Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
1. Which term describes programs used to control access to computer resources, enforce
policies, audit usage, and provide billing information?
Traffic congestion
Certificate authority (CA)
Authentication, authorization, and accounting (AAA) services
Trusted roots list
5.00000 points
QUESTION 2
1. Which of the following refers to the malicious insertion of scripting code onto a vulnerable
Web site?
Insertion attack
Upstream filtering
Keystroke logger
Cross-site scripting (XSS)
5.00000 points
QUESTION 3
1. Which name is given to a VPN created between a client and a server either within the same
local network or across a WAN link or intermediary network to support secure client
interaction with the services of a resource host?
Site-to-site VPN
Software VPN
Client-to-server VPN
Keyspace
5.00000 points
QUESTION 4
1. Which name is given to a rogue program that automatically dials a modem to a pre-defined
number to auto-download additional malware to the victim or to upload stolen data from
the victim?
Adware
Sector
Spyware
Dialer
5.00000 points
QUESTION 5
1. Which term describes a network, network link, or channel located between the endpoints
of a VPN?
One-way function
Host-to-host network
Site-to-site network
Intermediary network
5.00000 points
QUESTION 6
1. Which of the following is given to a software interface with a system that allows code
execution?
Intentional Electromagnetic Interference (IEMI)
National Institute of Standards and Technology (NIST)
Proxy
Command shell
5.00000 points
QUESTION 7
1. Which of the following terms describes hiding information from unauthorized third
parties?
Virtual Private Network (VPN)
Split tunnel
Cryptography
Authentication, Authorization, and Accounting (AAA) Services
5.00000 points
QUESTION 8
1. Which of the following is not a type of malware?
Virus
Worm
Chip creep
Trojan horse
5.00000 points
QUESTION 9
1. A dedicated connection is always off and available for immediate transmission of data only
when there is an emergency.
True
False
5.00000 points
QUESTION 10
1. Which term is a form of exploitation in which an unauthorized or rogue DNS server
responds to DNS queries with false resolutions?
DNS poisoning
DNS spoofing
Banner grabbing
Dumpster diving
5.00000 points
QUESTION 11
1. Which of the following us an intentional discharge made to damage or destroy electronic
equipment ranging from cell phones to computers and servers?
Session hijacking
Virus
Intentional electromagnetic interference (IEMI)
Chip creep
5.00000 points
QUESTION 12
1. Hashing verifies data integrity by using algorithms to produce unique numbers from
datasets known as hash values.
True
False
5.00000 points
QUESTION 13
1. Which term refers to a type of business telephone network?
Private Branch Exchange (PBX)
Host-to-site VPN
Rekeying
Virtual private network (VPN)
5.00000 points
QUESTION 14
1. Which name is given to the information related to the owners and managers of a domain
name accessed through the domain registrar’s Web sites and Whois lookups?
Domain registration
National Institute of Standards and Technology (NIST)
USENET newsgroup
Wrapper
5.00000 points
QUESTION 15
1. Which term describes a form of security defense that focuses on discouraging a perpetrator
with physical harm, social disgrace, and legal consequences?
Buffer overflow
Firewall
Deterrent
Dumpster diving
5.00000 points
QUESTION 16
1. Which term is used to describe a feature added to the NTFS file system to support files
from POSIX, OS/2, and Macintosh?
Deterrent
Adware
Hierarchical file system (HFS)
Alternate data stream (ADS)
5.00000 points
QUESTION 17
1. A split tunnel is a VPN connection that allows simultaneous access to the secured VPN link
and unsecured access to the Internet across the same connection.
True
False
5.00000 points
QUESTION 18
1. Which term describes a VPN created between two individual hosts across a local or
intermediary network?
VPN appliance
Host-to-host VPN
Hash
Site-to-site VPN
5.00000 points
QUESTION 19
1. Which of the following is a form of exploitation in which the data on a DNS server is
falsified so that subsequent responses to DNS resolution queries are incorrect?
Dumpster diving
DNS poisoning
Banner grabbing
Dialer
5.00000 points
QUESTION 20
1. Reconnaissance is the act of learning as much as possible about a target before attempting
attacks.
True
False
Question 1 5 pts
Which of the following describes AppleTalk?
A legacy protocol used in networks hosting mainly Macintosh computers
A policy that allows employees, contractors, and others to connect their own computers,
smartphones, and other devices to their organizations’ networks
Defense in depth divides and conquers, which separates projects into smaller pieces.
Defense in depth filters user interactions.
WAN Domain
Remote Access Domain
Modeling
Security through obscurity
Brute-force attack
Hybrid attack
A form of security based on hiding details of a system or creating convolutions that are
difficult to understand to overcome the obscure methodology
A policy of allowing or even encouraging employees, contractors, and others to connect
their own computers, smartphones, and other devices to their organization’s networks
Eavesdropping
Filtering
AppleTalk
Piloting
Planned growth
Unlimited growth
System/Application Domain
LAN Domain
Flag this Question
Question 17 5 pts
Which of the following is given to an Application Layer protocol used by e-mail clients to
receive messages from an e-mail server?
Simple Mail Transfer Protocol (SMTP)
Post Office Protocol (POP)
Attack surface
Internetwork Packet Exchange/Sequenced Packet Exchange (IPX/SPX)
Endpoint security
Encryption
False
5.00000 points
QUESTION 3
1. Which term describes encryption that protects only the original IP packet's payload?
Tunnel mode encryption
Transport mode encryption
Cryptography
IP headers
5.00000 points
QUESTION 4
1. Which term describes a form of security defense that focuses on discouraging a perpetrator
with physical harm, social disgrace, and legal consequences?
Buffer overflow
Firewall
Deterrent
Dumpster diving
5.00000 points
QUESTION 5
1. If you have been presented false credentials or you have been lured to an attack site, you
might have been a victim of a phishing attack.
True
False
5.00000 points
QUESTION 6
1. Which of the following characteristics describes an edge router?
The last device owned and controlled by an organization before an ISP or telco
connection
A form of VPN establishing a secure VPN over trusted VPN connections
A form of cryptography in which each encryption key is used once before being
discarded
A security service that ensures that a sender cannot deny sending a message
5.00000 points
QUESTION 7
1. Scanning refers to the act of probing a network using custom crafted packets to determine
the IP addresses in use and whether ports are open or closed.
True
False
5.00000 points
QUESTION 8
1. Which of the following describes covert channel?
A criminal whose objective is to compromise IT infrastructures.
A method of discovering wireless networks by moving around a geographic area with a
detection device.
A tactic of pursuing and extracting information for the purpose of making a sale or
performing a social engineering attack.
An unknown, secret pathway of communication.
5.00000 points
QUESTION 9
1. Which of the following characteristics relates to a distributed Denial of Service (DDoS)
attack?
The information related to the owners and managers of a domain name accessed
through the domain registrar’s Web sites and Whois lookups
An advancement of keystroke logging to monitor and record many other user activities
An attack that uses multiple remotely controlled software agents disseminated across
the Internet
An attack that occurs on the logical division of a hard drive that can be formatted with a
file system
5.00000 points
QUESTION 10
1. A script kiddie is an experienced hacker who uses his or her own tools or scripts.
True
False
5.00000 points
QUESTION 11
1. Which of the following refers to a communication pathway, circuit, or frequency dedicated
or reserved for a specific transmission?
Hardware VPN
Host-to-site VPN
Asymmetric cryptography
Channel
5.00000 points
QUESTION 12
1. Identity proofing is a form of authentication.
True
False
5.00000 points
QUESTION 13
1. A VPN appliance can be placed inside and outside the corporate firewall.
True
False
5.00000 points
QUESTION 14
1. Which of the following characteristics relates to the term algorithm?
A hardware VPN device
A VPN created between two individual hosts across a local or intermediary network
Used to connect a remote or mobile host to a networked office workstation
A set of rules and procedures—usually mathematical in nature—that can define how
the encryption and decryption processes operate
5.00000 points
QUESTION 15
1. A rootkit describes a form of malware that hackers can upload and deploy on a target
system; it often replaces multiple components of the host operating system with altered
code.
True
False
5.00000 points
QUESTION 16
1. Which of the following describes a banner?
A message sent by a service in response to a valid or invalid query. Its function is to
confirm communication is functioning properly or to announce an error.
A form of unauthorized access to a system.
Persistent public messaging forums accessed over the Network News Transfer Protocol
(NNTP).
A variant of the UNIX operating system that is supported by Windows NT 4.0, but not
subsequent version of Windows.
5.00000 points
QUESTION 17
1. Redundant array of independent disks (RAID) is a disk set management technology that
gains speed and fault tolerance.
True
False
5.00000 points
QUESTION 18
1. A technique for securing a data exchange or verifying identity is through out of band
communication, which uses an alternative route, mechanism, or pathway.
True
False
5.00000 points
QUESTION 19
1. The term XSS refers to the largest amount of data that a datagram can hold based on the
limitations of the networking devices managing a given segment.
True
False
5.00000 points
QUESTION 20
1. Which term describes the seemingly random and unusable output from a cryptographic
function applied to original data?
Dedicated leased line
Ciphertext
Identity proofing
Host VPN
Which name is given to a VPN created between a client and a server either within the same local
network or across a WAN link or intermediary network to support secure client interaction with
the services of a resource host?
Site-to-site VPN
Software VPN
Client-to-server VPN
Keyspace
Which of the following refers to the malicious insertion of scripting code onto a vulnerable Web
site?
Insertion attack
Upstream filtering
Keystroke logger
Cross-site scripting (XSS)
Which name is given to a rogue program that automatically dials a modem to a pre-defined
number to auto-download additional malware to the victim or to upload stolen data from the
victim?
Adware
Sector
Spyware
Dialer
When a communication exchange that does not verify the identity of the endpoints of a
communication and accepts any properly formed response as valid, a non-authenticating query
service is in use.
True
False
A dedicated connection is always off and available for immediate transmission of data only when
there is an emergency.
True
False
Rekeying triggers the generation of a new symmetric encryption key and secure exchange of that
key.
True
False
When too much data crosses a network segment, throughput and latency are increased.
True
False
Which term is a form of exploitation in which an unauthorized or rogue DNS server responds to
DNS queries with false resolutions?
DNS poisoning
DNS spoofing
Banner grabbing
Dumpster diving
Which of the following terms describes hiding information from unauthorized third parties?
Virtual Private Network (VPN)
Split tunnel
Cryptography
Authentication, Authorization, and Accounting (AAA) Services
Fragmentation occurs when a dataset is too large for maximum supported size of a
communication container, such as a segment, packet, or frame. The original dataset divides into
multiple sections or fragments for transmission across the size-limited medium, and then
reassembles on the receiving end.
True
False
Hackers can be deterred by defense methods that detect and evade. All of the following are
defense methods, except which one?
Honeypots
Firewalls
IDSs
Botnet army
1. What is compression?
A VPN used to grant outside entities access into a perimeter network; used to host
resources designated as accessible to a limited group of external entities, such as
business partners or suppliers, but not the general public
A subset of asymmetric cryptography based on the use of key pair sets
The art and science of hiding information from unauthorized third parties
Removal of redundant or superfluous data or space to reduce the size of a data set
Which term is used to describe a feature added to the NTFS file system to support files from
POSIX, OS/2, and Macintosh?
Deterrent
Adware
Hierarchical file system (HFS)
Alternate data stream (ADS)
VPNs increase the risk caused by insecure access locations and prevent interaction with
LAN resources.
Answers:
False
Question 1
Which of the following characteristics relates to access control?
The feature of network design that ensures the existence of multiple pathways of communication.
An attack that occurs when a hacker uses a network sniffer to watch a communications session to
learn its parameters
Correct!
The process or mechanism of granting or denying use of resources; typically applied to users or
generic network traffic
The process of confirming the identity of a user
Reference page: 7 Objective: Describe the key concepts and terms associated with network security.
Question 2
Which term describes an object, computer, program, piece of data, or other logical or physical
component you use in a business process to accomplish a business task?
Correct!
Asset
Client
Appliance
Trust
Reference page: 7 Objective: Describe the key concepts and terms associated with network security.
Question 3
When conducting an audit, the auditor should be which of the following?
An internal employee who can be trusted
An external person capable of hacking
An internal employee capable of enclosing or encasing one protocol or packet inside another
protocol or packet
Correct!
An external person who is independent of the organization under audit
Question 4
Which of the following describes authentication?
Correct!
The process of confirming the identity of a user
Confidence in the expectation that others will act in your best interest or that a resource is
authentic
A small network, workgroup, or client/server, deployed by a small business, a home-based
business, or just a family network in a home
A stated purpose or target for network security activity
Reference page: 7 Objective: Describe the key concepts and terms associated with network security.
Question 5
Which term describes when a system is usable for its intended purpose?
Authorization
Auditing
Encryption
Correct!
Availability
Reference page: 6 Objective: Describe the key concepts and terms associated with network security.
Question 6
Which of the following is the name given to unauthorized access to a system?
Hijacking
Correct!
Backdoor
Tunneling
Exploit
Reference page: 11 Objective: Describe the key concepts and terms associated with network security
Question 7
Which of the following describes a blacklist?
A security mechanism to detect and prevent attempts to breach security
Correct!
A type of filtering in which all activities or entities are permitted except those identified
A list of the hosts and servers on the network
A list that describes the steps to lock down a host against threats and attacks
Reference page: 36 Objective: Compare and contrast common network security components and
devices and their use throughout the IT infrastructure.
Question 8
Which term describes a network device that forwards traffic between networks based on the MAC
address of the Ethernet frame?
Domain
Bottleneck
Correct!
Bridge
Node
Reference page: 32 Objective: Compare and contrast common network security components and
devices and their use throughout the IT infrastructure.
Question 9
Which of the following describes caching?
A network service that acts as a "middle man" between a client and server
Correct!
Retention of Internet content by a proxy server
Filtering traffic as it attempts to enter a network
A mechanism to establish a secure remote access connection across an intermediary network
Reference page: 29 Objective: Identify examples of network security concerns or threats that require
enhanced security countermeasures to properly mitigate risk exposure and threats.
Question 10
Which of the following refers to a host on a network that supports user interaction with the network?
Server
Role
Trust
Correct!
Client
Reference page: 15 Objective: Identify examples of network security concerns or threats that require
enhanced security countermeasures to properly mitigate risk exposure and threats.
Question 11
Which name is given to the security service of preventing access to resources by unauthorized users
while supporting access to authorized users?
Correct
Confidentiality
Authentication
Demilitarized zone (dmz)
Defense in Depth
Reference page: 6 Objective: Describe the key concepts and terms associated with network security.
Question 12
Which of the following characteristics relates to a demilitarized zone (DMZ)?
Confidence in the expectation that others will act in your best interest or that a resource is
authentic
Correct!
A type of perimeter network used to host resources designated as accessible by the public from
the Internet
A form of networking where each computer is a peer
A host on a network
Reference page: 9 Objective: Describe the importance of a written security policy and explain how
policies help mitigate risk exposure and threats to a network infrastructure.
Question 13
Which of the following refers to a form of attack that attempts to compromise availability?
Zero-day exploits
Man-in-the-middle (mitm)
Correct!
Denial of service (DoS)
Sniffer
Reference page: 21 Objective: Identify examples of network security concerns or threats that require
enhanced countermeasures to properly mitigate risk exposure and threats.
Question 14
Which term is used to describe a network service that maintains a searchable index or database of
network hosts and shared resources?
Correct!
Directory Service
Open systems interconnection (osi) reference model
Denial of Service (DoS)
DNS service
Reference page: 37 Objective: Compare and contrast common network security components and
devices and their use throughout the IT infrastructure.
Question 15
Which of the following refers to filtering traffic as it attempts to leave a network, which can include
monitoring for spoofed addresses, malformed packets, unauthorized ports and protocols, and blocked
destinations?
Router
Correct!
Egress filtering
Auditing
Whitelist
Reference page: 28 Objective: Identify examples of network security concerns or threats that require
enhanced countermeasures to properly mitigate risk exposure and threats.
Question 16
Which term is used to describe the process of encasing one protocol or packet inside another protocol
or packet?
Chokepoint
Correct!
Encapsulation
Intrusion Detection System (IDS)
Encryption
Reference page: 19 Objective: Identify examples of network security concerns or threats that require
enhanced security countermeasures to properly mitigate risk exposure and threats.
Question 17
A security policy is important for all of the following reasons except which one?
It establishes goals.
It helps with planning.
Correct!
With it, you cannot trust the network's security.
It helps respond, contain, and repair.
Reference page: 11 Objective: Describe the importance of a written security policy and explain how
policies help mitigate risk exposure and threats to a network infrastructure.
Question 18
Which term is used to describe a network security device or host software that filters communications,
usually network traffic, based on a set of predefined rules?
Sniffer
Auditor
Hacker
Correct!
Firewall
Reference page: 21 Objective: Describe the security requirements needed for wired versus wireless LAN
infrastructures in order to provide an enhanced level of security.
Question 19
Which of the following terms refers to the process of securing or locking down a host against threats
and attacks?
Auditing
Redundancy
Authorization
Correct!
Hardening
Reference page: 25 Objective: Identify examples of network security concerns or threats that require
enhanced security countermeasures to properly mitigate risk exposure and threats.
Question 20
Which term is used to describe an attack that occurs when a hacker uses a network sniffer to watch a
communications session to learn its parameters?
HOSTS file
Correct!
Hijacking
Privacy
Appliance
True/False Questions
Reference page: 26 Objective: Identify examples of network security concerns or threats that require
enhanced security countermeasures to properly mitigate risk exposure and threats.
Question 21
Encryption is the process or mechanism that grants or denies use of a resource.
True
Correct!
False
Question 22
Integrity prevents unauthorized changes to data.
Correct!
True
False
Question 23
Authentication confirms the identity of a user.
Correct!
True
False
Question 24
Authorization protects the confidentiality, integrity, and availability of personally identifiable or sensitive
data.
True
Correct!
False
Question 25
IPv6 uses a 128-bit address, which is significantly smaller than IPv4.
True
Correct!
False
Question 26
Caching is the retention of Internet content by a proxy server.
Correct!
True
False
Question 27
The term monitoring refers to the act of creating or recording events into a log.
True
Correct!
False
Question 28
A chokepoint is a form of bottleneck and is a single, controlled pathway between two different levels of
network trust where a firewall or other filtering devices block or allow traffic based on a set of rules.
Correct!
True
False
Question 29
A WAN domain refers to the authorized and authenticated remote access procedures for users to
remotely access the organization's IT infrastructure, systems, and data.
True
Correct!
False
Question 30
Intrusion Detection System (IDS) is a security mechanism that detects unauthorized user activities,
attacks, and network compromises.
Correct!
True
False
Question 31
Remote Access Server (RAS) is a network server that accepts outbound connections from remote clients.
True
Correct!
False
Question 32
A replay attack occurs when a hacker uses a network sniffer to capture network traffic and then
retransmits that traffic back on to the network at a later time.
Correct!
True
False
Question 33
A node is a network device responsible for directing traffic towards its stated destination along the best-
known current available path.
True
Correct!
False
Question 34
1 / 1 pts
The IT department is the group that has the highest controlling and responsible authority within an
organization. Ultimately the success or failure of network security rests with this department.
True
Correct!
False
Reference page: 12 Objective: Define network security roles and responsibilities and who within an IT
organization is accountable for these security implementations.
Question 35
1 / 1 pts
The term thin client computing refers to a legacy terminal concept used to control mainframes.
Correct!
True
False
Question 36
Tunneling is the act of transmitting a protocol across an intermediary network by encapsulating it in
another protocol.
Correct!
True
False
Question 37
A blacklist is a type of filtering where the network denies all activities except for those on the list.
True
Correct!
False
Question 38
A domain is a form of networking in which each computer is a peer.
True
Correct!
False
Question 39
The term zero day exploit describes a new and previously unknown attack for which there is not a
current specific defense.
Correct!
True
False
Question 40
1 / 1 pts
A public IP address is any address that is valid for use on the Internet.
Correct!
True
False
Quiz Score: 39 out of 40
Which of the following describes awareness?
A dedicated microchip found on some motherboards that host and protect the encryption key for
whole hard drive encryption
The third and highest level of obtaining security knowledge that leads to career advancement
A security guideline, procedure, or recommendation manual
Correct!
Basic security training that focuses on common or basic security elements that all employees must
know and abide by
Answer: D Page reference: 196-198 Objective: Compose a procedure for incident response.
Question 2
Which of the following creates copies of data on other storage media?
Fail-Open
Honeynets
Correct!
Backups
Security Technical Implementation Guide (STIGS)
Answer: C Page reference: 195-196 Objective: Compose a procedure for incident response.
Question 3
What is a business continuity plan?
A plan explaining the use of only a single element of validation or verification to prove the identity
of a subject.
A plan outlining the failure response that results in open and unrestricted access or
communication.
Correct!
A plan to maintain the mission-critical functions of the organization in the event of a problem that
threatens to take business processes offline.
A plan to restore the mission-critical functions of the organization once they have been
interrupted by an adverse event.
Answer: C Page reference: Page 185 Objective: List examples of network security best practices.
Question 4
Which of the following is a detailed and thorough review of the deployed security infrastructure
compared with the organization's security policy and any applicable laws and regulations?
Incident response plan
Correct!
Compliance audit
Disaster recovery plan
Business continuity plan
Answer: B Page reference: 204-205 Objective: Describe the methods of network security assessment.
Question 5
A security stance that blocks access to all resources until a valid authorized explicit exception is defined?
Fail-secure
Fail-open
Correct!
Default deny
Default allow
Answer: C Page reference: 189 Objective: List examples of network security best practices.
Question 6
Which of the following is not a characteristic of security education?
Its purpose is to obtain knowledge that leads to career advancement.
Correct!
It is usually obtained inside of the organization.
It is broad and not necessarily focused on specific job tasks or assignments.
It is more rigorous than awareness or training.
Answer: B Page reference: 199 Objective: Compose a procedure for incident response.
Question 7
Which of the following refers to a failure response resulting in open and unrestricted access or
communication?
Correct!
Fail-open
Mission-critical
Default allow
Fail-secure
Answer: A Page reference: 190 Objective: List examples of network security best practices.
Question 8
Which of the following is a form of security protection that protects individual files by scrambling the
contents in such a way as to render them unusable by unauthorized third parties?
Default allow
Separation of duties
Correct!
File encryption
Fail-secure
Answer: C Page reference: 184 Objective: List examples of network security best practices.
Question 9
Which of the following describes a predefined procedure that will limit damage, contain the spread of
malicious content, stop the compromise of information, and promptly restore the environment to a
normal state?
Separation of duties
Correct!
Incident response plan
Business continuity plan
Disaster recovery plan
Answer: B Page reference: 191 Objective: Compose a procedure for incident response.
Question 10
Which of the following describes the state or condition of an asset or process vitally important to the
long-term existence and stability of an organization?
Correct!
Mission-critical
Fail-secure
Fail-open
Compliance audit
Answer: A Page reference: 185 Objective: List examples of network security best practices.
Question 11
Which of the following refers to a specialized host used to place an attacker into a system where the
intruder cannot do any harm?
Incident response plan
Correct!
Padded cell
Principle of least privilege
Default allow
Answer: B Page reference: 193 Objective: Compose a procedure for incident response.
Question 12
What prevents a hard drive from being read by another system if it is stolen?
Correct!
Whole hard drive encryption
Host firewall
Antivirus scanner
Intrusion detection system (IDS)
Answer: A Page reference: 194 Objective: Compose a procedure for incident response.
Question 13
Which form of investigation aims at checking whether or not a target system is subject to attack based
on a database of tests, scripts, and simulated exploits?
Incident response plan
Fail-open
Correct!
Vulnerability scanning
Separation of duties
Answer: C Page reference: 207 Objective: Describe the methods of network security assessment.
