible valid combinations from
a defined set of possibilities (a set of characters or hex values)?
Brute-force attack
Hybrid attack
Dictionary password attack

Modeling
Flag this Question

Question 9 5 pts
Which attack uses a pre-constructed list of potential passwords or encryption keys?
Piloting
Brute-force attack
Hybrid attack
Flag this Question

Question 10 5 pts
Which protocol and a data exchange system commonly used over TCP/IP networks, including
the Internet, but which is unencrypted and performs authentication and data transfer in plaintext?
AppleTalk
File Transfer Protocol (FTP)

Hyper Text Transfer Protocol (HTTP)
Flag this Question

Question 11 5 pts
Which of the following describes identity and access management (IAM)?
The security discipline that enables the right individuals to access the right resources at the
right times and consistent with organizational policy
Portions of a software system that unauthenticated users can run
A form of security based on hiding details of a system or creating convolutions that are
difficult to understand to overcome the obscure methodology
A policy of allowing or even encouraging employees, contractors, and others to connect
their own computers, smartphones, and other devices to their organizationâ€™s networks
Flag this Question

Question 12 5 pts
Gathering through eavesdropping on communications, whether encrypted or not, is known as
what?
Encryption
Traffic and trend analysis
Eavesdropping
Filtering
Flag this Question

Question 13 5 pts
Which of the following refers to the process of simulating and testing a new concept, design,
programming technique, and so on before deployment into a production environment?
Eavesdropping
Modeling
AppleTalk
Piloting
Flag this Question

Question 14 5 pts
As an organization stretches beyond its capacity to support, sell, create, maintain, respond,
produce, and so on, small problems quickly become big problems. Which of the following does
not ensure long-term viability and stability for the business and network security design?
Steady growth
Controlled growth
Planned growth
Unlimited growth
Flag this Question

Question 15 5 pts
Which of the following describes a BYOD?
An application-programming interface (API) developed by IBM in 1985 to emulate
NetBIOS on a token ring network
A policy allowing or encouraging employees, contractors, and others to connect their own
computers, smartphones, and other devices to their organizationâ€™s networks
A legacy protocol developed by Novell for its NetWare networking product

A security feature that blocks DDoS attacks
Flag this Question

Question 16 5 pts
Which of the following refers to the hardware, operating system software, database software,
client-server applications, and data that are typically housed in the organizationâ€™s data center
and/or computer rooms?
WAN Domain
System/Application Domain
LAN Domain
Flag this Question
Question 17 5 pts
Which of the following is given to an Application Layer protocol used by e-mail clients to
receive messages from an e-mail server?
Simple Mail Transfer Protocol (SMTP)
Transmission Control Protocol/Internet Protocol (TCP/IP)

Flag this Question

Question 18 5 pts
Which term describes portions of a software system that unauthenticated users can run?
Internet Assigned Numbers Authority (IANA)
Attack surface
Internetwork Packet Exchange/Sequenced Packet Exchange (IPX/SPX)
Flag this Question

Question 19 5 pts
Which of the following is defined as the act of avoiding single points of failure by building in
multiple elements, pathways, or methods of accomplishing each mission-critical task?
Preparedness
Redundancy
Endpoint security
Encryption
Flag this Question

Question 20 5 pts
Which of the following is not true of VLANs?
They control traffic.
They are cost-effective.
VLAN configuration takes place in the switch.

They require a change of IP address or re-cabling.
QUESTION 1
1. Which of the following refers to a logical division of data composed of one or more sectors
on a hard drive?
Boot sector
Cluster
Buffer
Honeypot
5.00000 points
QUESTION 2
1. MTTF is a file format developed by Microsoft commonly used on Windows systems; it
offers file security, large volume size, large file size, and alternate data streams (ADS).
True
False
5.00000 points
QUESTION 3
1. Which term describes encryption that protects only the original IP packet's payload?
Tunnel mode encryption
Transport mode encryption
Cryptography
IP headers
5.00000 points
QUESTION 4
1. Which term describes a form of security defense that focuses on discouraging a perpetrator
with physical harm, social disgrace, and legal consequences?
Buffer overflow
Firewall
Deterrent
Dumpster diving
5.00000 points
QUESTION 5
1. If you have been presented false credentials or you have been lured to an attack site, you
might have been a victim of a phishing attack.
True
False
5.00000 points
QUESTION 6
1. Which of the following characteristics describes an edge router?
The last device owned and controlled by an organization before an ISP or telco
connection
A form of VPN establishing a secure VPN over trusted VPN connections
A form of cryptography in which each encryption key is used once before being
discarded
A security service that ensures that a sender cannot deny sending a message
5.00000 points
QUESTION 7
1. Scanning refers to the act of probing a network using custom crafted packets to determine
the IP addresses in use and whether ports are open or closed.
True
False
5.00000 points
QUESTION 8
1. Which of the following describes covert channel?
A criminal whose objective is to compromise IT infrastructures.
A method of discovering wireless networks by moving around a geographic area with a
detection device.
A tactic of pursuing and extracting information for the purpose of making a sale or
performing a social engineering attack.
An unknown, secret pathway of communication.
5.00000 points
QUESTION 9
1. Which of the following characteristics relates to a distributed Denial of Service (DDoS)
attack?
The information related to the owners and managers of a domain name accessed
through the domain registrar’s Web sites and Whois lookups
An advancement of keystroke logging to monitor and record many other user activities
An attack that uses multiple remotely controlled software agents disseminated across
the Internet
An attack that occurs on the logical division of a hard drive that can be formatted with a
file system
5.00000 points
QUESTION 10
1. A script kiddie is an experienced hacker who uses his or her own tools or scripts.
True
False
5.00000 points
QUESTION 11
1. Which of the following refers to a communication pathway, circuit, or frequency dedicated
or reserved for a specific transmission?
Hardware VPN
Host-to-site VPN
Asymmetric cryptography
Channel
5.00000 points
QUESTION 12
1. Identity proofing is a form of authentication.
True
False
5.00000 points
QUESTION 13
1. A VPN appliance can be placed inside and outside the corporate firewall.
True
False
5.00000 points
QUESTION 14
1. Which of the following characteristics relates to the term algorithm?
A hardware VPN device
A VPN created between two individual hosts across a local or intermediary network
Used to connect a remote or mobile host to a networked office workstation
A set of rules and procedures—usually mathematical in nature—that can define how
the encryption and decryption processes operate
5.00000 points
QUESTION 15
1. A rootkit describes a form of malware that hackers can upload and deploy on a target
system; it often replaces multiple components of the host operating system with altered
code.
True
False
5.00000 points
QUESTION 16
1. Which of the following describes a banner?
A message sent by a service in response to a valid or invalid query. Its function is to
confirm communication is functioning properly or to announce an error.
A form of unauthorized access to a system.
Persistent public messaging forums accessed over the Network News Transfer Protocol
(NNTP).
A variant of the UNIX operating system that is supported by Windows NT 4.0, but not
subsequent version of Windows.
5.00000 points
QUESTION 17
1. Redundant array of independent disks (RAID) is a disk set management technology that
gains speed and fault tolerance.
True
False
5.00000 points
QUESTION 18
1. A technique for securing a data exchange or verifying identity is through out of band
communication, which uses an alternative route, mechanism, or pathway.
True
False
5.00000 points
QUESTION 19
1. The term XSS refers to the largest amount of data that a datagram can hold based on the
limitations of the networking devices managing a given segment.
True
False
5.00000 points
QUESTION 20
1. Which term describes the seemingly random and unusable output from a cryptographic
function applied to original data?
Dedicated leased line
Ciphertext
Identity proofing
Host VPN
Which name is given to a VPN created between a client and a server either within the same local
network or across a WAN link or intermediary network to support secure client interaction with
the services of a resource host?
Site-to-site VPN
Software VPN
Keyspace
Which of the following refers to the malicious insertion of scripting code onto a vulnerable Web
site?
Insertion attack
Upstream filtering
Keystroke logger
Which name is given to a rogue program that automatically dials a modem to a pre-defined
number to auto-download additional malware to the victim or to upload stolen data from the
victim?
Adware
Sector
Spyware
Dialer
When a communication exchange that does not verify the identity of the endpoints of a
communication and accepts any properly formed response as valid, a non-authenticating query
service is in use.
True
False
A dedicated connection is always off and available for immediate transmission of data only when
there is an emergency.
True
False
Rekeying triggers the generation of a new symmetric encryption key and secure exchange of that
key.
True
False
When too much data crosses a network segment, throughput and latency are increased.
True
False
Which term is a form of exploitation in which an unauthorized or rogue DNS server responds to
DNS queries with false resolutions?
DNS poisoning
DNS spoofing
Banner grabbing
Dumpster diving
Which of the following us an intentional discharge made to damage or destroy electronic

equipment ranging from cell phones to computers and servers?
Session hijacking
Virus
Intentional electromagnetic interference (IEMI)
Chip creep
Which of the following terms describes hiding information from unauthorized third parties?
Virtual Private Network (VPN)
Split tunnel
Cryptography
Fragmentation occurs when a dataset is too large for maximum supported size of a
communication container, such as a segment, packet, or frame. The original dataset divides into
multiple sections or fragments for transmission across the size-limited medium, and then
reassembles on the receiving end.
True
False
Hackers can be deterred by defense methods that detect and evade. All of the following are
defense methods, except which one?
Honeypots
Firewalls
IDSs
Botnet army
1. What is compression?
A VPN used to grant outside entities access into a perimeter network; used to host
resources designated as accessible to a limited group of external entities, such as
business partners or suppliers, but not the general public
A subset of asymmetric cryptography based on the use of key pair sets
The art and science of hiding information from unauthorized third parties
Removal of redundant or superfluous data or space to reduce the size of a data set
Which term is used to describe a feature added to the NTFS file system to support files from
POSIX, OS/2, and Macintosh?
Deterrent
Adware
Hierarchical file system (HFS)
Alternate data stream (ADS)
VPNs increase the risk caused by insecure access locations and prevent interaction with
LAN resources.
Answers:
False
Question 1
Which of the following characteristics relates to access control?
The feature of network design that ensures the existence of multiple pathways of communication.
An attack that occurs when a hacker uses a network sniffer to watch a communications session to
learn its parameters
Correct!
The process or mechanism of granting or denying use of resources; typically applied to users or
generic network traffic
The process of confirming the identity of a user
Reference page: 7 Objective: Describe the key concepts and terms associated with network security.
Question 2
Which term describes an object, computer, program, piece of data, or other logical or physical
component you use in a business process to accomplish a business task?
Correct!
Asset
Client
Appliance
Trust
Question 3
When conducting an audit, the auditor should be which of the following?
An internal employee who can be trusted
An external person capable of hacking
An internal employee capable of enclosing or encasing one protocol or packet inside another
protocol or packet
Correct!
An external person who is independent of the organization under audit
Question 4
Which of the following describes authentication?
Correct!
Confidence in the expectation that others will act in your best interest or that a resource is
authentic
A small network, workgroup, or client/server, deployed by a small business, a home-based
business, or just a family network in a home
A stated purpose or target for network security activity
Question 5
Which term describes when a system is usable for its intended purpose?
Authorization
Auditing
Encryption
Correct!
Availability
Question 6
Which of the following is the name given to unauthorized access to a system?
Hijacking
Correct!
Backdoor
Tunneling
Exploit
Reference page: 11 Objective: Describe the key concepts and terms associated with network security
Question 7
Which of the following describes a blacklist?
A security mechanism to detect and prevent attempts to breach security
Correct!
A type of filtering in which all activities or entities are permitted except those identified
A list of the hosts and servers on the network
A list that describes the steps to lock down a host against threats and attacks
Reference page: 36 Objective: Compare and contrast common network security components and
devices and their use throughout the IT infrastructure.
Question 8
Which term describes a network device that forwards traffic between networks based on the MAC
address of the Ethernet frame?
Domain
Bottleneck
Correct!
Bridge
Node
Question 9
Which of the following describes caching?
A network service that acts as a "middle man" between a client and server
Correct!
Retention of Internet content by a proxy server
Filtering traffic as it attempts to enter a network
A mechanism to establish a secure remote access connection across an intermediary network
Reference page: 29 Objective: Identify examples of network security concerns or threats that require
enhanced security countermeasures to properly mitigate risk exposure and threats.
Question 10
Which of the following refers to a host on a network that supports user interaction with the network?
Server
Role
Trust
Correct!
Client
Question 11
Which name is given to the security service of preventing access to resources by unauthorized users
while supporting access to authorized users?
Correct
Confidentiality
Authentication
Demilitarized zone (dmz)
Defense in Depth
Question 12
Which of the following characteristics relates to a demilitarized zone (DMZ)?
authentic
Correct!
A type of perimeter network used to host resources designated as accessible by the public from
the Internet
A form of networking where each computer is a peer
A host on a network
Reference page: 9 Objective: Describe the importance of a written security policy and explain how
policies help mitigate risk exposure and threats to a network infrastructure.
Question 13
Which of the following refers to a form of attack that attempts to compromise availability?
Zero-day exploits
Man-in-the-middle (mitm)
Correct!
Denial of service (DoS)
Sniffer
enhanced countermeasures to properly mitigate risk exposure and threats.
Question 14
Which term is used to describe a network service that maintains a searchable index or database of
network hosts and shared resources?
Correct!
Directory Service
Open systems interconnection (osi) reference model
Denial of Service (DoS)
DNS service
Question 15
Which of the following refers to filtering traffic as it attempts to leave a network, which can include
monitoring for spoofed addresses, malformed packets, unauthorized ports and protocols, and blocked
destinations?
Router
Correct!
Egress filtering
Auditing
Whitelist
enhanced countermeasures to properly mitigate risk exposure and threats.
Question 16
Which term is used to describe the process of encasing one protocol or packet inside another protocol
or packet?
Chokepoint
Correct!
Encapsulation
Intrusion Detection System (IDS)
Encryption
Question 17
A security policy is important for all of the following reasons except which one?
It establishes goals.
It helps with planning.
Correct!
With it, you cannot trust the network's security.
It helps respond, contain, and repair.
Reference page: 11 Objective: Describe the importance of a written security policy and explain how
policies help mitigate risk exposure and threats to a network infrastructure.
Question 18
Which term is used to describe a network security device or host software that filters communications,
usually network traffic, based on a set of predefined rules?
Sniffer
Auditor
Hacker
Correct!
Firewall
Reference page: 21 Objective: Describe the security requirements needed for wired versus wireless LAN
infrastructures in order to provide an enhanced level of security.
Question 19
Which of the following terms refers to the process of securing or locking down a host against threats
and attacks?
Auditing
Redundancy
Authorization
Correct!
Hardening
Question 20
Which term is used to describe an attack that occurs when a hacker uses a network sniffer to watch a
communications session to learn its parameters?
HOSTS file
Correct!
Hijacking
Privacy
Appliance
True/False Questions
Question 21
Encryption is the process or mechanism that grants or denies use of a resource.
True
Correct!
False
Question 22
Integrity prevents unauthorized changes to data.
Correct!
True
False
Question 23
Authentication confirms the identity of a user.
Correct!
True
False
Question 24
Authorization protects the confidentiality, integrity, and availability of personally identifiable or sensitive
data.
True
Correct!
False
Question 25
IPv6 uses a 128-bit address, which is significantly smaller than IPv4.
True
Correct!
False
Question 26
Caching is the retention of Internet content by a proxy server.
Correct!
True
False
Question 27
The term monitoring refers to the act of creating or recording events into a log.
True
Correct!
False
Question 28
A chokepoint is a form of bottleneck and is a single, controlled pathway between two different levels of
network trust where a firewall or other filtering devices block or allow traffic based on a set of rules.
Correct!
True
False
Question 29
A WAN domain refers to the authorized and authenticated remote access procedures for users to
remotely access the organization's IT infrastructure, systems, and data.
True
Correct!
False
Question 30
Intrusion Detection System (IDS) is a security mechanism that detects unauthorized user activities,
attacks, and network compromises.
Correct!
True
False
Question 31
Remote Access Server (RAS) is a network server that accepts outbound connections from remote clients.
True
Correct!
False
Question 32
A replay attack occurs when a hacker uses a network sniffer to capture network traffic and then
retransmits that traffic back on to the network at a later time.
Correct!
True
False
Question 33
A node is a network device responsible for directing traffic towards its stated destination along the best-
known current available path.
True
Correct!
False
Question 34
1 / 1 pts
The IT department is the group that has the highest controlling and responsible authority within an
organization. Ultimately the success or failure of network security rests with this department.
True
Correct!
False
Reference page: 12 Objective: Define network security roles and responsibilities and who within an IT
organization is accountable for these security implementations.
Question 35
1 / 1 pts
The term thin client computing refers to a legacy terminal concept used to control mainframes.
Correct!
True
False
Question 36
Tunneling is the act of transmitting a protocol across an intermediary network by encapsulating it in
another protocol.
Correct!
True
False
Question 37
A blacklist is a type of filtering where the network denies all activities except for those on the list.
True
Correct!
False
Question 38
A domain is a form of networking in which each computer is a peer.
True
Correct!
False
Question 39
The term zero day exploit describes a new and previously unknown attack for which there is not a
current specific defense.
Correct!
True
False
Question 40
1 / 1 pts
A public IP address is any address that is valid for use on the Internet.
Correct!
True
False
Quiz Score: 39 out of 40
Which of the following describes awareness?
A dedicated microchip found on some motherboards that host and protect the encryption key for
whole hard drive encryption
The third and highest level of obtaining security knowledge that leads to career advancement
A security guideline, procedure, or recommendation manual
Correct!
Basic security training that focuses on common or basic security elements that all employees must
know and abide by
Answer: D Page reference: 196-198 Objective: Compose a procedure for incident response.
Question 2
Which of the following creates copies of data on other storage media?
Fail-Open
Honeynets
Correct!
Backups
Security Technical Implementation Guide (STIGS)
Answer: C Page reference: 195-196 Objective: Compose a procedure for incident response.
Question 3
What is a business continuity plan?
A plan explaining the use of only a single element of validation or verification to prove the identity
of a subject.
A plan outlining the failure response that results in open and unrestricted access or
communication.
Correct!
A plan to maintain the mission-critical functions of the organization in the event of a problem that
threatens to take business processes offline.
A plan to restore the mission-critical functions of the organization once they have been
interrupted by an adverse event.
Answer: C Page reference: Page 185 Objective: List examples of network security best practices.
Question 4
Which of the following is a detailed and thorough review of the deployed security infrastructure
compared with the organization's security policy and any applicable laws and regulations?
Incident response plan
Correct!
Compliance audit
Disaster recovery plan
Business continuity plan
Answer: B Page reference: 204-205 Objective: Describe the methods of network security assessment.
Question 5
A security stance that blocks access to all resources until a valid authorized explicit exception is defined?
Fail-secure
Fail-open
Correct!
Default deny
Default allow
Answer: C Page reference: 189 Objective: List examples of network security best practices.
Question 6
Which of the following is not a characteristic of security education?
Its purpose is to obtain knowledge that leads to career advancement.
Correct!
It is usually obtained inside of the organization.
It is broad and not necessarily focused on specific job tasks or assignments.
It is more rigorous than awareness or training.
Answer: B Page reference: 199 Objective: Compose a procedure for incident response.
Question 7
Which of the following refers to a failure response resulting in open and unrestricted access or
communication?
Correct!
Fail-open
Mission-critical
Default allow
Fail-secure
Answer: A Page reference: 190 Objective: List examples of network security best practices.
Question 8
Which of the following is a form of security protection that protects individual files by scrambling the
contents in such a way as to render them unusable by unauthorized third parties?
Default allow
Separation of duties
Correct!
File encryption
Fail-secure
Question 9
Which of the following describes a predefined procedure that will limit damage, contain the spread of
malicious content, stop the compromise of information, and promptly restore the environment to a
normal state?
Correct!
Question 10
Which of the following describes the state or condition of an asset or process vitally important to the
long-term existence and stability of an organization?
Correct!
Mission-critical
Fail-secure
Fail-open
Compliance audit
Question 11
Which of the following refers to a specialized host used to place an attacker into a system where the
intruder cannot do any harm?
Correct!
Padded cell
Principle of least privilege
Default allow
Question 12
What prevents a hard drive from being read by another system if it is stolen?
Correct!
Whole hard drive encryption
Host firewall
Antivirus scanner
Intrusion detection system (IDS)
Answer: A Page reference: 194 Objective: Compose a procedure for incident response.
Question 13
Which form of investigation aims at checking whether or not a target system is subject to attack based
on a database of tests, scripts, and simulated exploits?
Fail-open
Correct!
Vulnerability scanning
Answer: C Page reference: 207 Objective: Describe the methods of network security assessment.
Question 14
Which one of the following is not a cause of a configuration error?
Physical damage
Updates
Human error
Correct!
Answer: D Page reference: 204 Objective: Enumerate key components of an effective network security
installation.
Question 15
Which of the following describes separation of duties?
A security stance that allows all communications except those prohibited by specific deny
exceptions
interrupted by an adverse event
Correct!
An administrative rule whereby no single individual possesses sufficient rights to perform certain
actions
Answer: D Page reference: 188 Objective: List examples of network security best practices.
Question 16
Which of the following is not a step in an incident response solution?
Correct!
Evasion
Containment
Eradication
Recovery
Question 17
Which of the following refers to the guideline that all users should be granted only the minimum level of
access and permission required to perform their assigned job tasks and responsibilities?
The whitelist
Correct!
Single-factor authentication
Answer: B Page reference: 188 Objective: List examples of network security best practices.
Question 18
Which of the following is an element of infrastructure design that takes into account the likelihood of a
security breach by malicious code or some other intruder?
Containment
Trapping
Correct!
Compartmentalization
Intrusion detection
Answer: C Page reference: 192 Objective: Compose a procedure for incident response.
Question 19
Checking authentication, checking authorization and access control, auditing systems, and verifying
firewalls and other filters should all be included on which of the following?
A physical security checklist
A whitelist
A response plan
Correct!
A logical security checklist
Answer: D Page reference: 201 Objective: Compose a procedure for incident response.
Question 20
Which of the following determines the available vendor patches that are installed or missing?
Vulnerability scan
Correct!
Configuration scan
Penetration test
Post-mortem assessment
Answer: B Page reference: 206 Objective: Describe the methods of network security assessment.
Question 21
Organizations are usually not aware of when compliance auditing is a mandated periodic occurrence, so
preparation is challenging and often not possible.
True
Correct!
False
Question 22
Default deny is a specialized host used to place an attacker into a system where the intruder cannot do
any harm.
True
Correct!
False
Question 23
The goal of disaster recovery planning is to return the business to functional operation within a limited
time to prevent the failure of the organization due to the incident.
Correct!
True
False
Question 24
A fail-open grants all users the minimum level of access and permission required to perform an assigned
job task or responsibility.
True
Correct!
False
Answer: B Page reference: 189-190 Objective: List examples of network security best practices.
Question 25
The act of containment should not interrupt or interfere with the continued spread or operation of the
unwanted event.
True
Correct!
False
Question 26
A honeynet is a collection of multiple honeypots in a network for the purposes of luring and trapping
hackers.
Correct!
True
False
Question 27
Patch management watches for the release of new updates from vendors, tests the patches, obtains
approval, and then oversees the deployment and implementation of updates across the production
environment.
Correct!
True
False
Question 28
A Security Technical Implementation Guide (STIGS) is a guideline, procedure, or recommendation
manual.
Correct!
True
False
Question 29
Training is less rigorous than awareness and more rigorous than education.
True
Correct!
False
Answer: B Page reference: 196-197 Objective: Compose a procedure for incident response.
Question 30
Single-factor authentication uses a single element of validation or verification to prove the identity of a
subject, and it is considered much stronger than multi-factor authentication.
True
Correct!
False
Answer: B Page reference: 185 Objective: List examples of network security best practices. I
Question 31
Trusted Platform Module (TPM) is a dedicated microchip found on some motherboards; it hosts and
protects the encryption key for whole hard drive encryption.
Correct!
True
False
Question 32
You should never assume that a service or protocol is secured by another layer or service.
Correct!
True
False
Question 33
Bricking occurs when an update process causes a complete failure of the security control.
Correct!
True
Answer: A Page reference: 203 Objective: Enumerate key components of an effective network security
installation.
False
Question 34
Security management is the ongoing process of evaluating security so that you can improve it.
True
Correct!
False
Question 35
Penetration testing involves the application of hacking techniques, methodology, and tools, and ethical
security experts conduct penetration testing.
Correct!
True
Answer: A Page reference: 207 Objective: Describe the methods of network security assessment.
False
Question 36
A port-mortem assessment review is the self-evaluation performed by individuals and organizations
after each security assessment task.
Correct!
True
False.
Question 37
You should wait at least a month before applying a patch or update from the vendor.
True
Correct!
False
Answer: B Page reference: 204 Objective: Enumerate key components of an effective network security
installation.
Question 38
Handling physical security attacks is the most important aspect of a security plan, as these types of
attacks pose the highest risks to the organization.
True
Answer: B Page reference: 190-191 Objective: Describe the importance of physical security.
Correct!
False
Question 39
It is a mistake to use remote system and device management mechanisms that are convenient but not
secure, such as telnet, HTTP, and FTP.
Correct!
True
False
Question 40
To write a comprehensive security policy, you should first inventory and examine the components of the
IT infrastructure.
Correct!
True
False
 Question 1
0.6 out of 0.6 points
Which of the following refers to a communication pathway, circuit, or frequency
dedicated or reserved for a specific transmission?
Selected Answer:
Channel
Answers: Hardware VPN
Host-to-site VPN
Channel
 Question 2
Which term describes a network, network link, or channel located between the
endpoints of a VPN?
Selected Answer:
Answers: One-way function
 Question 3
Which of the following characteristics describes an edge router?
Selected
Answer: The last device owned and controlled by an organization before an ISP
or telco connection
Answers:
The last device owned and controlled by an organization before an ISP
or telco connection
A form of VPN establishing a secure VPN over trusted VPN
connections
A form of cryptography in which each encryption key is used once
before being discarded
A security service that ensures that a sender cannot deny sending a
message
 Question 4
Which of the following refers to a form of IDS/IPS detection based on a recording of
real-world traffic as a baseline for normal?
Selected Answer:
Behavioral-based detection
Answers: Knowledge-based detection
Signature-based detection
Anomaly-based detection
 Question 5
Which name is given to a probability prediction based on statistics and historical
occurrences on the likelihood of how many times in the next year a threat is going to
cause harm?
Selected Answer:
Annualized rate of occurrence (ARO)
Answers: Tunnel mode encryption
Physical address

Rule
 Question 6
Which of the following is a technique for storing or copying log events to a centralized
logging server?
Selected Answer:
Syslog
Answers:
Syslog
Write-once read-many (WORM) storage
Unified Threat Management (UTM)
Firewall logging
 Question 7
Which of the following refers to a type of software product that is pre-compiled and
whose source code is undisclosed?
Selected Answer:
Closed source
Answers: Circuit
Closed source
Bots
Physical address
 Question 8
Which of the following refers to a network access control or admission control (NAC)
used on individual network access devices such as firewalls, VPN gateways, and
wireless routers to offload authentication to a dedicated authentication
server/service?
Selected Answer:
Port-based network access (admission) control (PNAC)
Answers:
Database-based detection
Management interface
Access control list (ACL)
 Question 9
Which name is given to a hacking technique used against static packet filtering
firewalls to discover the rules or filters controlling inbound traffic?
Selected Answer:
Firewalking
Answers: Filter
Firewalking
 Question 10
Which term describes the cumulative value of an asset based on both tangible and
intangible values?
Selected Answer:
Asset value (AV)
Answers:
Asset value (AV)
Exposure factor (EF)
Single loss expectancy (SLE)
Packet
 Question 11
Which of the following describes an access control list (ACL)?
Selected
Answer: A mechanism that defines traffic or an event to apply an authorization
control of allow or deny against
Answers:
A mechanism that defines traffic or an event to apply an authorization
An intrusion detection system/intrusion prevention system (IDS/ IPS)
based on a defined normal, often defined using rules similar to firewall
rules
An event that does not trigger an alarm but should have, due to the
traffic or event actually being abnormal and/or malicious
A form of IDS/IPS detection based on a collection of samples, patterns,
signatures, and so on
 Question 12
Which of the following is a malicious software program distributed by a hacker to take
control of a victim’s computers?
Selected Answer:
Agent
Answers: Sacrificial host
Client
Server
Agent
 Question 13
Which name is given to a VPN created between a client and a server either within the
same local network or across a WAN link or intermediary network to support secure
client interaction with the services of a resource host?
Selected Answer:
Answers: Site-to-site VPN
Software VPN
Keyspace
 Question 14
Which of the following terms describes hiding information from unauthorized third
parties?
Selected Answer:
Cryptography
Answers: Virtual Private Network (VPN)
Split tunnel
Cryptography
 Question 15
Which term is used to describe a public-key cryptography-based mechanism for
proving the source (and possibly integrity) of a dataset or message?
Selected Answer:
Digital signature
Answers: Trusted third party
Symmetric cryptography
Algorithm
Digital signature
 Question 16
What is compression?
Selected
Answer: Removal of redundant or superfluous data or space to reduce the size of
a data set
Answers: A VPN used to grant outside entities access into a perimeter network;
used to host resources designated as accessible to a limited group of
external entities, such as business partners or suppliers, but not the
general public
Removal of redundant or superfluous data or space to reduce the size of

a data set
 Question 17
Which of the following refers to the deployment of a firewall as an all-encompassing
primary gateway security solution?
Selected Answer:
Unified threat management (UTM)
Answers:
False positive
 Question 18
Which firewall has a network interface located in a unique network segment that
allows for true isolation of the segments and forces the firewall to filter all traffic
moving from one segment to another?
Selected Answer:
Dual-homed firewall
Answers: Appliance firewall
Software firewall
Dual-homed firewall
Triple-homed firewall
 Question 19
Which term describes encryption that protects the entire original IP packet’s header
and payload?
Selected Answer:
Answers:
Cryptography
IP headers
 Question 20
Which of the following refers to a host firewall installed on a client or server?
Selected Answer:
Software firewall
Answers: Commercial firewall
Appliance firewall
Hardware firewall
Software firewall
 Question 21
Which term describes the calculation of the total loss potential across a year for a
given asset and a specific threat?
Selected Answer:
Annualized loss expectancy (ALE)
Answers:
User Datagram Protocol (UDP)
Cost-benefit analysis
 Question 22
Which term is used to describe a firewall that is implemented via software?
Selected Answer:
Bump-in-the-stack
Answers: Risk assessment
Bump-in-the-stack
Hardware firewall
Screening router
 Question 23
0 out of 0.6 points
Which of the following refers to encoding and decoding information using related but
different keys for each process?
Selected Answer:
Ciphertext
Answers: Digital certificate
Ciphertext
Algorithm
 Question 24
Which of the following is a written expression of an item of concern (protocol, port,
service, application, user, IP address) and one or more actions to take when the item
of concern appears in traffic?
Selected Answer:
Filter
Answers: Management interface
Filter
Wirespeed
Round robin
 Question 25
Which of the following is not a protection against fragmentation attacks?
Selected Answer:
Using firewalking
Answers: Using IDS
Performing sender fragmentation
Using firewall filtering
Using firewalking
 Question 26
Which term describes a VPN created between two individual hosts across a local or
Selected Answer:
Host-to-host VPN
Answers: VPN appliance
Host-to-host VPN
Hash
Site-to-site VPN
 Question 27
Which of the following refers to a software firewall installed on a client or server?
Selected Answer:
Host firewall
Answers:
Host firewall
Hardware firewall
Transport Layer (Layer 4)
Client
 Question 28
0 out of 0.6 points
Which term describes encryption that protects only the original IP packet's payload?
Selected Answer:

Cryptography
IP headers
 Question 29
Which term describes the seemingly random and unusable output from a
cryptographic function applied to original data?
Selected Answer:
Ciphertext
Answers: Dedicated leased line
Ciphertext
Identity proofing
Host VPN
 Question 30
Which of the following hands out tasks in a repeating non-priority sequence?
Selected Answer:
Round robin
Answers: Port-based network access (admission) control (PNAC)
Firewalking
Round robin
Alert
 Question 31
Which of the following characteristics relates to the term algorithm?
Selected
Answer: A set of rules and procedures—usually mathematical in nature—that can
define how the encryption and decryption processes operate
Answers: A hardware VPN device
A VPN created between two individual hosts across a local or
intermediary network
Used to connect a remote or mobile host into office network workstation
A set of rules and procedures—usually mathematical in nature—that can

define how the encryption and decryption processes operate
 Question 32
Which of the following describes write-once read-many (WORM)?
Selected
Answer: A storage device that can be written to once, but once written cannot be
electronically altered
Answers: A mechanism defining traffic or an event to apply an authorization control
of allow or deny against
A storage device that can be written to once, but once written cannot be
A form of network access control or admission control (NAC) used on
individual network access devices, such as firewalls, VPN gateways, and
wireless routers
A form of IDS/IPS detection based on a recording of real-world traffic as
a baseline for normal
 Question 33
Which of the following characteristics describes the application layer?
Selected
Answer:
The top or seventh layer of the OSI model, which is responsible for
enabling communications with host software, including the operating
system
Answers: The sixth layer of the OSI model, which translates the data received from
the host software into a format acceptable to the network
system
An entrance or exit point to a controlled space
The fifth layer of the OSI model, which manages the communication
channel
 Question 34
Which of the following describes optical carrier (OC)?
Selected
Answer: A network carrier line—often leased or dedicated—which uses fiber
optic cables for high-speed connections
Answers:
A network carrier line—often leased or dedicated—which uses fiber
optic cables for high-speed connections
The process of converting ciphertext back into plain text
A program used to control access to computer resources, enforce
policies, audit usage, and provide billing information
A set of rules and procedures, usually mathematical in nature
 Question 35
Which of the following can improve firewall performance?
Selected Answer:
Load balancing
Answers: Firewalking
Load balancing
Port-Based Network Access (Admission) Control (PNAC)
Wirespeed
 Question 36
Which term describes the act of working from a home, remote, or mobile location
while connecting into the employer’s private network, often using a VPN?
Selected Answer:
Telecommuting
Answers: Public key cryptography
Host-to-site VPN
Telecommuting
Scalability
 Question 37
On which of the following can you filter on because of the lack of encryption and
because filtering rules apply?
Selected Answer:
Transport mode header
Answers: Tunnel mode header

Encrypted text
Encrypted data packets
 Question 38
Which firewall product is designed for larger networks?
Selected Answer:
Commercial firewalls
Answers:
Personal firewalls
Sessions
Appliance firewalls
 Question 39
Which of the following is given to a notification from a firewall that a specific event or
packet was detected?
Selected Answer:
Alert
Alert
Anomaly-based Detection
 Question 40
Which of the following is not a consideration when placing firewalls on the network?
Selected Answer:
Where hackers are located
Answers: Structure of the network
Traffic patterns
Most likely access pathways

 Question 41
Which of the following describes an appliance firewall?
Selected
Answer: A hardened hardware firewall
Answers: The process of automatically created temporary filters. In most cases,
the filters allow inbound responses to previous outbound requests.
A hardened hardware firewall

The second layer of the OSI model responsible for physical addressing
(MAC addresses) and supporting the network topology, such as Ethernet
A type of firewall that filters on a specific application’s content and
session information
 Question 42
Which of the following refers to an event that does not trigger an alarm but should
have, due to the traffic or event actually being abnormal and/or malicious?
Selected Answer:
False negative
Answers: False positive
Round robin
False negative
Deny by default/Allow by exception
 Question 43
What is anomaly-based detection?
Selected
Answer:
A form of intrusion detection system/intrusion prevention system (IDS/
IPS) based on a defined normal, often defined using rules similar to
firewall rules.
Answers: An event that does not trigger an alarm but should have because the
traffic or event is abnormal and/or malicious.
An event that triggers an alarm but should not have because the traffic or
event is benign.
A notification from a firewall that a specific event or packet was detected.
A form of intrusion detection system/intrusion prevention system (IDS/

IPS) based on a defined normal, often defined using rules similar to
firewall rules.
 Question 44
Which of the following refers to a type of firewall that filters on a specific application’s
content and session information?
Selected Answer:
Application firewall
Answers: Circuit firewall
Hardware firewall
Stateful inspection
 Question 45
Which of the following describes dynamic packet filtering?
Selected
Answer: A process that automatically creates temporary filters. In most cases, the
filters allow inbound responses to previous outbound requests.
Answers: An entrance or exit point to a controlled space
The function of routing traffic from an external source received on a
specific pre-defined IP address and port combination (also known as a
socket) to an internal resource server.
A process that translates internal addresses into external addresses
A process that automatically creates temporary filters. In most cases, the

 Question 46
Ingress and egress filtering can expand beyond protection against spoofing and
include a variety of investigations on inbound and outbound traffic. Which of the
following is not one of the ways ingress and egress filtering expand beyond protection
against spoofing?
Selected
Answer: Dynamic packet filtering
Answers:
Dynamic packet filtering
Blacklist and whitelist filtering
Protocol and port blocking
Confirmation of authentication or authorization before communications
continue
 Question 47
Which term describes the process of converting ciphertext back into plain text?
Selected Answer:
Decryption
Answers:
Decryption
Hashing
Avalanche effect
 Question 48
Which term describes a security stance that prevents all communications except
those enabled by specific allow exceptions?
Selected Answer:
Answers: Syslog

 Question 49
Which term refers to a type of business telephone network?
Selected Answer:
Answers:
Host-to-site VPN
Rekeying
 Question 50
Which of the following refers to a form of encryption also known as point-to-point or
host-to-host encryption?
Selected Answer:
Answers: Hardware firewall
Circuit firewall

 Question 1
Which name is given to a rogue program that automatically dials a modem to a pre-
defined number to auto-download additional malware to the victim or to upload stolen
data from the victim?
Selected Answer:
Dialer
Answers: Adware
Sector
Spyware
Dialer
 Question 2
Which of the following characteristics relates to enumeration?
Selected
Answer: The process of discovering sufficient details about a potential target to
learn about network or system vulnerabilities
Answers:
The process of discovering sufficient details about a potential target to
learn about network or system vulnerabilities
An application attack in which a hacker submits SQL expressions to
cause authentication bypass, extraction of data, planting of information,
or access to a command shell
A criminal whose objective is to compromise IT infrastructures
A logical division of data composed of one or more sectors on a hard
drive
 Question 3
What attack cracks a password or encryption key by trying all possible valid
combinations from a defined set of possibilities (a set of characters or hex values)?
Selected Answer:
Brute-force attack
Answers:
Brute-force attack
Hybrid attack
Modeling
 Question 4
Which of the following describes advanced persistent threat (APT)?
Selected
Answer:
A network attack in which an unauthorized person gains access to a
network and stays there undetected for a long period of time. The purpose
of such an attack is to steal data, not to damage the network or
organization.
Answers:
A network attack in which an unauthorized person gains access to a
network and stays there undetected for a long period of time. The purpose
of such an attack is to steal data, not to damage the network or
organization.
A rogue program that automatically dials a modem to a pre-defined
number. Sometimes this is to download additional malware to the victim or
to upload stolen data from the victim. In other cases, the dialer calls
premium rate telephone numbers to rack up massive long distance
charges.
The act of a hacker changing the MAC address of the network interface.
The unused portion of the last cluster allocated to a stored file. It may
contain remnants of prior files stored in that location.
 Question 5
As an organization stretches beyond its capacity to support, sell, create, maintain,
respond, produce, and so on, small problems quickly become big problems. Which of
the following does not ensure long-term viability and stability for the business and
network security design?
Selected Answer:
Unlimited growth
Answers: Steady growth
Controlled growth
Planned growth
Unlimited growth
 Question 6
Which name is given to the information related to the owners and managers of a
domain name accessed through the domain registrar’s Web sites and Whois
lookups?
Selected Answer:
Domain registration
Answers:
Domain registration
USENET newsgroup
Wrapper
 Question 7
Selected
Answer:
A policy allowing or encouraging employees, contractors, and others to
connect their own computers, smartphones, and other devices to their
organization’s networks
Answers: An application-programming interface (API) developed by IBM in 1985 to
emulate NetBIOS on a token ring network

A legacy protocol developed by Novell for its NetWare networking
product
 Question 8
0 out of 1.2 points
Contract workers place a higher risk on the organization for all of the following
reasons, except which one represent a greater risk?
Selected Answer:
They are more likely to compromise the organization.
Answers: They are not full-time regular employees and might lack loyalty.
They see the company as worthy of protection.