Question 14
Which one of the following is not a cause of a configuration error?
Physical damage
Updates
Human error
Correct!
Vulnerability scanning
Answer: D Page reference: 204 Objective: Enumerate key components of an effective network security
installation.
Question 15
Which of the following describes separation of duties?
A security stance that allows all communications except those prohibited by specific deny
exceptions
A plan to restore the mission-critical functions of the organization once they have been
interrupted by an adverse event
A security guideline, procedure, or recommendation manual
Correct!
An administrative rule whereby no single individual possesses sufficient rights to perform certain
actions
Answer: D Page reference: 188 Objective: List examples of network security best practices.
Question 16
Which of the following is not a step in an incident response solution?
Correct!
Evasion
Containment
Eradication
Recovery
Answer: A Page reference: 191 Objective: Compose a procedure for incident response.
Question 17
Which of the following refers to the guideline that all users should be granted only the minimum level of
access and permission required to perform their assigned job tasks and responsibilities?
The whitelist
Correct!
Principle of least privilege
Single-factor authentication
Incident response plan
Answer: B Page reference: 188 Objective: List examples of network security best practices.
Question 18
Which of the following is an element of infrastructure design that takes into account the likelihood of a
security breach by malicious code or some other intruder?
Containment
Trapping
Correct!
Compartmentalization
Intrusion detection
Answer: C Page reference: 192 Objective: Compose a procedure for incident response.
Question 19
Checking authentication, checking authorization and access control, auditing systems, and verifying
firewalls and other filters should all be included on which of the following?
A physical security checklist
A whitelist
A response plan
Correct!
A logical security checklist
Answer: D Page reference: 201 Objective: Compose a procedure for incident response.
Question 20
Which of the following determines the available vendor patches that are installed or missing?
Vulnerability scan
Correct!
Configuration scan
Penetration test
Post-mortem assessment
Answer: B Page reference: 206 Objective: Describe the methods of network security assessment.
Question 21
Organizations are usually not aware of when compliance auditing is a mandated periodic occurrence, so
preparation is challenging and often not possible.
True
Correct!
False
Answer: B Page reference: 205 Objective: Describe the methods of network security assessment.
Question 22
Default deny is a specialized host used to place an attacker into a system where the intruder cannot do
any harm.
True
Correct!
False
Answer: B Page reference: 193 Objective: Compose a procedure for incident response.
Question 23
The goal of disaster recovery planning is to return the business to functional operation within a limited
time to prevent the failure of the organization due to the incident.
Correct!
True
Answer: A Page reference: 185 Objective: List examples of network security best practices.
False
Question 24
A fail-open grants all users the minimum level of access and permission required to perform an assigned
job task or responsibility.
True
Correct!
False
Answer: B Page reference: 189-190 Objective: List examples of network security best practices.
Question 25
The act of containment should not interrupt or interfere with the continued spread or operation of the
unwanted event.
True
Correct!
False
Answer: B Page reference: 192 Objective: Compose a procedure for incident response.
Question 26
A honeynet is a collection of multiple honeypots in a network for the purposes of luring and trapping
hackers.
Correct!
True
Answer: A Page reference: 193 Objective: Compose a procedure for incident response.
False
Question 27
Patch management watches for the release of new updates from vendors, tests the patches, obtains
approval, and then oversees the deployment and implementation of updates across the production
environment.
Correct!
True
Answer: A Page reference: 186 Objective: List examples of network security best practices.
False
Question 28
A Security Technical Implementation Guide (STIGS) is a guideline, procedure, or recommendation
manual.
Correct!
True
Answer: A Page reference: 187 Objective: List examples of network security best practices.
False
Question 29
Training is less rigorous than awareness and more rigorous than education.
True
Correct!
False
Answer: B Page reference: 196-197 Objective: Compose a procedure for incident response.
Question 30
Single-factor authentication uses a single element of validation or verification to prove the identity of a
subject, and it is considered much stronger than multi-factor authentication.
True
Correct!
False
Answer: B Page reference: 185 Objective: List examples of network security best practices. I
Question 31
Trusted Platform Module (TPM) is a dedicated microchip found on some motherboards; it hosts and
protects the encryption key for whole hard drive encryption.
Correct!
True
Answer: A Page reference: 194 Objective: Compose a procedure for incident response.
False
Question 32
You should never assume that a service or protocol is secured by another layer or service.
Correct!
True
Answer: A Page reference: 201 Objective: Compose a procedure for incident response.
False
Question 33
Bricking occurs when an update process causes a complete failure of the security control.
Correct!
True
Answer: A Page reference: 203 Objective: Enumerate key components of an effective network security
installation.
False
Question 34
Security management is the ongoing process of evaluating security so that you can improve it.
True
Answer: B Page reference: 205 Objective: Describe the methods of network security assessment.
Correct!
False
Question 35
Penetration testing involves the application of hacking techniques, methodology, and tools, and ethical
security experts conduct penetration testing.
Correct!
True
Answer: A Page reference: 207 Objective: Describe the methods of network security assessment.
False
Question 36
A port-mortem assessment review is the self-evaluation performed by individuals and organizations
after each security assessment task.
Correct!
True
Answer: A Page reference: 208 Objective: Describe the methods of network security assessment.
False.
Question 37
You should wait at least a month before applying a patch or update from the vendor.
True
Correct!
False
Answer: B Page reference: 204 Objective: Enumerate key components of an effective network security
installation.
Question 38
Handling physical security attacks is the most important aspect of a security plan, as these types of
attacks pose the highest risks to the organization.
True
Answer: B Page reference: 190-191 Objective: Describe the importance of physical security.
Correct!
False
Question 39
It is a mistake to use remote system and device management mechanisms that are convenient but not
secure, such as telnet, HTTP, and FTP.
Correct!
True
Answer: A Page reference: 197 Objective: Compose a procedure for incident response.
False
Question 40
To write a comprehensive security policy, you should first inventory and examine the components of the
IT infrastructure.
Correct!
True
Answer: A Page reference: 183 Objective: List examples of network security best practices.
False
Question 1
0.6 out of 0.6 points
Which of the following refers to a communication pathway, circuit, or frequency
dedicated or reserved for a specific transmission?
Selected Answer:
Channel
Answers: Hardware VPN
Host-to-site VPN
Asymmetric cryptography
Channel
Question 2
0.6 out of 0.6 points
Which term describes a network, network link, or channel located between the
endpoints of a VPN?
Selected Answer:
Intermediary network
Answers: One-way function
Host-to-host network
Site-to-site network
Intermediary network
Question 3
0.6 out of 0.6 points
Which of the following characteristics describes an edge router?
Selected
Answer: The last device owned and controlled by an organization before an ISP
or telco connection
Answers:
The last device owned and controlled by an organization before an ISP
or telco connection
A form of VPN establishing a secure VPN over trusted VPN
connections
A form of cryptography in which each encryption key is used once
before being discarded
A security service that ensures that a sender cannot deny sending a
message
Question 4
0.6 out of 0.6 points
Which of the following refers to a form of IDS/IPS detection based on a recording of
real-world traffic as a baseline for normal?
Selected Answer:
Behavioral-based detection
Answers: Knowledge-based detection
Signature-based detection
Anomaly-based detection
Behavioral-based detection
Question 5
0.6 out of 0.6 points
Which name is given to a probability prediction based on statistics and historical
occurrences on the likelihood of how many times in the next year a threat is going to
cause harm?
Selected Answer:
Annualized rate of occurrence (ARO)
Answers: Tunnel mode encryption
Physical address
Closed source
Bots
Physical address
Question 8
0.6 out of 0.6 points
Which of the following refers to a network access control or admission control (NAC)
used on individual network access devices such as firewalls, VPN gateways, and
wireless routers to offload authentication to a dedicated authentication
server/service?
Selected Answer:
Port-based network access (admission) control (PNAC)
Answers:
Port-based network access (admission) control (PNAC)
Database-based detection
Management interface
Access control list (ACL)
Question 9
0.6 out of 0.6 points
Which name is given to a hacking technique used against static packet filtering
firewalls to discover the rules or filters controlling inbound traffic?
Selected Answer:
Firewalking
Answers: Filter
Signature-based detection
Firewalking
Database-based detection
Question 10
0.6 out of 0.6 points
Which term describes the cumulative value of an asset based on both tangible and
intangible values?
Selected Answer:
Asset value (AV)
Answers:
Asset value (AV)
Exposure factor (EF)
Single loss expectancy (SLE)
Packet
Question 11
0.6 out of 0.6 points
Which of the following describes an access control list (ACL)?
Selected
Answer: A mechanism that defines traffic or an event to apply an authorization
control of allow or deny against
Answers:
A mechanism that defines traffic or an event to apply an authorization
control of allow or deny against
An intrusion detection system/intrusion prevention system (IDS/ IPS)
based on a defined normal, often defined using rules similar to firewall
rules
An event that does not trigger an alarm but should have, due to the
traffic or event actually being abnormal and/or malicious
A form of IDS/IPS detection based on a collection of samples, patterns,
signatures, and so on
Question 12
0.6 out of 0.6 points
Which of the following is a malicious software program distributed by a hacker to take
control of a victim’s computers?
Selected Answer:
Agent
Answers: Sacrificial host
Client
Server
Agent
Question 13
0.6 out of 0.6 points
Which name is given to a VPN created between a client and a server either within the
same local network or across a WAN link or intermediary network to support secure
client interaction with the services of a resource host?
Selected Answer:
Client-to-server VPN
Answers: Site-to-site VPN
Software VPN
Client-to-server VPN
Keyspace
Question 14
0.6 out of 0.6 points
Which of the following terms describes hiding information from unauthorized third
parties?
Selected Answer:
Cryptography
Answers: Virtual Private Network (VPN)
Split tunnel
Cryptography
Authentication, Authorization, and Accounting (AAA) Services
Question 15
0.6 out of 0.6 points
Which term is used to describe a public-key cryptography-based mechanism for
proving the source (and possibly integrity) of a dataset or message?
Selected Answer:
Digital signature
Answers: Trusted third party
Symmetric cryptography
Algorithm
Digital signature
Question 16
0.6 out of 0.6 points
What is compression?
Selected
Answer: Removal of redundant or superfluous data or space to reduce the size of
a data set
Answers: A VPN used to grant outside entities access into a perimeter network;
used to host resources designated as accessible to a limited group of
external entities, such as business partners or suppliers, but not the
general public
A subset of asymmetric cryptography based on the use of key pair sets
The art and science of hiding information from unauthorized third parties
Question 18
0.6 out of 0.6 points
Which firewall has a network interface located in a unique network segment that
allows for true isolation of the segments and forces the firewall to filter all traffic
moving from one segment to another?
Selected Answer:
Dual-homed firewall
Answers: Appliance firewall
Software firewall
Dual-homed firewall
Triple-homed firewall
Question 19
0.6 out of 0.6 points
Which term describes encryption that protects the entire original IP packet’s header
and payload?
Selected Answer:
Tunnel mode encryption
Answers:
Tunnel mode encryption
Transport mode encryption
Cryptography
IP headers
Question 20
0.6 out of 0.6 points
Which of the following refers to a host firewall installed on a client or server?
Selected Answer:
Software firewall
Answers: Commercial firewall
Appliance firewall
Hardware firewall
Software firewall
Question 21
0.6 out of 0.6 points
Which term describes the calculation of the total loss potential across a year for a
given asset and a specific threat?
Selected Answer:
Annualized loss expectancy (ALE)
Answers:
Annualized loss expectancy (ALE)
Annualized rate of occurrence (ARO)
User Datagram Protocol (UDP)
Cost-benefit analysis
Question 22
0.6 out of 0.6 points
Which term is used to describe a firewall that is implemented via software?
Selected Answer:
Bump-in-the-stack
Answers: Risk assessment
Bump-in-the-stack
Hardware firewall
Screening router
Question 23
0 out of 0.6 points
Which of the following refers to encoding and decoding information using related but
different keys for each process?
Selected Answer:
Ciphertext
Answers: Digital certificate
Asymmetric cryptography
Ciphertext
Algorithm
Question 24
0.6 out of 0.6 points
Which of the following is a written expression of an item of concern (protocol, port,
service, application, user, IP address) and one or more actions to take when the item
of concern appears in traffic?
Selected Answer:
Filter
Answers: Management interface
Filter
Wirespeed
Round robin
Question 25
0.6 out of 0.6 points
Which of the following is not a protection against fragmentation attacks?
Selected Answer:
Using firewalking
Answers: Using IDS
Performing sender fragmentation
Using firewall filtering
Using firewalking
Question 26
0.6 out of 0.6 points
Which term describes a VPN created between two individual hosts across a local or
intermediary network?
Selected Answer:
Host-to-host VPN
Answers: VPN appliance
Host-to-host VPN
Hash
Site-to-site VPN
Question 27
0.6 out of 0.6 points
Which of the following refers to a software firewall installed on a client or server?
Selected Answer:
Host firewall
Answers:
Host firewall
Hardware firewall
Transport Layer (Layer 4)
Client
Question 28
0 out of 0.6 points
Which term describes encryption that protects only the original IP packet's payload?
Selected Answer:
Tunnel mode encryption
Answers: Tunnel mode encryption
Ciphertext
Identity proofing
Host VPN
Question 30
0.6 out of 0.6 points
Which of the following hands out tasks in a repeating non-priority sequence?
Selected Answer:
Round robin
Answers: Port-based network access (admission) control (PNAC)
Firewalking
Round robin
Alert
Question 31
0.6 out of 0.6 points
Which of the following characteristics relates to the term algorithm?
Selected
Answer: A set of rules and procedures—usually mathematical in nature—that can
define how the encryption and decryption processes operate
Answers: A hardware VPN device
A VPN created between two individual hosts across a local or
intermediary network
Used to connect a remote or mobile host into office network workstation
The top or seventh layer of the OSI model, which is responsible for
enabling communications with host software, including the operating
system
An entrance or exit point to a controlled space
The fifth layer of the OSI model, which manages the communication
channel
Question 34
0.6 out of 0.6 points
Which of the following describes optical carrier (OC)?
Selected
Answer: A network carrier line—often leased or dedicated—which uses fiber
optic cables for high-speed connections
Answers:
A network carrier line—often leased or dedicated—which uses fiber
optic cables for high-speed connections
The process of converting ciphertext back into plain text
A program used to control access to computer resources, enforce
policies, audit usage, and provide billing information
A set of rules and procedures, usually mathematical in nature
Question 35
0.6 out of 0.6 points
Which of the following can improve firewall performance?
Selected Answer:
Load balancing
Answers: Firewalking
Load balancing
Port-Based Network Access (Admission) Control (PNAC)
Wirespeed
Question 36
0.6 out of 0.6 points
Which term describes the act of working from a home, remote, or mobile location
while connecting into the employer’s private network, often using a VPN?
Selected Answer:
Telecommuting
Answers: Public key cryptography
Host-to-site VPN
Telecommuting
Scalability
Question 37
0.6 out of 0.6 points
On which of the following can you filter on because of the lack of encryption and
because filtering rules apply?
Selected Answer:
Transport mode header
Answers: Tunnel mode header
Alert
Anomaly-based Detection
Question 40
0.6 out of 0.6 points
Which of the following is not a consideration when placing firewalls on the network?
Selected Answer:
Where hackers are located
Answers: Structure of the network
Traffic patterns
Most likely access pathways
False negative
Deny by default/Allow by exception
Question 43
0.6 out of 0.6 points
What is anomaly-based detection?
Selected
Answer:
A form of intrusion detection system/intrusion prevention system (IDS/
IPS) based on a defined normal, often defined using rules similar to
firewall rules.
Answers: An event that does not trigger an alarm but should have because the
traffic or event is abnormal and/or malicious.
An event that triggers an alarm but should not have because the traffic or
event is benign.
A notification from a firewall that a specific event or packet was detected.
Dialer
Question 2
1.2 out of 1.2 points
Which of the following characteristics relates to enumeration?
Selected
Answer: The process of discovering sufficient details about a potential target to
learn about network or system vulnerabilities
Answers:
The process of discovering sufficient details about a potential target to
learn about network or system vulnerabilities
An application attack in which a hacker submits SQL expressions to
cause authentication bypass, extraction of data, planting of information,
or access to a command shell
A criminal whose objective is to compromise IT infrastructures
A logical division of data composed of one or more sectors on a hard
drive
Question 3
1.2 out of 1.2 points
What attack cracks a password or encryption key by trying all possible valid
combinations from a defined set of possibilities (a set of characters or hex values)?
Selected Answer:
Brute-force attack
Answers:
Brute-force attack
Hybrid attack
Dictionary password attack
Modeling
Question 4
1.2 out of 1.2 points
Which of the following describes advanced persistent threat (APT)?
Selected
Answer:
A network attack in which an unauthorized person gains access to a
network and stays there undetected for a long period of time. The purpose
of such an attack is to steal data, not to damage the network or
organization.
Answers:
A network attack in which an unauthorized person gains access to a
network and stays there undetected for a long period of time. The purpose
of such an attack is to steal data, not to damage the network or
organization.
A rogue program that automatically dials a modem to a pre-defined
number. Sometimes this is to download additional malware to the victim or
to upload stolen data from the victim. In other cases, the dialer calls
premium rate telephone numbers to rack up massive long distance
charges.
The act of a hacker changing the MAC address of the network interface.
The unused portion of the last cluster allocated to a stored file. It may
contain remnants of prior files stored in that location.
Question 5
1.2 out of 1.2 points
As an organization stretches beyond its capacity to support, sell, create, maintain,
respond, produce, and so on, small problems quickly become big problems. Which of
the following does not ensure long-term viability and stability for the business and
network security design?
Selected Answer:
Unlimited growth
Answers: Steady growth
Controlled growth
Planned growth
Unlimited growth
Question 6
1.2 out of 1.2 points
Which name is given to the information related to the owners and managers of a
domain name accessed through the domain registrar’s Web sites and Whois
lookups?
Selected Answer:
Domain registration
Answers:
Domain registration
National Institute of Standards and Technology (NIST)
USENET newsgroup
Wrapper
Question 7
1.2 out of 1.2 points
Which of the following describes a BYOD?
Selected
Answer:
A policy allowing or encouraging employees, contractors, and others to
connect their own computers, smartphones, and other devices to their
organization’s networks
Answers: An application-programming interface (API) developed by IBM in 1985 to
emulate NetBIOS on a token ring network
Question 11
1.2 out of 1.2 points
Gathering through eavesdropping on communications, whether encrypted or not, is
known as what?
Selected Answer:
Traffic and trend analysis
Answers: Encryption
Backups
Security Technical Implementation Guide (STIGS)
Question 14
1.2 out of 1.2 points
Which of the following describes a banner?
Selected
Answer:
A message sent by a service in response to a valid or invalid query. Its
function is to confirm communication is functioning properly or to
announce an error.
Answers:
A message sent by a service in response to a valid or invalid query. Its
function is to confirm communication is functioning properly or to
announce an error.
A form of unauthorized access to a system.
Persistent public messaging forums accessed over the NNTP (Network
News Transfer Protocol).
A variant of the UNIX operating system that is supported by Windows NT
4.0, but not subsequent version of Windows.
Question 15
0 out of 1.2 points
Which of the following describes awareness?
Selected
Answer: A dedicated microchip found on some motherboards that host and
protect the encryption key for whole hard drive encryption
Answers: A dedicated microchip found on some motherboards that host and
protect the encryption key for whole hard drive encryption
The third and highest level of obtaining security knowledge that leads to
career advancement
A security guideline, procedure, or recommendation manual
Question 16
1.2 out of 1.2 points
What prevents a hard drive from being read by another system if it is stolen/
Selected Answer:
Whole hard drive encryption
Answers:
Whole hard drive encryption
Host firewall
Antivirus scanner
Intrusion detection system (IDS)
Question 17
1.2 out of 1.2 points
Hackers can be deterred by defense methods that detect and evade. All of the
following are defense methods, except which one?
Selected Answer:
Botnet army
Answers: Honeypots
Firewalls
IDSs
Botnet army
Question 18
1.2 out of 1.2 points
Which name is given to an exploit that allows a hacker to run any command-line
function on a compromised system?
Selected Answer:
Arbitrary code execution
Answers: Command shell
Whois
Vulnerability scanning
Separation of duties
Question 20
0 out of 1.2 points
Which of the following describes a predefined procedure that will limit damage,
contain the spread of malicious content, stop the compromise of information, and
promptly restore the environment to a normal state?
Selected Answer:
Business continuity plan
Answers: Separation of duties
Question 22
1.2 out of 1.2 points
All of the following are advantages of a defense-in-depth security design except
which one?
Selected
Answer: Defense in depth keeps senior management out of the activities of the
security department.
Answers: Defense in depth avoids single points of failure.
Default deny
Default allow
Question 25
1.2 out of 1.2 points
Which attack uses a pre-constructed list of potential passwords or encryption keys?
Selected Answer:
Dictionary password attack
Answers: Piloting
Question 2
1.2 out of 1.2 points
Which of the following describes the principle that for an organization’s security policy
to be effective, everyone must be forced to work within it and follow its rules?
Selected Answer:
Universal participation
Answers:
Universal participation
Diversity of defense
General purpose OS
Bastion host OS
Question 3
0 out of 1.2 points
When troubleshooting firewalls, which of the following is not something you should do
after you attempt a fix?
Selected Answer:
Reverse or undo solution failures.
Answers:
Make multiple fixes.
Repeat the failure.
Test after each attempt.
Reverse or undo solution failures.
Question 4
1.2 out of 1.2 points
It's important to evaluate the purpose and content of your firewall policy. Which of the
following is not an evaluation method?
Selected
Answer: Determine how to write a policy that is as short as possible to avoid
confusion.
Answers: Define the software and hardware options that will be used to adopt
the policy.
Determine the features necessary for the infrastructure's network
communications.
Determine how to write a policy that is as short as possible to avoid
confusion.
Order the rules properly to use the least numbers of rules.
Question 5
1.2 out of 1.2 points
There are six steps for writing a security incident response plane. Which of the
following is not a step?
Selected Answer:
Report
Answers: Detection
Containment
Eradication
Report
Question 6
1.2 out of 1.2 points
Which of the following is a double-blind encapsulation system that enables
anonymous but not encrypted Internet communications?
Selected Answer:
TOR (The Onion Router)
Answers:
TOR (The Onion Router)
Cryptcat
Back Orifice
Remote Desktop Protocol (RDP) and Remote Assistance
Question 7
1.2 out of 1.2 points
Which of the following is an operating system built exclusively to run on a bastion
host device?
Selected Answer:
Proprietary OS
Answers:
Proprietary OS
General OS
Reverse proxy
Appliance firewall
Question 8
1.2 out of 1.2 points
Which of the following is a dedicated hardware device that functions as a black-box
sentry?
Selected Answer:
Appliance firewall
Answers: Fail-safe
Reverse proxy firewall
Proxy firewall
Appliance firewall
Question 9
1.2 out of 1.2 points
Which of the following forces all traffic, communications, and activities through a
single pathway or channel that can be used to control bandwidth consumption, filter
content, provide authentication services, or enforce authorization.
Selected Answer:
Chokepoint
Answers: Fail-safe
Chokepoint
Fail-secure
Reverse proxy
Question 10
1.2 out of 1.2 points
Which of the following describes a general purpose OS?
Selected
Answer:
An operating system such as Windows or Linux that can support a wide
variety of purposes and functions, but which, when used as a bastion
host OS, must be hardened and locked down
Answers: An operating system that supports only firewall functions
An operating system that does not support firewall functions
A means of providing faster access to static content for external users
accessing internal Web servers
Filter-free
Fail-safe
Question 12
0 out of 1.2 points
Which of the following is not a commonsense element of troubleshooting firewalls?
Selected Answer:
Isolate problems.