They might not be accountable after a project ends.
 Question 9
What term is used to describe a tactic of pursuing and extracting information for the
purpose of making a sale or performing a social engineering attack?
Selected Answer:
Cold calling
Answers:
Cold calling
Privilege escalation
Proxy manipulation
Recreational hacker
 Question 10
Checking authentication, checking authorization and access control, auditing
systems, and verifying firewalls and other filters should all be included on which of the
following?
Selected Answer:
Answers: A physical security checklist

A whitelist
A response plan
 Question 11
Gathering through eavesdropping on communications, whether encrypted or not, is
known as what?
Selected Answer:
Answers: Encryption

Eavesdropping
Filtering
 Question 12
Which of the following characteristics relates to a distributed Denial of Service
(DDoS) attack?
Selected
Answer: An attack that uses multiple remotely controlled software agents
disseminated across the Internet
Answers: The information related to the owners and managers of a domain name
accessed through the domain registrar’s Web sites and Whois lookups
An advancement of keystroke logging to monitor and record many other
user activities
An attack that uses multiple remotely controlled software agents

An attack that occurs on the logical division of a hard drive that can be
formatted with a file system
 Question 13
Selected Answer:
Backups
Answers: Fail-Open
Honeynets
Backups
 Question 14
Which of the following describes a banner?
Selected
Answer:
A message sent by a service in response to a valid or invalid query. Its
function is to confirm communication is functioning properly or to
announce an error.
Answers:
function is to confirm communication is functioning properly or to
announce an error.
Persistent public messaging forums accessed over the NNTP (Network
News Transfer Protocol).
A variant of the UNIX operating system that is supported by Windows NT
4.0, but not subsequent version of Windows.
 Question 15
0 out of 1.2 points
Selected
Answer: A dedicated microchip found on some motherboards that host and
protect the encryption key for whole hard drive encryption
Answers: A dedicated microchip found on some motherboards that host and
protect the encryption key for whole hard drive encryption
The third and highest level of obtaining security knowledge that leads to
career advancement
Basic security training that focuses on common or basic security

elements that all employees must know and abide by
 Question 16
What prevents a hard drive from being read by another system if it is stolen/
Selected Answer:
Answers:
Host firewall
Antivirus scanner
 Question 17
Hackers can be deterred by defense methods that detect and evade. All of the
following are defense methods, except which one?
Selected Answer:
Botnet army
Answers: Honeypots
Firewalls
IDSs
Botnet army
 Question 18
Which name is given to an exploit that allows a hacker to run any command-line
function on a compromised system?
Selected Answer:
Arbitrary code execution
Answers: Command shell
Whois

ARP spoofing
 Question 19
Which form of investigation aims at checking whether or not a target system is
subject to attack based on a database of tests, scripts, and simulated exploits?
Selected Answer:
Answers: Incident response plan
Fail-open
 Question 20
0 out of 1.2 points
Which of the following describes a predefined procedure that will limit damage,
contain the spread of malicious content, stop the compromise of information, and
promptly restore the environment to a normal state?
Selected Answer:
Answers: Separation of duties

 Question 21
Selected
Answer:
A plan to maintain the mission-critical functions of the organization in the
event of a problem that threatens to take business processes offline.
Answers: A plan explaining the use of only a single element of validation or
verification to prove the identity of a subject.
A plan outlining the failure response that results in open and unrestricted
access or communication.

A plan to restore the mission-critical functions of the organization once
they have been interrupted by an adverse event.
 Question 22
All of the following are advantages of a defense-in-depth security design except
which one?
Selected
Answer: Defense in depth keeps senior management out of the activities of the
security department.
Answers: Defense in depth avoids single points of failure.
Defense in depth keeps senior management out of the activities of the

Defense in depth divides and conquers, which separates projects into
smaller pieces.
 Question 23
Selected
Answer: A legacy protocol used in networks hosting mainly Macintosh computers
Answers:
A policy that allows employees, contractors, and others to connect their
own computers, smartphones, and other devices to their organizations’
networks
An application-programming interface (API) developed by IBM in 1985 to
An Application Layer protocol used by e-mail clients to receive messages
from an e-mail server
 Question 24
A security stance that blocks access to all resources until a valid authorized explicit
exception is defined?
Selected Answer:
Default deny
Answers: Fail-secure
Fail-open
Default deny
Default allow
 Question 25
Selected Answer:
Answers: Piloting

Brute-force attack
Hybrid attack
 Question 1
0 out of 1.2 points
Which of the following are documents that can help you to review and assess your
organization’s status and state of security?
Selected Answer:
Risk assessment
Answers: Firewall checklists
Risk assessment
STIGs (Security Technical Implementation Guides)
 Question 2
Which of the following describes the principle that for an organization’s security policy
to be effective, everyone must be forced to work within it and follow its rules?
Selected Answer:
Universal participation
Answers:
Diversity of defense
General purpose OS
Bastion host OS
 Question 3
0 out of 1.2 points
When troubleshooting firewalls, which of the following is not something you should do
after you attempt a fix?
Selected Answer:
Reverse or undo solution failures.
Answers:
Make multiple fixes.
Repeat the failure.
Test after each attempt.
 Question 4
It's important to evaluate the purpose and content of your firewall policy. Which of the
following is not an evaluation method?
Selected
Answer: Determine how to write a policy that is as short as possible to avoid
confusion.
Answers: Define the software and hardware options that will be used to adopt
the policy.
Determine the features necessary for the infrastructure's network
communications.
Determine how to write a policy that is as short as possible to avoid
confusion.
Order the rules properly to use the least numbers of rules.
 Question 5
There are six steps for writing a security incident response plane. Which of the
following is not a step?
Selected Answer:
Report
Answers: Detection
Containment
Eradication
Report
 Question 6
Which of the following is a double-blind encapsulation system that enables
anonymous but not encrypted Internet communications?
Selected Answer:
TOR (The Onion Router)
Answers:
Cryptcat
Back Orifice
Remote Desktop Protocol (RDP) and Remote Assistance
 Question 7
Which of the following is an operating system built exclusively to run on a bastion
host device?
Selected Answer:
Proprietary OS
Answers:
Proprietary OS
General OS
Reverse proxy
Appliance firewall
 Question 8
Which of the following is a dedicated hardware device that functions as a black-box
sentry?
Selected Answer:
Appliance firewall
Answers: Fail-safe
Reverse proxy firewall
Proxy firewall
Appliance firewall
 Question 9
Which of the following forces all traffic, communications, and activities through a
single pathway or channel that can be used to control bandwidth consumption, filter
content, provide authentication services, or enforce authorization.
Selected Answer:
Chokepoint
Answers: Fail-safe
Chokepoint
Fail-secure
Reverse proxy
 Question 10
Which of the following describes a general purpose OS?
Selected
Answer:
An operating system such as Windows or Linux that can support a wide
variety of purposes and functions, but which, when used as a bastion
host OS, must be hardened and locked down
Answers: An operating system that supports only firewall functions
An operating system that does not support firewall functions
A means of providing faster access to static content for external users
accessing internal Web servers

variety of purposes and functions, but which, when used as a bastion
host OS, must be hardened and locked down
 Question 11
0 out of 1.2 points
In which type of environment do you block all access to all resources, internal and
external, by default, and then use the principle of least privilege by adding explicit and
specific allow-exceptions only when necessary based on job descriptions?
Selected Answer:
Default-deny
Answers: Default-deny
Default-accept
Filter-free
Fail-safe
 Question 12
0 out of 1.2 points
Which of the following is not a commonsense element of troubleshooting firewalls?
Selected Answer:
Isolate problems.
Answers: Focus on the most critical issues first.
Isolate problems.
Work with urgency.

Know your firewall thoroughly.
 Question 13
All of the following are disadvantages of the build-it-yourself firewall, but one is an
advantage. Which of the following is an advantage?
Selected Answer:
Cost
Answers: Additional hardware manipulation

Hardening of a host OS
Juggling of device drivers
Cost
 Question 14
Which of the following is a malicious remote control tool?
Selected Answer:
NetBus
Answers:
NetBus
Cryptcat
Loki
 Question 15
If the process of creating rules requires a significant number of special exceptions to
modify or
adjust ranges of addresses or ports, what should you do?
Selected
Answer: Consider reconfiguring the network rather than using a too complex or
too long rule set.
Answers: Use a more complex rule set.
Consider reconfiguring the network rather than using a too complex or

too long rule set.
Use a longer rule set.
Don't use any addresses or ports.
 Question 16
Which of the following is a network mapper, port scanner, and OS fingerprinting tool
that checks the state of ports, identifies targets, and probes services?
Selected Answer:
Nmap
Answers: Wireshark
Nmap
TCPView
Backtrack
 Question 17
Which of the following does port forwarding support?
Selected Answer:
Any service on any port
Answers:
Caching
Encryption endpoint
Load balancing
 Question 18
Which of the following is a centralized logging service that hosts a duplicate copy of
log files?
Selected Answer:
Syslog
Answers: Nessus
Netcat
Syslog
Backtrack
 Question 19
Which of the following command-line tools will list the current open, listening, and
connection
sockets on a system as well as the service related to each socket?
Selected Answer:
Fport
Answers: TCPView
Fport
Netstat
Nmap
 Question 20
Examples of users purposefully avoiding or violating security—that is, not actively
supporting and participating in security—include all of the following except which
one?
Selected Answer:
Setting strong passwords
Answers: Using proxy tools to get around firewalls
Using personal equipment
Sharing accounts with other employees

 Question 21
Which of the following is not a firewall type?
Selected Answer:
Universal
Answers:
Universal
Static packet filtering
Proxy
Stateful inspection
 Question 22
Which of the following describes security stance?
Selected
Answer: An organization’s filtering configuration; it answers the question, “What
should be allowed and what should be blocked?”
Answers:
An organization’s filtering configuration; it answers the question, “What
An operating system such as Windows or Linux that supports a wide
variety of purposes and functions, but when used as a bastion host OS
must be hardened and locked down
An approach to security similar to defense in depth that uses a different
security mechanism at each or most of the layers
 Question 23
Which of the following is disabled by default and requires an invitation?
Selected Answer:
Answers: TOR (The Onion Router)

SubSeven
Netcat
 Question 24
0 out of 1.2 points
Which of the following is not a common reason for deploying a reverse proxy?
Selected Answer:
Reverse caching
Answers: Reverse caching
Security
Time savings
Encryption
 Question 25
Which of the following creates TCP and UDP network connections to or from any
port?
Selected Answer:
Netcat
Answers: Cryptcat
Back Orifice
SubSeven
Netcat
 Question 1
Which of the following refers to any product that appears in a vendor’s PowerPoint
slide deck, but is not yet available in one of its products?
Selected Answer:
Slideware
Answers: Anonymity
Hairpinning
Service level agreement (SLA)
Slideware
 Question 2
Which layer of the OSI model is the Data Link Layer?
Selected Answer:
Layer 2
Answers: Layer 1
Layer 2
Layer 3
Layer 4
 Question 3
0 out of 0.75 points
Which type of architecture recognizes that the VPN is vulnerable to attack if placed
directly in the Internet, and therefore places the Internet-facing VPN connection
behind a firewall?
Selected Answer:
Internally connected architecture
Answers: Two-factor architecture
Bypass architecture
DMZ architecture
 Question 4
Although it provides a mechanism for creating tunnels through an IP network, which
of the following does not provide a mechanism for encrypting the data being
tunneled?
Selected Answer:
Layer 2 Tunneling Protocol (L2TP)
Answers:
Point-to-Point Protocol (PPP)
Authentication Header (AH)
Encapsulating Security Payload (ESP)
 Question 5
Which of the following can affect the stability of a VPN deployment?
Selected Answer:
Software version
Answers: Topology
Encryption level
Traffic
Software version
 Question 6
Which of the following refers to a protocol that provides integrity protection for packet
headers and data, as well as user authentication?
Selected Answer:
Answers: Point-to-Point Tunneling Protocol (PPTP)
Request for Comments (RFC)

 Question 7
Which of the following identifies, tracks, and mitigates known weaknesses on hosts or
applications within a computing environment?
Selected Answer:
Vulnerability management
Answers: BYOD policies
Slideware
Hairpinning
 Question 8
Which of the following refers to a network protocol that is a method for secure remote
logon and other secure network services over a public network?
Selected Answer:
Secure Shell (SSH)
Answers: Point-to-Point Protocol (PPP)
Secure Shell (SSH)

 Question 9
Which of the following negotiates, creates, and manages security associations?
Selected Answer:
Internet Key Exchange (IKE)
Answers: Layer 2 Tunneling Protocol (L2TP)
Point-to-Point Tunneling Protocol (PPTP)

 Question 10
Which of the following characteristics relates to Point-to-Point Protocol (PPP)?
Selected
Answer: A protocol commonly used in establishing a direct connection between
two networking nodes
Answers: The standards body for Internet-related engineering specifications
A protocol that provides integrity protection for packet headers and data,
as well as user authentication
A protocol commonly used in establishing a direct connection between

two networking nodes
An older protocol largely replaced by IPSec and SSL/ TLS-based VPNs
in production environments, but still in use in some older environments
 Question 11
Which component of Secure Shell (SSH) Protocol provides server authentication,
confidentiality, and integrity with perfect forward secrecy?
Selected Answer:
Transport Layer Protocol
Answers: Rsync
Connection Protocol

User Authentication Protocol
 Question 12
The inability to encrypt or otherwise protect the data stream between the client and
server is a drawback of which protocol?
Selected Answer:
Hypertext transfer Protocol (HTTP0
Answers:
Layer 2 Forwarding (L2F) Protocol
 Question 13
Which of the following documents an organization's rules for using a VPN?
Selected Answer:
Remote access policy
Answers: Hairpinning
Service level agreement
Vaporware
 Question 14
Which of the following refers to an early communications protocol that competed with
Point-to-Point Tunneling Protocol?
Selected Answer:

Internet Engineering Task Force (IETF)
 Question 15
Which of the following describes a service level agreement (SLA)?
Selected
Answer: A contractual commitment by a service provider or support organization to
its customers or users
Answers:
A contractual commitment by a service provider or support organization to
The ability for a network or system user to remain unknown
An industry term referring to any product that appears in a vendor’s
PowerPoint slide deck, but is not yet available in one of its products
A process by which malicious code can enter from a non-secure network,
and make a hairpin, or sharp turn and enter a secure network with little or
no trouble because it is entering from a secure and verified endpoint
 Question 16
Which of the following represents a standards-based protocol suite designed
specifically for securing Internet Protocol communications?
Selected Answer:
Internet Protocol Security (IPSec)
Answers: Authentication Header (AH)
Tunnel mode
Transport mode

 Question 17
Which of the following is a benefit of an open source VPN solution?
Selected Answer:
Ease of installation
Answers: Ease of installation
Available management tools
Low cost
Access to vendor support
 Question 18
What is meant by internet Engineering Task Force (IETF)?
Selected
Answer: The standards body for Internet-related engineering specifications
Answers: An early proprietary protocol from Microsoft
A protocol that provides integrity protection for packet headers and data,
as well as user authentication
The standards body for Internet-related engineering specifications

 Question 19
Which of the following is an advantage of SSL/TLS VPNs over IPSec VPNs?
Selected
Answer: More vendor-created workarounds on the network address translation
tool
Answers: Installation on corporate systems only
More vendor-created workarounds on the network address translation
tool
More firewall rules
Platform Independence
 Question 20
Which of the following describes anonymity?
Selected
Answer: The capability for a network or system user to remain unknown
Answers:
The capability for a network or system user to remain unknown
 Question 21
Which term is describes the second core IPSec security protocol; it can perform
authentication to provide integrity protection, although not for the outermost IP
header?
Selected Answer:

 Question 22
Which of the following characteristics relates to authentication header (AH)?
Selected
Answer: It is a protocol that provides integrity protection for packet headers and
data, as well as user authentication.
Answers: It is a document that defines or describes computer and networking
technologies. These documents are published by the Internet Engineering
Task Force, the standards body for Internet engineering specifications.
RFCs exist for hardware, operating systems, protocols, security services,
and much more.
It is an older protocol largely replaced by IPSec and SSL/ TLS-based
VPNs in production environments, but it is still in use in some older
environments.
It is an early proprietary protocol from Microsoft.
It is a protocol that provides integrity protection for packet headers and

data, as well as user authentication.
 Question 23
What name is given to a method that proves identity using two different
authentication factors?
Selected Answer:
Two-factor authentication
Answers: Service level agreement (SLA)
Hairpinning
Anonymity
 Question 24
Which section of the VPN policy should be as specific as possible, leaving little open
to interpretation?
Selected Answer:
Summary
Answers:
Policy
Optional elements
Summary
Roles and responsibilities
 Question 25
Which of the following is one of the easiest ways to compromise a VPN?
Selected Answer:
Compromising VPN availability
Answers: Compromising VPN availability
Compromising the authentication credentials

Patching regularly
Using vulnerability management with remote clients
 Question 26
The next generation IP version and successor to IPv4 is called what?
Selected Answer:
IPv6
Answers: IPv5
IPv6
IANA
SSL
 Question 27
Which type of architecture deploys the VPN so that traffic to and from the VPN is not
firewalled?
Selected Answer:
Bypass architecture
Answers: Internally connected architecture
Bypass architecture
DMZ architecture
Two factor architecture
 Question 28
Which section of the VPN policy describes the systems, networks, or people covered
by the policy?
Selected Answer:
Scope
Answers: Introduction
Policy
Scope
Purpose
 Question 29
Which of the following is commonly used with an authentication header to provide
both confidentiality and integrity protection for communications?
Selected Answer:
Answers: Internet Key Exchange (IKE)
Layer 2 Forwarding (L2F)

 Question 30
Which of the following reflects the ability of a network or system user to remain
unknown?
Selected Answer:
Anonymity
Answers: Flexibility
Anonymity
Security
Denial of service
 Question 31
Which term describes an early proprietary protocol from Microsoft?
Selected Answer:
 Question 32
Which of the following should specifically be included in the organizations VPN
solution?
Selected Answer:
Types of VPN connections supported
Answers:
The prohibiting of split tunneling
Encouraging shared VPN credentials
How scalable the VPN is
 Question 33
When determining the number of users affected by a VPN problem, which
troubleshooting step is being performed?
Selected Answer:
Identifying the symptoms
Answers:
Determining scope
Looking for changes
Calling the vendor
 Question 34
Which of the following is most likely to occur in the VPN?
Selected Answer:
VPN server attack
Answers: Denial of service attack
VPN server attack
Client attack
Remote access attack
 Question 35
Which term describes a process by which malicious code can enter from a non-
secure network, and make a hairpin, or sharp turn, and enter a secure network with
little or no trouble because it is entering from a secure and verified endpoint?
Selected Answer:
Hairpinning
Answers:
Hairpinning
Anonymity
Slideware
Service Level Agreement (SLA)
 Question 36
Which of the following describes Layer 2 Tunneling Protocol (L2TP)?
Selected
Answer:

The second core IPSec security protocol; it can perform authentication to
provide integrity protection, although not for the outermost IP header
An early proprietary protocol from Microsoft
 Question 37
Which of the following key VPN protocols used today is the main alternative for a
VPN solution that does not leverage an IPSec solution?
Selected Answer:
Answers: Internet Engineering Task Force (IETF)
Secure Sockets Layer(SSL)/Transport Layer Security (TLS)

 Question 38
When employees have multiple concurrent connections, what might be happening to
the VPN system?
Selected
Answer: There may be a software failure.
Answers: There may be a software failure.
Employees may be trying to access the system from remote
locations.
There may be a security issue.

There may be a hardware failure.
 Question 39
Which type of architecture places a firewall in front of the VPN to protect it from
Internet-based attacks as well as behind a firewall to protect the internal network?
Selected Answer:
Two-factor architecture
Answers: Bi-lateral architecture
Two-prong approach
DMZ architecture
 Question 40
Which of the following is one of the most common and easily exploited vulnerabilities
on any hardware network device?
Selected Answer:
Insecure default configuration
Answers: Insecure default configuration
Misconfiguration by the installer
Undistributed authentication credentials
Default password
 Question 1
What term describes a small text file used by Web browsers and servers to track
Web sessions?
Selected Answer:
Cookie filter
Answers: Web-based service
Web browser
Popup blocker
Cookie filter
 Question 2
Which of the following characteristics relates to Kerberos?
Selected
Answer:
A computer network authentication protocol that allows nodes
communicating over a non-secure network to prove their identity to one
another in a secure manner
Answers:
A public interest research group in Washington, D.C., established in 1994
to focus public attention on emerging civil liberties issues and to protect
privacy, the First Amendment, and Constitutional values in the information
age
A round-robin database tool intended to handle time-series data like
network bandwidth, temperatures, CPU load, and so on.
Dynamic random access memory (DRAM) that has a synchronous
interface
 Question 3
Which of the following characteristics relates to a common Gateway Interface (CGI)
script?
Selected
Answer: A standard that defines how Web server software can delegate the
generation of Web pages to a console application.
Answers:
A standard that defines how Web server software can delegate the
age
A round-robin database tool intended to handle time-series data such as
network bandwidth, temperatures, CPU load, and so on
 Question 4
What must be enabled to test SmoothWall’s capability to mitigate attacks?
Selected Answer:
Snort intrusion detection software
Answers: open SSH
SQUID
Ping

 Question 5
Which of the following is hardware that connects a local network—or even a single
computer—to a telco’s carrier network to access the Internet?
Selected Answer:
ISP connection device
Answers: IPFire

DSL line
SOHO
 Question 6
Which name is given to a set of communications standards for simultaneous digital
transmission of voice, video, data, and other network services over the traditional
circuits of the public switched telephone network?
Selected Answer:
Integrated Services Digital Network (ISDN)
Answers: National Security Agency (NSA)
Asymmetric Digital Subscriber Line (ADSL)

Clipper Chip
 Question 7
Which of the following risks can compromise the confidentiality of documents stored
on the server?
Selected
Answer: Risk that information about the server can be accessed
Answers: Risk that transaction data can be intercepted
Risk that unauthorized individuals can breach the server’s document

tree
Risk that information about the server can be accessed
Risk of denial of service attacks
 Question 8
Which one of the following is not a third-party software firewall but is a security suite?
Selected Answer:
McAfee Personal Firewall Plus
Answers: eConceal Pro
Look ’n’ Stop
Lavasoft Personal Firewall

 Question 9
In theory, the use of a software firewall as a replacement for a network appliance can
work as long as the host OS's network communication is routed through which type of
firewall?
Selected Answer:
Virtual firewall
Answers:
Virtual firewall
Appliance firewall
Hardware firewall
Commercial firewall
 Question 10
Connecting port 22 or 222 with a client such as WinSCP3 will allow SmoothWall
which capability?
Selected Answer:
Transfer of files to and from the system via SCP/SFTP
Answers: Access to tools like TCPdump

Auto-sensing crossover capabilities
Access to graphics of network traffic
 Question 11
The volume of data throughput and transmission speed associated with a firewall is
considered what?
Selected Answer:
Performance
Answers: Scalability
Privilege control
Flexibility
Performance
 Question 12
Which of the following refers to a database tool intended to handle time-series data,
such as network bandwidth, temperatures, CPU load, and so on?
Selected Answer:
RRDtool (Round-Robin Database Tool)
Answers: TCPdump

Common Gateway Interface (CGI) script
 Question 13
In SmoothWall, what color network interface card indicates the segment of the
network is not trusted, but shares the Internet connection?
Selected Answer:
Orange
Answers: Green
Blue
Orange
Red
 Question 14
The degree to which a firewall can impose user access restrictions is known as which
of the following?
Selected Answer:
Privilege control
Answers: Security assurance
Privilege control
Authentication
Audit capabilities
 Question 15
In addition to providing network security, organizations must address what other type
of security issue?
Selected Answer:
Transaction security
Answers:
Protocol security
Hard disk security
Database security
 Question 16
Which of the following outbound ports is for HTTPS?
Selected Answer:
Port 443
Answers: Port 25
Port 53
Port 80
Port 443
 Question 17
Which one of the following is not a commercial hot firewall option available for Linux?
Selected Answer:
Kaspersky Internet Security
Answers: SmoothWall
IPFire

IPCop
 Question 18
Which of the following prevents or restricts Web sites from automatically opening
additional tabs or windows without the user’s consent?
Selected Answer:
Pop-up blocker
Answers:
Pop-up blocker
Active threat
Cookie filter
Native firewall
 Question 19
Which of the following is not true of security for a SOHO?
Selected Answer:
Cost effective
Answers: Cost effective
Easy to implement
Not as vulnerable as corporate offices
Have a higher risk than corporate offices
 Question 20
Which of the following outbound ports is for DNS?
Selected Answer:
Port 53
Answers: Port 25
Port 53
Port 80
Port 110
 Question 21
Which of the following is a closed-source product?
Selected
Answer: One that is commercial
Answers: One that is non-commercial
One where the source code cannot be obtained and view by just
anyone
One where the source code can be obtained and viewed by anyone
One that is commercial
 Question 22
Which of the following is not an ISP connection?
Selected Answer:
Satellite
Answers: Cable
Satellite
pfSense
DSL
 Question 23
Which of the following describes any harmful code or site that depends upon the
user’s actions to be accessed or activated?
Selected Answer:
Passive threat
Answers: Native firewall
Active threat
Passive threat
Cookie filter
 Question 24
Which of the following is a popular open source intrusion detection system that runs
on SmoothWall??
Selected Answer:
Answers: Synchronous Dynamic Random Access Memory (SDRAM)
Kerberos
Snort
 Question 25
Which of the following describes a native firewall?
Selected
Answer: Windows 7 host software firewall
Answers: A small text file used by Web browsers and servers to track Web
sessions
A firewall in an operating system or hardware device that is placed

there by the vendor or manufacturer
Open-source and commercial software firewalls for most operating
systems
Windows 7 host software firewall
 Question 26
Which of the following is a minimum requirement for running SmoothWall?
Selected Answer:
512 MB PC SDRAM
Answers: Three NICs
10 GB hard drive
84MHZ processor
512 MB PC SDRAM
 Question 27
Which of the following is not one way to handle the reset button for devices?
Selected Answer:
Depressing the button of ten to test it
Answers: Consulting the user manual for instructions

Keeping a printed copy of all rule sets
Visiting the vendor site
 Question 28
Selected
Answer: One that is commercial
anyone
 Question 29
Which of the following will track every single connection outside the Web by IP
address and URL?
Selected Answer:
Proxy server
Answers: Clipper Chip
National Security Agency
Proxy server
Electronic Privacy Information Center
 Question 30
What term is used to describe a chipset developed and promoted by the U.S.
government from 1993 to 1996 as an encryption device to be adopted by
telecommunications companies for voice transmission?
Selected Answer:
Clipper Chip
Clipper Chip
Kerberos
National Information Infrastructure (NII)
 Question 31
If an external server needs to communicate with servers inside the green zone, which
network setting on SmoothWall can be opened?
Selected Answer:
DMZ pinholes
Answers: Port forwarding
PPP settings
DMZ pinholes
IP block
 Question 32
Which of the following will generate a graph of network traffic every five minutes on a
firewall?
Selected Answer:
RRDtool
Answers: Asymmetric Digital Subscriber Line (ADSL)
TCPdump
RRDtool
DDNS
 Question 33
Which of the following refers to a public interest research group in Washington, D.C.
that was established in 1994 to preserve the right of privacy in the electronic age as
well as to give individuals greater control over personal information?
Selected Answer:
Electronic Privacy Information Center (EPIC)
CERN

 Question 34
Which of the following is a key feature of SmoothWall?
Selected Answer:
Universal Plug and Play support
Answers: Weak traffic graphs and bandwidth bars

DMZ support only
Inbound traffic blocking with time-based controls
 Question 35
Which of the following is not a security suite?
Selected Answer:
Netfilter
Answers:
Netfilter
Webroot Internet Security Essentials
Computer Associates
 Question 36
What is meant by synchronous Dynamic Random Access Memory (SDRAM)?
Selected
Answer: Dynamic random access memory (DRAM) that has a synchronous
interface
Answers: A computer network memory capability that allows nodes communicating
over a non-secure network to prove their identity to one another in a
secure manner
Dynamic random access memory (DRAM) that has a synchronous

interface
A public interest research group in Washington, D.C., established in
1994 to focus public attention on emerging civil liberties issues and to
protect privacy
A web cache/proxy
 Question 37
Which of the following is an open source product?
Selected
Answer: One where the source code can be obtained and viewed by anyone
anyone
 Question 38
Which of the following does not address passive threats?
Selected Answer:
Active threats
Answers: Pop-up blockers
Cookie filters
Malicious site managers
Active threats
 Question 39
Which type of software is closed-sourced to protect intellectual property and allow
vendors to charge for the product?
Selected Answer:
Commercial
Answers: Non-commercial
Open source
Free software
Commercial
 Question 40
Which of the following is a form of threat that takes some type of initiative to seek out
a target to compromise?
Selected Answer:
Active threat
Passive threat
Active threat
Cookie
 Question 1
Which term describes the act of working from a home, remote, or mobile location while
connecting into the employer’s private network, often using a VPN?
Selected Answer:
Telecommuting
Host-to-site VPN
Telecommuting
Scalability
 Question 2
0 out of 0.6 points
Selected Answer:

Cryptography
IP headers
 Question 3
intangible values?
Selected Answer:
Asset value (AV)
Answers:
Asset value (AV)
Packet
 Question 4
Selected
Answer: Removal of redundant or superfluous data or space to reduce the size of a
data set
Answers: A VPN used to grant outside entities access into a perimeter network; used
to host resources designated as accessible to a limited group of external
entities, such as business partners or suppliers, but not the general public
Removal of redundant or superfluous data or space to reduce the size of a

data set
 Question 5
Selected Answer:
Filter
Filter
Wirespeed
Round robin
 Question 6
endpoints of a VPN?
Selected Answer:
 Question 7
Selected Answer:
Load balancing
Load balancing
Wirespeed
 Question 8
logging server?
Selected Answer:
Syslog
Answers:
Syslog
Firewall logging
 Question 9
Which of the following refers to a form of IDS/IPS detection based on a collection of
samples, patterns, signatures, and so on stored in a database of known malicious
traffic and events? All traffic or events that match an item in the database are
considered abnormal and potentially malicious.
Selected Answer:
Answers:
Firewalking
False Positive
 Question 10
cause harm?
Selected Answer:
Physical address

Rule
 Question 11
Selected Answer:
Answers:
False positive
 Question 12
Which of the following describes fair queuing?
Selected
Answer: A technique of load balancing that operates by sending the next transaction
to the firewall with the least current workload.
Answers:
A technique of load balancing that operates by sending the next transaction
event actually is benign.
signatures, and so on.
A written expression of an item of concern (protocol, port, service,
application, user, and IP address) and one or more actions to take when
the item of concern appears in traffic.
 Question 13
Selected Answer:
Host-to-host VPN
Host-to-host VPN
Hash
Site-to-site VPN
 Question 14
Selected Answer:
Digital signature
Algorithm
Digital signature
 Question 15
Selected Answer:
Channel
Host-to-site VPN
Channel
 Question 16
and payload?
Selected Answer:
Answers:
Cryptography
IP headers
 Question 17
against spoofing?
Selected
Answers:
continue
 Question 18
Selected Answer:
Answers:
Host-to-site VPN
Rekeying
 Question 19
Selected
Answer: The last device owned and controlled by an organization before an ISP or
telco connection
Answers:
The last device owned and controlled by an organization before an ISP or
telco connection
A form of cryptography in which each encryption key is used once before
being discarded
message
 Question 20
parties?
Selected Answer:
Cryptography
Split tunnel
Cryptography
 Question 21
Selected
Answer:
system
system
channel
 Question 22
Selected Answer:
Hardware firewall
Stateful inspection
 Question 23
Selected Answer:
False negative
Round robin
False negative
 Question 24
Which term describes a security stance that prevents all communications except those
enabled by specific allow exceptions?
Selected Answer:
Answers: Syslog

 Question 25
Selected
Answer:
A form of intrusion detection system/intrusion prevention system (IDS/ IPS)
rules.
Answers: An event that does not trigger an alarm but should have because the traffic
or event is abnormal and/or malicious.
event is benign.

rules.
 Question 26
wireless routers to offload authentication to a dedicated authentication server/service?
Selected Answer:
Answers:
 Question 27
Selected Answer:
Answers:
 Question 28
Selected Answer:
Software VPN
Keyspace
 Question 29
Which name is given to a form of filtering that focuses on traffic content?
Selected Answer:
Content filtering
Answers: Stateful inspection filtering
Static filtering
Content filtering
Application gateway
 Question 30
Selected Answer:
Closed source
Answers: Circuit
Closed source
Bots
Physical address
 Question 31
Selected Answer:
Round robin
Firewalking
Round robin
Alert
 Question 32
Selected
Answer:
The function of routing traffic from an external source received on a specific
pre-defined IP address and port combination (also known as a socket) to an
internal resource server.

 Question 33
Selected Answer:
Firewalking
Answers: Filter
Firewalking
 Question 34
Selected
Answers:
An intrusion detection system/intrusion prevention system (IDS/ IPS) based
on a defined normal, often defined using rules similar to firewall rules
An event that does not trigger an alarm but should have, due to the traffic
or event actually being abnormal and/or malicious
 Question 35
Selected Answer:
Answers:
Personal firewalls
Sessions
Appliance firewalls
 Question 36
Which firewall has a network interface located in a unique network segment that allows
for true isolation of the segments and forces the firewall to filter all traffic moving from
one segment to another?
Selected Answer:
Dual-homed firewall
Software firewall
Dual-homed firewall
 Question 37
Selected Answer:
Ciphertext
Ciphertext
Identity proofing
Host VPN
 Question 38
Selected Answer:
Using firewalking
Answers: Using IDS
Using firewalking
 Question 39
Selected
Answers: The process of automatically created temporary filters. In most cases, the

A type of firewall that filters on a specific application’s content and session
information
 Question 40
Which command-line or graphical interface is used to control and configure a device?
Selected Answer:
Answers: Port-based network access (Admission) control (PNAC)
Fair queuing
Signature
 Question 41
Selected Answer:
Traffic patterns

 Question 42
Selected Answer:
Ciphertext
Algorithm
 Question 43
Selected
Answer: A network carrier line—often leased or dedicated—which uses fiber optic
cables for high-speed connections
Answers:
A network carrier line—often leased or dedicated—which uses fiber optic
A program used to control access to computer resources, enforce policies,
audit usage, and provide billing information
 Question 44
Selected
Answers: A mechanism defining traffic or an event to apply an authorization control of
allow or deny against
wireless routers
A form of IDS/IPS detection based on a recording of real-world traffic as a
baseline for normal
 Question 45
Selected Answer:
Host firewall
Answers:
Host firewall
Hardware firewall
Client
 Question 46
Selected Answer:
Bump-in-the-stack
Bump-in-the-stack
Hardware firewall
Screening router
 Question 47
Which name is given to an entrance or exit point to a controlled space?
Selected Answer:
Gateway
Answers: Physical layer (Layer 1)
Cost/Benefit Analysis
Network layer (Layer 3)
Gateway
 Question 48
Selected Answer:
Circuit firewall
 Question 49
0 out of 0.6 points
Selected Answer:

Encrypted text
 Question 50
Selected Answer:
Decryption
Answers:
Decryption
Hashing
Avalanche effect
Monday, March 12, 2018 7:01:44 PM EDT
ser faheem muhammad alekozai
Course (Spring 2018) ITN 263 (Y80M) - Inter/Intranet Firewalls/E-Comm. Sec
Test Chapters 4_5_6Quiz
Started 3/26/18 8:47 PM
Submitted 3/30/18 7:45 PM
Due Date 3/30/18 11:59 PM
Status Completed
Attempt Score 28.8 out of 30 points
Time Elapsed 94 hours, 57 minutes
Results Displayed All Answers, Submitted Answers, Correct Answers
 Question 1
Selected Answer:
Default deny
Fail-open
Default deny
Default allow
 Question 2
All of the following are advantages of a defense-in-depth security design except which
one?
Selected

smaller pieces.
 Question 3
Selected
Answers:
networks
 Question 4
Selected Answer:
Unlimited growth
Controlled growth
Planned growth
Unlimited growth
 Question 5
Selected Answer:
Botnet army
Answers: Honeypots
Firewalls
IDSs
Botnet army
 Question 6
Selected
Answer:

 Question 7
known as what?
Selected Answer:
Answers: Encryption

Eavesdropping
Filtering
 Question 8
Selected Answer:
Brute-force attack
Answers:
Brute-force attack
Hybrid attack
Modeling
 Question 9
domain name accessed through the domain registrar’s Web sites and Whois lookups?
Selected Answer:
Domain registration
Answers:
Domain registration
USENET newsgroup
Wrapper
 Question 10
Selected Answer:
Answers:
Host firewall
Antivirus scanner
 Question 11
Which of the following characteristics relates to a distributed Denial of Service (DDoS)
attack?
Selected
user activities

 Question 12
Selected
Answer: Basic security training that focuses on common or basic security elements
that all employees must know and abide by
Answers: A dedicated microchip found on some motherboards that host and protect
the encryption key for whole hard drive encryption
career advancement
Basic security training that focuses on common or basic security elements

 Question 13
Checking authentication, checking authorization and access control, auditing systems,
and verifying firewalls and other filters should all be included on which of the following?
Selected Answer:

A whitelist
A response plan
 Question 14
Selected Answer:
Answers: Piloting
Brute-force attack
Hybrid attack
 Question 15
Selected Answer:
Dialer
Answers: Adware
Sector
Spyware
Dialer
 Question 16
Selected
Answer: The process of discovering sufficient details about a potential target to learn
about network or system vulnerabilities
Answers:
The process of discovering sufficient details about a potential target to learn
An application attack in which a hacker submits SQL expressions to cause
authentication bypass, extraction of data, planting of information, or access
to a command shell
A logical division of data composed of one or more sectors on a hard drive
 Question 17
Selected Answer:
Backups
Answers: Fail-Open
Honeynets
Backups
 Question 18
Selected
Answer:
A network attack in which an unauthorized person gains access to a network
and stays there undetected for a long period of time. The purpose of such an
attack is to steal data, not to damage the network or organization.
Answers:
A rogue program that automatically dials a modem to a pre-defined number.
Sometimes this is to download additional malware to the victim or to upload
stolen data from the victim. In other cases, the dialer calls premium rate
telephone numbers to rack up massive long distance charges.
 Question 19
Which of the following describes a predefined procedure that will limit damage, contain
the spread of malicious content, stop the compromise of information, and promptly
restore the environment to a normal state?
Selected Answer:

 Question 20
0 out of 1.2 points
Selected Answer:
They are not full-time regular employees and might lack loyalty.

 Question 21
Which form of investigation aims at checking whether or not a target system is subject
to attack based on a database of tests, scripts, and simulated exploits?
Selected Answer:
Fail-open
 Question 22
Selected Answer:
Whois

ARP spoofing
 Question 23
Selected
Answer:

A plan to restore the mission-critical functions of the organization once they
have been interrupted by an adverse event.
 Question 24
Selected Answer:
Cold calling
Answers:
Cold calling
Proxy manipulation
Recreational hacker
 Question 25
Selected
Answer:
function is to confirm communication is functioning properly or to announce
an error.
Answers:
an error.

Selected Answer:

 Question 2
Selected
Answers:
 Question 3
header?
Selected Answer:

 Question 4
Selected Answer:
Tunnel mode
Transport mode

 Question 5
by the policy?
Selected Answer:
Purpose
Policy
Scope
Purpose
 Question 6
What name is given to a method that proves identity using two different authentication
factors?
Selected Answer:
Hairpinning
Anonymity
 Question 7
Selected Answer:

Vaporware
 Question 8
Selected Answer:

Patching regularly
 Question 9
Selected Answer:
Software version
Answers: Topology
Encryption level
Traffic
Software version
 Question 10
solution?
Selected Answer:
Answers:
 Question 11
Selected
Answer: Platform Independence
tool
More firewall rules
 Question 12
Selected
Answers:
 Question 13
Selected Answer:
Determining scope
Answers:
Determining scope
Looking for changes
Calling the vendor
 Question 14
Selected Answer:

 Question 15
firewalled?
Selected Answer:
Bypass architecture
Bypass architecture
DMZ architecture
 Question 16
Which of the following is commonly used with an authentication header to provide both
confidentiality and integrity protection for communications?
Selected Answer:

 Question 17
Selected Answer:
Default password

Default password
 Question 18
Selected Answer:
Low cost
Low cost
 Question 19
Selected Answer:
IPv6
Answers: IPv5
IPv6
IANA
SSL
 Question 20
Selected
An older protocol largely replaced by IPSec and SSL/ TLS-based VPNs in
production environments, but still in use in some older environments
A protocol that provides integrity protection for packet headers and data, as
well as user authentication

 Question 21
Which term describes a process by which malicious code can enter from a non-secure
network, and make a hairpin, or sharp turn, and enter a secure network with little or no
trouble because it is entering from a secure and verified endpoint?
Selected Answer:
Hairpinning
Answers:
Hairpinning
Anonymity
Slideware
 Question 22
Which of the following key VPN protocols used today is the main alternative for a VPN
solution that does not leverage an IPSec solution?
Selected Answer:

 Question 23
Selected Answer:
Slideware
Hairpinning
 Question 24
Selected Answer:
DMZ architecture

Two-prong approach
DMZ architecture
 Question 25
Selected Answer:
Answers:
 Question 26
Selected Answer:
Answers: Rsync
Connection Protocol

 Question 27
to interpretation?
Selected Answer:
Answers:
Policy
Optional elements
Summary
 Question 28
Although it provides a mechanism for creating tunnels through an IP network, which of
the following does not provide a mechanism for encrypting the data being tunneled?
Selected Answer:
Answers:
 Question 29
unknown?
Selected Answer:
Anonymity
Anonymity
Security
Denial of service
 Question 30
Selected Answer:
Slideware
Answers: Anonymity
Hairpinning
Slideware
 Question 31
directly in the Internet, and therefore places the Internet-facing VPN connection behind
a firewall?
Selected Answer:
Bypass architecture
DMZ architecture
 Question 32
Selected
Answer: A protocol commonly used in establishing a direct connection between two
networking nodes
A protocol commonly used in establishing a direct connection between two

networking nodes
 Question 33
Selected Answer:
Layer 2
Answers: Layer 1
Layer 2
Layer 3
Layer 4
 Question 34
the VPN system?
Selected Answer:
Employees may be trying to access the system from remote locations.