Answers: Focus on the most critical issues first.
Isolate problems.
Question 13
1.2 out of 1.2 points
All of the following are disadvantages of the build-it-yourself firewall, but one is an
advantage. Which of the following is an advantage?
Selected Answer:
Cost
Cost
Question 14
1.2 out of 1.2 points
Which of the following is a malicious remote control tool?
Selected Answer:
NetBus
Answers:
NetBus
Remote Desktop Protocol (RDP) and Remote Assistance
Cryptcat
Loki
Question 15
1.2 out of 1.2 points
If the process of creating rules requires a significant number of special exceptions to
modify or
adjust ranges of addresses or ports, what should you do?
Selected
Answer: Consider reconfiguring the network rather than using a too complex or
too long rule set.
Answers: Use a more complex rule set.
Question 17
1.2 out of 1.2 points
Which of the following does port forwarding support?
Selected Answer:
Any service on any port
Answers:
Any service on any port
Caching
Encryption endpoint
Load balancing
Question 18
1.2 out of 1.2 points
Which of the following is a centralized logging service that hosts a duplicate copy of
log files?
Selected Answer:
Syslog
Answers: Nessus
Netcat
Syslog
Backtrack
Question 19
1.2 out of 1.2 points
Which of the following command-line tools will list the current open, listening, and
connection
sockets on a system as well as the service related to each socket?
Selected Answer:
Fport
Answers: TCPView
Fport
Netstat
Nmap
Question 20
1.2 out of 1.2 points
Examples of users purposefully avoiding or violating security—that is, not actively
supporting and participating in security—include all of the following except which
one?
Selected Answer:
Setting strong passwords
Answers: Using proxy tools to get around firewalls
Using personal equipment
Sharing accounts with other employees
Question 24
0 out of 1.2 points
Which of the following is not a common reason for deploying a reverse proxy?
Selected Answer:
Reverse caching
Answers: Reverse caching
Security
Time savings
Encryption
Question 25
1.2 out of 1.2 points
Which of the following creates TCP and UDP network connections to or from any
port?
Selected Answer:
Netcat
Answers: Cryptcat
Back Orifice
SubSeven
Netcat
Question 1
0.75 out of 0.75 points
Which of the following refers to any product that appears in a vendor’s PowerPoint
slide deck, but is not yet available in one of its products?
Selected Answer:
Slideware
Answers: Anonymity
Hairpinning
Service level agreement (SLA)
Slideware
Question 2
0.75 out of 0.75 points
Which layer of the OSI model is the Data Link Layer?
Selected Answer:
Layer 2
Answers: Layer 1
Layer 2
Layer 3
Layer 4
Question 3
0 out of 0.75 points
Which type of architecture recognizes that the VPN is vulnerable to attack if placed
directly in the Internet, and therefore places the Internet-facing VPN connection
behind a firewall?
Selected Answer:
Internally connected architecture
Answers: Two-factor architecture
Internally connected architecture
Bypass architecture
DMZ architecture
Question 4
0 out of 0.75 points
Although it provides a mechanism for creating tunnels through an IP network, which
of the following does not provide a mechanism for encrypting the data being
tunneled?
Selected Answer:
Layer 2 Tunneling Protocol (L2TP)
Answers:
Point-to-Point Protocol (PPP)
Authentication Header (AH)
Layer 2 Tunneling Protocol (L2TP)
Encapsulating Security Payload (ESP)
Question 5
0.75 out of 0.75 points
Which of the following can affect the stability of a VPN deployment?
Selected Answer:
Software version
Answers: Topology
Encryption level
Traffic
Software version
Question 6
0.75 out of 0.75 points
Which of the following refers to a protocol that provides integrity protection for packet
headers and data, as well as user authentication?
Selected Answer:
Authentication Header (AH)
Answers: Point-to-Point Tunneling Protocol (PPTP)
Request for Comments (RFC)
Vulnerability management
Hairpinning
Question 8
0.75 out of 0.75 points
Which of the following refers to a network protocol that is a method for secure remote
logon and other secure network services over a public network?
Selected Answer:
Secure Shell (SSH)
Answers: Point-to-Point Protocol (PPP)
Question 14
0.75 out of 0.75 points
Which of the following refers to an early communications protocol that competed with
Point-to-Point Tunneling Protocol?
Selected Answer:
Layer 2 Forwarding (L2F) Protocol
Answers: Point-to-Point Tunneling Protocol (PPTP)
Layer 2 Tunneling Protocol (L2TP)
Question 16
0.75 out of 0.75 points
Which of the following represents a standards-based protocol suite designed
specifically for securing Internet Protocol communications?
Selected Answer:
Internet Protocol Security (IPSec)
Answers: Authentication Header (AH)
Tunnel mode
Transport mode
Low cost
Access to vendor support
Question 18
0.75 out of 0.75 points
What is meant by internet Engineering Task Force (IETF)?
Selected
Answer: The standards body for Internet-related engineering specifications
Answers: An early proprietary protocol from Microsoft
An older protocol largely replaced by IPSec and SSL/ TLS-based VPNs
in production environments, but still in use in some older environments
A protocol that provides integrity protection for packet headers and data,
as well as user authentication
Platform Independence
Question 20
0.75 out of 0.75 points
Which of the following describes anonymity?
Selected
Answer: The capability for a network or system user to remain unknown
Answers:
The capability for a network or system user to remain unknown
A process by which malicious code can enter from a non-secure network,
and make a hairpin, or sharp turn and enter a secure network with little or
no trouble because it is entering from a secure and verified endpoint
An industry term referring to any product that appears in a vendor’s
PowerPoint slide deck, but is not yet available in one of its products
Question 21
0 out of 0.75 points
Which term is describes the second core IPSec security protocol; it can perform
authentication to provide integrity protection, although not for the outermost IP
header?
Selected Answer:
Point-to-Point Tunneling Protocol (PPTP)
Answers: Point-to-Point Protocol (PPP)
Layer 2 Forwarding (L2F) Protocol
Point-to-Point Tunneling Protocol (PPTP)
Two-factor authentication
Hairpinning
Anonymity
Question 24
0 out of 0.75 points
Which section of the VPN policy should be as specific as possible, leaving little open
to interpretation?
Selected Answer:
Summary
Answers:
Policy
Optional elements
Summary
Roles and responsibilities
Question 25
0 out of 0.75 points
Which of the following is one of the easiest ways to compromise a VPN?
Selected Answer:
Compromising VPN availability
Answers: Compromising VPN availability
Question 26
0.75 out of 0.75 points
The next generation IP version and successor to IPv4 is called what?
Selected Answer:
IPv6
Answers: IPv5
IPv6
IANA
SSL
Question 27
0.75 out of 0.75 points
Which type of architecture deploys the VPN so that traffic to and from the VPN is not
firewalled?
Selected Answer:
Bypass architecture
Answers: Internally connected architecture
Bypass architecture
DMZ architecture
Two factor architecture
Question 28
0.75 out of 0.75 points
Which section of the VPN policy describes the systems, networks, or people covered
by the policy?
Selected Answer:
Scope
Answers: Introduction
Policy
Scope
Purpose
Question 29
0 out of 0.75 points
Which of the following is commonly used with an authentication header to provide
both confidentiality and integrity protection for communications?
Selected Answer:
Point-to-Point Protocol (PPP)
Answers: Internet Key Exchange (IKE)
Layer 2 Forwarding (L2F)
Anonymity
Security
Denial of service
Question 31
0.75 out of 0.75 points
Which term describes an early proprietary protocol from Microsoft?
Selected Answer:
Point-to-Point Tunneling Protocol (PPTP)
Answers: Authentication Header (AH)
Layer 2 Forwarding (L2F) Protocol
Internet Engineering Task Force (IETF)
Point-to-Point Tunneling Protocol (PPTP)
Question 32
0 out of 0.75 points
Which of the following should specifically be included in the organizations VPN
solution?
Selected Answer:
Types of VPN connections supported
Answers:
The prohibiting of split tunneling
Encouraging shared VPN credentials
Types of VPN connections supported
How scalable the VPN is
Question 33
0 out of 0.75 points
When determining the number of users affected by a VPN problem, which
troubleshooting step is being performed?
Selected Answer:
Identifying the symptoms
Answers:
Determining scope
Identifying the symptoms
Looking for changes
Calling the vendor
Question 34
0 out of 0.75 points
Which of the following is most likely to occur in the VPN?
Selected Answer:
VPN server attack
Answers: Denial of service attack
VPN server attack
Client attack
Remote access attack
Question 35
0.75 out of 0.75 points
Which term describes a process by which malicious code can enter from a non-
secure network, and make a hairpin, or sharp turn, and enter a secure network with
little or no trouble because it is entering from a secure and verified endpoint?
Selected Answer:
Hairpinning
Answers:
Hairpinning
Anonymity
Slideware
Service Level Agreement (SLA)
Question 36
0.75 out of 0.75 points
Which of the following describes Layer 2 Tunneling Protocol (L2TP)?
Selected
Answer:
An older protocol largely replaced by IPSec and SSL/ TLS-based VPNs
in production environments, but still in use in some older environments
Answers: The standards body for Internet-related engineering specifications
DMZ architecture
Question 40
0 out of 0.75 points
Which of the following is one of the most common and easily exploited vulnerabilities
on any hardware network device?
Selected Answer:
Insecure default configuration
Answers: Insecure default configuration
Misconfiguration by the installer
Undistributed authentication credentials
Default password
Question 1
0.75 out of 0.75 points
What term describes a small text file used by Web browsers and servers to track
Web sessions?
Selected Answer:
Cookie filter
Answers: Web-based service
Web browser
Popup blocker
Cookie filter
Question 2
0.75 out of 0.75 points
Which of the following characteristics relates to Kerberos?
Selected
Answer:
A computer network authentication protocol that allows nodes
communicating over a non-secure network to prove their identity to one
another in a secure manner
Answers:
A computer network authentication protocol that allows nodes
communicating over a non-secure network to prove their identity to one
another in a secure manner
A public interest research group in Washington, D.C., established in 1994
to focus public attention on emerging civil liberties issues and to protect
privacy, the First Amendment, and Constitutional values in the information
age
A round-robin database tool intended to handle time-series data like
network bandwidth, temperatures, CPU load, and so on.
Dynamic random access memory (DRAM) that has a synchronous
interface
Question 3
0.75 out of 0.75 points
Which of the following characteristics relates to a common Gateway Interface (CGI)
script?
Selected
Answer: A standard that defines how Web server software can delegate the
generation of Web pages to a console application.
Answers:
A standard that defines how Web server software can delegate the
generation of Web pages to a console application.
A computer network authentication protocol that allows nodes
communicating over a non-secure network to prove their identity to one
another in a secure manner
A public interest research group in Washington, D.C., established in 1994
to focus public attention on emerging civil liberties issues and to protect
privacy, the First Amendment, and Constitutional values in the information
age
A round-robin database tool intended to handle time-series data such as
network bandwidth, temperatures, CPU load, and so on
Question 4
0.75 out of 0.75 points
What must be enabled to test SmoothWall’s capability to mitigate attacks?
Selected Answer:
Snort intrusion detection software
Answers: open SSH
SQUID
Ping
Performance
Question 12
0.75 out of 0.75 points
Which of the following refers to a database tool intended to handle time-series data,
such as network bandwidth, temperatures, CPU load, and so on?
Selected Answer:
RRDtool (Round-Robin Database Tool)
Answers: TCPdump
Orange
Red
Question 14
0.75 out of 0.75 points
The degree to which a firewall can impose user access restrictions is known as which
of the following?
Selected Answer:
Privilege control
Answers: Security assurance
Privilege control
Authentication
Audit capabilities
Question 15
0.75 out of 0.75 points
In addition to providing network security, organizations must address what other type
of security issue?
Selected Answer:
Transaction security
Answers:
Transaction security
Protocol security
Hard disk security
Database security
Question 16
0.75 out of 0.75 points
Which of the following outbound ports is for HTTPS?
Selected Answer:
Port 443
Answers: Port 25
Port 53
Port 80
Port 443
Question 17
0.75 out of 0.75 points
Which one of the following is not a commercial hot firewall option available for Linux?
Selected Answer:
Kaspersky Internet Security
Answers: SmoothWall
IPFire
Port 53
Port 80
Port 110
Question 21
0 out of 0.75 points
Which of the following is a closed-source product?
Selected
Answer: One that is commercial
Answers: One that is non-commercial
One where the source code cannot be obtained and view by just
anyone
One where the source code can be obtained and viewed by anyone
One that is commercial
Question 22
0 out of 0.75 points
Which of the following is not an ISP connection?
Selected Answer:
Satellite
Answers: Cable
Satellite
pfSense
DSL
Question 23
0.75 out of 0.75 points
Which of the following describes any harmful code or site that depends upon the
user’s actions to be accessed or activated?
Selected Answer:
Passive threat
Answers: Native firewall
Active threat
Passive threat
Cookie filter
Question 24
0 out of 0.75 points
Which of the following is a popular open source intrusion detection system that runs
on SmoothWall??
Selected Answer:
Common Gateway Interface (CGI) script
Answers: Synchronous Dynamic Random Access Memory (SDRAM)
Kerberos
Common Gateway Interface (CGI) script
Snort
Question 25
0 out of 0.75 points
Which of the following describes a native firewall?
Selected
Answer: Windows 7 host software firewall
Answers: A small text file used by Web browsers and servers to track Web
sessions
512 MB PC SDRAM
Question 27
0.75 out of 0.75 points
Which of the following is not one way to handle the reset button for devices?
Selected Answer:
Depressing the button of ten to test it
Answers: Consulting the user manual for instructions
One where the source code cannot be obtained and view by just
anyone
One where the source code can be obtained and viewed by anyone
One that is commercial
Question 29
0.75 out of 0.75 points
Which of the following will track every single connection outside the Web by IP
address and URL?
Selected Answer:
Proxy server
Answers: Clipper Chip
National Security Agency
Proxy server
Electronic Privacy Information Center
Question 30
0.75 out of 0.75 points
What term is used to describe a chipset developed and promoted by the U.S.
government from 1993 to 1996 as an encryption device to be adopted by
telecommunications companies for voice transmission?
Selected Answer:
Clipper Chip
Answers: Synchronous Dynamic Random Access Memory (SDRAM)
Clipper Chip
Kerberos
National Information Infrastructure (NII)
Question 31
0.75 out of 0.75 points
If an external server needs to communicate with servers inside the green zone, which
network setting on SmoothWall can be opened?
Selected Answer:
DMZ pinholes
Answers: Port forwarding
PPP settings
DMZ pinholes
IP block
Question 32
0.75 out of 0.75 points
Which of the following will generate a graph of network traffic every five minutes on a
firewall?
Selected Answer:
RRDtool
Answers: Asymmetric Digital Subscriber Line (ADSL)
TCPdump
RRDtool
DDNS
Question 33
0.75 out of 0.75 points
Which of the following refers to a public interest research group in Washington, D.C.
that was established in 1994 to preserve the right of privacy in the electronic age as
well as to give individuals greater control over personal information?
Selected Answer:
Electronic Privacy Information Center (EPIC)
Answers: National Security Agency (NSA)
CERN
National Information Infrastructure (NII)
One where the source code can be obtained and viewed by anyone
One that is commercial
Question 38
0.75 out of 0.75 points
Which of the following does not address passive threats?
Selected Answer:
Active threats
Answers: Pop-up blockers
Cookie filters
Malicious site managers
Active threats
Question 39
0.75 out of 0.75 points
Which type of software is closed-sourced to protect intellectual property and allow
vendors to charge for the product?
Selected Answer:
Commercial
Answers: Non-commercial
Open source
Free software
Commercial
Question 40
0.75 out of 0.75 points
Which of the following is a form of threat that takes some type of initiative to seek out
a target to compromise?
Selected Answer:
Active threat
Answers: Native firewall
Passive threat
Active threat
Cookie
Question 1
0.6 out of 0.6 points
Which term describes the act of working from a home, remote, or mobile location while
connecting into the employer’s private network, often using a VPN?
Selected Answer:
Telecommuting
Answers: Public key cryptography
Host-to-site VPN
Telecommuting
Scalability
Question 2
0 out of 0.6 points
Which term describes encryption that protects only the original IP packet's payload?
Selected Answer:
Tunnel mode encryption
Answers: Tunnel mode encryption
Filter
Wirespeed
Round robin
Question 6
0.6 out of 0.6 points
Which term describes a network, network link, or channel located between the
endpoints of a VPN?
Selected Answer:
Intermediary network
Answers: One-way function
Host-to-host network
Site-to-site network
Intermediary network
Question 7
0.6 out of 0.6 points
Which of the following can improve firewall performance?
Selected Answer:
Load balancing
Answers: Firewalking
Load balancing
Port-Based Network Access (Admission) Control (PNAC)
Wirespeed
Question 8
0.6 out of 0.6 points
Which of the following is a technique for storing or copying log events to a centralized
logging server?
Selected Answer:
Syslog
Answers:
Syslog
Write-once read-many (WORM) storage
Unified Threat Management (UTM)
Firewall logging
Question 9
0.6 out of 0.6 points
Which of the following refers to a form of IDS/IPS detection based on a collection of
samples, patterns, signatures, and so on stored in a database of known malicious
traffic and events? All traffic or events that match an item in the database are
considered abnormal and potentially malicious.
Selected Answer:
Database-based detection
Answers:
Database-based detection
Firewalking
Anomaly-based detection
False Positive
Question 10
0.6 out of 0.6 points
Which name is given to a probability prediction based on statistics and historical
occurrences on the likelihood of how many times in the next year a threat is going to
cause harm?
Selected Answer:
Annualized rate of occurrence (ARO)
Answers: Tunnel mode encryption
Physical address
Question 12
0.6 out of 0.6 points
Which of the following describes fair queuing?
Selected
Answer: A technique of load balancing that operates by sending the next transaction
to the firewall with the least current workload.
Answers:
A technique of load balancing that operates by sending the next transaction
to the firewall with the least current workload.
An event that triggers an alarm but should not have because the traffic or
event actually is benign.
A form of IDS/IPS detection based on a collection of samples, patterns,
signatures, and so on.
A written expression of an item of concern (protocol, port, service,
application, user, and IP address) and one or more actions to take when
the item of concern appears in traffic.
Question 13
0.6 out of 0.6 points
Which term describes a VPN created between two individual hosts across a local or
intermediary network?
Selected Answer:
Host-to-host VPN
Answers: VPN appliance
Host-to-host VPN
Hash
Site-to-site VPN
Question 14
0.6 out of 0.6 points
Which term is used to describe a public-key cryptography-based mechanism for
proving the source (and possibly integrity) of a dataset or message?
Selected Answer:
Digital signature
Answers: Trusted third party
Symmetric cryptography
Algorithm
Digital signature
Question 15
0.6 out of 0.6 points
Which of the following refers to a communication pathway, circuit, or frequency
dedicated or reserved for a specific transmission?
Selected Answer:
Channel
Answers: Hardware VPN
Host-to-site VPN
Asymmetric cryptography
Channel
Question 16
0.6 out of 0.6 points
Which term describes encryption that protects the entire original IP packet’s header
and payload?
Selected Answer:
Tunnel mode encryption
Answers:
Tunnel mode encryption
Transport mode encryption
Cryptography
IP headers
Question 17
0.6 out of 0.6 points
Ingress and egress filtering can expand beyond protection against spoofing and
include a variety of investigations on inbound and outbound traffic. Which of the
following is not one of the ways ingress and egress filtering expand beyond protection
against spoofing?
Selected
Answer: Dynamic packet filtering
Answers:
Dynamic packet filtering
Blacklist and whitelist filtering
Protocol and port blocking
Confirmation of authentication or authorization before communications
continue
Question 18
0.6 out of 0.6 points
Which term refers to a type of business telephone network?
Selected Answer:
Private Branch Exchange (PBX)
Answers:
Private Branch Exchange (PBX)
Host-to-site VPN
Rekeying
Virtual private network (VPN)
Question 19
0.6 out of 0.6 points
Which of the following characteristics describes an edge router?
Selected
Answer: The last device owned and controlled by an organization before an ISP or
telco connection
Answers:
The last device owned and controlled by an organization before an ISP or
telco connection
A form of VPN establishing a secure VPN over trusted VPN connections
A form of cryptography in which each encryption key is used once before
being discarded
A security service that ensures that a sender cannot deny sending a
message
Question 20
0.6 out of 0.6 points
Which of the following terms describes hiding information from unauthorized third
parties?
Selected Answer:
Cryptography
Answers: Virtual Private Network (VPN)
Split tunnel
Cryptography
Authentication, Authorization, and Accounting (AAA) Services
Question 21
0.6 out of 0.6 points
Which of the following characteristics describes the application layer?
Selected
Answer:
The top or seventh layer of the OSI model, which is responsible for
enabling communications with host software, including the operating
system
Answers: The sixth layer of the OSI model, which translates the data received from
the host software into a format acceptable to the network
The top or seventh layer of the OSI model, which is responsible for
enabling communications with host software, including the operating
system
An entrance or exit point to a controlled space
The fifth layer of the OSI model, which manages the communication
channel
Question 22
0.6 out of 0.6 points
Which of the following refers to a type of firewall that filters on a specific application’s
content and session information?
Selected Answer:
Application firewall
Answers: Circuit firewall
Hardware firewall
Application firewall
Stateful inspection
Question 23
0.6 out of 0.6 points
Which of the following refers to an event that does not trigger an alarm but should
have, due to the traffic or event actually being abnormal and/or malicious?
Selected Answer:
False negative
Answers: False positive
Round robin
False negative
Deny by default/Allow by exception
Question 24
0.6 out of 0.6 points
Which term describes a security stance that prevents all communications except those
enabled by specific allow exceptions?
Selected Answer:
Deny by default/Allow by exception
Answers: Syslog
Client-to-server VPN
Keyspace
Question 29
0.6 out of 0.6 points
Which name is given to a form of filtering that focuses on traffic content?
Selected Answer:
Content filtering
Answers: Stateful inspection filtering
Static filtering
Content filtering
Application gateway
Question 30
0.6 out of 0.6 points
Which of the following refers to a type of software product that is pre-compiled and
whose source code is undisclosed?
Selected Answer:
Closed source
Answers: Circuit
Closed source
Bots
Physical address
Question 31
0.6 out of 0.6 points
Which of the following hands out tasks in a repeating non-priority sequence?
Selected Answer:
Round robin
Answers: Port-based network access (admission) control (PNAC)
Firewalking
Round robin
Alert
Question 32
0.6 out of 0.6 points
Which of the following describes dynamic packet filtering?
Selected
Answer:
A process that automatically creates temporary filters. In most cases, the
filters allow inbound responses to previous outbound requests.
Answers: An entrance or exit point to a controlled space
The function of routing traffic from an external source received on a specific
pre-defined IP address and port combination (also known as a socket) to an
internal resource server.
A process that translates internal addresses into external addresses
Firewalking
Database-based detection
Question 34
0.6 out of 0.6 points
Which of the following describes an access control list (ACL)?
Selected
Answer: A mechanism that defines traffic or an event to apply an authorization
control of allow or deny against
Answers:
A mechanism that defines traffic or an event to apply an authorization
control of allow or deny against
An intrusion detection system/intrusion prevention system (IDS/ IPS) based
on a defined normal, often defined using rules similar to firewall rules
An event that does not trigger an alarm but should have, due to the traffic
or event actually being abnormal and/or malicious
A form of IDS/IPS detection based on a collection of samples, patterns,
signatures, and so on
Question 35
0.6 out of 0.6 points
Which firewall product is designed for larger networks?
Selected Answer:
Commercial firewalls
Answers:
Commercial firewalls
Personal firewalls
Sessions
Appliance firewalls
Question 36
0.6 out of 0.6 points
Which firewall has a network interface located in a unique network segment that allows
for true isolation of the segments and forces the firewall to filter all traffic moving from
one segment to another?