 Question 35
Selected Answer:

 Question 36
Selected Answer:
Client attack
VPN server attack
Client attack
 Question 37
Selected Answer:

 Question 38
Selected
Answer: It is a protocol that provides integrity protection for packet headers and data,
as well as user authentication.
and much more.
It is an older protocol largely replaced by IPSec and SSL/ TLS-based VPNs
in production environments, but it is still in use in some older environments.
It is a protocol that provides integrity protection for packet headers and data,
 Question 39
Selected Answer:
Secure Shell (SSH)
Secure Shell (SSH)

 Question 40
Selected
Answer:

 Question 1
Selected Answer:

DMZ support only
 Question 2
firewall?
Selected Answer:
Virtual firewall
Answers:
Virtual firewall
Appliance firewall
Hardware firewall
Commercial firewall
 Question 3
Selected Answer:
eConceal Pro
Look ’n’ Stop

 Question 4
Selected Answer:
Answers: SmoothWall
IPFire

IPCop
 Question 5
Selected Answer:
CERN

 Question 6
What term describes a small text file used by Web browsers and servers to track Web
sessions?
Selected Answer:
Cookie filter
Web browser
Popup blocker
Cookie filter
 Question 7
Selected Answer:
Pop-up blocker
Answers:
Pop-up blocker
Active threat
Cookie filter
Native firewall
 Question 8
In SmoothWall, what color network interface card indicates the segment of the network
is not trusted, but shares the Internet connection?
Selected Answer:
Orange
Answers: Green
Blue
Orange
Red
 Question 9
Selected
Answer: One where the source code cannot be obtained and view by just
anyone
anyone
 Question 10
Selected Answer:

 Question 11
Selected
Answer: Open-source and commercial software firewalls for most operating
systems
Answers: A small text file used by Web browsers and servers to track Web sessions
A firewall in an operating system or hardware device that is placed there

by the vendor or manufacturer
systems
 Question 12
of security issue?
Selected Answer:
Database security
Answers:
Protocol security
Hard disk security
Database security
 Question 13
Which of the following is a popular open source intrusion detection system that runs on
SmoothWall??
Selected Answer:
Snort
Kerberos
Snort
 Question 14
Selected Answer:
Port 53
Answers: Port 25
Port 53
Port 80
Port 110
 Question 15
Selected Answer:
Answers: open SSH
SQUID
Ping

 Question 16
Selected Answer:
DMZ pinholes
PPP settings
DMZ pinholes
IP block
 Question 17
Selected Answer:

Clipper Chip
 Question 18
firewall?
Selected Answer:
RRDtool
TCPdump
RRDtool
DDNS
 Question 19
Which of the following is a form of threat that takes some type of initiative to seek out a
target to compromise?
Selected Answer:
Active threat
Passive threat
Active threat
Cookie
 Question 20
Selected Answer:
Active threats
Cookie filters
Active threats
 Question 21
Selected Answer:
Port 443
Answers: Port 25
Port 53
Port 80
Port 443
 Question 22
Selected Answer:
Answers: TCPdump

 Question 23
Selected Answer:
Answers: IPFire

DSL line
SOHO
 Question 24
Selected
anyone
 Question 25
address and URL?
Selected Answer:
Proxy server
Proxy server
 Question 26
considered what?
Selected Answer:
Performance
Privilege control
Flexibility
Performance
 Question 27
Selected Answer:
Netfilter
Answers:
Netfilter
Computer Associates
 Question 28
Selected Answer:
Passive threat
Active threat
Passive threat
Cookie filter
 Question 29
script?
Selected
Answer: A standard that defines how Web server software can delegate the
Answers:
A public interest research group in Washington, D.C., established in 1994 to
focus public attention on emerging civil liberties issues and to protect
age
 Question 30
of the following?
Selected Answer:
Privilege control
Privilege control
Authentication
Audit capabilities
 Question 31
Connecting port 22 or 222 with a client such as WinSCP3 will allow SmoothWall which
capability?
Selected Answer:

 Question 32
Selected
Answer:
Answers:
age
A round-robin database tool intended to handle time-series data like network
bandwidth, temperatures, CPU load, and so on.
Dynamic random access memory (DRAM) that has a synchronous interface
 Question 33
on the server?
Selected

tree
 Question 34
Selected
Answer: Dynamic random access memory (DRAM) that has a synchronous interface
over a non-secure network to prove their identity to one another in a secure
manner

privacy
A web cache/proxy
 Question 35
Selected
anyone
anyone
 Question 36
Selected Answer:
512 MB PC SDRAM
Answers: Three NICs
10 GB hard drive
84MHZ processor
512 MB PC SDRAM
 Question 37
Selected Answer:
Clipper Chip
Clipper Chip
Kerberos
 Question 38
Selected Answer:
Easy to implement

 Question 39
Selected Answer:
Satellite
Answers: Cable
Satellite
pfSense
DSL
 Question 40
Selected Answer:
Commercial
Open source
Free software
Commercial
Thursday, April 19, 2018 2:29:23 PM EDT
 Question 1
Which term describes the act of working from a home, remote, or mobile location while
connecting into the employer’s private network, often using a VPN?
Selected Answer:
Telecommuting
Host-to-site VPN
Telecommuting
Scalability
 Question 2
0 out of 0.6 points
Selected Answer:

Cryptography
IP headers
 Question 3
intangible values?
Selected Answer:
Asset value (AV)
Answers:
Asset value (AV)
Packet
 Question 4
Selected
Answer: Removal of redundant or superfluous data or space to reduce the size of a
data set
Answers: A VPN used to grant outside entities access into a perimeter network; used
to host resources designated as accessible to a limited group of external
entities, such as business partners or suppliers, but not the general public
Removal of redundant or superfluous data or space to reduce the size of a

data set
 Question 5
Selected Answer:
Filter
Filter
Wirespeed
Round robin
 Question 6
endpoints of a VPN?
Selected Answer:
 Question 7
Selected Answer:
Load balancing
Load balancing
Wirespeed
 Question 8
logging server?
Selected Answer:
Syslog
Answers:
Syslog
Firewall logging
 Question 9
Which of the following refers to a form of IDS/IPS detection based on a collection of
samples, patterns, signatures, and so on stored in a database of known malicious
traffic and events? All traffic or events that match an item in the database are
considered abnormal and potentially malicious.
Selected Answer:
Answers:
Firewalking
False Positive
 Question 10
cause harm?
Selected Answer:
Physical address

Rule
 Question 11
Selected Answer:
Answers:
False positive
 Question 12
Which of the following describes fair queuing?
Selected
Answer: A technique of load balancing that operates by sending the next transaction
Answers:
A technique of load balancing that operates by sending the next transaction
event actually is benign.
signatures, and so on.
A written expression of an item of concern (protocol, port, service,
application, user, and IP address) and one or more actions to take when
the item of concern appears in traffic.
 Question 13
Selected Answer:
Host-to-host VPN
Host-to-host VPN
Hash
Site-to-site VPN
 Question 14
Selected Answer:
Digital signature
Algorithm
Digital signature
 Question 15
Selected Answer:
Channel
Host-to-site VPN
Channel
 Question 16
and payload?
Selected Answer:
Answers:
Cryptography
IP headers
 Question 17
against spoofing?
Selected
Answers:
continue
 Question 18
Selected Answer:
Answers:
Host-to-site VPN
Rekeying
 Question 19
Selected
Answer: The last device owned and controlled by an organization before an ISP or
telco connection
Answers:
The last device owned and controlled by an organization before an ISP or
telco connection
A form of cryptography in which each encryption key is used once before
being discarded
message
 Question 20
parties?
Selected Answer:
Cryptography
Split tunnel
Cryptography
 Question 21
Selected
Answer:
system
system
channel
 Question 22
Selected Answer:
Hardware firewall
Stateful inspection
 Question 23
Selected Answer:
False negative
Round robin
False negative
 Question 24
Which term describes a security stance that prevents all communications except those
enabled by specific allow exceptions?
Selected Answer:
Answers: Syslog

 Question 25
Selected
Answer:
rules.
Answers: An event that does not trigger an alarm but should have because the traffic
or event is abnormal and/or malicious.
event is benign.
rules.
 Question 26
wireless routers to offload authentication to a dedicated authentication server/service?
Selected Answer:
Answers:
 Question 27
Selected Answer:
Answers:
 Question 28
Selected Answer:
Software VPN
Keyspace
 Question 29
Selected Answer:
Content filtering
Answers: Stateful inspection filtering
Static filtering
Content filtering
Application gateway
 Question 30
Selected Answer:
Closed source
Answers: Circuit
Closed source
Bots
Physical address
 Question 31
Selected Answer:
Round robin
Firewalking
Round robin
Alert
 Question 32
Selected
Answer:
The function of routing traffic from an external source received on a specific
pre-defined IP address and port combination (also known as a socket) to an
internal resource server.

 Question 33
Selected Answer:
Firewalking
Answers: Filter
Firewalking
 Question 34
Selected
Answers:
An intrusion detection system/intrusion prevention system (IDS/ IPS) based
on a defined normal, often defined using rules similar to firewall rules
An event that does not trigger an alarm but should have, due to the traffic
or event actually being abnormal and/or malicious
 Question 35
Selected Answer:
Answers:
Personal firewalls
Sessions
Appliance firewalls
 Question 36
Which firewall has a network interface located in a unique network segment that allows
for true isolation of the segments and forces the firewall to filter all traffic moving from
one segment to another?
Selected Answer:
Dual-homed firewall
Software firewall
Dual-homed firewall
 Question 37
Selected Answer:
Ciphertext
Ciphertext
Identity proofing
Host VPN
 Question 38
Selected Answer:
Using firewalking
Answers: Using IDS
Using firewalking
 Question 39
Selected
Answers: The process of automatically created temporary filters. In most cases, the

A type of firewall that filters on a specific application’s content and session
information
 Question 40
Which command-line or graphical interface is used to control and configure a device?
Selected Answer:
Answers: Port-based network access (Admission) control (PNAC)
Fair queuing
Signature
 Question 41
Selected Answer:
Traffic patterns

 Question 42
Selected Answer:
Ciphertext
Algorithm
 Question 43
Selected
Answer: A network carrier line—often leased or dedicated—which uses fiber optic
Answers:
A network carrier line—often leased or dedicated—which uses fiber optic
A program used to control access to computer resources, enforce policies,
audit usage, and provide billing information
 Question 44
Selected
Answers: A mechanism defining traffic or an event to apply an authorization control of
allow or deny against
wireless routers
A form of IDS/IPS detection based on a recording of real-world traffic as a
baseline for normal
 Question 45
Selected Answer:
Host firewall
Answers:
Host firewall
Hardware firewall
Client
 Question 46
Selected Answer:
Bump-in-the-stack
Bump-in-the-stack
Hardware firewall
Screening router
 Question 47
Which name is given to an entrance or exit point to a controlled space?
Selected Answer:
Gateway
Answers: Physical layer (Layer 1)
Cost/Benefit Analysis
Network layer (Layer 3)
Gateway
 Question 48
Selected Answer:
Circuit firewall

 Question 49
0 out of 0.6 points
Selected Answer:

Encrypted text
 Question 50
Selected Answer:
Decryption
Answers:
Decryption
Hashing
Avalanche effect
 Question 1
Selected Answer:
Default deny
Fail-open
Default deny
Default allow
 Question 2
All of the following are advantages of a defense-in-depth security design except which
one?
Selected

smaller pieces.
 Question 3
Selected
Answers:
networks
 Question 4
Selected Answer:
Unlimited growth
Controlled growth
Planned growth
Unlimited growth
 Question 5
Selected Answer:
Botnet army
Answers: Honeypots
Firewalls
IDSs
Botnet army
 Question 6
Selected
Answer:

 Question 7
known as what?
Selected Answer:
Answers: Encryption

Eavesdropping
Filtering
 Question 8
Selected Answer:
Brute-force attack
Answers:
Brute-force attack
Hybrid attack
Modeling
 Question 9
domain name accessed through the domain registrar’s Web sites and Whois lookups?
Selected Answer:
Domain registration
Answers:
Domain registration
USENET newsgroup
Wrapper
 Question 10
Selected Answer:
Answers:
Host firewall
Antivirus scanner
 Question 11
Which of the following characteristics relates to a distributed Denial of Service (DDoS)
attack?
Selected
user activities

 Question 12
Selected
Answer: Basic security training that focuses on common or basic security elements
Answers: A dedicated microchip found on some motherboards that host and protect
the encryption key for whole hard drive encryption
career advancement
Basic security training that focuses on common or basic security elements

 Question 13
Checking authentication, checking authorization and access control, auditing systems,
and verifying firewalls and other filters should all be included on which of the following?
Selected Answer:

A whitelist
A response plan
 Question 14
Selected Answer:
Answers: Piloting

Brute-force attack
Hybrid attack
 Question 15
Selected Answer:
Dialer
Answers: Adware
Sector
Spyware
Dialer
 Question 16
Selected
Answer: The process of discovering sufficient details about a potential target to learn
Answers:
The process of discovering sufficient details about a potential target to learn
An application attack in which a hacker submits SQL expressions to cause
authentication bypass, extraction of data, planting of information, or access
to a command shell
A logical division of data composed of one or more sectors on a hard drive
 Question 17
Selected Answer:
Backups
Answers: Fail-Open
Honeynets
Backups
 Question 18
Selected
Answer:
Answers:
A rogue program that automatically dials a modem to a pre-defined number.
Sometimes this is to download additional malware to the victim or to upload
stolen data from the victim. In other cases, the dialer calls premium rate
telephone numbers to rack up massive long distance charges.
 Question 19
Which of the following describes a predefined procedure that will limit damage, contain
the spread of malicious content, stop the compromise of information, and promptly
restore the environment to a normal state?
Selected Answer:

 Question 20
0 out of 1.2 points
Selected Answer:
They are not full-time regular employees and might lack loyalty.
 Question 21
Which form of investigation aims at checking whether or not a target system is subject
to attack based on a database of tests, scripts, and simulated exploits?
Selected Answer:
Fail-open
 Question 22
Selected Answer:
Whois

ARP spoofing
 Question 23
Selected
Answer:

A plan to restore the mission-critical functions of the organization once they
have been interrupted by an adverse event.
 Question 24
Selected Answer:
Cold calling
Answers:
Cold calling
Proxy manipulation
Recreational hacker
 Question 25
Selected
Answer:
an error.
Answers:
an error.
 Question 1
supporting and participating in security—include all of the following except which one?
Selected Answer:

 Question 2
0 out of 1.2 points
Selected Answer:
Default-deny
Default-accept
Filter-free
Fail-safe
 Question 3
connection
Selected Answer:
Fport
Answers: TCPView
Fport
Netstat
Nmap
 Question 4
Selected Answer:
Universal
Answers:
Universal
Proxy
Stateful inspection
 Question 5
Selected Answer:
Time savings
Security
Time savings
Encryption
 Question 6
0 out of 1.2 points
Selected Answer:
Answers:
Repeat the failure.
 Question 7
sentry?
Selected Answer:
Appliance firewall
Answers: Fail-safe
Proxy firewall
Appliance firewall
 Question 8
Which of the following creates TCP and UDP network connections to or from any port?
Selected Answer:
Netcat
Answers: Cryptcat
Back Orifice
SubSeven
Netcat
 Question 9
0 out of 1.2 points
Selected Answer:
Isolate problems.
Isolate problems.
Work with urgency.
 Question 10
Selected Answer:
Nmap
Answers: Wireshark
Nmap
TCPView
Backtrack
 Question 11
Which of the following is a double-blind encapsulation system that enables anonymous
but not encrypted Internet communications?
Selected Answer:
Answers:
Cryptcat
Back Orifice
 Question 12
Selected Answer:
Answers:
General purpose OS
Bastion host OS
 Question 13
Selected Answer:
Answers:
Caching
Encryption endpoint
Load balancing
 Question 14
Selected
Answers:
An operating system such as Windows or Linux that supports a wide variety
of purposes and functions, but when used as a bastion host OS must be
hardened and locked down
 Question 15
Selected Answer:

SubSeven
Netcat
 Question 16
Which of the following forces all traffic, communications, and activities through a single
pathway or channel that can be used to control bandwidth consumption, filter content,
provide authentication services, or enforce authorization.
Selected Answer:
Chokepoint
Answers: Fail-safe
Chokepoint
Fail-secure
Reverse proxy
 Question 17
Selected
confusion.
Answers: Define the software and hardware options that will be used to adopt the
policy.
communications.

confusion.
 Question 18
log files?
Selected Answer:
Syslog
Answers: Nessus
Netcat
Syslog
Backtrack
 Question 19
modify or
Selected
too long rule set.

too long rule set.
 Question 20
0 out of 1.2 points
Selected Answer:
Risk assessment
 Question 21
Selected Answer:
Report
Answers: Detection
Containment
Eradication
Report
 Question 22
0 out of 1.2 points
Which of the following is an operating system built exclusively to run on a bastion host
device?
Selected Answer:
General OS
Answers:
Proprietary OS
General OS
Reverse proxy
Appliance firewall
 Question 23
Selected
Answer:
variety of purposes and functions, but which, when used as a bastion host
OS, must be hardened and locked down

 Question 24
Selected Answer:
NetBus
Answers:
NetBus
Cryptcat
Loki
 Question 25
Selected Answer:
Cost

Cost
 Question 1
Selected Answer:

 Question 2
0 out of 1.2 points
Selected Answer:
Default-deny
Default-accept
Filter-free
Fail-safe
 Question 3
connection
Selected Answer:
Fport
Answers: TCPView
Fport
Netstat
Nmap
 Question 4
Selected Answer:
Universal
Answers:
Universal
Proxy
Stateful inspection
 Question 5
Selected Answer:
Time savings
Security
Time savings
Encryption
 Question 6
0 out of 1.2 points
Selected Answer:
Answers:
Repeat the failure.
 Question 7
sentry?
Selected Answer:
Appliance firewall
Answers: Fail-safe
Proxy firewall
Appliance firewall
 Question 8
Which of the following creates TCP and UDP network connections to or from any port?
Selected Answer:
Netcat
Answers: Cryptcat
Back Orifice
SubSeven
Netcat
 Question 9
0 out of 1.2 points
Selected Answer:
Isolate problems.
Isolate problems.
Work with urgency.

 Question 10
Selected Answer:
Nmap
Answers: Wireshark
Nmap
TCPView
Backtrack
 Question 11
Which of the following is a double-blind encapsulation system that enables anonymous
but not encrypted Internet communications?
Selected Answer:
Answers:
Cryptcat
Back Orifice
 Question 12
Selected Answer:
Answers:
General purpose OS
Bastion host OS
 Question 13
Selected Answer:
Answers:
Caching
Encryption endpoint
Load balancing
 Question 14
Selected
Answers:
An operating system such as Windows or Linux that supports a wide variety
of purposes and functions, but when used as a bastion host OS must be
hardened and locked down
 Question 15
Selected Answer:

SubSeven
Netcat
 Question 16
Which of the following forces all traffic, communications, and activities through a single
pathway or channel that can be used to control bandwidth consumption, filter content,
provide authentication services, or enforce authorization.
Selected Answer:
Chokepoint
Answers: Fail-safe
Chokepoint
Fail-secure
Reverse proxy
 Question 17
Selected
confusion.
Answers: Define the software and hardware options that will be used to adopt the
policy.
communications.

confusion.
 Question 18
log files?
Selected Answer:
Syslog
Answers: Nessus
Netcat
Syslog
Backtrack
 Question 19
modify or
Selected
too long rule set.

too long rule set.
 Question 20
0 out of 1.2 points
Selected Answer:
Risk assessment
 Question 21
Selected Answer:
Report
Answers: Detection
Containment
Eradication
Report
 Question 22
0 out of 1.2 points
Which of the following is an operating system built exclusively to run on a bastion host
device?
Selected Answer:
General OS
Answers:
Proprietary OS
General OS
Reverse proxy
Appliance firewall
 Question 23
Selected
Answer:

 Question 24
Selected Answer:
NetBus
Answers:
NetBus
Cryptcat
Loki
 Question 25
Selected Answer:
Cost

Cost
 Question 1
Selected Answer:

 Question 2
Selected
Answers:
 Question 3
header?
Selected Answer:
 Question 4
Selected Answer:
Tunnel mode
Transport mode

 Question 5
by the policy?
Selected Answer:
Purpose
Policy
Scope
Purpose
 Question 6
factors?
Selected Answer:
Hairpinning
Anonymity
 Question 7
Selected Answer:

Vaporware
 Question 8
Selected Answer:

Patching regularly
 Question 9
Selected Answer:
Software version
Answers: Topology
Encryption level
Traffic
Software version
 Question 10
solution?
Selected Answer:
Answers:
 Question 11
Selected
Answer: Platform Independence
tool
More firewall rules
 Question 12
Selected
Answers:
 Question 13
Selected Answer:
Determining scope
Answers:
Determining scope
Looking for changes
Calling the vendor
 Question 14
Selected Answer:
 Question 15
firewalled?
Selected Answer:
Bypass architecture
Bypass architecture
DMZ architecture
 Question 16
Selected Answer:

 Question 17
Selected Answer:
Default password

Default password
 Question 18
Selected Answer:
Low cost
Low cost
 Question 19
Selected Answer:
IPv6
Answers: IPv5
IPv6
IANA
SSL
 Question 20
Selected

 Question 21
Selected Answer:
Hairpinning
Answers:
Hairpinning
Anonymity
Slideware
 Question 22
Selected Answer:

 Question 23
Selected Answer:
Slideware
Hairpinning
 Question 24
Selected Answer:
DMZ architecture

Two-prong approach
DMZ architecture
 Question 25
Selected Answer:
Answers:
 Question 26
Selected Answer:
Answers: Rsync
Connection Protocol

 Question 27
to interpretation?
Selected Answer:
Answers:
Policy
Optional elements
Summary
 Question 28
Although it provides a mechanism for creating tunnels through an IP network, which of
the following does not provide a mechanism for encrypting the data being tunneled?
Selected Answer:
Answers:
 Question 29
unknown?
Selected Answer:
Anonymity
Anonymity
Security
Denial of service
 Question 30
Selected Answer:
Slideware
Answers: Anonymity
Hairpinning
Slideware
 Question 31
directly in the Internet, and therefore places the Internet-facing VPN connection behind
a firewall?
Selected Answer:
Bypass architecture
DMZ architecture
 Question 32
Selected
Answer:
networking nodes

networking nodes
 Question 33
Selected Answer:
Layer 2
Answers: Layer 1
Layer 2
Layer 3
Layer 4
 Question 34
the VPN system?
Selected Answer:

 Question 35
Selected Answer:

 Question 36
Selected Answer:
Client attack
VPN server attack
Client attack
 Question 37
Selected Answer:

 Question 38
Selected
Answer: It is a protocol that provides integrity protection for packet headers and data,
and much more.
 Question 39
Selected Answer:
Secure Shell (SSH)
Secure Shell (SSH)

 Question 40
Selected
Answer:

 Question 1
Selected Answer:

DMZ support only
 Question 2
firewall?
Selected Answer:
Virtual firewall
Answers:
Virtual firewall
Appliance firewall
Hardware firewall
Commercial firewall
 Question 3
Selected Answer:
eConceal Pro
Look ’n’ Stop

 Question 4
Selected Answer:
Answers: SmoothWall
IPFire

IPCop
 Question 5
Selected Answer:
CERN

 Question 6
What term describes a small text file used by Web browsers and servers to track Web
sessions?
Selected Answer:
Cookie filter
Web browser
Popup blocker
Cookie filter
 Question 7
Selected Answer:
Pop-up blocker
Answers:
Pop-up blocker
Active threat
Cookie filter
Native firewall
 Question 8
In SmoothWall, what color network interface card indicates the segment of the network
is not trusted, but shares the Internet connection?
Selected Answer:
Orange
Answers: Green
Blue
Orange
Red
 Question 9
Selected
anyone
anyone
 Question 10
Selected Answer:

 Question 11
Selected
Answer: Open-source and commercial software firewalls for most operating
systems
Answers: A small text file used by Web browsers and servers to track Web sessions
A firewall in an operating system or hardware device that is placed there

by the vendor or manufacturer
systems
 Question 12
of security issue?
Selected Answer:
Database security
Answers:
Protocol security
Hard disk security
Database security
 Question 13
Which of the following is a popular open source intrusion detection system that runs on
SmoothWall??
Selected Answer:
Snort
Kerberos
Snort
 Question 14
Selected Answer:
Port 53
Answers: Port 25
Port 53
Port 80
Port 110
 Question 15
Selected Answer:
Answers: open SSH
SQUID
Ping

 Question 16
Selected Answer:
DMZ pinholes
PPP settings
DMZ pinholes
IP block
 Question 17
Selected Answer:

Clipper Chip
 Question 18
firewall?
Selected Answer:
RRDtool
TCPdump
RRDtool
DDNS
 Question 19
Which of the following is a form of threat that takes some type of initiative to seek out a
target to compromise?
Selected Answer:
Active threat
Passive threat
Active threat
Cookie
 Question 20
Selected Answer:
Active threats
Cookie filters
Active threats
 Question 21
Selected Answer:
Port 443
Answers: Port 25
Port 53
Port 80
Port 443
 Question 22
Selected Answer:
Answers: TCPdump

 Question 23
Selected Answer:
Answers: IPFire

DSL line
SOHO
 Question 24
Selected
anyone
 Question 25
address and URL?
Selected Answer:
Proxy server
Proxy server
 Question 26
considered what?
Selected Answer:
Performance
Privilege control
Flexibility
Performance
 Question 27
Selected Answer:
Netfilter
Answers:
Netfilter
Computer Associates
 Question 28
Selected Answer:
Passive threat
Active threat
Passive threat
Cookie filter
 Question 29
script?
Selected
Answer:
Answers:
age
 Question 30
of the following?
Selected Answer:
Privilege control
Privilege control
Authentication
Audit capabilities
 Question 31
Connecting port 22 or 222 with a client such as WinSCP3 will allow SmoothWall which
capability?
Selected Answer:

 Question 32
Selected
Answer:
Answers:
age
A round-robin database tool intended to handle time-series data like network
bandwidth, temperatures, CPU load, and so on.
 Question 33
on the server?
Selected

tree
 Question 34
Selected
Answer: Dynamic random access memory (DRAM) that has a synchronous interface
over a non-secure network to prove their identity to one another in a secure
manner

privacy
A web cache/proxy
 Question 35
Selected
anyone
anyone
 Question 36
Selected Answer:
512 MB PC SDRAM
Answers: Three NICs
10 GB hard drive
84MHZ processor
512 MB PC SDRAM
 Question 37
Selected Answer:
Clipper Chip
Clipper Chip
Kerberos
 Question 38
Selected Answer:
Easy to implement

 Question 39
Selected Answer:
Satellite
Answers: Cable
Satellite
pfSense
DSL
 Question 40
Selected Answer:
Commercial
Open source
Free software
Commercial
 SEC 150 Quiz 11Question 1
0 out of 5 points
on any hardware network device? Default password
Selected Answer: Undistributed authentication credentials
Default password
 Question 2
5 out of 5 points
VPN hardware can suffer from an unsecured default configuration or misconfiguration.
Selected Answer: True
Answers: True
False
 Question 3
5 out of 5 points
Determining who the target audience for training is takes place in the planning stage.
Answers: True
False
 Question 4
0 out of 5 points
The least common method for implementing a highly available VPN involves buying
two VPN hardware units and configuring them as a highly available pair. False
Answers: True
False
 Question 5
5 out of 5 points
Anonymity is the capability for a network or system user to remain unknown.
Answers: True
False
 Question 6
5 out of 5 points
When employees have multiple concurrent connections, what might be happening to the
VPN system?
Selected Answer: There may be a security issue.
 Question 7
5 out of 5 points
To mitigate the risk of security threats and breaches, all installers should be trained
before installing the VPN.
Answers: True
False
 Question 8
5 out of 5 points
Which type of architecture recognizes that the VPN is vulnerable to attack if placed directly in the Internet,
and therefore places the Internet-facing VPN connection behind a firewall?
Selected Answer: Internally connected architecture

Bypass architecture
DMZ architecture
 Question 9
5 out of 5 points
Selected Answer: Hairpinning
Anonymity
Slideware
 Question 10
5 out of 5 points
“Privacy” is considered keeping information about a network or system user from being
disclosed to unauthorized people.
Answers: True
False
 Question 11
0 out of 5 points
Which section of the VPN policy describes the systems, networks, or people covered by
the policy?Scope
Selected Answer: Policy
Policy
Scope
Purpose
 Question 12
0 out of 5 points
A VPN deployment plan does not need to take into consideration the support of
encryption protocols. False
Answers: True
False
 Question 13
5 out of 5 points
A VPN policy should address which authorization methods are permitted on the system.
Answers: True
False
 Question 14
5 out of 5 points
Anonymity is the capability of a network or system user to remain known on the system.
Selected Answer: False
Answers: True
False
 Question 15
5 out of 5 points
firewalled?
Selected Answer: Bypass architecture
Bypass architecture
DMZ architecture
 Question 16
0 out of 5 points
Internally connected implementation uses a firewall in front of the VPN to protect it
from Internet-based attacks and behind the firewall to protect the internal network. False
Answers: True
False
 Question 17
0 out of 5 points
Selected Answer: Patching regularly
Patching regularly
 Question 18
5 out of 5 points
In a denial of service attack, the attacker is trying to crash or overload the VPN.
Answers: True
False
 Question 19
0 out of 5 points
unknown? Anonymity
Selected Answer: Security
Anonymity
Security
Denial of service
 Question 20
5 out of 5 points
Which of the following is a benefit of an open-source VPN solution?
Selected Answer: Low cost
Low cost
Sunday, April 17, 2016 6:43:18 PM
 Question 1
0 out of 5 points
The scope of the VPN policy should include actual policy language. False
Answers: True
False
 Question 2
5 out of 5 points
from Internet-based attacks and behind the firewall to protect the internal network.
Answers: True
False
 Question 3
0 out of 5 points
Instability is not considered a potential threat associated with software VPNs. False
Answers: True
False
 Question 4
5 out of 5 points
Anonymity
Slideware
 Question 5
0 out of 5 points
Which of the following refers to any product that appears in a vendor’s PowerPoint slide
deck, but is not yet available in one of its products? Slideware
Selected Answer: Anonymity
Answers: Anonymity
Hairpinning
Slideware
 Question 6
5 out of 5 points
Answers: True
False
 Question 7
0 out of 5 points
When considering training, one should determine the mechanism for training before
gathering the appropriate information. False
Answers: True
False
 Question 8
0 out of 5 points
Which of the following is most likely to occur in the VPN? Client attack
Selected Answer: VPN server attack
VPN server attack
Client attack
 Question 9
5 out of 5 points
When developing a deployment plan for the VPN, power, heating, and cooling
requirements are generally covered in the VPN’s technical specifications.
Answers: True
False
 Question 10
5 out of 5 points
VPN system?
 Question 11
5 out of 5 points
encryption protocols.
Answers: True
False
 Question 12
5 out of 5 points
firewalled?
Bypass architecture
DMZ architecture
 Question 13
5 out of 5 points
Low cost
 Question 14
5 out of 5 points
It is uncommon to leverage a VPN to provide untrustworthy hosts access to portions of
the network.
Answers: True
False
 Question 15
5 out of 5 points
Answers: True
False
 Question 16
5 out of 5 points
Which section of the VPN policy should be as specific as possible, leaving little open to
interpretation?
Answers: Policy
Optional elements
Summary
 Question 17
0 out of 5 points
Which of the following documents an organization's rules for using a VPN? Remote
access policy
Vaporware
 Question 18
5 out of 5 points
the policy?
Selected Answer: Scope
Policy
Scope
Purpose
 Question 19
0 out of 5 points
Standard client configuration of a VPN does not include antivirus, anti-malware, and
firewall software. False
Answers: True
False
 Question 20
5 out of 5 points
factors?
Selected Answer: Two-factor authentication
Hairpinning
Anonymity
Sunday, April 17, 2016 8:09:18 PM EDT
 Question 1
0 out of 5 points
Selected Answer: Using vulnerability management with remote clients
Patching regularly
 Question 2
5 out of 5 points
Answers: True
False
 Question 3
5 out of 5 points
Answers: True
False
 Question 4
5 out of 5 points
gathering the appropriate information.
Answers: True
False
 Question 5
5 out of 5 points
One of the most critical steps in VPN troubleshooting is determining whether the
correction results in new problems.
Answers: True
False
 Question 6
5 out of 5 points
VPN system?
 Question 7
5 out of 5 points
the policy?
Policy
Scope
Purpose
 Question 8
5 out of 5 points
One of the primary benefits of an open-source solution is access to vendor support.
Answers: True
False
 Question 9
5 out of 5 points
The scope of the VPN policy should include actual policy language.
Answers: True
False
 Question 10
0 out of 5 points
Selected Answer: Remote access attack
Denial of service
VPN server attack
Client attack
 Question 11
5 out of 5 points
Answers: True
False
 Question 12
5 out of 5 points
Answers: True
False
 Question 13
5 out of 5 points
Selected Answer: Determining scope
Answers: Determining scope
Looking for changes
Calling the vendor
 Question 14
5 out of 5 points
deck, but is not yet available in one of its products?
Selected Answer: Slideware
Answers: Anonymity
Hairpinning
Slideware
 Question 15
5 out of 5 points
firewall software.
Answers: True
False
 Question 16
5 out of 5 points
Anonymity
Slideware
 Question 17
5 out of 5 points
Selected The capability for a network or system user to remain unknown
Answer:
Answers: The capability for a network or system user to remain unknown
and make a hairpin, or sharp turn and enter a secure network with little or no
trouble because it is entering from a secure and verified endpoint
The act of keeping information about a network or system user from being
disclosed to unauthorized people
 Question 18
5 out of 5 points
Answers: True
False
 Question 19
5 out of 5 points
unknown?
Anonymity
Security
Denial of service
 Question 20
5 out of 5 points

Bypass architecture
DMZ architecture
Quiz 12 SEC 150
 Question 1
5 out of 5 points
Selected Answer: Point-to-Point Tunneling Protocol (PPTP)
 Question 2
5 out of 5 points
Selected Answer: IPv6
Answers: IPv5
IPv6
IANA
SSL
 Question 3
5 out of 5 points
Selected Answer: Transport Layer Protocol
Answers: Rsync
Connection Protocol
 Question 4
5 out of 5 points
Which of the following represents a standards-based protocol suite designed specifically
for securing Internet Protocol communications?
Selected Answer: Internet Protocol Security (IPSec)
Tunnel mode
Transport mode
 Question 5
5 out of 5 points
One function of an SSL VPN is that it usually connects using a Web browser, whereas
an IPSec VPN generally requires client software on the remote system.
Answers: True
False
 Question 6
5 out of 5 points
Selected An older protocol largely replaced by IPSec and SSL/ TLS-based VPNs in
Answer:
 Question 7
5 out of 5 points
One of the drawbacks of HTTP is that it does not include the ability to encrypt or
otherwise protect the data stream between the client and server.
Answers: True
False
 Question 8
5 out of 5 points
The higher the encryption levels of VPN, the greater the impact on the memory and
processor of the endpoint devices.
Answers: True
False
 Question 9
0 out of 5 points
The use of PPP has extended the availability of IPv4 address space, thereby extending
the life span of IPv4. False
Answers: True
False
 Question 10
5 out of 5 points
Selected Answer: Layer 2
Answers: Layer 1
Layer 2
Layer 3
Layer 4
 Question 11
0 out of 5 points
The Secure Shell (SSH) protocol works in combination with rsync to back up, copy, and
mirror files securely. True
Answers: True
False
 Question 12
0 out of 5 points
The version of VPN software being used does not impact the stability of the rollout of a
successful VPN deployment. False
Answers: True
False
 Question 13
5 out of 5 points
Selected A protocol commonly used in establishing a direct connection between two
Answer:
networking nodes
networking nodes
An older protocol largely replaced by IPSec and SSL/TLS-based VPNs in
 Question 14
0 out of 5 points
The performance characteristics of a VPN supporting remote clients are generally the same
as the performance characteristics of a VPN supporting site-to-site connections. False
Answers: True
False
 Question 15
5 out of 5 points
Selected Answer: Software version
Answers: Topology
Encryption level
Traffic
Software version
 Question 16
5 out of 5 points
Selected Answer: Secure Sockets Layer (SSL)/Transport Layer Security (TLS)
Secure Sockets Layer (SSL)/Transport Layer Security (TLS)
 Question 17
5 out of 5 points
One of the advantages of L2TP is that it provides a mechanism for encrypting the data
being tunneled.
Answers: True
False
 Question 18
5 out of 5 points
TCP is responsible for providing reliable transmissions from one system to another, and
IP is responsible for addressing and route selection.
Answers: True
False
 Question 19
5 out of 5 points
Operating system virtualization is the emulation of an operating system environment
hosted on another operating system.
Answers: True
False
 Question 20
5 out of 5 points
Selected Answer: Authentication Header (AH)
Monday, April 18


Setting up dedicated hardware environments for each customer allows the service
provider to take advantage of economies of scale. False
Answers: True
False
 Question 2
5 out of 5 points
Answers: Topology
Encryption level
Traffic
Software version
 Question 3
5 out of 5 points
the life span of IPv4.
Answers: True
False
 Question 4
5 out of 5 points
Tunnel mode
Transport mode
 Question 5
5 out of 5 points
 Question 6
5 out of 5 points
Support for quality of service (QoS) is built into IPv6, whereas it was an add-on in IPv4.
Answers: True
False
 Question 7
5 out of 5 points
being tunneled.
Answers: True
False
 Question 8
5 out of 5 points
IPSec is a mandatory component for IPv6, and is used to natively protect IPv6 data as it
is sent over the network.
Answers: True
False
 Question 9
5 out of 5 points
Answers: True
False
 Question 10
5 out of 5 points
Selected Answer: Internet Key Exchange (IKE)
 Question 11
5 out of 5 points
Selected Answer: Secure Shell (SSH)
Secure Shell (SSH)
 Question 12
5 out of 5 points
Answers: True
False
 Question 13
5 out of 5 points
Selected Answer: Encapsulating Security Payload (ESP)
 Question 14
5 out of 5 points
 Question 15
5 out of 5 points
 Question 16
0 out of 5 points
Selected More firewall rules
Answer:
tool
More firewall rules
 Question 17
0 out of 5 points
In typical end user/browser usage, SSL/TLS authentication is two-way. False
Answers: True
False
 Question 18
0 out of 5 points
Although it provides a mechanism for creating tunnels through an IP network, which of the following does
not provide a mechanism for encrypting the data being tunneled?
Selected Answer: Point-to-Point Protocol (PPP)