Selected Answer:
Dual-homed firewall
Answers: Appliance firewall
Software firewall
Dual-homed firewall
Triple-homed firewall
Question 37
0.6 out of 0.6 points
Which term describes the seemingly random and unusable output from a
cryptographic function applied to original data?
Selected Answer:
Ciphertext
Answers: Dedicated leased line
Ciphertext
Identity proofing
Host VPN
Question 38
0.6 out of 0.6 points
Which of the following is not a protection against fragmentation attacks?
Selected Answer:
Using firewalking
Answers: Using IDS
Performing sender fragmentation
Using firewall filtering
Using firewalking
Question 39
0.6 out of 0.6 points
Which of the following describes an appliance firewall?
Selected
Answer: A hardened hardware firewall
Answers: The process of automatically created temporary filters. In most cases, the
filters allow inbound responses to previous outbound requests.
Management interface
Signature
Question 41
0.6 out of 0.6 points
Which of the following is not a consideration when placing firewalls on the network?
Selected Answer:
Where hackers are located
Answers: Structure of the network
Traffic patterns
Most likely access pathways
Asymmetric cryptography
Ciphertext
Algorithm
Question 43
0.6 out of 0.6 points
Which of the following describes optical carrier (OC)?
Selected
Answer: A network carrier line—often leased or dedicated—which uses fiber optic
cables for high-speed connections
Answers:
A network carrier line—often leased or dedicated—which uses fiber optic
cables for high-speed connections
The process of converting ciphertext back into plain text
A program used to control access to computer resources, enforce policies,
audit usage, and provide billing information
A set of rules and procedures, usually mathematical in nature
Question 44
0.6 out of 0.6 points
Which of the following describes write-once read-many (WORM)?
Selected
Answer: A storage device that can be written to once, but once written cannot be
electronically altered
Answers: A mechanism defining traffic or an event to apply an authorization control of
allow or deny against
A storage device that can be written to once, but once written cannot be
electronically altered
A form of network access control or admission control (NAC) used on
individual network access devices, such as firewalls, VPN gateways, and
wireless routers
A form of IDS/IPS detection based on a recording of real-world traffic as a
baseline for normal
Question 45
0.6 out of 0.6 points
Which of the following refers to a software firewall installed on a client or server?
Selected Answer:
Host firewall
Answers:
Host firewall
Hardware firewall
Transport Layer (Layer 4)
Client
Question 46
0.6 out of 0.6 points
Which term is used to describe a firewall that is implemented via software?
Selected Answer:
Bump-in-the-stack
Answers: Risk assessment
Bump-in-the-stack
Hardware firewall
Screening router
Question 47
0.6 out of 0.6 points
Which name is given to an entrance or exit point to a controlled space?
Selected Answer:
Gateway
Answers: Physical layer (Layer 1)
Cost/Benefit Analysis
Network layer (Layer 3)
Gateway
Question 48
0.6 out of 0.6 points
Which of the following refers to a form of encryption also known as point-to-point or
host-to-host encryption?
Selected Answer:
Transport mode encryption
Answers: Hardware firewall
Circuit firewall
Transport mode encryption
Tunnel mode encryption
Question 49
0 out of 0.6 points
On which of the following can you filter on because of the lack of encryption and
because filtering rules apply?
Selected Answer:
Encrypted data packets
Answers: Tunnel mode header
Question 2
1.2 out of 1.2 points
All of the following are advantages of a defense-in-depth security design except which
one?
Selected
Answer: Defense in depth keeps senior management out of the activities of the
security department.
Answers: Defense in depth avoids single points of failure.
Unlimited growth
Question 5
1.2 out of 1.2 points
Hackers can be deterred by defense methods that detect and evade. All of the
following are defense methods, except which one?
Selected Answer:
Botnet army
Answers: Honeypots
Firewalls
IDSs
Botnet army
Question 6
1.2 out of 1.2 points
Which of the following describes a BYOD?
Selected
Answer:
A policy allowing or encouraging employees, contractors, and others to
connect their own computers, smartphones, and other devices to their
organization’s networks
Answers: An application-programming interface (API) developed by IBM in 1985 to
emulate NetBIOS on a token ring network
Question 9
1.2 out of 1.2 points
Which name is given to the information related to the owners and managers of a
domain name accessed through the domain registrar’s Web sites and Whois lookups?
Selected Answer:
Domain registration
Answers:
Domain registration
National Institute of Standards and Technology (NIST)
USENET newsgroup
Wrapper
Question 10
1.2 out of 1.2 points
What prevents a hard drive from being read by another system if it is stolen/
Selected Answer:
Whole hard drive encryption
Answers:
Whole hard drive encryption
Host firewall
Antivirus scanner
Intrusion detection system (IDS)
Question 11
1.2 out of 1.2 points
Which of the following characteristics relates to a distributed Denial of Service (DDoS)
attack?
Selected
Answer: An attack that uses multiple remotely controlled software agents
disseminated across the Internet
Answers: The information related to the owners and managers of a domain name
accessed through the domain registrar’s Web sites and Whois lookups
An advancement of keystroke logging to monitor and record many other
user activities
Answers: A dedicated microchip found on some motherboards that host and protect
the encryption key for whole hard drive encryption
The third and highest level of obtaining security knowledge that leads to
career advancement
A security guideline, procedure, or recommendation manual
Question 13
1.2 out of 1.2 points
Checking authentication, checking authorization and access control, auditing systems,
and verifying firewalls and other filters should all be included on which of the following?
Selected Answer:
A logical security checklist
Question 14
1.2 out of 1.2 points
Which attack uses a pre-constructed list of potential passwords or encryption keys?
Selected Answer:
Dictionary password attack
Answers: Piloting
Dictionary password attack
Brute-force attack
Hybrid attack
Question 15
1.2 out of 1.2 points
Which name is given to a rogue program that automatically dials a modem to a pre-
defined number to auto-download additional malware to the victim or to upload stolen
data from the victim?
Selected Answer:
Dialer
Answers: Adware
Sector
Spyware
Dialer
Question 16
1.2 out of 1.2 points
Which of the following characteristics relates to enumeration?
Selected
Answer: The process of discovering sufficient details about a potential target to learn
about network or system vulnerabilities
Answers:
The process of discovering sufficient details about a potential target to learn
about network or system vulnerabilities
An application attack in which a hacker submits SQL expressions to cause
authentication bypass, extraction of data, planting of information, or access
to a command shell
A criminal whose objective is to compromise IT infrastructures
A logical division of data composed of one or more sectors on a hard drive
Question 17
1.2 out of 1.2 points
Which of the following creates copies of data on other storage media?
Selected Answer:
Backups
Answers: Fail-Open
Honeynets
Backups
Security Technical Implementation Guide (STIGS)
Question 18
1.2 out of 1.2 points
Which of the following describes advanced persistent threat (APT)?
Selected
Answer:
A network attack in which an unauthorized person gains access to a network
and stays there undetected for a long period of time. The purpose of such an
attack is to steal data, not to damage the network or organization.
Answers:
A network attack in which an unauthorized person gains access to a network
and stays there undetected for a long period of time. The purpose of such an
attack is to steal data, not to damage the network or organization.
A rogue program that automatically dials a modem to a pre-defined number.
Sometimes this is to download additional malware to the victim or to upload
stolen data from the victim. In other cases, the dialer calls premium rate
telephone numbers to rack up massive long distance charges.
The act of a hacker changing the MAC address of the network interface.
The unused portion of the last cluster allocated to a stored file. It may
contain remnants of prior files stored in that location.
Question 19
1.2 out of 1.2 points
Which of the following describes a predefined procedure that will limit damage, contain
the spread of malicious content, stop the compromise of information, and promptly
restore the environment to a normal state?
Selected Answer:
Incident response plan
Answers: Separation of duties
Question 20
0 out of 1.2 points
Contract workers place a higher risk on the organization for all of the following
reasons, except which one represent a greater risk?
Selected Answer:
They are not full-time regular employees and might lack loyalty.
Answers: They are not full-time regular employees and might lack loyalty.
They are more likely to compromise the organization.
Vulnerability scanning
Separation of duties
Question 22
1.2 out of 1.2 points
Which name is given to an exploit that allows a hacker to run any command-line
function on a compromised system?
Selected Answer:
Arbitrary code execution
Answers: Command shell
Whois
Question 24
1.2 out of 1.2 points
What term is used to describe a tactic of pursuing and extracting information for the
purpose of making a sale or performing a social engineering attack?
Selected Answer:
Cold calling
Answers:
Cold calling
Privilege escalation
Proxy manipulation
Recreational hacker
Question 25
1.2 out of 1.2 points
Which of the following describes a banner?
Selected
Answer:
A message sent by a service in response to a valid or invalid query. Its
function is to confirm communication is functioning properly or to announce
an error.
Answers:
A message sent by a service in response to a valid or invalid query. Its
function is to confirm communication is functioning properly or to announce
an error.
A form of unauthorized access to a system.
Persistent public messaging forums accessed over the NNTP (Network
News Transfer Protocol).
A variant of the UNIX operating system that is supported by Windows NT
4.0, but not subsequent version of Windows.
Which of the following refers to an early communications protocol that competed with
Point-to-Point Tunneling Protocol?
Selected Answer:
Layer 2 Forwarding (L2F) Protocol
Answers: Point-to-Point Tunneling Protocol (PPTP)
Layer 2 Tunneling Protocol (L2TP)
Question 3
0.75 out of 0.75 points
Which term is describes the second core IPSec security protocol; it can perform
authentication to provide integrity protection, although not for the outermost IP
header?
Selected Answer:
Encapsulating Security Payload (ESP)
Answers: Point-to-Point Protocol (PPP)
Layer 2 Forwarding (L2F) Protocol
Point-to-Point Tunneling Protocol (PPTP)
Answers: Introduction
Policy
Scope
Purpose
Question 6
0.75 out of 0.75 points
What name is given to a method that proves identity using two different authentication
factors?
Selected Answer:
Two-factor authentication
Answers: Service level agreement (SLA)
Two-factor authentication
Hairpinning
Anonymity
Question 7
0.75 out of 0.75 points
Which of the following documents an organization's rules for using a VPN?
Selected Answer:
Remote access policy
Answers: Hairpinning
Question 8
0.75 out of 0.75 points
Which of the following is one of the easiest ways to compromise a VPN?
Selected Answer:
Compromising the authentication credentials
Answers: Compromising VPN availability
Question 9
0.75 out of 0.75 points
Which of the following can affect the stability of a VPN deployment?
Selected Answer:
Software version
Answers: Topology
Encryption level
Traffic
Software version
Question 10
0.75 out of 0.75 points
Which of the following should specifically be included in the organizations VPN
solution?
Selected Answer:
The prohibiting of split tunneling
Answers:
The prohibiting of split tunneling
Encouraging shared VPN credentials
Types of VPN connections supported
How scalable the VPN is
Question 11
0.75 out of 0.75 points
Which of the following is an advantage of SSL/TLS VPNs over IPSec VPNs?
Selected
Answer: Platform Independence
Answers: Installation on corporate systems only
More vendor-created workarounds on the network address translation
tool
More firewall rules
Platform Independence
Question 12
0.75 out of 0.75 points
Which of the following describes anonymity?
Selected
Answer: The capability for a network or system user to remain unknown
Answers:
The capability for a network or system user to remain unknown
A process by which malicious code can enter from a non-secure network,
and make a hairpin, or sharp turn and enter a secure network with little or
no trouble because it is entering from a secure and verified endpoint
An industry term referring to any product that appears in a vendor’s
PowerPoint slide deck, but is not yet available in one of its products
Question 13
0.75 out of 0.75 points
When determining the number of users affected by a VPN problem, which
troubleshooting step is being performed?
Selected Answer:
Determining scope
Answers:
Determining scope
Identifying the symptoms
Looking for changes
Calling the vendor
Question 14
0.75 out of 0.75 points
Which of the following refers to a protocol that provides integrity protection for packet
headers and data, as well as user authentication?
Selected Answer:
Authentication Header (AH)
Answers: Point-to-Point Tunneling Protocol (PPTP)
Request for Comments (RFC)
Bypass architecture
DMZ architecture
Two factor architecture
Question 16
0.75 out of 0.75 points
Which of the following is commonly used with an authentication header to provide both
confidentiality and integrity protection for communications?
Selected Answer:
Encapsulating Security Payload (ESP)
Answers: Internet Key Exchange (IKE)
Layer 2 Forwarding (L2F)
Default password
Question 18
0.75 out of 0.75 points
Which of the following is a benefit of an open source VPN solution?
Selected Answer:
Low cost
Answers: Ease of installation
Available management tools
Low cost
Access to vendor support
Question 19
0.75 out of 0.75 points
The next generation IP version and successor to IPv4 is called what?
Selected Answer:
IPv6
Answers: IPv5
IPv6
IANA
SSL
Question 20
0.75 out of 0.75 points
What is meant by internet Engineering Task Force (IETF)?
Selected
Answer: The standards body for Internet-related engineering specifications
Answers: An early proprietary protocol from Microsoft
An older protocol largely replaced by IPSec and SSL/ TLS-based VPNs in
production environments, but still in use in some older environments
A protocol that provides integrity protection for packet headers and data, as
well as user authentication
Question 22
0.75 out of 0.75 points
Which of the following key VPN protocols used today is the main alternative for a VPN
solution that does not leverage an IPSec solution?
Selected Answer:
Secure Sockets Layer(SSL)/Transport Layer Security (TLS)
Answers: Internet Engineering Task Force (IETF)
Authentication Header (AH)
Vulnerability management
Hairpinning
Question 24
0.75 out of 0.75 points
Which type of architecture places a firewall in front of the VPN to protect it from
Internet-based attacks as well as behind a firewall to protect the internal network?
Selected Answer:
DMZ architecture
DMZ architecture
Question 25
0 out of 0.75 points
The inability to encrypt or otherwise protect the data stream between the client and
server is a drawback of which protocol?
Selected Answer:
Point-to-Point Protocol (PPP)
Answers:
Hypertext transfer Protocol (HTTP0
Point-to-Point Tunneling Protocol (PPTP)
Layer 2 Forwarding (L2F) Protocol
Point-to-Point Protocol (PPP)
Question 26
0.75 out of 0.75 points
Which component of Secure Shell (SSH) Protocol provides server authentication,
confidentiality, and integrity with perfect forward secrecy?
Selected Answer:
Transport Layer Protocol
Answers: Rsync
Connection Protocol
Question 28
0 out of 0.75 points
Although it provides a mechanism for creating tunnels through an IP network, which of
the following does not provide a mechanism for encrypting the data being tunneled?
Selected Answer:
Layer 2 Tunneling Protocol (L2TP)
Answers:
Point-to-Point Protocol (PPP)
Authentication Header (AH)
Layer 2 Tunneling Protocol (L2TP)
Encapsulating Security Payload (ESP)
Question 29
0.75 out of 0.75 points
Which of the following reflects the ability of a network or system user to remain
unknown?
Selected Answer:
Anonymity
Answers: Flexibility
Anonymity
Security
Denial of service
Question 30
0.75 out of 0.75 points
Which of the following refers to any product that appears in a vendor’s PowerPoint
slide deck, but is not yet available in one of its products?
Selected Answer:
Slideware
Answers: Anonymity
Hairpinning
Service level agreement (SLA)
Slideware
Question 31
0 out of 0.75 points
Which type of architecture recognizes that the VPN is vulnerable to attack if placed
directly in the Internet, and therefore places the Internet-facing VPN connection behind
a firewall?
Selected Answer:
Internally connected architecture
Answers: Two-factor architecture
Internally connected architecture
Bypass architecture
DMZ architecture
Question 32
0.75 out of 0.75 points
Which of the following characteristics relates to Point-to-Point Protocol (PPP)?
Selected
Answer: A protocol commonly used in establishing a direct connection between two
networking nodes
Answers: The standards body for Internet-related engineering specifications
A protocol that provides integrity protection for packet headers and data, as
well as user authentication
Layer 2
Layer 3
Layer 4
Question 34
0.75 out of 0.75 points
When employees have multiple concurrent connections, what might be happening to
the VPN system?
Selected Answer:
There may be a security issue.
Answers: There may be a software failure.
Employees may be trying to access the system from remote locations.
Client attack
Remote access attack
Question 37
0.75 out of 0.75 points
Which of the following negotiates, creates, and manages security associations?
Selected Answer:
Internet Key Exchange (IKE)
Answers: Layer 2 Tunneling Protocol (L2TP)
Point-to-Point Tunneling Protocol (PPTP)
Authentication Header (AH)
It is a protocol that provides integrity protection for packet headers and data,
as well as user authentication.
Question 39
0.75 out of 0.75 points
Which of the following refers to a network protocol that is a method for secure remote
logon and other secure network services over a public network?
Selected Answer:
Secure Shell (SSH)
Answers: Point-to-Point Protocol (PPP)
Cookie filter
Question 7
0.75 out of 0.75 points
Which of the following prevents or restricts Web sites from automatically opening
additional tabs or windows without the user’s consent?
Selected Answer:
Pop-up blocker
Answers:
Pop-up blocker
Active threat
Cookie filter
Native firewall
Question 8
0.75 out of 0.75 points
In SmoothWall, what color network interface card indicates the segment of the network
is not trusted, but shares the Internet connection?
Selected Answer:
Orange
Answers: Green
Blue
Orange
Red
Question 9
0.75 out of 0.75 points
Which of the following is a closed-source product?
Selected
Answer: One where the source code cannot be obtained and view by just
anyone
Answers: One that is non-commercial
One where the source code cannot be obtained and view by just
anyone
One where the source code can be obtained and viewed by anyone
One that is commercial
Question 10
0.75 out of 0.75 points
Which of the following is not one way to handle the reset button for devices?
Selected Answer:
Depressing the button of ten to test it
Answers: Consulting the user manual for instructions
Snort
Question 14
0.75 out of 0.75 points
Which of the following outbound ports is for DNS?
Selected Answer:
Port 53
Answers: Port 25
Port 53
Port 80
Port 110
Question 15
0.75 out of 0.75 points
What must be enabled to test SmoothWall’s capability to mitigate attacks?
Selected Answer:
Snort intrusion detection software
Answers: open SSH
SQUID
Ping
DMZ pinholes
IP block
Question 17
0.75 out of 0.75 points
Which name is given to a set of communications standards for simultaneous digital
transmission of voice, video, data, and other network services over the traditional
circuits of the public switched telephone network?
Selected Answer:
Integrated Services Digital Network (ISDN)
Answers: National Security Agency (NSA)
Asymmetric Digital Subscriber Line (ADSL)
RRDtool
DDNS
Question 19
0.75 out of 0.75 points
Which of the following is a form of threat that takes some type of initiative to seek out a
target to compromise?
Selected Answer:
Active threat
Answers: Native firewall
Passive threat
Active threat
Cookie
Question 20
0.75 out of 0.75 points
Which of the following does not address passive threats?
Selected Answer:
Active threats
Answers: Pop-up blockers
Cookie filters
Malicious site managers
Active threats
Question 21
0.75 out of 0.75 points
Which of the following outbound ports is for HTTPS?
Selected Answer:
Port 443
Answers: Port 25
Port 53
Port 80
Port 443
Question 22
0.75 out of 0.75 points
Which of the following refers to a database tool intended to handle time-series data,
such as network bandwidth, temperatures, CPU load, and so on?
Selected Answer:
RRDtool (Round-Robin Database Tool)
Answers: TCPdump
One where the source code can be obtained and viewed by anyone
One that is commercial
Question 25
0.75 out of 0.75 points
Which of the following will track every single connection outside the Web by IP
address and URL?
Selected Answer:
Proxy server
Answers: Clipper Chip
National Security Agency
Proxy server
Electronic Privacy Information Center
Question 26
0.75 out of 0.75 points
The volume of data throughput and transmission speed associated with a firewall is
considered what?
Selected Answer:
Performance
Answers: Scalability
Privilege control
Flexibility
Performance
Question 27
0.75 out of 0.75 points
Which of the following is not a security suite?
Selected Answer:
Netfilter
Answers:
Netfilter
Webroot Internet Security Essentials
McAfee Personal Firewall Plus
Computer Associates
Question 28
0.75 out of 0.75 points
Which of the following describes any harmful code or site that depends upon the
user’s actions to be accessed or activated?
Selected Answer:
Passive threat
Answers: Native firewall
Active threat
Passive threat
Cookie filter
Question 29
0.75 out of 0.75 points
Which of the following characteristics relates to a common Gateway Interface (CGI)
script?
Selected
Answer: A standard that defines how Web server software can delegate the
generation of Web pages to a console application.
Answers:
A standard that defines how Web server software can delegate the
generation of Web pages to a console application.
A computer network authentication protocol that allows nodes
communicating over a non-secure network to prove their identity to one
another in a secure manner
A public interest research group in Washington, D.C., established in 1994 to
focus public attention on emerging civil liberties issues and to protect
privacy, the First Amendment, and Constitutional values in the information
age
A round-robin database tool intended to handle time-series data such as
network bandwidth, temperatures, CPU load, and so on
Question 30
0.75 out of 0.75 points
The degree to which a firewall can impose user access restrictions is known as which
of the following?
Selected Answer:
Privilege control
Answers: Security assurance
Privilege control
Authentication
Audit capabilities
Question 31
0.75 out of 0.75 points
Connecting port 22 or 222 with a client such as WinSCP3 will allow SmoothWall which
capability?
Selected Answer:
Transfer of files to and from the system via SCP/SFTP
Answers: Access to tools like TCPdump
One where the source code cannot be obtained and view by just
anyone
One where the source code can be obtained and viewed by anyone
One that is commercial
Question 36
0.75 out of 0.75 points
Which of the following is a minimum requirement for running SmoothWall?
Selected Answer:
512 MB PC SDRAM
Answers: Three NICs
10 GB hard drive
84MHZ processor
512 MB PC SDRAM
Question 37
0.75 out of 0.75 points
What term is used to describe a chipset developed and promoted by the U.S.
government from 1993 to 1996 as an encryption device to be adopted by
telecommunications companies for voice transmission?
Selected Answer:
Clipper Chip
Answers: Synchronous Dynamic Random Access Memory (SDRAM)
Clipper Chip
Kerberos
National Information Infrastructure (NII)
Question 38
0 out of 0.75 points
Which of the following is not true of security for a SOHO?
Selected Answer:
Not as vulnerable as corporate offices
Answers: Cost effective
Easy to implement
Not as vulnerable as corporate offices
pfSense
DSL
Question 40
0.75 out of 0.75 points
Which type of software is closed-sourced to protect intellectual property and allow
vendors to charge for the product?
Selected Answer:
Commercial
Answers: Non-commercial
Open source
Free software
Commercial
Thursday, April 19, 2018 2:29:23 PM EDT
Question 1
0.6 out of 0.6 points
Which term describes the act of working from a home, remote, or mobile location while
connecting into the employer’s private network, often using a VPN?
Selected Answer:
Telecommuting
Answers: Public key cryptography
Host-to-site VPN
Telecommuting
Scalability
Question 2
0 out of 0.6 points
Which term describes encryption that protects only the original IP packet's payload?
Selected Answer:
Tunnel mode encryption
Answers: Tunnel mode encryption
Filter
Wirespeed
Round robin
Question 6
0.6 out of 0.6 points
Which term describes a network, network link, or channel located between the
endpoints of a VPN?
Selected Answer:
Intermediary network
Answers: One-way function
Host-to-host network
Site-to-site network
Intermediary network
Question 7
0.6 out of 0.6 points
Which of the following can improve firewall performance?