 Question 19
0 out of 5 points
Client virtualization is a concept that combines the personal computer desktop
environment with the physical desktop machine by using a client/server model of
computing. False
Answers: True
False
 Question 20
5 out of 5 points
Answers: IPv5
IPv6
IANA
SSL
Monday, April 18, 2016 6:04:
 Question 1
5 out of 5 points
Answers: True
False
 Question 2
5 out of 5 points
Selected It is a protocol that provides integrity protection for packet headers and data,
Answer:
Task Force, the standards body for Internet engineering specifications. RFCs
exist for hardware, operating systems, protocols, security services, and much
more.
 Question 3
5 out of 5 points
What is the Internet Engineering Task Force (IETF)?
Selected The standards body for Internet-related engineering specifications
Answer:
 Question 4
5 out of 5 points
provider to take advantage of economies of scale.
Answers: True
False
 Question 5
5 out of 5 points
Answers: True
False
 Question 6
5 out of 5 points
Answers: True
False
 Question 7
5 out of 5 points
Answers: True
False
 Question 8
5 out of 5 points
One proposed migration strategy for the move from IPv4 to IPv6 includes allowing two
IPv6 hosts to create a tunnel for traffic between two IPv6 hosts through an IPv4 network.
Answers: True
False
 Question 9
5 out of 5 points
Answers: Topology
Encryption level
Traffic
Software version
 Question 10
5 out of 5 points
 Question 11
5 out of 5 points
Tunnel mode
Transport mode
 Question 12
5 out of 5 points
To prevent spoofing of transactions, IPv6 IPSec uses a cryptographic checksum that
incorporates a shared encryption key so the receiver can verify that is was sent by the
apparent sender.
Answers: True
False
 Question 13
5 out of 5 points
The performance characteristics of a VPN supporting remote clients are generally the
same as the performance characteristics of a VPN supporting site-to-site connections.
Answers: True
False
 Question 14
5 out of 5 points
 Question 15
5 out of 5 points
Answers: True
False
 Question 16
0 out of 5 points
The IPv6 IPSec is a set of national standards that use cryptographic security services to
provide confidentiality, data origin authentication and data integrity.
Answers: True
False
 Question 17
5 out of 5 points
successful VPN deployment.
Answers: True
False
 Question 18
5 out of 5 points
 Question 19
5 out of 5 points
Selected Answer: Layer 2 Forwarding (L2F) Protocol
 Question 20
5 out of 5 points
Answers: Layer 1
Layer 2
Layer 3
Layer 4
Monday, April 18, 2016 6:39:15 PM EDT
Take Test: ISOL 532 - Final Exam
Test Information
Description The Final Exam covers chapters 8 - 15 in the Textbook
Instructions The exam consists of 100 questions and the time limit is 2 hours. Once the exam is started it must
be completed as it will automatically submit at the 2 hour mark.
Timed Test This test has a time limit of 2 hours.This test will save and submit automatically when the time expires.
Warnings appear when half the time, 5 minutes, 1 minute, and 30 seconds remain.
Multiple Not allowed. This test can only be taken once.
Attempts
Force Once started, this test must be completed in one sitting. Do not leave the test before clicking Save and
Completion Submit.
Remaining Time:
1 hour, 57 minutes, 33 seconds.
Question Completion Status:
Question 1
1. Which term is describes the second core IPSec security protocol; it can perform authentication to
provide integrity protection, although not for the outermost IP header?
10 points
Question 2
1. When considering transaction security, it is common for the web server to stand behind one firewall
and the database server to stand behind a second firewall.
True
False
10 points
Question 3
1. Which of the following forces all traffic, communications, and activities through a single pathway or
channel that can be used to control bandwidth consumption, filter content, provide authentication
services, or enforce authorization.
Fail-safe
Chokepoint
Fail-secure
Reverse proxy
10 points
Question 4
1. Which of the following characteristics relates to Point-to-Point Protocol (PPP)?
A protocol that provides integrity protection for packet headers and data, as well as user
authentication
A protocol commonly used in establishing a direct connection between two networking
nodes
An older protocol largely replaced by IPSec and SSL/ TLS-based VPNs in production
environments, but still in use in some older environments
10 points
Question 5
1. The Containment phase of an incident response plan restrains further escalation of the incident.
True
False
10 points
Question 6
1. Which of the following describes Layer 2 Tunneling Protocol (L2TP)?
An older protocol largely replaced by IPSec and SSL/ TLS-based VPNs in production
environments, but still in use in some older environments
The second core IPSec security protocol; it can perform authentication to provide integrity
protection, although not for the outermost IP header
10 points
Question 7
1. Which layer of the OSI model is the Data Link Layer?
Layer 1
Layer 2
Layer 3
Layer 4
10 points
Question 8
1. To mitigate the risk of security threats and breaches, all installers should be trained before installing
the VPN.
True
False
10 points
Question 9
1. Each form of firewall filtering or traffic management is vulnerable in some way.
True
False
10 points
Question 10
1. Which of the following describes a service level agreement (SLA)?
A contractual commitment by a service provider or support organization to its customers or
users
An industry term referring to any product that appears in a vendor’s PowerPoint slide deck,
but is not yet available in one of its products
A process by which malicious code can enter from a non-secure network, and make a
hairpin, or sharp turn and enter a secure network with little or no trouble because it is
entering from a secure and verified endpoint
10 points
Question 11
1. Deploying a security product is more preferable than addressing your environment’s specific risks.
True
False
10 points
Question 12
1. VPN hardware can suffer from an unsecured default configuration or misconfiguration.
True
False
10 points
Question 13
1. Which of the following is one of the most common and easily exploited vulnerabilities on any
hardware network device?
Default password
10 points
Question 14
1. Which of the following refers to a protocol that provides integrity protection for packet headers and
data, as well as user authentication?
10 points
Question 15
1. All of the following are disadvantages of the build-it-yourself firewall, but one is an advantage.
Which of the following is an advantage?
Additional hardware manipulation
Cost
10 points
Question 16
1. The volume of data throughput and transmission speed associated with a firewall is considered what?
Scalability
Privilege control
Flexibility
Performance
10 points
Question 17
1. The next generation IP version and successor to IPv4 is called what?
IPv5
IPv6
IANA
SSL
10 points
Question 18
1. An encrypted VPN link guarantees that the other end of the VPN connection is secure.
True
False
10 points
Question 19
1. Which of the following documents an organization's rules for using a VPN?
Hairpinning
Vaporware
10 points
Question 20
1. Which of the following is an IPSec-based VPN protocol that uses NAT traversal (NAT-T)?
Internet Key Exchange v2 (IKEv2)
Remote Desktop Protocol (RDP)
10 points
Question 21
1. Which one of the following is not a benefit of having a written firewall policy?
It acts as a tool for assisting in troubleshooting.
It serves as a guideline for detecting changes and differences.
It defines how to use a reverse proxy to add an additional layer of protection and control
between Internet-based users and internally hosted servers.
It ensures consistent filtering across firewalls.
10 points
Question 22
1. Which of the following is a closed-source product?
One that is non-commercial
One where the source code cannot be obtained and view by just anyone
10 points
Question 23
1. The term Electronic Privacy Information Center (EPIC) refers to a form of the digital subscriber line
technology, which enables faster data transmission over copper telephone lines than a conventional
voice band modem can provide.
True
False
10 points
Question 24
1. Allowing every communication is a bad idea from a security standpoint as well as a productivity one.
True
False
10 points
Question 25
1. Which of the following refers to a system designed, built, and deployed specifically to serve as a
frontline defense for a network?
Proprietary OS
Bastion host OS
10 points
Question 26
1. A passive threat seeks out vulnerable targets.
True
False
10 points
Question 27
1. A bastion host allows the firewall to connect to the internal network and the perimeter network.
True
False
10 points
Question 28
1. Which of the following is used to connect two offices in different locations?
Remote gateway
Host-to-gateway VPN
Gateway-to-gateway VPN
VPN appliance
10 points
Question 29
1. One of the most important steps in VPN troubleshooting is documenting processes and procedures.
True
False
10 points
Question 30
1. Which of the following does not address passive threats?
Pop-up blockers
Cookie filters
Active threats
10 points
Question 31
1. Which of the following is hardware that connects a local network—or even a single computer—to a
telco’s carrier network to access the Internet?
IPFire
DSL line
SOHO
10 points
Question 32
1. Which of the following is not a security strategy?
Defense diversity
Firewall policies
Weakest link
Forced universal participation
10 points
Question 33
1. What name is given to a method that proves identity using two different authentication factors?
Hairpinning
Anonymity
10 points
Question 34
1. Digital signatures rarely accompany both authentication and nonrepudiation transactions.
True
False
10 points
Question 35
1. Which type of architecture places a firewall in front of the VPN to protect it from Internet-based
attacks as well as behind a firewall to protect the internal network?
Bi-lateral architecture
Two-prong approach
DMZ architecture
10 points
Question 36
1. Linux distributions automatically come with a native software firewall.
True
False
10 points
Question 37
1. An intranet is an external network.
True
False
10 points
Question 38
1. Which of the following is not a firewall type?
Universal
Proxy
Stateful inspection
10 points
Question 39
1. Which of the following is a proprietary protocol developed by Microsoft that provides a user with a
graphical interface to another computer?
Secure Sockets Layer (SSL)
Remote Desktop Protocol (RDP)
10 points
Question 40
1. A gateway-to-gateway VPN provides connectivity between two locations such as a main office and a
branch office.
True
False
10 points
Question 41
1. Which of the following represents a standards-based protocol suite designed specifically for securing
Internet Protocol communications?
Tunnel mode
Transport mode
10 points
Question 42
1. If strong authentication is a priority, select an application gateway firewall or a dedicated application-
specific proxy firewall.
True
False
10 points
Question 43
1. Which of the following risks can compromise the confidentiality of documents stored on the server?
Risk that transaction data can be intercepted
Risk that unauthorized individuals can breach the server’s document tree
10 points
Question 44
1. Which section of the VPN policy describes the systems, networks, or people covered by the policy?
Introduction
Policy
Scope
Purpose
10 points
Question 45
1. Which of the following offers keycard security and allows you to restrict the times that your
computer can be remotely accessed?
GoToMyPC
LogMeIn
NTRconnect
Internet café
10 points
Question 46
1. Examples of users purposefully avoiding or violating security—that is, not actively
Using proxy tools to get around firewalls
10 points
Question 47
1. IPSec is a mandatory component for IPv6, and is used to natively protect IPv6 data as it is sent over
the network.
True
False
10 points
Question 48
1. Which of the following describes a general purpose OS?
An operating system that supports only firewall functions
A means of providing faster access to static content for external users accessing internal
Web servers
An operating system such as Windows or Linux that can support a wide variety of purposes
and functions, but which, when used as a bastion host OS, must be hardened and locked
down
10 points
Question 49
1. Which of the following outbound ports is for DNS?
Port 25
Port 53
Port 80
Port 110
10 points
Question 50
1. Which of the following is a form of threat that takes some type of initiative to seek out a target to
compromise?
Native firewall
Passive threat
Active threat
Cookie
10 points
Question 51
1. A commercial software production is typically uses open source code.
True
False
10 points
Question 52
1. Which of the following refers to any product that appears in a vendor’s PowerPoint slide deck, but is
not yet available in one of its products?
Anonymity
Hairpinning
Slideware
10 points
Question 53
1. TCP is responsible for providing reliable transmissions from one system to another, and IP is
responsible for addressing and route selection.
True
False
10 points
Question 54
1. Which type of firewall is designed to control input, output, and/or access to an application?
Hybrid firewall
Database firewall
Data protection
10 points
Question 55
1. There are six steps for writing a security incident response plane. Which of the following is not a
step?
Detection
Containment
Eradication
Report
10 points
Question 56
1. Most individuals and small office environments are at the most significant risk of being a primary
target of hacker activity.
True
False
10 points
Question 57
1. Which of the following supports multiple layers of security? is similar to defense in depth—it
supports multiple layers of security.
Defense in depth
Chokepoint
Weakest link
10 points
Question 58
1. For which of the following does the mobile user take specific actions to connect to the VPN?
Remote gateway
Host-to-gateway VPN
Gateway-to-gateway VPN
VPN appliance
10 points
Question 59
1. A closed-source product is typically free.
True
False
10 points
Question 60
1. Which of the following is not an ISP connection?
Cable
Satellite
pfSense
DSL
10 points
Question 61
1. Simulator tests are secure by design.
True
False
10 points
Question 62
1. A firewall’s vulnerability to DoS flooding is a limitation or weakness that you can’t fix, improve, or
repair by either upgrading the firewall or applying a patch.
True
False
10 points
Question 63
1. Which of the following is a benefit of an open source VPN solution?
Ease of installation
Low cost
10 points
Question 64
1. Which term describes a process by which malicious code can enter from a non-secure network, and
make a hairpin, or sharp turn, and enter a secure network with little or no trouble because it is
entering from a secure and verified endpoint?
Hairpinning
Anonymity
Slideware
10 points
Question 65
1. Although it provides a mechanism for creating tunnels through an IP network, which of the following
does not provide a mechanism for encrypting the data being tunneled?
10 points
Question 66
1. A proxy server can track every single connection outside the Web by IP address and the URL
requested.
True
False
10 points
Question 67
1. Windows Firewall is a native operating system firewall.
True
False
10 points
Question 68
1. Which of the following is a public location that sells Internet access?
Internet café
Extranet
Intranet
LogMeIn,
10 points
Question 69
1. Which of the following links customers, suppliers, partners, or communities of interest to a corporate
intranet over a shared infrastructure?
Untrusted networks
Intranets
DMZs
Extranet VPNs
10 points
Question 70
1. A is a physical or logical subnetwork that contains and exposes an organization’s external services to
a larger untrusted network, usually the Internet.
Demilitarized zone (DMZ)
VPN
LAN
Extranet
10 points
Question 71
1. Which of the following is an advantage of SSL/TLS VPNs over IPSec VPNs?
Installation on corporate systems only
More vendor-created workarounds on the network address translation tool
More firewall rules
10 points
Question 72
1. Which of the following allows file-sharing functionality?
GoToMyPC
NTRconnect
LogMeIn
VPN appliance
10 points
Question 73
1. GoToMyPC, LogMeIn, and NTRconnect allow you to use a Mac as the client, but only NTRconnect
enables you to use a Mac as the host.
True
False
10 points
Question 74
1. A passive threat is similar to a virus in that it depends upon the activity of the user to activate, infect,
and spread.
True
False
10 points
Question 75
1. Which of the following describes security stance?
An organization’s filtering configuration; it answers the question, “What should be allowed
and what should be blocked?”
A means of providing faster access to static content for external users accessing internal
Web servers
An operating system such as Windows or Linux that supports a wide variety of purposes and
functions, but when used as a bastion host OS must be hardened and locked down
An approach to security similar to defense in depth that uses a different security mechanism
at each or most of the layers
10 points
Question 76
1. What term is used to describe a chipset developed and promoted by the U.S. government from 1993
to 1996 as an encryption device to be adopted by telecommunications companies for voice
transmission?
Synchronous Dynamic Random Access Memory (SDRAM)
Clipper Chip
Kerberos
10 points
Question 77
1. Which of the following describes a native firewall?
A small text file used by Web browsers and servers to track Web sessions
A firewall in an operating system or hardware device that is placed there by the vendor or
manufacturer
Open-source and commercial software firewalls for most operating systems
10 points
Question 78
1. If a larger organization wanted to protect subnets within the network, basic packet filtering provided
by routers might be the most appropriate choice.
True
False
10 points
Question 79
1. Snort is an open-source, rule-based IDS that can detect firewall breaches.
True
False
10 points
Question 80
1. “Privacy” is considered keeping information about a network or system user from being disclosed to
unauthorized people.
True
False
10 points
Question 81
1. Which of the following is a dedicated hardware device that functions as a black-box sentry?
Fail-safe
Proxy firewall
Appliance firewall
10 points
Question 82
1. GoToMyPC and NTRconnect enable you to easily print a document on the host using the printer
attached to the client.
True
False
10 points
Question 83
1. Which of the following reflects the ability of a network or system user to remain unknown?
Flexibility
Anonymity
Security
Denial of service
10 points
Question 84
1. Which of the following should specifically be included in the organizations VPN solution?
10 points
Question 85
1. Which of the following key VPN protocols used today is the main alternative for a VPN solution that
does not leverage an IPSec solution?
10 points
Question 86
1. One of the drawbacks of HTTP is that it does not include the ability to encrypt or otherwise protect
the data stream between the client and server.
True
False
10 points
Question 87
1. Which name is given to an architectural framework for delivering IP multimedia services?
IP Multimedia Subsystem (IMS)
Anti-forensics
Digital forensic techniques
Data leakage prevention (DLP)
10 points
Question 88
1. Which of the following identifies a user based on anatomical characteristics such as a fingerprint, a
voice print, or iris patterns?
Anti-forensics
Biometrics
Virtualization security
10 points
Question 89
1. One of the primary benefits of an open source solution is access to vendor support.
True
False
10 points
Question 90
1. Which of the following requires PKI support and is used for encryption with newer tunneling
protocols?
Secure Socket Tunneling Protocol (SSTP)
Internet Key Exchange v2 (IKEv2)
10 points
Question 91
1. Which of the following will track every single connection outside the Web by IP address and URL?
Clipper Chip
Proxy server
10 points
Question 92
1. Which of the following does port forwarding support?
Caching
Encryption endpoint
Load balancing
10 points
Question 93
1. Which of the following refers to a series of tools and techniques used to prevent forensic examination
from identifying an attack or attacker?
IP Multimedia Subsystem (IMS)
Information Technology Infrastructure Library (ITIL)
Anti-forensics
10 points
Question 94
1. Which of the following refers to a public interest research group in Washington, D.C. that was
established in 1994 to preserve the right of privacy in the electronic age as well as to give individuals
greater control over personal information?
National Security Agency (NSA)
CERN
10 points
Question 95
1. Which of the following describes the principle that for an organization’s security policy to be
effective, everyone must be forced to work within it and follow its rules?
General purpose OS
Bastion host OS
10 points
Question 96
1. Which of the following refers to an operating system built exclusively to run on a bastion host
device?
Bastion host OS
Reverse caching
Proprietary OS
10 points
Question 97
1. Which of the following negotiates, creates, and manages security associations?
10 points
Question 98
1. Which type of software is closed-sourced to protect intellectual property and allow vendors to charge
for the product?
Non-commercial
Open source
Free software
Commercial
10 points
Question 99
1. Permanent site-to-site VPNs do not require firewalls at both ends that use static IP addresses.
True
False
10 points
Question 100
1. When troubleshooting firewalls, which of the following is not something you should do after you
attempt a fix?
Repeat the failure.
A dedicated microchip found on some motherboards that host and protect the encryption key for
whole hard drive encryption
The third and highest level of obtaining security knowledge that leads to career advancement
Correct!
Basic security training that focuses on common or basic security elements that all employees must
know and abide by
Answer: D Page reference: 196-198 Objective: Compose a procedure for incident response.
Question 2
Fail-Open
Honeynets
Correct!
Backups
Answer: C Page reference: 195-196 Objective: Compose a procedure for incident response.
Question 3
A plan explaining the use of only a single element of validation or verification to prove the identity
of a subject.
communication.
Correct!
A plan to maintain the mission-critical functions of the organization in the event of a problem that
threatens to take business processes offline.
Answer: C Page reference: Page 185 Objective: List examples of network security best practices.
Question 4
Which of the following is a detailed and thorough review of the deployed security infrastructure
compared with the organization's security policy and any applicable laws and regulations?
Correct!
Compliance audit
Answer: B Page reference: 204-205 Objective: Describe the methods of network security assessment.
Question 5
Fail-secure
Fail-open
Correct!
Default deny
Default allow
Question 6
Correct!
Question 7
Which of the following refers to a failure response resulting in open and unrestricted access or
communication?
Correct!
Fail-open
Mission-critical
Default allow
Fail-secure
Question 8
Which of the following is a form of security protection that protects individual files by scrambling the
contents in such a way as to render them unusable by unauthorized third parties?
Default allow
Correct!
File encryption
Fail-secure
Question 9
Which of the following describes a predefined procedure that will limit damage, contain the spread of
malicious content, stop the compromise of information, and promptly restore the environment to a
normal state?
Correct!
Question 10
Which of the following describes the state or condition of an asset or process vitally important to the
long-term existence and stability of an organization?
Correct!
Mission-critical
Fail-secure
Fail-open
Compliance audit
Question 11
Which of the following refers to a specialized host used to place an attacker into a system where the
intruder cannot do any harm?
Correct!
Padded cell
Default allow
Question 12
What prevents a hard drive from being read by another system if it is stolen?
Correct!
Host firewall
Antivirus scanner
Question 13
Which form of investigation aims at checking whether or not a target system is subject to attack based
on a database of tests, scripts, and simulated exploits?
Fail-open
Correct!
Answer: C Page reference: 207 Objective: Describe the methods of network security assessment.
Question 14
Which one of the following is not a cause of a configuration error?
Physical damage
Updates
Human error
Correct!
Answer: D Page reference: 204 Objective: Enumerate key components of an effective network security
installation.
Question 15
exceptions
Correct!
actions
Answer: D Page reference: 188 Objective: List examples of network security best practices.
Question 16
Which of the following is not a step in an incident response solution?
Correct!
Evasion
Containment
Eradication
Recovery
Question 17
Which of the following refers to the guideline that all users should be granted only the minimum level of
access and permission required to perform their assigned job tasks and responsibilities?
The whitelist
Correct!
Single-factor authentication
Answer: B Page reference: 188 Objective: List examples of network security best practices.
Question 18
Which of the following is an element of infrastructure design that takes into account the likelihood of a
security breach by malicious code or some other intruder?
Containment
Trapping
Correct!
Compartmentalization
Intrusion detection
Answer: C Page reference: 192 Objective: Compose a procedure for incident response.
Question 19
A whitelist
A response plan
Correct!
Answer: D Page reference: 201 Objective: Compose a procedure for incident response.
Question 20
Which of the following determines the available vendor patches that are installed or missing?
Vulnerability scan
Correct!
Configuration scan
Penetration test
Post-mortem assessment
Question 21
Organizations are usually not aware of when compliance auditing is a mandated periodic occurrence, so
preparation is challenging and often not possible.
True
Correct!
False
Question 22
Default deny is a specialized host used to place an attacker into a system where the intruder cannot do
any harm.
True
Correct!
False
Question 23
The goal of disaster recovery planning is to return the business to functional operation within a limited
time to prevent the failure of the organization due to the incident.
Correct!
True
False
Question 24
A fail-open grants all users the minimum level of access and permission required to perform an assigned
job task or responsibility.
True
Correct!
False
Answer: B Page reference: 189-190 Objective: List examples of network security best practices.
Question 25
The act of containment should not interrupt or interfere with the continued spread or operation of the
unwanted event.
True
Correct!
False
Question 26
A honeynet is a collection of multiple honeypots in a network for the purposes of luring and trapping
hackers.
Correct!
True
False
Question 27
Patch management watches for the release of new updates from vendors, tests the patches, obtains
approval, and then oversees the deployment and implementation of updates across the production
environment.
Correct!
True
False
Question 28
A Security Technical Implementation Guide (STIGS) is a guideline, procedure, or recommendation
manual.
Correct!
True
False
Question 29
Training is less rigorous than awareness and more rigorous than education.
True
Correct!
False
Answer: B Page reference: 196-197 Objective: Compose a procedure for incident response.
Question 30
Single-factor authentication uses a single element of validation or verification to prove the identity of a
subject, and it is considered much stronger than multi-factor authentication.
True
Correct!
False
Answer: B Page reference: 185 Objective: List examples of network security best practices. I
Question 31
Trusted Platform Module (TPM) is a dedicated microchip found on some motherboards; it hosts and
protects the encryption key for whole hard drive encryption.
Correct!
True
False
Question 32
You should never assume that a service or protocol is secured by another layer or service.
Correct!
True
False
Question 33
Bricking occurs when an update process causes a complete failure of the security control.
Correct!
True
Answer: A Page reference: 203 Objective: Enumerate key components of an effective network security
installation.
False
Question 34
Security management is the ongoing process of evaluating security so that you can improve it.
True
Correct!
False
Question 35
Penetration testing involves the application of hacking techniques, methodology, and tools, and ethical
security experts conduct penetration testing.
Correct!
True
False
Question 36
A port-mortem assessment review is the self-evaluation performed by individuals and organizations
after each security assessment task.
Correct!
True
False.
Question 37
You should wait at least a month before applying a patch or update from the vendor.
True
Correct!
False
Answer: B Page reference: 204 Objective: Enumerate key components of an effective network security
installation.
Question 38
Handling physical security attacks is the most important aspect of a security plan, as these types of
attacks pose the highest risks to the organization.
True
Answer: B Page reference: 190-191 Objective: Describe the importance of physical security.
Correct!
False
Question 39
It is a mistake to use remote system and device management mechanisms that are convenient but not
secure, such as telnet, HTTP, and FTP.
Correct!
True
False
Question 40
To write a comprehensive security policy, you should first inventory and examine the components of the
IT infrastructure.
Correct!
True
False
 SEC 150 Quiz 11Question 1
0 out of 5 points
on any hardware network device? Default password
Selected Answer: Undistributed authentication credentials
Default password
 Question 2
5 out of 5 points
Answers: True
False
 Question 3
5 out of 5 points
Determining who the target audience for training is takes place in the planning stage.
Answers: True
False
 Question 4
0 out of 5 points
The least common method for implementing a highly available VPN involves buying
two VPN hardware units and configuring them as a highly available pair. False
Answers: True
False
 Question 5
5 out of 5 points
Answers: True
False
 Question 6
5 out of 5 points
VPN system?
 Question 7
5 out of 5 points
Answers: True
False
 Question 8
5 out of 5 points