Selected Answer:
Load balancing
Answers: Firewalking
Load balancing
Port-Based Network Access (Admission) Control (PNAC)
Wirespeed
Question 8
0.6 out of 0.6 points
Which of the following is a technique for storing or copying log events to a centralized
logging server?
Selected Answer:
Syslog
Answers:
Syslog
Write-once read-many (WORM) storage
Unified Threat Management (UTM)
Firewall logging
Question 9
0.6 out of 0.6 points
Which of the following refers to a form of IDS/IPS detection based on a collection of
samples, patterns, signatures, and so on stored in a database of known malicious
traffic and events? All traffic or events that match an item in the database are
considered abnormal and potentially malicious.
Selected Answer:
Database-based detection
Answers:
Database-based detection
Firewalking
Anomaly-based detection
False Positive
Question 10
0.6 out of 0.6 points
Which name is given to a probability prediction based on statistics and historical
occurrences on the likelihood of how many times in the next year a threat is going to
cause harm?
Selected Answer:
Annualized rate of occurrence (ARO)
Answers: Tunnel mode encryption
Physical address
Question 12
0.6 out of 0.6 points
Which of the following describes fair queuing?
Selected
Answer: A technique of load balancing that operates by sending the next transaction
to the firewall with the least current workload.
Answers:
A technique of load balancing that operates by sending the next transaction
to the firewall with the least current workload.
An event that triggers an alarm but should not have because the traffic or
event actually is benign.
A form of IDS/IPS detection based on a collection of samples, patterns,
signatures, and so on.
A written expression of an item of concern (protocol, port, service,
application, user, and IP address) and one or more actions to take when
the item of concern appears in traffic.
Question 13
0.6 out of 0.6 points
Which term describes a VPN created between two individual hosts across a local or
intermediary network?
Selected Answer:
Host-to-host VPN
Answers: VPN appliance
Host-to-host VPN
Hash
Site-to-site VPN
Question 14
0.6 out of 0.6 points
Which term is used to describe a public-key cryptography-based mechanism for
proving the source (and possibly integrity) of a dataset or message?
Selected Answer:
Digital signature
Answers: Trusted third party
Symmetric cryptography
Algorithm
Digital signature
Question 15
0.6 out of 0.6 points
Which of the following refers to a communication pathway, circuit, or frequency
dedicated or reserved for a specific transmission?
Selected Answer:
Channel
Answers: Hardware VPN
Host-to-site VPN
Asymmetric cryptography
Channel
Question 16
0.6 out of 0.6 points
Which term describes encryption that protects the entire original IP packet’s header
and payload?
Selected Answer:
Tunnel mode encryption
Answers:
Tunnel mode encryption
Transport mode encryption
Cryptography
IP headers
Question 17
0.6 out of 0.6 points
Ingress and egress filtering can expand beyond protection against spoofing and
include a variety of investigations on inbound and outbound traffic. Which of the
following is not one of the ways ingress and egress filtering expand beyond protection
against spoofing?
Selected
Answer: Dynamic packet filtering
Answers:
Dynamic packet filtering
Blacklist and whitelist filtering
Protocol and port blocking
Confirmation of authentication or authorization before communications
continue
Question 18
0.6 out of 0.6 points
Which term refers to a type of business telephone network?
Selected Answer:
Private Branch Exchange (PBX)
Answers:
Private Branch Exchange (PBX)
Host-to-site VPN
Rekeying
Virtual private network (VPN)
Question 19
0.6 out of 0.6 points
Which of the following characteristics describes an edge router?
Selected
Answer: The last device owned and controlled by an organization before an ISP or
telco connection
Answers:
The last device owned and controlled by an organization before an ISP or
telco connection
A form of VPN establishing a secure VPN over trusted VPN connections
A form of cryptography in which each encryption key is used once before
being discarded
A security service that ensures that a sender cannot deny sending a
message
Question 20
0.6 out of 0.6 points
Which of the following terms describes hiding information from unauthorized third
parties?
Selected Answer:
Cryptography
Answers: Virtual Private Network (VPN)
Split tunnel
Cryptography
Authentication, Authorization, and Accounting (AAA) Services
Question 21
0.6 out of 0.6 points
Which of the following characteristics describes the application layer?
Selected
Answer:
The top or seventh layer of the OSI model, which is responsible for
enabling communications with host software, including the operating
system
Answers: The sixth layer of the OSI model, which translates the data received from
the host software into a format acceptable to the network
The top or seventh layer of the OSI model, which is responsible for
enabling communications with host software, including the operating
system
An entrance or exit point to a controlled space
The fifth layer of the OSI model, which manages the communication
channel
Question 22
0.6 out of 0.6 points
Which of the following refers to a type of firewall that filters on a specific application’s
content and session information?
Selected Answer:
Application firewall
Answers: Circuit firewall
Hardware firewall
Application firewall
Stateful inspection
Question 23
0.6 out of 0.6 points
Which of the following refers to an event that does not trigger an alarm but should
have, due to the traffic or event actually being abnormal and/or malicious?
Selected Answer:
False negative
Answers: False positive
Round robin
False negative
Deny by default/Allow by exception
Question 24
0.6 out of 0.6 points
Which term describes a security stance that prevents all communications except those
enabled by specific allow exceptions?
Selected Answer:
Deny by default/Allow by exception
Answers: Syslog
Client-to-server VPN
Keyspace
Question 29
0.6 out of 0.6 points
Which name is given to a form of filtering that focuses on traffic content?
Selected Answer:
Content filtering
Answers: Stateful inspection filtering
Static filtering
Content filtering
Application gateway
Question 30
0.6 out of 0.6 points
Which of the following refers to a type of software product that is pre-compiled and
whose source code is undisclosed?
Selected Answer:
Closed source
Answers: Circuit
Closed source
Bots
Physical address
Question 31
0.6 out of 0.6 points
Which of the following hands out tasks in a repeating non-priority sequence?
Selected Answer:
Round robin
Answers: Port-based network access (admission) control (PNAC)
Firewalking
Round robin
Alert
Question 32
0.6 out of 0.6 points
Which of the following describes dynamic packet filtering?
Selected
Answer:
A process that automatically creates temporary filters. In most cases, the
filters allow inbound responses to previous outbound requests.
Answers: An entrance or exit point to a controlled space
The function of routing traffic from an external source received on a specific
pre-defined IP address and port combination (also known as a socket) to an
internal resource server.
A process that translates internal addresses into external addresses
Firewalking
Database-based detection
Question 34
0.6 out of 0.6 points
Which of the following describes an access control list (ACL)?
Selected
Answer: A mechanism that defines traffic or an event to apply an authorization
control of allow or deny against
Answers:
A mechanism that defines traffic or an event to apply an authorization
control of allow or deny against
An intrusion detection system/intrusion prevention system (IDS/ IPS) based
on a defined normal, often defined using rules similar to firewall rules
An event that does not trigger an alarm but should have, due to the traffic
or event actually being abnormal and/or malicious
A form of IDS/IPS detection based on a collection of samples, patterns,
signatures, and so on
Question 35
0.6 out of 0.6 points
Which firewall product is designed for larger networks?
Selected Answer:
Commercial firewalls
Answers:
Commercial firewalls
Personal firewalls
Sessions
Appliance firewalls
Question 36
0.6 out of 0.6 points
Which firewall has a network interface located in a unique network segment that allows
for true isolation of the segments and forces the firewall to filter all traffic moving from
one segment to another?
Selected Answer:
Dual-homed firewall
Answers: Appliance firewall
Software firewall
Dual-homed firewall
Triple-homed firewall
Question 37
0.6 out of 0.6 points
Which term describes the seemingly random and unusable output from a
cryptographic function applied to original data?
Selected Answer:
Ciphertext
Answers: Dedicated leased line
Ciphertext
Identity proofing
Host VPN
Question 38
0.6 out of 0.6 points
Which of the following is not a protection against fragmentation attacks?
Selected Answer:
Using firewalking
Answers: Using IDS
Performing sender fragmentation
Using firewall filtering
Using firewalking
Question 39
0.6 out of 0.6 points
Which of the following describes an appliance firewall?
Selected
Answer: A hardened hardware firewall
Answers: The process of automatically created temporary filters. In most cases, the
filters allow inbound responses to previous outbound requests.
Management interface
Signature
Question 41
0.6 out of 0.6 points
Which of the following is not a consideration when placing firewalls on the network?
Selected Answer:
Where hackers are located
Answers: Structure of the network
Traffic patterns
Most likely access pathways
Asymmetric cryptography
Ciphertext
Algorithm
Question 43
0.6 out of 0.6 points
Which of the following describes optical carrier (OC)?
Selected
Answer: A network carrier line—often leased or dedicated—which uses fiber optic
cables for high-speed connections
Answers:
A network carrier line—often leased or dedicated—which uses fiber optic
cables for high-speed connections
The process of converting ciphertext back into plain text
A program used to control access to computer resources, enforce policies,
audit usage, and provide billing information
A set of rules and procedures, usually mathematical in nature
Question 44
0.6 out of 0.6 points
Which of the following describes write-once read-many (WORM)?
Selected
Answer: A storage device that can be written to once, but once written cannot be
electronically altered
Answers: A mechanism defining traffic or an event to apply an authorization control of
allow or deny against
A storage device that can be written to once, but once written cannot be
electronically altered
A form of network access control or admission control (NAC) used on
individual network access devices, such as firewalls, VPN gateways, and
wireless routers
A form of IDS/IPS detection based on a recording of real-world traffic as a
baseline for normal
Question 45
0.6 out of 0.6 points
Which of the following refers to a software firewall installed on a client or server?
Selected Answer:
Host firewall
Answers:
Host firewall
Hardware firewall
Transport Layer (Layer 4)
Client
Question 46
0.6 out of 0.6 points
Which term is used to describe a firewall that is implemented via software?
Selected Answer:
Bump-in-the-stack
Answers: Risk assessment
Bump-in-the-stack
Hardware firewall
Screening router
Question 47
0.6 out of 0.6 points
Which name is given to an entrance or exit point to a controlled space?
Selected Answer:
Gateway
Answers: Physical layer (Layer 1)
Cost/Benefit Analysis
Network layer (Layer 3)
Gateway
Question 48
0.6 out of 0.6 points
Which of the following refers to a form of encryption also known as point-to-point or
host-to-host encryption?
Selected Answer:
Transport mode encryption
Answers: Hardware firewall
Circuit firewall
Default deny
Default allow
Question 2
1.2 out of 1.2 points
All of the following are advantages of a defense-in-depth security design except which
one?
Selected
Answer: Defense in depth keeps senior management out of the activities of the
security department.
Answers: Defense in depth avoids single points of failure.
Unlimited growth
Question 5
1.2 out of 1.2 points
Hackers can be deterred by defense methods that detect and evade. All of the
following are defense methods, except which one?
Selected Answer:
Botnet army
Answers: Honeypots
Firewalls
IDSs
Botnet army
Question 6
1.2 out of 1.2 points
Which of the following describes a BYOD?
Selected
Answer:
A policy allowing or encouraging employees, contractors, and others to
connect their own computers, smartphones, and other devices to their
organization’s networks
Answers: An application-programming interface (API) developed by IBM in 1985 to
emulate NetBIOS on a token ring network
Question 9
1.2 out of 1.2 points
Which name is given to the information related to the owners and managers of a
domain name accessed through the domain registrar’s Web sites and Whois lookups?
Selected Answer:
Domain registration
Answers:
Domain registration
National Institute of Standards and Technology (NIST)
USENET newsgroup
Wrapper
Question 10
1.2 out of 1.2 points
What prevents a hard drive from being read by another system if it is stolen/
Selected Answer:
Whole hard drive encryption
Answers:
Whole hard drive encryption
Host firewall
Antivirus scanner
Intrusion detection system (IDS)
Question 11
1.2 out of 1.2 points
Which of the following characteristics relates to a distributed Denial of Service (DDoS)
attack?
Selected
Answer: An attack that uses multiple remotely controlled software agents
disseminated across the Internet
Answers: The information related to the owners and managers of a domain name
accessed through the domain registrar’s Web sites and Whois lookups
An advancement of keystroke logging to monitor and record many other
user activities
Answers: A dedicated microchip found on some motherboards that host and protect
the encryption key for whole hard drive encryption
The third and highest level of obtaining security knowledge that leads to
career advancement
A security guideline, procedure, or recommendation manual
Question 13
1.2 out of 1.2 points
Checking authentication, checking authorization and access control, auditing systems,
and verifying firewalls and other filters should all be included on which of the following?
Selected Answer:
A logical security checklist
Question 14
1.2 out of 1.2 points
Which attack uses a pre-constructed list of potential passwords or encryption keys?
Selected Answer:
Dictionary password attack
Answers: Piloting
Dialer
Question 16
1.2 out of 1.2 points
Which of the following characteristics relates to enumeration?
Selected
Answer: The process of discovering sufficient details about a potential target to learn
about network or system vulnerabilities
Answers:
The process of discovering sufficient details about a potential target to learn
about network or system vulnerabilities
An application attack in which a hacker submits SQL expressions to cause
authentication bypass, extraction of data, planting of information, or access
to a command shell
A criminal whose objective is to compromise IT infrastructures
A logical division of data composed of one or more sectors on a hard drive
Question 17
1.2 out of 1.2 points
Which of the following creates copies of data on other storage media?
Selected Answer:
Backups
Answers: Fail-Open
Honeynets
Backups
Security Technical Implementation Guide (STIGS)
Question 18
1.2 out of 1.2 points
Which of the following describes advanced persistent threat (APT)?
Selected
Answer:
A network attack in which an unauthorized person gains access to a network
and stays there undetected for a long period of time. The purpose of such an
attack is to steal data, not to damage the network or organization.
Answers:
A network attack in which an unauthorized person gains access to a network
and stays there undetected for a long period of time. The purpose of such an
attack is to steal data, not to damage the network or organization.
A rogue program that automatically dials a modem to a pre-defined number.
Sometimes this is to download additional malware to the victim or to upload
stolen data from the victim. In other cases, the dialer calls premium rate
telephone numbers to rack up massive long distance charges.
The act of a hacker changing the MAC address of the network interface.
The unused portion of the last cluster allocated to a stored file. It may
contain remnants of prior files stored in that location.
Question 19
1.2 out of 1.2 points
Which of the following describes a predefined procedure that will limit damage, contain
the spread of malicious content, stop the compromise of information, and promptly
restore the environment to a normal state?
Selected Answer:
Incident response plan
Answers: Separation of duties
Question 20
0 out of 1.2 points
Contract workers place a higher risk on the organization for all of the following
reasons, except which one represent a greater risk?
Selected Answer:
They are not full-time regular employees and might lack loyalty.
Answers: They are not full-time regular employees and might lack loyalty.
They are more likely to compromise the organization.
They see the company as worthy of protection.
They might not be accountable after a project ends.
Question 21
1.2 out of 1.2 points
Which form of investigation aims at checking whether or not a target system is subject
to attack based on a database of tests, scripts, and simulated exploits?
Selected Answer:
Vulnerability scanning
Answers: Incident response plan
Fail-open
Vulnerability scanning
Separation of duties
Question 22
1.2 out of 1.2 points
Which name is given to an exploit that allows a hacker to run any command-line
function on a compromised system?
Selected Answer:
Arbitrary code execution
Answers: Command shell
Whois
Question 24
1.2 out of 1.2 points
What term is used to describe a tactic of pursuing and extracting information for the
purpose of making a sale or performing a social engineering attack?
Selected Answer:
Cold calling
Answers:
Cold calling
Privilege escalation
Proxy manipulation
Recreational hacker
Question 25
1.2 out of 1.2 points
Which of the following describes a banner?
Selected
Answer:
A message sent by a service in response to a valid or invalid query. Its
function is to confirm communication is functioning properly or to announce
an error.
Answers:
A message sent by a service in response to a valid or invalid query. Its
function is to confirm communication is functioning properly or to announce
an error.
A form of unauthorized access to a system.
Persistent public messaging forums accessed over the NNTP (Network
News Transfer Protocol).
A variant of the UNIX operating system that is supported by Windows NT
4.0, but not subsequent version of Windows.
Question 1
1.2 out of 1.2 points
Examples of users purposefully avoiding or violating security—that is, not actively
supporting and participating in security—include all of the following except which one?
Selected Answer:
Setting strong passwords
Answers: Using proxy tools to get around firewalls
Using personal equipment
Sharing accounts with other employees
Filter-free
Fail-safe
Question 3
1.2 out of 1.2 points
Which of the following command-line tools will list the current open, listening, and
connection
sockets on a system as well as the service related to each socket?
Selected Answer:
Fport
Answers: TCPView
Fport
Netstat
Nmap
Question 4
1.2 out of 1.2 points
Which of the following is not a firewall type?
Selected Answer:
Universal
Answers:
Universal
Static packet filtering
Proxy
Stateful inspection
Question 5
1.2 out of 1.2 points
Which of the following is not a common reason for deploying a reverse proxy?
Selected Answer:
Time savings
Answers: Reverse caching
Security
Time savings
Encryption
Question 6
0 out of 1.2 points
When troubleshooting firewalls, which of the following is not something you should do
after you attempt a fix?
Selected Answer:
Reverse or undo solution failures.
Answers:
Make multiple fixes.
Repeat the failure.
Test after each attempt.
Reverse or undo solution failures.
Question 7
1.2 out of 1.2 points
Which of the following is a dedicated hardware device that functions as a black-box
sentry?
Selected Answer:
Appliance firewall
Answers: Fail-safe
Reverse proxy firewall
Proxy firewall
Appliance firewall
Question 8
1.2 out of 1.2 points
Which of the following creates TCP and UDP network connections to or from any port?
Selected Answer:
Netcat
Answers: Cryptcat
Back Orifice
SubSeven
Netcat
Question 9
0 out of 1.2 points
Which of the following is not a commonsense element of troubleshooting firewalls?
Selected Answer:
Isolate problems.
Answers: Focus on the most critical issues first.
Isolate problems.
Work with urgency.
Know your firewall thoroughly.
Question 10
1.2 out of 1.2 points
Which of the following is a network mapper, port scanner, and OS fingerprinting tool
that checks the state of ports, identifies targets, and probes services?
Selected Answer:
Nmap
Answers: Wireshark
Nmap
TCPView
Backtrack
Question 11
1.2 out of 1.2 points
Which of the following is a double-blind encapsulation system that enables anonymous
but not encrypted Internet communications?
Selected Answer:
TOR (The Onion Router)
Answers:
TOR (The Onion Router)
Cryptcat
Back Orifice
Remote Desktop Protocol (RDP) and Remote Assistance
Question 12
1.2 out of 1.2 points
Which of the following describes the principle that for an organization’s security policy
to be effective, everyone must be forced to work within it and follow its rules?
Selected Answer:
Universal participation
Answers:
Universal participation
Diversity of defense
General purpose OS
Bastion host OS
Question 13
1.2 out of 1.2 points
Which of the following does port forwarding support?
Selected Answer:
Any service on any port
Answers:
Any service on any port
Caching
Encryption endpoint
Load balancing
Question 14
1.2 out of 1.2 points
Which of the following describes security stance?
Selected
Answer: An organization’s filtering configuration; it answers the question, “What
should be allowed and what should be blocked?”
Answers:
An organization’s filtering configuration; it answers the question, “What
should be allowed and what should be blocked?”
A means of providing faster access to static content for external users
accessing internal Web servers
An operating system such as Windows or Linux that supports a wide variety
of purposes and functions, but when used as a bastion host OS must be
hardened and locked down
An approach to security similar to defense in depth that uses a different
security mechanism at each or most of the layers
Question 15
1.2 out of 1.2 points
Which of the following is disabled by default and requires an invitation?
Selected Answer:
Remote Desktop Protocol (RDP) and Remote Assistance
Answers: TOR (The Onion Router)
Question 16
1.2 out of 1.2 points
Which of the following forces all traffic, communications, and activities through a single
pathway or channel that can be used to control bandwidth consumption, filter content,
provide authentication services, or enforce authorization.
Selected Answer:
Chokepoint
Answers: Fail-safe
Chokepoint
Fail-secure
Reverse proxy
Question 17
1.2 out of 1.2 points
It's important to evaluate the purpose and content of your firewall policy. Which of the
following is not an evaluation method?
Selected
Answer: Determine how to write a policy that is as short as possible to avoid
confusion.
Answers: Define the software and hardware options that will be used to adopt the
policy.
Determine the features necessary for the infrastructure's network
communications.
Syslog
Backtrack
Question 19
1.2 out of 1.2 points
If the process of creating rules requires a significant number of special exceptions to
modify or
adjust ranges of addresses or ports, what should you do?
Selected
Answer: Consider reconfiguring the network rather than using a too complex or
too long rule set.
Answers: Use a more complex rule set.
Question 21
1.2 out of 1.2 points
There are six steps for writing a security incident response plane. Which of the
following is not a step?
Selected Answer:
Report
Answers: Detection
Containment
Eradication
Report
Question 22
0 out of 1.2 points
Which of the following is an operating system built exclusively to run on a bastion host
device?
Selected Answer:
General OS
Answers:
Proprietary OS
General OS
Reverse proxy
Appliance firewall
Question 23
1.2 out of 1.2 points
Which of the following describes a general purpose OS?
Selected
Answer:
An operating system such as Windows or Linux that can support a wide
variety of purposes and functions, but which, when used as a bastion host
OS, must be hardened and locked down
Answers: An operating system that supports only firewall functions
An operating system that does not support firewall functions
A means of providing faster access to static content for external users
accessing internal Web servers
Question 25
1.2 out of 1.2 points
All of the following are disadvantages of the build-it-yourself firewall, but one is an
advantage. Which of the following is an advantage?
Selected Answer:
Cost
Cost
Question 1
1.2 out of 1.2 points
Examples of users purposefully avoiding or violating security—that is, not actively
supporting and participating in security—include all of the following except which one?
Selected Answer:
Setting strong passwords
Answers: Using proxy tools to get around firewalls
Using personal equipment
Sharing accounts with other employees
Filter-free
Fail-safe
Question 3
1.2 out of 1.2 points
Which of the following command-line tools will list the current open, listening, and
connection
sockets on a system as well as the service related to each socket?
Selected Answer:
Fport
Answers: TCPView
Fport
Netstat
Nmap
Question 4
1.2 out of 1.2 points
Which of the following is not a firewall type?
Selected Answer:
Universal
Answers:
Universal
Static packet filtering
Proxy
Stateful inspection
Question 5
1.2 out of 1.2 points
Which of the following is not a common reason for deploying a reverse proxy?
Selected Answer:
Time savings
Answers: Reverse caching
Security
Time savings
Encryption
Question 6
0 out of 1.2 points
When troubleshooting firewalls, which of the following is not something you should do
after you attempt a fix?
Selected Answer:
Reverse or undo solution failures.
Answers:
Make multiple fixes.
Repeat the failure.
Test after each attempt.
Reverse or undo solution failures.
Question 7
1.2 out of 1.2 points
Which of the following is a dedicated hardware device that functions as a black-box
sentry?
Selected Answer:
Appliance firewall
Answers: Fail-safe
Reverse proxy firewall
Proxy firewall
Appliance firewall
Question 8
1.2 out of 1.2 points
Which of the following creates TCP and UDP network connections to or from any port?
Selected Answer:
Netcat
Answers: Cryptcat
Back Orifice
SubSeven
Netcat
Question 9
0 out of 1.2 points
Which of the following is not a commonsense element of troubleshooting firewalls?
Selected Answer:
Isolate problems.
Answers: Focus on the most critical issues first.
Isolate problems.
Question 10
1.2 out of 1.2 points
Which of the following is a network mapper, port scanner, and OS fingerprinting tool
that checks the state of ports, identifies targets, and probes services?
Selected Answer:
Nmap
Answers: Wireshark
Nmap
TCPView
Backtrack
Question 11
1.2 out of 1.2 points
Which of the following is a double-blind encapsulation system that enables anonymous
but not encrypted Internet communications?
Selected Answer:
TOR (The Onion Router)
Answers:
TOR (The Onion Router)
Cryptcat
Back Orifice
Remote Desktop Protocol (RDP) and Remote Assistance
Question 12
1.2 out of 1.2 points
Which of the following describes the principle that for an organization’s security policy
to be effective, everyone must be forced to work within it and follow its rules?
Selected Answer:
Universal participation
Answers:
Universal participation
Diversity of defense
General purpose OS
Bastion host OS
Question 13
1.2 out of 1.2 points
Which of the following does port forwarding support?
Selected Answer:
Any service on any port
Answers:
Any service on any port
Caching
Encryption endpoint
Load balancing
Question 14
1.2 out of 1.2 points
Which of the following describes security stance?
Selected
Answer: An organization’s filtering configuration; it answers the question, “What
should be allowed and what should be blocked?”
Answers:
An organization’s filtering configuration; it answers the question, “What
should be allowed and what should be blocked?”
A means of providing faster access to static content for external users
accessing internal Web servers
An operating system such as Windows or Linux that supports a wide variety
of purposes and functions, but when used as a bastion host OS must be
hardened and locked down
An approach to security similar to defense in depth that uses a different
security mechanism at each or most of the layers
Question 15
1.2 out of 1.2 points
Which of the following is disabled by default and requires an invitation?
Selected Answer:
Remote Desktop Protocol (RDP) and Remote Assistance
Answers: TOR (The Onion Router)
Question 16
1.2 out of 1.2 points
Which of the following forces all traffic, communications, and activities through a single
pathway or channel that can be used to control bandwidth consumption, filter content,
provide authentication services, or enforce authorization.
Selected Answer:
Chokepoint
Answers: Fail-safe
Chokepoint
Fail-secure
Reverse proxy
Question 17
1.2 out of 1.2 points
It's important to evaluate the purpose and content of your firewall policy. Which of the
following is not an evaluation method?
Selected
Answer: Determine how to write a policy that is as short as possible to avoid
confusion.
Answers: Define the software and hardware options that will be used to adopt the
policy.
Determine the features necessary for the infrastructure's network
communications.
Syslog
Backtrack
Question 19
1.2 out of 1.2 points
If the process of creating rules requires a significant number of special exceptions to
modify or
adjust ranges of addresses or ports, what should you do?
Selected
Answer: Consider reconfiguring the network rather than using a too complex or
too long rule set.
Answers: Use a more complex rule set.
Question 21
1.2 out of 1.2 points
There are six steps for writing a security incident response plane. Which of the
following is not a step?
Selected Answer:
Report
Answers: Detection
Containment
Eradication
Report
Question 22
0 out of 1.2 points
Which of the following is an operating system built exclusively to run on a bastion host
device?
Selected Answer:
General OS
Answers:
Proprietary OS
General OS
Reverse proxy
Appliance firewall
Question 23
1.2 out of 1.2 points
Which of the following describes a general purpose OS?
Selected
Answer:
An operating system such as Windows or Linux that can support a wide
variety of purposes and functions, but which, when used as a bastion host
OS, must be hardened and locked down
Answers: An operating system that supports only firewall functions
An operating system that does not support firewall functions
A means of providing faster access to static content for external users
accessing internal Web servers
Question 25
1.2 out of 1.2 points
All of the following are disadvantages of the build-it-yourself firewall, but one is an
advantage. Which of the following is an advantage?
Selected Answer:
Cost
Cost
Question 1
0.75 out of 0.75 points
Which of the following refers to an early communications protocol that competed with
Point-to-Point Tunneling Protocol?
Selected Answer:
Layer 2 Forwarding (L2F) Protocol
Answers: Point-to-Point Tunneling Protocol (PPTP)
Layer 2 Tunneling Protocol (L2TP)
Question 3
0.75 out of 0.75 points
Which term is describes the second core IPSec security protocol; it can perform
authentication to provide integrity protection, although not for the outermost IP
header?
Selected Answer:
Encapsulating Security Payload (ESP)
Answers: Point-to-Point Protocol (PPP)
Layer 2 Forwarding (L2F) Protocol
Point-to-Point Tunneling Protocol (PPTP)
Encapsulating Security Payload (ESP)
Question 4
0.75 out of 0.75 points
Which of the following represents a standards-based protocol suite designed
specifically for securing Internet Protocol communications?
Selected Answer:
Internet Protocol Security (IPSec)
Answers: Authentication Header (AH)
Tunnel mode
Transport mode
Answers: Introduction
Policy
Scope
Purpose
Question 6
0.75 out of 0.75 points
What name is given to a method that proves identity using two different authentication
factors?
Selected Answer:
Two-factor authentication
Answers: Service level agreement (SLA)
Two-factor authentication
Hairpinning
Anonymity
Question 7
0.75 out of 0.75 points
Which of the following documents an organization's rules for using a VPN?
Selected Answer:
Remote access policy
Answers: Hairpinning
Question 8
0.75 out of 0.75 points
Which of the following is one of the easiest ways to compromise a VPN?
Selected Answer:
Compromising the authentication credentials
Answers: Compromising VPN availability
Question 9
0.75 out of 0.75 points
Which of the following can affect the stability of a VPN deployment?
Selected Answer:
Software version
Answers: Topology
Encryption level
Traffic
Software version
Question 10
0.75 out of 0.75 points
Which of the following should specifically be included in the organizations VPN
solution?
Selected Answer:
The prohibiting of split tunneling
Answers:
The prohibiting of split tunneling
Encouraging shared VPN credentials
Types of VPN connections supported
How scalable the VPN is
Question 11
0.75 out of 0.75 points
Which of the following is an advantage of SSL/TLS VPNs over IPSec VPNs?
Selected
Answer: Platform Independence
Answers: Installation on corporate systems only
More vendor-created workarounds on the network address translation
tool
More firewall rules
Platform Independence
Question 12
0.75 out of 0.75 points
Which of the following describes anonymity?
Selected
Answer: The capability for a network or system user to remain unknown
Answers:
The capability for a network or system user to remain unknown
A process by which malicious code can enter from a non-secure network,
and make a hairpin, or sharp turn and enter a secure network with little or
no trouble because it is entering from a secure and verified endpoint
An industry term referring to any product that appears in a vendor’s
PowerPoint slide deck, but is not yet available in one of its products
Question 13
0.75 out of 0.75 points
When determining the number of users affected by a VPN problem, which
troubleshooting step is being performed?
Selected Answer:
Determining scope
Answers:
Determining scope
Identifying the symptoms
Looking for changes
Calling the vendor
Question 14
0.75 out of 0.75 points
Which of the following refers to a protocol that provides integrity protection for packet
headers and data, as well as user authentication?
Selected Answer:
Authentication Header (AH)
Answers: Point-to-Point Tunneling Protocol (PPTP)
Request for Comments (RFC)
Authentication Header (AH)
Layer 2 Tunneling Protocol (L2TP)
Question 15
0.75 out of 0.75 points
Which type of architecture deploys the VPN so that traffic to and from the VPN is not
firewalled?
Selected Answer:
Bypass architecture
Answers: Internally connected architecture
Bypass architecture
DMZ architecture
Two factor architecture
Question 16
0.75 out of 0.75 points
Which of the following is commonly used with an authentication header to provide both
confidentiality and integrity protection for communications?
Selected Answer:
Encapsulating Security Payload (ESP)
Answers: Internet Key Exchange (IKE)
Layer 2 Forwarding (L2F)
Default password
Question 18
0.75 out of 0.75 points
Which of the following is a benefit of an open source VPN solution?
Selected Answer:
Low cost
Answers: Ease of installation
Available management tools
Low cost
Access to vendor support
Question 19
0.75 out of 0.75 points
The next generation IP version and successor to IPv4 is called what?
Selected Answer:
IPv6
Answers: IPv5
IPv6
IANA
SSL
Question 20
0.75 out of 0.75 points
What is meant by internet Engineering Task Force (IETF)?
Selected
Answer: The standards body for Internet-related engineering specifications
Answers: An early proprietary protocol from Microsoft
An older protocol largely replaced by IPSec and SSL/ TLS-based VPNs in
production environments, but still in use in some older environments
A protocol that provides integrity protection for packet headers and data, as
well as user authentication
Vulnerability management
Hairpinning
Question 24
0.75 out of 0.75 points
Which type of architecture places a firewall in front of the VPN to protect it from
Internet-based attacks as well as behind a firewall to protect the internal network?
Selected Answer:
DMZ architecture
DMZ architecture
Question 25
0 out of 0.75 points
The inability to encrypt or otherwise protect the data stream between the client and
server is a drawback of which protocol?
Selected Answer:
Point-to-Point Protocol (PPP)
Answers:
Hypertext transfer Protocol (HTTP0
Point-to-Point Tunneling Protocol (PPTP)
Layer 2 Forwarding (L2F) Protocol
Point-to-Point Protocol (PPP)
Question 26
0.75 out of 0.75 points
Which component of Secure Shell (SSH) Protocol provides server authentication,
confidentiality, and integrity with perfect forward secrecy?
Selected Answer:
Transport Layer Protocol
Answers: Rsync
Connection Protocol
Answers:
Policy
Optional elements
Summary
Roles and responsibilities
Question 28
0 out of 0.75 points
Although it provides a mechanism for creating tunnels through an IP network, which of
the following does not provide a mechanism for encrypting the data being tunneled?
Selected Answer:
Layer 2 Tunneling Protocol (L2TP)
Answers:
Point-to-Point Protocol (PPP)
Authentication Header (AH)
Layer 2 Tunneling Protocol (L2TP)
Encapsulating Security Payload (ESP)
Question 29
0.75 out of 0.75 points
Which of the following reflects the ability of a network or system user to remain
unknown?
Selected Answer:
Anonymity
Answers: Flexibility
Anonymity
Security
Denial of service
Question 30
0.75 out of 0.75 points
Which of the following refers to any product that appears in a vendor’s PowerPoint
slide deck, but is not yet available in one of its products?
Selected Answer:
Slideware
Answers: Anonymity
Hairpinning
Service level agreement (SLA)
Slideware
Question 31
0 out of 0.75 points
Which type of architecture recognizes that the VPN is vulnerable to attack if placed
directly in the Internet, and therefore places the Internet-facing VPN connection behind
a firewall?
Selected Answer:
Internally connected architecture
Answers: Two-factor architecture
Internally connected architecture
Bypass architecture
DMZ architecture
Question 32
0.75 out of 0.75 points
Which of the following characteristics relates to Point-to-Point Protocol (PPP)?
Selected
Answer:
A protocol commonly used in establishing a direct connection between two
networking nodes
Answers: The standards body for Internet-related engineering specifications
A protocol that provides integrity protection for packet headers and data, as
well as user authentication
Layer 2
Layer 3
Layer 4
Question 34
0.75 out of 0.75 points
When employees have multiple concurrent connections, what might be happening to
the VPN system?
Selected Answer:
There may be a security issue.
Answers: There may be a software failure.
Employees may be trying to access the system from remote locations.
Client attack
Remote access attack
Question 37
0.75 out of 0.75 points
Which of the following negotiates, creates, and manages security associations?
Selected Answer:
Internet Key Exchange (IKE)
Answers: Layer 2 Tunneling Protocol (L2TP)
Point-to-Point Tunneling Protocol (PPTP)
Authentication Header (AH)
It is a protocol that provides integrity protection for packet headers and data,
as well as user authentication.
Question 39
0.75 out of 0.75 points
Which of the following refers to a network protocol that is a method for secure remote
logon and other secure network services over a public network?
Selected Answer:
Secure Shell (SSH)
Answers: Point-to-Point Protocol (PPP)
Cookie filter
Question 7
0.75 out of 0.75 points
Which of the following prevents or restricts Web sites from automatically opening
additional tabs or windows without the user’s consent?
Selected Answer:
Pop-up blocker
Answers:
Pop-up blocker
Active threat
Cookie filter
Native firewall
Question 8
0.75 out of 0.75 points
In SmoothWall, what color network interface card indicates the segment of the network
is not trusted, but shares the Internet connection?
Selected Answer:
Orange
Answers: Green
Blue
Orange
Red
Question 9
0.75 out of 0.75 points
Which of the following is a closed-source product?
Selected
Answer: One where the source code cannot be obtained and view by just
anyone
Answers: One that is non-commercial
One where the source code cannot be obtained and view by just
anyone
One where the source code can be obtained and viewed by anyone
One that is commercial
Question 10
0.75 out of 0.75 points
Which of the following is not one way to handle the reset button for devices?
Selected Answer:
Depressing the button of ten to test it
Answers: Consulting the user manual for instructions
Snort
Question 14
0.75 out of 0.75 points
Which of the following outbound ports is for DNS?
Selected Answer:
Port 53
Answers: Port 25
Port 53
Port 80
Port 110
Question 15
0.75 out of 0.75 points
What must be enabled to test SmoothWall’s capability to mitigate attacks?
Selected Answer:
Snort intrusion detection software
Answers: open SSH
SQUID
Ping
DMZ pinholes
IP block
Question 17
0.75 out of 0.75 points
Which name is given to a set of communications standards for simultaneous digital
transmission of voice, video, data, and other network services over the traditional
circuits of the public switched telephone network?
Selected Answer:
Integrated Services Digital Network (ISDN)
Answers: National Security Agency (NSA)
Asymmetric Digital Subscriber Line (ADSL)
RRDtool
DDNS
Question 19
0.75 out of 0.75 points
Which of the following is a form of threat that takes some type of initiative to seek out a
target to compromise?
Selected Answer:
Active threat
Answers: Native firewall
Passive threat
Active threat
Cookie
Question 20
0.75 out of 0.75 points
Which of the following does not address passive threats?
Selected Answer:
Active threats
Answers: Pop-up blockers
Cookie filters
Malicious site managers
Active threats
Question 21
0.75 out of 0.75 points
Which of the following outbound ports is for HTTPS?
Selected Answer:
Port 443
Answers: Port 25
Port 53
Port 80
Port 443
Question 22
0.75 out of 0.75 points
Which of the following refers to a database tool intended to handle time-series data,
such as network bandwidth, temperatures, CPU load, and so on?
Selected Answer:
RRDtool (Round-Robin Database Tool)
Answers: TCPdump
One where the source code can be obtained and viewed by anyone
One that is commercial
Question 25
0.75 out of 0.75 points
Which of the following will track every single connection outside the Web by IP
address and URL?
Selected Answer:
Proxy server
Answers: Clipper Chip
National Security Agency
Proxy server
Electronic Privacy Information Center
Question 26
0.75 out of 0.75 points
The volume of data throughput and transmission speed associated with a firewall is
considered what?
Selected Answer:
Performance
Answers: Scalability
Privilege control
Flexibility
Performance
Question 27
0.75 out of 0.75 points
Which of the following is not a security suite?
Selected Answer:
Netfilter
Answers:
Netfilter
Webroot Internet Security Essentials
McAfee Personal Firewall Plus
Computer Associates
Question 28
0.75 out of 0.75 points
Which of the following describes any harmful code or site that depends upon the
user’s actions to be accessed or activated?
Selected Answer:
Passive threat
Answers: Native firewall
Active threat
Passive threat
Cookie filter
Question 29
0.75 out of 0.75 points
Which of the following characteristics relates to a common Gateway Interface (CGI)
script?
Selected
Answer:
A standard that defines how Web server software can delegate the
generation of Web pages to a console application.
Answers:
A standard that defines how Web server software can delegate the
generation of Web pages to a console application.
A computer network authentication protocol that allows nodes
communicating over a non-secure network to prove their identity to one
another in a secure manner
A public interest research group in Washington, D.C., established in 1994 to
focus public attention on emerging civil liberties issues and to protect
privacy, the First Amendment, and Constitutional values in the information
age
A round-robin database tool intended to handle time-series data such as
network bandwidth, temperatures, CPU load, and so on
Question 30
0.75 out of 0.75 points
The degree to which a firewall can impose user access restrictions is known as which
of the following?
Selected Answer:
Privilege control
Answers: Security assurance
Privilege control
Authentication
Audit capabilities
Question 31
0.75 out of 0.75 points
Connecting port 22 or 222 with a client such as WinSCP3 will allow SmoothWall which
capability?
Selected Answer:
Transfer of files to and from the system via SCP/SFTP
Answers: Access to tools like TCPdump
One where the source code cannot be obtained and view by just
anyone
One where the source code can be obtained and viewed by anyone
One that is commercial
Question 36
0.75 out of 0.75 points
Which of the following is a minimum requirement for running SmoothWall?
Selected Answer:
512 MB PC SDRAM
Answers: Three NICs
10 GB hard drive
84MHZ processor
512 MB PC SDRAM
Question 37
0.75 out of 0.75 points
What term is used to describe a chipset developed and promoted by the U.S.
government from 1993 to 1996 as an encryption device to be adopted by
telecommunications companies for voice transmission?
Selected Answer:
Clipper Chip
Answers: Synchronous Dynamic Random Access Memory (SDRAM)
Clipper Chip
Kerberos
National Information Infrastructure (NII)
Question 38
0 out of 0.75 points
Which of the following is not true of security for a SOHO?
Selected Answer:
Not as vulnerable as corporate offices
Answers: Cost effective
Easy to implement
Not as vulnerable as corporate offices
pfSense
DSL
Question 40
0.75 out of 0.75 points
Which type of software is closed-sourced to protect intellectual property and allow
vendors to charge for the product?
Selected Answer:
Commercial
Answers: Non-commercial
Open source
Free software
Commercial
SEC 150 Quiz 11Question 1
0 out of 5 points
Which of the following is one of the most common and easily exploited vulnerabilities
on any hardware network device? Default password
Selected Answer: Undistributed authentication credentials
Answers: Insecure default configuration
Misconfiguration by the installer
Undistributed authentication credentials
Default password
Question 2
5 out of 5 points
VPN hardware can suffer from an unsecured default configuration or misconfiguration.
Selected Answer: True
Answers: True
False
Question 3
5 out of 5 points
Determining who the target audience for training is takes place in the planning stage.
Selected Answer: True
Answers: True
False
Question 4
0 out of 5 points
The least common method for implementing a highly available VPN involves buying
two VPN hardware units and configuring them as a highly available pair. False
Selected Answer: True
Answers: True
False
Question 5
5 out of 5 points
Anonymity is the capability for a network or system user to remain unknown.
Selected Answer: True
Answers: True
False
Question 6
5 out of 5 points
When employees have multiple concurrent connections, what might be happening to the
VPN system?
Selected Answer: There may be a security issue.
Answers: There may be a software failure.
Employees may be trying to access the system from remote locations.
There may be a security issue.
There may be a hardware failure.
Question 7
5 out of 5 points
To mitigate the risk of security threats and breaches, all installers should be trained
before installing the VPN.
Selected Answer: True
Answers: True
False
Question 8
5 out of 5 points
Which type of architecture recognizes that the VPN is vulnerable to attack if placed directly in the Internet,
and therefore places the Internet-facing VPN connection behind a firewall?
Question 1
0 out of 5 points
Which of the following is one of the easiest ways to compromise a VPN?
Selected Answer: Using vulnerability management with remote clients
Answers: Compromising VPN availability
Compromising the authentication credentials
Patching regularly
Using vulnerability management with remote clients
Question 2
5 out of 5 points
“Privacy” is considered keeping information about a network or system user from being
disclosed to unauthorized people.
Selected Answer: True
Answers: True
False
Question 3
5 out of 5 points
Anonymity is the capability of a network or system user to remain known on the system.
Selected Answer: False
Answers: True
False
Question 4
5 out of 5 points
When considering training, one should determine the mechanism for training before
gathering the appropriate information.
Selected Answer: False
Answers: True
False
Question 5
5 out of 5 points
One of the most critical steps in VPN troubleshooting is determining whether the
correction results in new problems.
Selected Answer: True
Answers: True
False
Question 6
5 out of 5 points
When employees have multiple concurrent connections, what might be happening to the
VPN system?
Selected Answer: There may be a security issue.
Answers: There may be a software failure.
Employees may be trying to access the system from remote locations.
There may be a security issue.
There may be a hardware failure.
Question 7
5 out of 5 points
Which section of the VPN policy describes the systems, networks, or people covered by
the policy?
Selected Answer: Scope
Answers: Introduction
Policy
Scope
Purpose
Question 8
5 out of 5 points
One of the primary benefits of an open-source solution is access to vendor support.
Selected Answer: False
Answers: True
False
Question 9
5 out of 5 points
The scope of the VPN policy should include actual policy language.
Selected Answer: False
Answers: True
False
Question 10
0 out of 5 points
Which of the following is most likely to occur in the VPN? Client attack
Selected Answer: Remote access attack
Denial of service
VPN server attack
Client attack
Remote access attack
Question 11
5 out of 5 points
Anonymity is the capability for a network or system user to remain unknown.
Selected Answer: True
Answers: True
False
Question 12
5 out of 5 points
A VPN deployment plan does not need to take into consideration the support of
encryption protocols.
Selected Answer: False
Answers: True
False
Question 13
5 out of 5 points
When determining the number of users affected by a VPN problem, which
troubleshooting step is being performed?
Selected Answer: Determining scope
Answers: Determining scope
Identifying the symptoms
Looking for changes
Calling the vendor
Question 14
5 out of 5 points
Which of the following refers to any product that appears in a vendor’s PowerPoint slide
deck, but is not yet available in one of its products?
Selected Answer: Slideware
Answers: Anonymity
Hairpinning
Service level agreement (SLA)
Slideware
Question 15
5 out of 5 points
Standard client configuration of a VPN does not include antivirus, anti-malware, and
firewall software.
Selected Answer: False
Answers: True
False
Question 16
5 out of 5 points
Which term describes a process by which malicious code can enter from a non-secure
network, and make a hairpin, or sharp turn, and enter a secure network with little or no
trouble because it is entering from a secure and verified endpoint?
Selected Answer: Hairpinning
Answers: Hairpinning
Anonymity
Slideware
Service Level Agreement (SLA)
Question 17
5 out of 5 points
Which of the following describes anonymity?
Selected The capability for a network or system user to remain unknown
Answer:
Answers: The capability for a network or system user to remain unknown
A process by which malicious code can enter from a non-secure network,
and make a hairpin, or sharp turn and enter a secure network with little or no
trouble because it is entering from a secure and verified endpoint
The act of keeping information about a network or system user from being
disclosed to unauthorized people
An industry term referring to any product that appears in a vendor’s
PowerPoint slide deck, but is not yet available in one of its products
Question 18
5 out of 5 points
A VPN policy should address which authorization methods are permitted on the system.
Selected Answer: True
Answers: True
False
Question 19
5 out of 5 points
Which of the following reflects the ability of a network or system user to remain
unknown?
Selected Answer: Anonymity
Answers: Flexibility
Anonymity
Security
Denial of service
Question 20
5 out of 5 points
Which type of architecture recognizes that the VPN is vulnerable to attack if placed directly in the Internet,
and therefore places the Internet-facing VPN connection behind a firewall?
Question 1
5 out of 5 points
Which term describes an early proprietary protocol from Microsoft?
Selected Answer: Point-to-Point Tunneling Protocol (PPTP)
Answers: Authentication Header (AH)
Layer 2 Forwarding (L2F) Protocol
Internet Engineering Task Force (IETF)
Point-to-Point Tunneling Protocol (PPTP)
Question 2
5 out of 5 points
The next generation IP version and successor to IPv4 is called what?
Selected Answer: IPv6
Answers: IPv5
IPv6
IANA
SSL
Question 3
5 out of 5 points
Which component of Secure Shell (SSH) Protocol provides server authentication,
confidentiality, and integrity with perfect forward secrecy?