Bypass architecture
DMZ architecture
 Question 9
5 out of 5 points
Anonymity
Slideware
 Question 10
5 out of 5 points
Answers: True
False
 Question 11
0 out of 5 points
the policy?Scope
Policy
Scope
Purpose
 Question 12
0 out of 5 points
encryption protocols. False
Answers: True
False
 Question 13
5 out of 5 points
Answers: True
False
 Question 14
5 out of 5 points
Answers: True
False
 Question 15
5 out of 5 points
firewalled?
Bypass architecture
DMZ architecture
 Question 16
0 out of 5 points
from Internet-based attacks and behind the firewall to protect the internal network. False
Answers: True
False
 Question 17
0 out of 5 points
Selected Answer: Patching regularly
Patching regularly
 Question 18
5 out of 5 points
In a denial of service attack, the attacker is trying to crash or overload the VPN.
Answers: True
False
 Question 19
0 out of 5 points
unknown? Anonymity
Selected Answer: Security
Anonymity
Security
Denial of service
 Question 20
5 out of 5 points
Low cost
Sunday, April 17, 2016 6:43:18 PM
 Question 1
0 out of 5 points
The scope of the VPN policy should include actual policy language. False
Answers: True
False
 Question 2
5 out of 5 points
from Internet-based attacks and behind the firewall to protect the internal network.
Answers: True
False
 Question 3
0 out of 5 points
Instability is not considered a potential threat associated with software VPNs. False
Answers: True
False
 Question 4
5 out of 5 points
Anonymity
Slideware
 Question 5
0 out of 5 points
deck, but is not yet available in one of its products? Slideware
Answers: Anonymity
Hairpinning
Slideware
 Question 6
5 out of 5 points
Answers: True
False
 Question 7
0 out of 5 points
gathering the appropriate information. False
Answers: True
False
 Question 8
0 out of 5 points
Selected Answer: VPN server attack
VPN server attack
Client attack
 Question 9
5 out of 5 points
When developing a deployment plan for the VPN, power, heating, and cooling
requirements are generally covered in the VPN’s technical specifications.
Answers: True
False
 Question 10
5 out of 5 points
VPN system?
 Question 11
5 out of 5 points
Answers: True
False
 Question 12
5 out of 5 points
firewalled?
Bypass architecture
DMZ architecture
 Question 13
5 out of 5 points
Low cost
 Question 14
5 out of 5 points
It is uncommon to leverage a VPN to provide untrustworthy hosts access to portions of
the network.
Answers: True
False
 Question 15
5 out of 5 points
Answers: True
False
 Question 16
5 out of 5 points
Which section of the VPN policy should be as specific as possible, leaving little open to
interpretation?
Answers: Policy
Optional elements
Summary
 Question 17
0 out of 5 points
Which of the following documents an organization's rules for using a VPN? Remote
access policy
Vaporware
 Question 18
5 out of 5 points
the policy?
Policy
Scope
Purpose
 Question 19
0 out of 5 points
firewall software. False
Answers: True
False
 Question 20
5 out of 5 points
factors?
Selected Answer: Two-factor authentication
Hairpinning
Anonymity
 Question 1
0 out of 5 points
Selected Answer: Using vulnerability management with remote clients
Patching regularly
 Question 2
5 out of 5 points
Answers: True
False
 Question 3
5 out of 5 points
Answers: True
False
 Question 4
5 out of 5 points
gathering the appropriate information.
Answers: True
False
 Question 5
5 out of 5 points
One of the most critical steps in VPN troubleshooting is determining whether the
correction results in new problems.
Answers: True
False
 Question 6
5 out of 5 points
VPN system?
 Question 7
5 out of 5 points
the policy?
Policy
Scope
Purpose
 Question 8
5 out of 5 points
One of the primary benefits of an open-source solution is access to vendor support.
Answers: True
False
 Question 9
5 out of 5 points
The scope of the VPN policy should include actual policy language.
Answers: True
False
 Question 10
0 out of 5 points
Selected Answer: Remote access attack
Denial of service
VPN server attack
Client attack
 Question 11
5 out of 5 points
Answers: True
False
 Question 12
5 out of 5 points
Answers: True
False
 Question 13
5 out of 5 points
Selected Answer: Determining scope
Answers: Determining scope
Looking for changes
Calling the vendor
 Question 14
5 out of 5 points
deck, but is not yet available in one of its products?
Selected Answer: Slideware
Answers: Anonymity
Hairpinning
Slideware
 Question 15
5 out of 5 points
firewall software.
Answers: True
False
 Question 16
5 out of 5 points
Anonymity
Slideware
 Question 17
5 out of 5 points
Selected The capability for a network or system user to remain unknown
Answer:
Answers: The capability for a network or system user to remain unknown
and make a hairpin, or sharp turn and enter a secure network with little or no
trouble because it is entering from a secure and verified endpoint
The act of keeping information about a network or system user from being
disclosed to unauthorized people
 Question 18
5 out of 5 points
Answers: True
False
 Question 19
5 out of 5 points
unknown?
Anonymity
Security
Denial of service
 Question 20
5 out of 5 points

Bypass architecture
DMZ architecture
Quiz 12 SEC 150
 Question 1
5 out of 5 points
 Question 2
5 out of 5 points
Answers: IPv5
IPv6
IANA
SSL
 Question 3
5 out of 5 points
Selected Answer: Transport Layer Protocol
Answers: Rsync
Connection Protocol
 Question 4
5 out of 5 points
Tunnel mode
Transport mode
 Question 5
5 out of 5 points
One function of an SSL VPN is that it usually connects using a Web browser, whereas
an IPSec VPN generally requires client software on the remote system.
Answers: True
False
 Question 6
5 out of 5 points
Selected An older protocol largely replaced by IPSec and SSL/ TLS-based VPNs in
Answer:
 Question 7
5 out of 5 points
Answers: True
False
 Question 8
5 out of 5 points
Answers: True
False
 Question 9
0 out of 5 points
the life span of IPv4. False
Answers: True
False
 Question 10
5 out of 5 points
Answers: Layer 1
Layer 2
Layer 3
Layer 4
 Question 11
0 out of 5 points
The Secure Shell (SSH) protocol works in combination with rsync to back up, copy, and
mirror files securely. True
Answers: True
False
 Question 12
0 out of 5 points
successful VPN deployment. False
Answers: True
False
 Question 13
5 out of 5 points
Selected A protocol commonly used in establishing a direct connection between two
Answer:
networking nodes
networking nodes
An older protocol largely replaced by IPSec and SSL/TLS-based VPNs in
 Question 14
0 out of 5 points
The performance characteristics of a VPN supporting remote clients are generally the same
as the performance characteristics of a VPN supporting site-to-site connections. False
Answers: True
False
 Question 15
5 out of 5 points
Answers: Topology
Encryption level
Traffic
Software version
 Question 16
5 out of 5 points
 Question 17
5 out of 5 points
being tunneled.
Answers: True
False
 Question 18
5 out of 5 points
Answers: True
False
 Question 19
5 out of 5 points
Answers: True
False
 Question 20
5 out of 5 points
Monday, April 18


provider to take advantage of economies of scale. False
Answers: True
False
 Question 2
5 out of 5 points
Answers: Topology
Encryption level
Traffic
Software version
 Question 3
5 out of 5 points
the life span of IPv4.
Answers: True
False
 Question 4
5 out of 5 points
Tunnel mode
Transport mode
 Question 5
5 out of 5 points
 Question 6
5 out of 5 points
Answers: True
False
 Question 7
5 out of 5 points
being tunneled.
Answers: True
False
 Question 8
5 out of 5 points
IPSec is a mandatory component for IPv6, and is used to natively protect IPv6 data as it
is sent over the network.
Answers: True
False
 Question 9
5 out of 5 points
Answers: True
False
 Question 10
5 out of 5 points
 Question 11
5 out of 5 points
Selected Answer: Secure Shell (SSH)
Secure Shell (SSH)
 Question 12
5 out of 5 points
Answers: True
False
 Question 13
5 out of 5 points
 Question 14
5 out of 5 points
 Question 15
5 out of 5 points
 Question 16
0 out of 5 points
Selected More firewall rules
Answer:
tool
More firewall rules
 Question 17
0 out of 5 points
In typical end user/browser usage, SSL/TLS authentication is two-way. False
Answers: True
False
 Question 18
0 out of 5 points
Although it provides a mechanism for creating tunnels through an IP network, which of the following does
not provide a mechanism for encrypting the data being tunneled?
Selected Answer: Point-to-Point Protocol (PPP)

 Question 19
0 out of 5 points
Client virtualization is a concept that combines the personal computer desktop
environment with the physical desktop machine by using a client/server model of
computing. False
Answers: True
False
 Question 20
5 out of 5 points
Answers: IPv5
IPv6
IANA
SSL
Monday, April 18, 2016 6:04:
 Question 1
5 out of 5 points
Answers: True
False
 Question 2
5 out of 5 points
Selected It is a protocol that provides integrity protection for packet headers and data,
Answer:
Task Force, the standards body for Internet engineering specifications. RFCs
exist for hardware, operating systems, protocols, security services, and much
more.
 Question 3
5 out of 5 points
What is the Internet Engineering Task Force (IETF)?
Selected The standards body for Internet-related engineering specifications
Answer:
 Question 4
5 out of 5 points
provider to take advantage of economies of scale.
Answers: True
False
 Question 5
5 out of 5 points
Answers: True
False
 Question 6
5 out of 5 points
Answers: True
False
 Question 7
5 out of 5 points
Answers: True
False
 Question 8
5 out of 5 points
One proposed migration strategy for the move from IPv4 to IPv6 includes allowing two
IPv6 hosts to create a tunnel for traffic between two IPv6 hosts through an IPv4 network.
Answers: True
False
 Question 9
5 out of 5 points
Answers: Topology
Encryption level
Traffic
Software version
 Question 10
5 out of 5 points
 Question 11
5 out of 5 points
Tunnel mode
Transport mode
 Question 12
5 out of 5 points
To prevent spoofing of transactions, IPv6 IPSec uses a cryptographic checksum that
incorporates a shared encryption key so the receiver can verify that is was sent by the
apparent sender.
Answers: True
False
 Question 13
5 out of 5 points
The performance characteristics of a VPN supporting remote clients are generally the
same as the performance characteristics of a VPN supporting site-to-site connections.
Answers: True
False
 Question 14
5 out of 5 points
 Question 15
5 out of 5 points
Answers: True
False
 Question 16
0 out of 5 points
The IPv6 IPSec is a set of national standards that use cryptographic security services to
provide confidentiality, data origin authentication and data integrity.
Answers: True
False
 Question 17
5 out of 5 points
successful VPN deployment.
Answers: True
False
 Question 18
5 out of 5 points
 Question 19
5 out of 5 points
Selected Answer: Layer 2 Forwarding (L2F) Protocol
 Question 20
5 out of 5 points
Answers: Layer 1
Layer 2
Layer 3
Layer 4
Monday, April 18, 2016 6:39:15 PM EDT
Question 1
Which term is used to describe the process of encasing one protocol or packet inside another
protocol or packet?
Chokepoint
Encapsulation
Intrusion Detection System (IDS)
Encryption
Question 2
When too much data crosses a network segment, throughput and latency are increased.
True
False
Question 3
Which of the following is one of the most common and easily exploited vulnerabilities on any hardware
network device?
Default password
Question 4
Which of the following refers to the end user’s desktop devices such as a desktop computer,
laptop, VoIP telephone, or other endpoint device?
LAN Domain or Workstation Domain
WAN Domain
Question 5
Which term describes programs used to control access to computer resources, enforce policies,
audit usage, and provide billing information?
Traffic congestion
Certificate authority (CA)
Authentication, authorization, and accounting (AAA) services
Trusted roots list
Question 6
Which term is used to describe an attack that occurs when a hacker uses a network sniffer to watch a
communications session to learn its parameters?
HOSTS file
Hijacking
Privacy
Appliance
Question 7
A whitelist
A response plan

Question 8
A mechanism that defines traffic or an event to apply an authorization control of allow or deny
against
An intrusion detection system/intrusion prevention system (IDS/ IPS) based on a defined normal,
often defined using rules similar to firewall rules
An event that does not trigger an alarm but should have, due to the traffic or event actually being
abnormal and/or malicious
A form of IDS/IPS detection based on a collection of samples, patterns, signatures, and so on
Question 9
Which malicious software program is distributed by hackers to take control of victims’ computers?
Hardware firewalls
Viruses
Bots
Bastion host
Question 10
Which of the following is not a characteristic of a private address?
They are leased.
They require translation.
They can be mixed with public addresses.
They are isolated from the Internet.
Question 11

exceptions
actions
Question 12
When conducting an audit, the auditor should be which of the following?
An internal employee who can be trusted
An external person capable of hacking
An internal employee capable of enclosing or encasing one protocol or packet inside another
protocol or packet
An external person who is independent of the organization under audit
Question 13
Ingress and egress filtering can expand beyond protection against spoofing and include a variety of
investigations on inbound and outbound traffic. Which of the following is not one of the ways ingress
and egress filtering expand beyond protection against spoofing?
Confirmation of authentication or authorization before communications continue
Question 14

Question 15
A security policy is important for all of the following reasons except which one?
It establishes goals.
It helps with planning.
With it, you cannot trust the network's security.
It helps respond, contain, and repair.
Question 16
Although it provides a mechanism for creating tunnels through an IP network, which of the
following does not provide a mechanism for encrypting the data being tunneled?
Question 17
An application-programming interface (API) developed by IBM in 1985 to emulate NetBIOS on a

token ring network
A policy allowing or encouraging employees, contractors, and others to connect their own
computers, smartphones, and other devices to their organization’s networks
Question 18
Which of the following is not a type of malware?
Virus
Worm
Chip creep
Trojan horse
Question 19
Which term is a form of exploitation in which an unauthorized or rogue DNS server responds to DNS
queries with false resolutions?
DNS poisoning
DNS spoofing
Banner grabbing
Dumpster diving
Question 20
Which of the following refers to the malicious insertion of scripting code onto a vulnerable Web site?
Insertion attack
Upstream filtering
Keystroke logger
Question 21
Hackers can be deterred by defense methods that detect and evade. All of the following are defense
methods, except which one?
Honeypots
Firewalls
IDSs
Botnet army
Question 22
Stateful inspection filtering
Static filtering
Content filtering
Application gateway
Question 23
Which of the following describes a blacklist?
A security mechanism to detect and prevent attempts to breach security
A type of filtering in which all activities or entities are permitted except those identified
A list of the hosts and servers on the network
A list that describes the steps to lock down a host against threats and attacks
Question 24
Which term describes a VPN created between two individual hosts across a local or intermediary
network?
VPN appliance
Host-to-host VPN
Hash
Site-to-site VPN
Question 25
Which of the following describes covert channel?
A criminal whose objective is to compromise IT infrastructures.
A method of discovering wireless networks by moving around a geographic area with a detection
device.
A tactic of pursuing and extracting information for the purpose of making a sale or performing a
social engineering attack.
An unknown, secret pathway of communication.
Question 26
Layer 1
Layer 2
Layer 3
Layer 4
Question 27
Gathering through eavesdropping on communications, whether encrypted or not, is known as what?

Encryption
Eavesdropping
Filtering
Question 28
Which of the following describes authentication?
authentic
A small network, workgroup, or client/server, deployed by a small business, a home-based

business, or just a family network in a home
A stated purpose or target for network security activity
Question 29
When employees have multiple concurrent connections, what might be happening to the VPN system?
There may be a software failure.
Question 30
All of the following are advantages of a defense-in-depth security design except which one?
Defense in depth avoids single points of failure.
Defense in depth keeps senior management out of the activities of the security department.
Defense in depth divides and conquers, which separates projects into smaller pieces.
Question 31
The inability to encrypt or otherwise protect the data stream between the client and server is a
drawback of which protocol?
Hypertext Transfer Protocol (HTTP)
Question 32
Which of the following is the name given to unauthorized access to a system?
Hijacking
Backdoor
Tunneling
Exploit
Question 33
Which of the following is a malicious software program distributed by a hacker to take control of a
victim’s computers?
Sacrificial host
Client
Server
Agent
Question 34
Which of the following characteristics relates to a distributed Denial of Service (DDoS) attack?
The information related to the owners and managers of a domain name accessed through the
domain registrar’s Web sites and Whois lookups
An advancement of keystroke logging to monitor and record many other user activities
An attack that uses multiple remotely controlled software agents disseminated across the
Internet
An attack that occurs on the logical division of a hard drive that can be formatted with a file
system
Question 35
Which term describes a network device that forwards traffic between networks based on the MAC
address of the Ethernet frame?
Domain
Bottleneck
Bridge
Node
Question 36
A plan explaining the use of only a single element of validation or verification to prove the
identity of a subject.
communication.
A plan to maintain the mission-critical functions of the organization in the event of a problem
that threatens to take business processes offline.
Question 37
Fail-secure
Fail-open
Default deny
Default allow
Question 38
IPv5
IPv6
IANA
SSL
Question 39
What attack cracks a password or encryption key by trying all possible valid combinations from a defined
set of possibilities (a set of characters or hex values)?
Brute-force attack
Hybrid attack
Modeling
Question 40
Which of the following refers to a form of attack that attempts to compromise availability?
Zero day exploits
Man-in-the-middle (mitm)
Denial of service (DoS)
Sniffer

All Docs Merged

Caricato da

Informazioni sul documento

Titolo originale

Copyright

Formati disponibili

Condividi questo documento

Condividi o incorpora il documento

Opzioni di condivisione

Hai trovato utile questo documento?

Questo contenuto è inappropriato?

Copyright:

Formati disponibili

All Docs Merged

Caricato da

Copyright:

Formati disponibili

QUESTION 1

An application-programming interface (API) developed by IBM in 1985 to emulate

Flag this Question

Flag this Question

Post Office Protocol (POP)

Flag this Question

Flag this Question

Internet Assigned Numbers Authority (IANA)

Flag this Question

They can be mixed with public addresses.

Flag this Question

Flag this Question

Dictionary password attack

Flag this Question

Flag this Question

File Transfer Protocol (FTP)

Flag this Question

Flag this Question

Flag this Question

Flag this Question

Flag this Question

A legacy protocol developed by Novell for its NetWare networking product

Flag this Question

Transmission Control Protocol/Internet Protocol (TCP/IP)

Flag this Question

Flag this Question

Flag this Question

VLAN configuration takes place in the switch.

Which of the following us an intentional discharge made to damage or destroy electronic

Annualized rate of occurrence (ARO)

Removal of redundant or superfluous data or space to reduce the size of

Transport mode encryption

A set of rules and procedures—usually mathematical in nature—that can

Transport mode header

Where hackers are located

A hardened hardware firewall

A form of intrusion detection system/intrusion prevention system (IDS/

A process that automatically creates temporary filters. In most cases, the

Deny by default/Allow by exception

Transport mode encryption

A policy allowing or encouraging employees, contractors, and others to

They see the company as worthy of protection.

Answers: A physical security checklist

A logical security checklist

Traffic and trend analysis

An attack that uses multiple remotely controlled software agents

Basic security training that focuses on common or basic security

Arbitrary code execution

Incident response plan

A plan to maintain the mission-critical functions of the organization in the

Defense in depth keeps senior management out of the activities of the

Dictionary password attack

An operating system such as Windows or Linux that can support a wide

Work with urgency.

Answers: Additional hardware manipulation

Consider reconfiguring the network rather than using a too complex or

Setting strong passwords

Remote Desktop Protocol (RDP) and Remote Assistance

Authentication Header (AH)

Secure Shell (SSH)

Internet Key Exchange (IKE)

A protocol commonly used in establishing a direct connection between

Transport Layer Protocol