Selected Answer: Transport Layer Protocol
Answers: Rsync
Connection Protocol
Transport Layer Protocol
User Authentication Protocol
Question 4
5 out of 5 points
Which of the following represents a standards-based protocol suite designed specifically
for securing Internet Protocol communications?
Selected Answer: Internet Protocol Security (IPSec)
Answers: Authentication Header (AH)
Tunnel mode
Transport mode
Internet Protocol Security (IPSec)
Question 5
5 out of 5 points
One function of an SSL VPN is that it usually connects using a Web browser, whereas
an IPSec VPN generally requires client software on the remote system.
Selected Answer: True
Answers: True
False
Question 6
5 out of 5 points
Which of the following describes Layer 2 Tunneling Protocol (L2TP)?
Selected An older protocol largely replaced by IPSec and SSL/ TLS-based VPNs in
Answer:
production environments, but still in use in some older environments
Answers: The standards body for Internet-related engineering specifications
An older protocol largely replaced by IPSec and SSL/ TLS-based VPNs in
production environments, but still in use in some older environments
The second core IPSec security protocol; it can perform authentication to
provide integrity protection, although not for the outermost IP header
An early proprietary protocol from Microsoft
Question 7
5 out of 5 points
One of the drawbacks of HTTP is that it does not include the ability to encrypt or
otherwise protect the data stream between the client and server.
Selected Answer: True
Answers: True
False
Question 8
5 out of 5 points
The higher the encryption levels of VPN, the greater the impact on the memory and
processor of the endpoint devices.
Selected Answer: True
Answers: True
False
Question 9
0 out of 5 points
The use of PPP has extended the availability of IPv4 address space, thereby extending
the life span of IPv4. False
Selected Answer: True
Answers: True
False
Question 10
5 out of 5 points
Which layer of the OSI model is the Data Link Layer?
Selected Answer: Layer 2
Answers: Layer 1
Layer 2
Layer 3
Layer 4
Question 11
0 out of 5 points
The Secure Shell (SSH) protocol works in combination with rsync to back up, copy, and
mirror files securely. True
Selected Answer: False
Answers: True
False
Question 12
0 out of 5 points
The version of VPN software being used does not impact the stability of the rollout of a
successful VPN deployment. False
Selected Answer: True
Answers: True
False
Question 13
5 out of 5 points
Which of the following characteristics relates to Point-to-Point Protocol (PPP)?
Selected A protocol commonly used in establishing a direct connection between two
Answer:
networking nodes
Answers: The standards body for Internet-related engineering specifications
A protocol that provides integrity protection for packet headers and data, as
well as user authentication
A protocol commonly used in establishing a direct connection between two
networking nodes
An older protocol largely replaced by IPSec and SSL/TLS-based VPNs in
production environments, but still in use in some older environments
Question 14
0 out of 5 points
The performance characteristics of a VPN supporting remote clients are generally the same
as the performance characteristics of a VPN supporting site-to-site connections. False
Selected Answer: True
Answers: True
False
Question 15
5 out of 5 points
Which of the following can affect the stability of a VPN deployment?
Selected Answer: Software version
Answers: Topology
Encryption level
Traffic
Software version
Question 16
5 out of 5 points
Which of the following key VPN protocols used today is the main alternative for a VPN
solution that does not leverage an IPSec solution?
Selected Answer: Secure Sockets Layer (SSL)/Transport Layer Security (TLS)
Answers: Internet Engineering Task Force (IETF)
Authentication Header (AH)
Secure Sockets Layer (SSL)/Transport Layer Security (TLS)
Layer 2 Forwarding (L2F) Protocol
Question 17
5 out of 5 points
One of the advantages of L2TP is that it provides a mechanism for encrypting the data
being tunneled.
Selected Answer: False
Answers: True
False
Question 18
5 out of 5 points
TCP is responsible for providing reliable transmissions from one system to another, and
IP is responsible for addressing and route selection.
Selected Answer: True
Answers: True
False
Question 19
5 out of 5 points
Operating system virtualization is the emulation of an operating system environment
hosted on another operating system.
Selected Answer: True
Answers: True
False
Question 20
5 out of 5 points
Which of the following refers to a protocol that provides integrity protection for packet
headers and data, as well as user authentication?
Selected Answer: Authentication Header (AH)
Answers: Point-to-Point Tunneling Protocol (PPTP)
Request for Comments (RFC)
Authentication Header (AH)
Layer 2 Tunneling Protocol (L2TP)
Monday, April 18
Setting up dedicated hardware environments for each customer allows the service
provider to take advantage of economies of scale. False
Selected Answer: True
Answers: True
False
Question 2
5 out of 5 points
Which of the following can affect the stability of a VPN deployment?
Selected Answer: Software version
Answers: Topology
Encryption level
Traffic
Software version
Question 3
5 out of 5 points
The use of PPP has extended the availability of IPv4 address space, thereby extending
the life span of IPv4.
Selected Answer: False
Answers: True
False
Question 4
5 out of 5 points
Which of the following represents a standards-based protocol suite designed specifically
for securing Internet Protocol communications?
Selected Answer: Internet Protocol Security (IPSec)
Answers: Authentication Header (AH)
Tunnel mode
Transport mode
Internet Protocol Security (IPSec)
Question 5
5 out of 5 points
Which of the following refers to a protocol that provides integrity protection for packet
headers and data, as well as user authentication?
Selected Answer: Authentication Header (AH)
Answers: Point-to-Point Tunneling Protocol (PPTP)
Request for Comments (RFC)
Authentication Header (AH)
Layer 2 Tunneling Protocol (L2TP)
Question 6
5 out of 5 points
Support for quality of service (QoS) is built into IPv6, whereas it was an add-on in IPv4.
Selected Answer: True
Answers: True
False
Question 7
5 out of 5 points
One of the advantages of L2TP is that it provides a mechanism for encrypting the data
being tunneled.
Selected Answer: False
Answers: True
False
Question 8
5 out of 5 points
IPSec is a mandatory component for IPv6, and is used to natively protect IPv6 data as it
is sent over the network.
Selected Answer: True
Answers: True
False
Question 9
5 out of 5 points
Operating system virtualization is the emulation of an operating system environment
hosted on another operating system.
Selected Answer: True
Answers: True
False
Question 10
5 out of 5 points
Which of the following negotiates, creates, and manages security associations?
Selected Answer: Internet Key Exchange (IKE)
Answers: Layer 2 Tunneling Protocol (L2TP)
Point-to-Point Tunneling Protocol (PPTP)
Authentication Header (AH)
Internet Key Exchange (IKE)
Question 11
5 out of 5 points
Which of the following refers to a network protocol that is a method for secure remote
logon and other secure network services over a public network?
Selected Answer: Secure Shell (SSH)
Answers: Point-to-Point Protocol (PPP)
Secure Shell (SSH)
Authentication Header (AH)
Encapsulating Security Payload (ESP)
Question 12
5 out of 5 points
One of the drawbacks of HTTP is that it does not include the ability to encrypt or
otherwise protect the data stream between the client and server.
Selected Answer: True
Answers: True
False
Question 13
5 out of 5 points
Which of the following is commonly used with an authentication header to provide both
confidentiality and integrity protection for communications?
Selected Answer: Encapsulating Security Payload (ESP)
Answers: Internet Key Exchange (IKE)
Layer 2 Forwarding (L2F)
Encapsulating Security Payload (ESP)
Point-to-Point Protocol (PPP)
Question 14
5 out of 5 points
Which term describes an early proprietary protocol from Microsoft?
Selected Answer: Point-to-Point Tunneling Protocol (PPTP)
Answers: Authentication Header (AH)
Layer 2 Forwarding (L2F) Protocol
Internet Engineering Task Force (IETF)
Point-to-Point Tunneling Protocol (PPTP)
Question 15
5 out of 5 points
Which of the following key VPN protocols used today is the main alternative for a VPN
solution that does not leverage an IPSec solution?
Selected Answer: Secure Sockets Layer (SSL)/Transport Layer Security (TLS)
Answers: Internet Engineering Task Force (IETF)
Authentication Header (AH)
Secure Sockets Layer (SSL)/Transport Layer Security (TLS)
Layer 2 Forwarding (L2F) Protocol
Question 16
0 out of 5 points
Which of the following is an advantage of SSL/TLS VPNs over IPSec VPNs?
Selected More firewall rules
Answer:
Answers: Installation on corporate systems only
More vendor-created workarounds on the network address translation
tool
More firewall rules
Platform Independence
Question 17
0 out of 5 points
In typical end user/browser usage, SSL/TLS authentication is two-way. False
Selected Answer: True
Answers: True
False
Question 18
0 out of 5 points
Although it provides a mechanism for creating tunnels through an IP network, which of the following does
not provide a mechanism for encrypting the data being tunneled?
Question 1
5 out of 5 points
Support for quality of service (QoS) is built into IPv6, whereas it was an add-on in IPv4.
Selected Answer: True
Answers: True
False
Question 2
5 out of 5 points
Which of the following characteristics relates to authentication header (AH)?
Selected It is a protocol that provides integrity protection for packet headers and data,
Answer:
as well as user authentication.
Answers: It is a document that defines or describes computer and networking
technologies. These documents are published by the Internet Engineering
Task Force, the standards body for Internet engineering specifications. RFCs
exist for hardware, operating systems, protocols, security services, and much
more.
It is an older protocol largely replaced by IPSec and SSL/ TLS-based VPNs
in production environments, but it is still in use in some older environments.
It is an early proprietary protocol from Microsoft.
It is a protocol that provides integrity protection for packet headers and data,
as well as user authentication.
Question 3
5 out of 5 points
What is the Internet Engineering Task Force (IETF)?
Selected The standards body for Internet-related engineering specifications
Answer:
Answers: An early proprietary protocol from Microsoft
An older protocol largely replaced by IPSec and SSL/ TLS-based VPNs in
production environments, but still in use in some older environments
A protocol that provides integrity protection for packet headers and data, as
well as user authentication
The standards body for Internet-related engineering specifications
Question 4
5 out of 5 points
Setting up dedicated hardware environments for each customer allows the service
provider to take advantage of economies of scale.
Selected Answer: False
Answers: True
False
Question 5
5 out of 5 points
TCP is responsible for providing reliable transmissions from one system to another, and
IP is responsible for addressing and route selection.
Selected Answer: True
Answers: True
False
Question 6
5 out of 5 points
One of the drawbacks of HTTP is that it does not include the ability to encrypt or
otherwise protect the data stream between the client and server.
Selected Answer: True
Answers: True
False
Question 7
5 out of 5 points
Operating system virtualization is the emulation of an operating system environment
hosted on another operating system.
Selected Answer: True
Answers: True
False
Question 8
5 out of 5 points
One proposed migration strategy for the move from IPv4 to IPv6 includes allowing two
IPv6 hosts to create a tunnel for traffic between two IPv6 hosts through an IPv4 network.
Selected Answer: True
Answers: True
False
Question 9
5 out of 5 points
Which of the following can affect the stability of a VPN deployment?
Selected Answer: Software version
Answers: Topology
Encryption level
Traffic
Software version
Question 10
5 out of 5 points
Which of the following is commonly used with an authentication header to provide both
confidentiality and integrity protection for communications?
Selected Answer: Encapsulating Security Payload (ESP)
Answers: Internet Key Exchange (IKE)
Layer 2 Forwarding (L2F)
Encapsulating Security Payload (ESP)
Point-to-Point Protocol (PPP)
Question 11
5 out of 5 points
Which of the following represents a standards-based protocol suite designed specifically
for securing Internet Protocol communications?
Selected Answer: Internet Protocol Security (IPSec)
Answers: Authentication Header (AH)
Tunnel mode
Transport mode
Internet Protocol Security (IPSec)
Question 12
5 out of 5 points
To prevent spoofing of transactions, IPv6 IPSec uses a cryptographic checksum that
incorporates a shared encryption key so the receiver can verify that is was sent by the
apparent sender.
Selected Answer: True
Answers: True
False
Question 13
5 out of 5 points
The performance characteristics of a VPN supporting remote clients are generally the
same as the performance characteristics of a VPN supporting site-to-site connections.
Selected Answer: False
Answers: True
False
Question 14
5 out of 5 points
Which of the following negotiates, creates, and manages security associations?
Selected Answer: Internet Key Exchange (IKE)
Answers: Layer 2 Tunneling Protocol (L2TP)
Point-to-Point Tunneling Protocol (PPTP)
Authentication Header (AH)
Internet Key Exchange (IKE)
Question 15
5 out of 5 points
The higher the encryption levels of VPN, the greater the impact on the memory and
processor of the endpoint devices.
Selected Answer: True
Answers: True
False
Question 16
0 out of 5 points
The IPv6 IPSec is a set of national standards that use cryptographic security services to
provide confidentiality, data origin authentication and data integrity.
Selected Answer: True
Answers: True
False
Question 17
5 out of 5 points
The version of VPN software being used does not impact the stability of the rollout of a
successful VPN deployment.
Selected Answer: False
Answers: True
False
Question 18
5 out of 5 points
Which term describes an early proprietary protocol from Microsoft?
Selected Answer: Point-to-Point Tunneling Protocol (PPTP)
Answers: Authentication Header (AH)
Layer 2 Forwarding (L2F) Protocol
Internet Engineering Task Force (IETF)
Point-to-Point Tunneling Protocol (PPTP)
Question 19
5 out of 5 points
Which of the following refers to an early communications protocol that competed with
Point-to-Point Tunneling Protocol?
Selected Answer: Layer 2 Forwarding (L2F) Protocol
Answers: Point-to-Point Tunneling Protocol (PPTP)
Layer 2 Tunneling Protocol (L2TP)
Layer 2 Forwarding (L2F) Protocol
Internet Engineering Task Force (IETF)
Question 20
5 out of 5 points
Which layer of the OSI model is the Data Link Layer?
Selected Answer: Layer 2
Answers: Layer 1
Layer 2
Layer 3
Layer 4
Monday, April 18, 2016 6:39:15 PM EDT
Take Test: ISOL 532 - Final Exam
Test Information
Description The Final Exam covers chapters 8 - 15 in the Textbook
Instructions The exam consists of 100 questions and the time limit is 2 hours. Once the exam is started it must
be completed as it will automatically submit at the 2 hour mark.
Timed Test This test has a time limit of 2 hours.This test will save and submit automatically when the time expires.
Warnings appear when half the time, 5 minutes, 1 minute, and 30 seconds remain.
Multiple Not allowed. This test can only be taken once.
Attempts
Force Once started, this test must be completed in one sitting. Do not leave the test before clicking Save and
Completion Submit.
Remaining Time:
Question 1
1. Which term is describes the second core IPSec security protocol; it can perform authentication to
provide integrity protection, although not for the outermost IP header?
Point-to-Point Protocol (PPP)
Layer 2 Forwarding (L2F) Protocol
Point-to-Point Tunneling Protocol (PPTP)
Encapsulating Security Payload (ESP)
10 points
Question 2
1. When considering transaction security, it is common for the web server to stand behind one firewall
and the database server to stand behind a second firewall.
True
False
10 points
Question 3
1. Which of the following forces all traffic, communications, and activities through a single pathway or
channel that can be used to control bandwidth consumption, filter content, provide authentication
services, or enforce authorization.
Fail-safe
Chokepoint
Fail-secure
Reverse proxy
10 points
Question 4
1. Which of the following characteristics relates to Point-to-Point Protocol (PPP)?
The standards body for Internet-related engineering specifications
A protocol that provides integrity protection for packet headers and data, as well as user
authentication
A protocol commonly used in establishing a direct connection between two networking
nodes
An older protocol largely replaced by IPSec and SSL/ TLS-based VPNs in production
environments, but still in use in some older environments
10 points
Question 5
1. The Containment phase of an incident response plan restrains further escalation of the incident.
True
False
10 points
Question 6
1. Which of the following describes Layer 2 Tunneling Protocol (L2TP)?
The standards body for Internet-related engineering specifications
An older protocol largely replaced by IPSec and SSL/ TLS-based VPNs in production
environments, but still in use in some older environments
The second core IPSec security protocol; it can perform authentication to provide integrity
protection, although not for the outermost IP header
An early proprietary protocol from Microsoft
10 points
Question 7
1. Which layer of the OSI model is the Data Link Layer?
Layer 1
Layer 2
Layer 3
Layer 4
10 points
Question 8
1. To mitigate the risk of security threats and breaches, all installers should be trained before installing
the VPN.
True
False
10 points
Question 9
1. Each form of firewall filtering or traffic management is vulnerable in some way.
True
False
10 points
Question 10
1. Which of the following describes a service level agreement (SLA)?
A contractual commitment by a service provider or support organization to its customers or
users
The ability for a network or system user to remain unknown
An industry term referring to any product that appears in a vendor’s PowerPoint slide deck,
but is not yet available in one of its products
A process by which malicious code can enter from a non-secure network, and make a
hairpin, or sharp turn and enter a secure network with little or no trouble because it is
entering from a secure and verified endpoint
10 points
Question 11
1. Deploying a security product is more preferable than addressing your environment’s specific risks.
True
False
10 points
Question 12
1. VPN hardware can suffer from an unsecured default configuration or misconfiguration.
True
False
10 points
Question 13
1. Which of the following is one of the most common and easily exploited vulnerabilities on any
hardware network device?
Insecure default configuration
Misconfiguration by the installer
Undistributed authentication credentials
Default password
10 points
Question 14
1. Which of the following refers to a protocol that provides integrity protection for packet headers and
data, as well as user authentication?
Point-to-Point Tunneling Protocol (PPTP)
Request for Comments (RFC)
Authentication Header (AH)
Layer 2 Tunneling Protocol (L2TP)
10 points
Question 15
1. All of the following are disadvantages of the build-it-yourself firewall, but one is an advantage.
Which of the following is an advantage?
Additional hardware manipulation
Hardening of a host OS
Juggling of device drivers
Cost
10 points
Question 16
1. The volume of data throughput and transmission speed associated with a firewall is considered what?
Scalability
Privilege control
Flexibility
Performance
10 points
Question 17
1. The next generation IP version and successor to IPv4 is called what?
IPv5
IPv6
IANA
SSL
10 points
Question 18
1. An encrypted VPN link guarantees that the other end of the VPN connection is secure.
True
False
10 points
Question 19
1. Which of the following documents an organization's rules for using a VPN?
Hairpinning
Remote access policy
Service level agreement
Vaporware
10 points
Question 20
1. Which of the following is an IPSec-based VPN protocol that uses NAT traversal (NAT-T)?
Internet Key Exchange v2 (IKEv2)
Layer 2 Tunneling Protocol (L2TP)
Point-to-Point Tunneling Protocol (PPTP)
Remote Desktop Protocol (RDP)
10 points
Question 21
1. Which one of the following is not a benefit of having a written firewall policy?
It acts as a tool for assisting in troubleshooting.
It serves as a guideline for detecting changes and differences.
It defines how to use a reverse proxy to add an additional layer of protection and control
between Internet-based users and internally hosted servers.
It ensures consistent filtering across firewalls.
10 points
Question 22
1. Which of the following is a closed-source product?
One that is non-commercial
One where the source code cannot be obtained and view by just anyone
One where the source code can be obtained and viewed by anyone
One that is commercial
10 points
Question 23
1. The term Electronic Privacy Information Center (EPIC) refers to a form of the digital subscriber line
technology, which enables faster data transmission over copper telephone lines than a conventional
voice band modem can provide.
True
False
10 points
Question 24
1. Allowing every communication is a bad idea from a security standpoint as well as a productivity one.
True
False
10 points
Question 25
1. Which of the following refers to a system designed, built, and deployed specifically to serve as a
frontline defense for a network?
Diversity of defense
Universal participation
Proprietary OS
Bastion host OS
10 points
Question 26
1. A passive threat seeks out vulnerable targets.
True
False
10 points
Question 27
1. A bastion host allows the firewall to connect to the internal network and the perimeter network.
True
False
10 points
Question 28
1. Which of the following is used to connect two offices in different locations?
Remote gateway
Host-to-gateway VPN
Gateway-to-gateway VPN
VPN appliance
10 points
Question 29
1. One of the most important steps in VPN troubleshooting is documenting processes and procedures.
True
False
10 points
Question 30
1. Which of the following does not address passive threats?
Pop-up blockers
Cookie filters
Malicious site managers
Active threats
10 points
Question 31
1. Which of the following is hardware that connects a local network—or even a single computer—to a
telco’s carrier network to access the Internet?
IPFire
ISP connection device
DSL line
SOHO
10 points
Question 32
1. Which of the following is not a security strategy?
Defense diversity
Firewall policies
Weakest link
Forced universal participation
10 points
Question 33
1. What name is given to a method that proves identity using two different authentication factors?
Service level agreement (SLA)
Two-factor authentication
Hairpinning
Anonymity
10 points
Question 34
1. Digital signatures rarely accompany both authentication and nonrepudiation transactions.
True
False
10 points
Question 35
1. Which type of architecture places a firewall in front of the VPN to protect it from Internet-based
attacks as well as behind a firewall to protect the internal network?
Bi-lateral architecture
Two-prong approach
Two-factor architecture
DMZ architecture
10 points
Question 36
1. Linux distributions automatically come with a native software firewall.
True
False
10 points
Question 37
1. An intranet is an external network.
True
False
10 points
Question 38
1. Which of the following is not a firewall type?
Universal
Static packet filtering
Proxy
Stateful inspection
10 points
Question 39
1. Which of the following is a proprietary protocol developed by Microsoft that provides a user with a
graphical interface to another computer?
Secure Sockets Layer (SSL)
Layer 2 Tunneling Protocol (L2TP)
Point-to-Point Tunneling Protocol (PPTP)
Remote Desktop Protocol (RDP)
10 points
Question 40
1. A gateway-to-gateway VPN provides connectivity between two locations such as a main office and a
branch office.
True
False
10 points
Question 41
1. Which of the following represents a standards-based protocol suite designed specifically for securing
Internet Protocol communications?
Authentication Header (AH)
Tunnel mode
Transport mode
Internet Protocol Security (IPSec)
10 points
Question 42
1. If strong authentication is a priority, select an application gateway firewall or a dedicated application-
specific proxy firewall.
True
False
10 points
Question 43
1. Which of the following risks can compromise the confidentiality of documents stored on the server?
Risk that transaction data can be intercepted
Risk that unauthorized individuals can breach the server’s document tree
Risk that information about the server can be accessed
Risk of denial of service attacks
10 points
Question 44
1. Which section of the VPN policy describes the systems, networks, or people covered by the policy?
Introduction
Policy
Scope
Purpose
10 points
Question 45
1. Which of the following offers keycard security and allows you to restrict the times that your
computer can be remotely accessed?
GoToMyPC
LogMeIn
NTRconnect
Internet café
10 points
Question 46
1. Examples of users purposefully avoiding or violating security—that is, not actively
supporting and participating in security—include all of the following except which one?
Using proxy tools to get around firewalls
Using personal equipment
Sharing accounts with other employees
Setting strong passwords
10 points
Question 47
1. IPSec is a mandatory component for IPv6, and is used to natively protect IPv6 data as it is sent over
the network.
True
False
10 points
Question 48
1. Which of the following describes a general purpose OS?
An operating system that supports only firewall functions
An operating system that does not support firewall functions
A means of providing faster access to static content for external users accessing internal
Web servers
An operating system such as Windows or Linux that can support a wide variety of purposes
and functions, but which, when used as a bastion host OS, must be hardened and locked
down
10 points
Question 49
1. Which of the following outbound ports is for DNS?
Port 25
Port 53
Port 80
Port 110
10 points
Question 50
1. Which of the following is a form of threat that takes some type of initiative to seek out a target to
compromise?
Native firewall
Passive threat
Active threat
Cookie
10 points
Question 51
1. A commercial software production is typically uses open source code.
True
False
10 points
Question 52
1. Which of the following refers to any product that appears in a vendor’s PowerPoint slide deck, but is
not yet available in one of its products?
Anonymity
Hairpinning
Service level agreement (SLA)
Slideware
10 points
Question 53
1. TCP is responsible for providing reliable transmissions from one system to another, and IP is
responsible for addressing and route selection.
True
False
10 points
Question 54
1. Which type of firewall is designed to control input, output, and/or access to an application?
Application firewall
Hybrid firewall
Database firewall
Data protection
10 points
Question 55
1. There are six steps for writing a security incident response plane. Which of the following is not a
step?
Detection
Containment
Eradication
Report
10 points
Question 56
1. Most individuals and small office environments are at the most significant risk of being a primary
target of hacker activity.
True
False
10 points
Question 57
1. Which of the following supports multiple layers of security? is similar to defense in depth—it
supports multiple layers of security.
Defense in depth
Diversity of defense
Chokepoint
Weakest link
10 points
Question 58
1. For which of the following does the mobile user take specific actions to connect to the VPN?
Remote gateway
Host-to-gateway VPN
Gateway-to-gateway VPN
VPN appliance
10 points
Question 59
1. A closed-source product is typically free.
True
False
10 points
Question 60
1. Which of the following is not an ISP connection?
Cable
Satellite
pfSense
DSL
10 points
Question 61
1. Simulator tests are secure by design.
True
False
10 points
Question 62
1. A firewall’s vulnerability to DoS flooding is a limitation or weakness that you can’t fix, improve, or
repair by either upgrading the firewall or applying a patch.
True
False
10 points
Question 63
1. Which of the following is a benefit of an open source VPN solution?
Ease of installation
Available management tools
Low cost
Access to vendor support
10 points
Question 64
1. Which term describes a process by which malicious code can enter from a non-secure network, and
make a hairpin, or sharp turn, and enter a secure network with little or no trouble because it is
entering from a secure and verified endpoint?
Hairpinning
Anonymity
Slideware
Service Level Agreement (SLA)
10 points
Question 65
1. Although it provides a mechanism for creating tunnels through an IP network, which of the following
does not provide a mechanism for encrypting the data being tunneled?
Point-to-Point Protocol (PPP)
Authentication Header (AH)
Layer 2 Tunneling Protocol (L2TP)
Encapsulating Security Payload (ESP)
10 points
Question 66
1. A proxy server can track every single connection outside the Web by IP address and the URL
requested.
True
False
10 points
Question 67
1. Windows Firewall is a native operating system firewall.
True
False
10 points
Question 68
1. Which of the following is a public location that sells Internet access?
Internet café
Extranet
Intranet
LogMeIn,
10 points
Question 69
1. Which of the following links customers, suppliers, partners, or communities of interest to a corporate
intranet over a shared infrastructure?
Untrusted networks
Intranets
DMZs
Extranet VPNs
10 points
Question 70
1. A is a physical or logical subnetwork that contains and exposes an organization’s external services to
a larger untrusted network, usually the Internet.
Demilitarized zone (DMZ)
VPN
LAN
Extranet
10 points
Question 71
1. Which of the following is an advantage of SSL/TLS VPNs over IPSec VPNs?
Installation on corporate systems only
More vendor-created workarounds on the network address translation tool
More firewall rules
Platform Independence
10 points
Question 72
1. Which of the following allows file-sharing functionality?
GoToMyPC
NTRconnect
LogMeIn
VPN appliance
10 points
Question 73
1. GoToMyPC, LogMeIn, and NTRconnect allow you to use a Mac as the client, but only NTRconnect
enables you to use a Mac as the host.
True
False
10 points
Question 74
1. A passive threat is similar to a virus in that it depends upon the activity of the user to activate, infect,
and spread.
True
False
10 points
Question 75
1. Which of the following describes security stance?
An organization’s filtering configuration; it answers the question, “What should be allowed
and what should be blocked?”
A means of providing faster access to static content for external users accessing internal
Web servers
An operating system such as Windows or Linux that supports a wide variety of purposes and
functions, but when used as a bastion host OS must be hardened and locked down
An approach to security similar to defense in depth that uses a different security mechanism
at each or most of the layers
10 points
Question 76
1. What term is used to describe a chipset developed and promoted by the U.S. government from 1993
to 1996 as an encryption device to be adopted by telecommunications companies for voice
transmission?
Synchronous Dynamic Random Access Memory (SDRAM)
Clipper Chip
Kerberos
National Information Infrastructure (NII)
10 points
Question 77
1. Which of the following describes a native firewall?
A small text file used by Web browsers and servers to track Web sessions
A firewall in an operating system or hardware device that is placed there by the vendor or
manufacturer
Open-source and commercial software firewalls for most operating systems
Windows 7 host software firewall
10 points
Question 78
1. If a larger organization wanted to protect subnets within the network, basic packet filtering provided
by routers might be the most appropriate choice.
True
False
10 points
Question 79
1. Snort is an open-source, rule-based IDS that can detect firewall breaches.
True
False
10 points
Question 80
1. “Privacy” is considered keeping information about a network or system user from being disclosed to
unauthorized people.
True
False
10 points
Question 81
1. Which of the following is a dedicated hardware device that functions as a black-box sentry?
Fail-safe
Reverse proxy firewall
Proxy firewall
Appliance firewall
10 points
Question 82
1. GoToMyPC and NTRconnect enable you to easily print a document on the host using the printer
attached to the client.
True
False
10 points
Question 83
1. Which of the following reflects the ability of a network or system user to remain unknown?
Flexibility
Anonymity
Security
Denial of service
10 points
Question 84
1. Which of the following should specifically be included in the organizations VPN solution?
The prohibiting of split tunneling
Encouraging shared VPN credentials
Types of VPN connections supported
How scalable the VPN is
10 points
Question 85
1. Which of the following key VPN protocols used today is the main alternative for a VPN solution that
does not leverage an IPSec solution?
Internet Engineering Task Force (IETF)
Authentication Header (AH)
Secure Sockets Layer(SSL)/Transport Layer Security (TLS)
Layer 2 Forwarding (L2F) Protocol
10 points
Question 86
1. One of the drawbacks of HTTP is that it does not include the ability to encrypt or otherwise protect
the data stream between the client and server.
True
False
10 points
Question 87
1. Which name is given to an architectural framework for delivering IP multimedia services?
IP Multimedia Subsystem (IMS)
Anti-forensics
Digital forensic techniques
Data leakage prevention (DLP)
10 points
Question 88
1. Which of the following identifies a user based on anatomical characteristics such as a fingerprint, a
voice print, or iris patterns?
Anti-forensics
Data leakage prevention (DLP)
Biometrics
Virtualization security
10 points
Question 89
1. One of the primary benefits of an open source solution is access to vendor support.
True
False
10 points
Question 90
1. Which of the following requires PKI support and is used for encryption with newer tunneling
protocols?
Secure Socket Tunneling Protocol (SSTP)
Layer 2 Tunneling Protocol (L2TP)
Point-to-Point Tunneling Protocol (PPTP)
Internet Key Exchange v2 (IKEv2)
10 points
Question 91
1. Which of the following will track every single connection outside the Web by IP address and URL?
Clipper Chip
National Security Agency
Proxy server
Electronic Privacy Information Center
10 points
Question 92
1. Which of the following does port forwarding support?
Any service on any port
Caching
Encryption endpoint
Load balancing
10 points
Question 93
1. Which of the following refers to a series of tools and techniques used to prevent forensic examination
from identifying an attack or attacker?
IP Multimedia Subsystem (IMS)
Information Technology Infrastructure Library (ITIL)
Anti-forensics
Data leakage prevention (DLP)
10 points
Question 94
1. Which of the following refers to a public interest research group in Washington, D.C. that was
established in 1994 to preserve the right of privacy in the electronic age as well as to give individuals
greater control over personal information?
National Security Agency (NSA)
CERN
National Information Infrastructure (NII)
Electronic Privacy Information Center (EPIC)
10 points
Question 95
1. Which of the following describes the principle that for an organization’s security policy to be
effective, everyone must be forced to work within it and follow its rules?
Universal participation
Diversity of defense
General purpose OS
Bastion host OS
10 points
Question 96
1. Which of the following refers to an operating system built exclusively to run on a bastion host
device?
Universal participation
Bastion host OS
Reverse caching
Proprietary OS
10 points
Question 97
1. Which of the following negotiates, creates, and manages security associations?
Layer 2 Tunneling Protocol (L2TP)
Point-to-Point Tunneling Protocol (PPTP)
Authentication Header (AH)
Internet Key Exchange (IKE)
10 points
Question 98
1. Which type of software is closed-sourced to protect intellectual property and allow vendors to charge
for the product?
Non-commercial
Open source
Free software
Commercial
10 points
Question 99
1. Permanent site-to-site VPNs do not require firewalls at both ends that use static IP addresses.
True
False
10 points
Question 100
1. When troubleshooting firewalls, which of the following is not something you should do after you
attempt a fix?
Make multiple fixes.
Repeat the failure.
Test after each attempt.
Reverse or undo solution failures.
Which of the following describes awareness?
A dedicated microchip found on some motherboards that host and protect the encryption key for
whole hard drive encryption
The third and highest level of obtaining security knowledge that leads to career advancement
A security guideline, procedure, or recommendation manual
Correct!
Basic security training that focuses on common or basic security elements that all employees must
know and abide by
Answer: D Page reference: 196-198 Objective: Compose a procedure for incident response.
Question 2
Which of the following creates copies of data on other storage media?
Fail-Open
Honeynets
Correct!
Backups
Security Technical Implementation Guide (STIGS)
Answer: C Page reference: 195-196 Objective: Compose a procedure for incident response.
Question 3
What is a business continuity plan?
A plan explaining the use of only a single element of validation or verification to prove the identity
of a subject.
A plan outlining the failure response that results in open and unrestricted access or
communication.
Correct!
A plan to maintain the mission-critical functions of the organization in the event of a problem that
threatens to take business processes offline.
A plan to restore the mission-critical functions of the organization once they have been
interrupted by an adverse event.
Answer: C Page reference: Page 185 Objective: List examples of network security best practices.
Question 4
Which of the following is a detailed and thorough review of the deployed security infrastructure
compared with the organization's security policy and any applicable laws and regulations?
Incident response plan
Correct!
Compliance audit
Disaster recovery plan
Business continuity plan
Answer: B Page reference: 204-205 Objective: Describe the methods of network security assessment.
Question 5
A security stance that blocks access to all resources until a valid authorized explicit exception is defined?
Fail-secure
Fail-open
Correct!
Default deny
Default allow
Answer: C Page reference: 189 Objective: List examples of network security best practices.
Question 6
Which of the following is not a characteristic of security education?
Its purpose is to obtain knowledge that leads to career advancement.
Correct!
It is usually obtained inside of the organization.
It is broad and not necessarily focused on specific job tasks or assignments.
It is more rigorous than awareness or training.
Answer: B Page reference: 199 Objective: Compose a procedure for incident response.
Question 7
Which of the following refers to a failure response resulting in open and unrestricted access or
communication?
Correct!
Fail-open
Mission-critical
Default allow
Fail-secure
Answer: A Page reference: 190 Objective: List examples of network security best practices.
Question 8
Which of the following is a form of security protection that protects individual files by scrambling the
contents in such a way as to render them unusable by unauthorized third parties?
Default allow
Separation of duties
Correct!
File encryption
Fail-secure
Answer: C Page reference: 184 Objective: List examples of network security best practices.
Question 9
Which of the following describes a predefined procedure that will limit damage, contain the spread of
malicious content, stop the compromise of information, and promptly restore the environment to a
normal state?
Separation of duties
Correct!
Incident response plan
Business continuity plan
Disaster recovery plan
Answer: B Page reference: 191 Objective: Compose a procedure for incident response.
Question 10
Which of the following describes the state or condition of an asset or process vitally important to the
long-term existence and stability of an organization?
Correct!
Mission-critical
Fail-secure
Fail-open
Compliance audit
Answer: A Page reference: 185 Objective: List examples of network security best practices.
Question 11
Which of the following refers to a specialized host used to place an attacker into a system where the
intruder cannot do any harm?
Incident response plan
Correct!
Padded cell
Principle of least privilege
Default allow
Answer: B Page reference: 193 Objective: Compose a procedure for incident response.
Question 12
What prevents a hard drive from being read by another system if it is stolen?
Correct!
Whole hard drive encryption
Host firewall
Antivirus scanner
Intrusion detection system (IDS)
Answer: A Page reference: 194 Objective: Compose a procedure for incident response.
Question 13
Which form of investigation aims at checking whether or not a target system is subject to attack based
on a database of tests, scripts, and simulated exploits?
Incident response plan
Fail-open
Correct!
Vulnerability scanning
Separation of duties
Answer: C Page reference: 207 Objective: Describe the methods of network security assessment.
Question 14
Which one of the following is not a cause of a configuration error?
Physical damage
Updates
Human error
Correct!
Vulnerability scanning
Answer: D Page reference: 204 Objective: Enumerate key components of an effective network security
installation.
Question 15
Which of the following describes separation of duties?
A security stance that allows all communications except those prohibited by specific deny
exceptions
A plan to restore the mission-critical functions of the organization once they have been
interrupted by an adverse event
A security guideline, procedure, or recommendation manual
Correct!
An administrative rule whereby no single individual possesses sufficient rights to perform certain
actions
Answer: D Page reference: 188 Objective: List examples of network security best practices.
Question 16
Which of the following is not a step in an incident response solution?
Correct!
Evasion
Containment
Eradication
Recovery
Answer: A Page reference: 191 Objective: Compose a procedure for incident response.
Question 17
Which of the following refers to the guideline that all users should be granted only the minimum level of
access and permission required to perform their assigned job tasks and responsibilities?
The whitelist
Correct!
Principle of least privilege
Single-factor authentication
Incident response plan
Answer: B Page reference: 188 Objective: List examples of network security best practices.
Question 18
Which of the following is an element of infrastructure design that takes into account the likelihood of a
security breach by malicious code or some other intruder?
Containment
Trapping
Correct!
Compartmentalization
Intrusion detection
Answer: C Page reference: 192 Objective: Compose a procedure for incident response.
Question 19
Checking authentication, checking authorization and access control, auditing systems, and verifying
firewalls and other filters should all be included on which of the following?
A physical security checklist
A whitelist
A response plan
Correct!
A logical security checklist
Answer: D Page reference: 201 Objective: Compose a procedure for incident response.
Question 20
Which of the following determines the available vendor patches that are installed or missing?
Vulnerability scan
Correct!
Configuration scan
Penetration test
Post-mortem assessment
Answer: B Page reference: 206 Objective: Describe the methods of network security assessment.
Question 21
Organizations are usually not aware of when compliance auditing is a mandated periodic occurrence, so
preparation is challenging and often not possible.
True
Correct!
False
Answer: B Page reference: 205 Objective: Describe the methods of network security assessment.
Question 22
Default deny is a specialized host used to place an attacker into a system where the intruder cannot do
any harm.
True
Correct!
False
Answer: B Page reference: 193 Objective: Compose a procedure for incident response.
Question 23
The goal of disaster recovery planning is to return the business to functional operation within a limited
time to prevent the failure of the organization due to the incident.
Correct!
True
Answer: A Page reference: 185 Objective: List examples of network security best practices.
False
Question 24
A fail-open grants all users the minimum level of access and permission required to perform an assigned
job task or responsibility.
True
Correct!
False
Answer: B Page reference: 189-190 Objective: List examples of network security best practices.
Question 25
The act of containment should not interrupt or interfere with the continued spread or operation of the
unwanted event.
True
Correct!
False
Answer: B Page reference: 192 Objective: Compose a procedure for incident response.
Question 26
A honeynet is a collection of multiple honeypots in a network for the purposes of luring and trapping
hackers.
Correct!
True
Answer: A Page reference: 193 Objective: Compose a procedure for incident response.
False
Question 27
Patch management watches for the release of new updates from vendors, tests the patches, obtains
approval, and then oversees the deployment and implementation of updates across the production
environment.
Correct!
True
Answer: A Page reference: 186 Objective: List examples of network security best practices.
False
Question 28
A Security Technical Implementation Guide (STIGS) is a guideline, procedure, or recommendation
manual.
Correct!
True
Answer: A Page reference: 187 Objective: List examples of network security best practices.
False
Question 29
Training is less rigorous than awareness and more rigorous than education.
True
Correct!
False
Answer: B Page reference: 196-197 Objective: Compose a procedure for incident response.
Question 30
Single-factor authentication uses a single element of validation or verification to prove the identity of a
subject, and it is considered much stronger than multi-factor authentication.
True
Correct!
False
Answer: B Page reference: 185 Objective: List examples of network security best practices. I
Question 31
Trusted Platform Module (TPM) is a dedicated microchip found on some motherboards; it hosts and
protects the encryption key for whole hard drive encryption.
Correct!
True
Answer: A Page reference: 194 Objective: Compose a procedure for incident response.
False
Question 32
You should never assume that a service or protocol is secured by another layer or service.
Correct!
True
Answer: A Page reference: 201 Objective: Compose a procedure for incident response.
False
Question 33
Bricking occurs when an update process causes a complete failure of the security control.
Correct!
True
Answer: A Page reference: 203 Objective: Enumerate key components of an effective network security
installation.
False
Question 34
Security management is the ongoing process of evaluating security so that you can improve it.
True
Answer: B Page reference: 205 Objective: Describe the methods of network security assessment.
Correct!
False
Question 35
Penetration testing involves the application of hacking techniques, methodology, and tools, and ethical
security experts conduct penetration testing.
Correct!
True
Answer: A Page reference: 207 Objective: Describe the methods of network security assessment.
False
Question 36
A port-mortem assessment review is the self-evaluation performed by individuals and organizations
after each security assessment task.
Correct!
True
Answer: A Page reference: 208 Objective: Describe the methods of network security assessment.
False.
Question 37
You should wait at least a month before applying a patch or update from the vendor.
True
Correct!
False
Answer: B Page reference: 204 Objective: Enumerate key components of an effective network security
installation.
Question 38
Handling physical security attacks is the most important aspect of a security plan, as these types of
attacks pose the highest risks to the organization.
True
Answer: B Page reference: 190-191 Objective: Describe the importance of physical security.
Correct!
False
Question 39
It is a mistake to use remote system and device management mechanisms that are convenient but not
secure, such as telnet, HTTP, and FTP.
Correct!
True
Answer: A Page reference: 197 Objective: Compose a procedure for incident response.
False
Question 40
To write a comprehensive security policy, you should first inventory and examine the components of the
IT infrastructure.
Correct!
True
Answer: A Page reference: 183 Objective: List examples of network security best practices.
False
SEC 150 Quiz 11Question 1
0 out of 5 points
Which of the following is one of the most common and easily exploited vulnerabilities
on any hardware network device? Default password
Selected Answer: Undistributed authentication credentials
Answers: Insecure default configuration
Misconfiguration by the installer
Undistributed authentication credentials
Default password
Question 2
5 out of 5 points
VPN hardware can suffer from an unsecured default configuration or misconfiguration.
Selected Answer: True
Answers: True
False
Question 3
5 out of 5 points
Determining who the target audience for training is takes place in the planning stage.
Selected Answer: True
Answers: True
False
Question 4
0 out of 5 points
The least common method for implementing a highly available VPN involves buying
two VPN hardware units and configuring them as a highly available pair. False
Selected Answer: True
Answers: True
False
Question 5
5 out of 5 points
Anonymity is the capability for a network or system user to remain unknown.
Selected Answer: True
Answers: True
False
Question 6
5 out of 5 points
When employees have multiple concurrent connections, what might be happening to the
VPN system?
Selected Answer: There may be a security issue.
Answers: There may be a software failure.
Employees may be trying to access the system from remote locations.
There may be a security issue.
There may be a hardware failure.
Question 7
5 out of 5 points
To mitigate the risk of security threats and breaches, all installers should be trained
before installing the VPN.
Selected Answer: True
Answers: True
False
Question 8
5 out of 5 points
Which type of architecture recognizes that the VPN is vulnerable to attack if placed directly in the Internet,
and therefore places the Internet-facing VPN connection behind a firewall?
Question 1
0 out of 5 points
Which of the following is one of the easiest ways to compromise a VPN?
Selected Answer: Using vulnerability management with remote clients
Answers: Compromising VPN availability
Compromising the authentication credentials
Patching regularly
Using vulnerability management with remote clients
Question 2
5 out of 5 points
“Privacy” is considered keeping information about a network or system user from being
disclosed to unauthorized people.
Selected Answer: True
Answers: True
False
Question 3
5 out of 5 points
Anonymity is the capability of a network or system user to remain known on the system.
Selected Answer: False
Answers: True
False
Question 4
5 out of 5 points
When considering training, one should determine the mechanism for training before
gathering the appropriate information.
Selected Answer: False
Answers: True
False
Question 5
5 out of 5 points
One of the most critical steps in VPN troubleshooting is determining whether the
correction results in new problems.
Selected Answer: True
Answers: True
False
Question 6
5 out of 5 points
When employees have multiple concurrent connections, what might be happening to the
VPN system?
Selected Answer: There may be a security issue.
Answers: There may be a software failure.
Employees may be trying to access the system from remote locations.
There may be a security issue.
There may be a hardware failure.
Question 7
5 out of 5 points
Which section of the VPN policy describes the systems, networks, or people covered by
the policy?
Selected Answer: Scope
Answers: Introduction
Policy
Scope
Purpose
Question 8
5 out of 5 points
One of the primary benefits of an open-source solution is access to vendor support.
Selected Answer: False
Answers: True
False
Question 9
5 out of 5 points
The scope of the VPN policy should include actual policy language.
Selected Answer: False
Answers: True
False
Question 10
0 out of 5 points
Which of the following is most likely to occur in the VPN? Client attack
Selected Answer: Remote access attack
Denial of service
VPN server attack
Client attack
Remote access attack
Question 11
5 out of 5 points
Anonymity is the capability for a network or system user to remain unknown.
Selected Answer: True
Answers: True
False
Question 12
5 out of 5 points
A VPN deployment plan does not need to take into consideration the support of
encryption protocols.
Selected Answer: False
Answers: True
False
Question 13
5 out of 5 points
When determining the number of users affected by a VPN problem, which
troubleshooting step is being performed?
Selected Answer: Determining scope
Answers: Determining scope
Identifying the symptoms
Looking for changes
Calling the vendor
Question 14
5 out of 5 points
Which of the following refers to any product that appears in a vendor’s PowerPoint slide
deck, but is not yet available in one of its products?
Selected Answer: Slideware
Answers: Anonymity
Hairpinning
Service level agreement (SLA)
Slideware
Question 15
5 out of 5 points
Standard client configuration of a VPN does not include antivirus, anti-malware, and
firewall software.
Selected Answer: False
Answers: True
False
Question 16
5 out of 5 points
Which term describes a process by which malicious code can enter from a non-secure
network, and make a hairpin, or sharp turn, and enter a secure network with little or no
trouble because it is entering from a secure and verified endpoint?
Selected Answer: Hairpinning
Answers: Hairpinning
Anonymity
Slideware
Service Level Agreement (SLA)
Question 17
5 out of 5 points
Which of the following describes anonymity?
Selected The capability for a network or system user to remain unknown
Answer:
Answers: The capability for a network or system user to remain unknown
A process by which malicious code can enter from a non-secure network,
and make a hairpin, or sharp turn and enter a secure network with little or no
trouble because it is entering from a secure and verified endpoint
The act of keeping information about a network or system user from being
disclosed to unauthorized people
An industry term referring to any product that appears in a vendor’s
PowerPoint slide deck, but is not yet available in one of its products
Question 18
5 out of 5 points
A VPN policy should address which authorization methods are permitted on the system.
Selected Answer: True
Answers: True
False
Question 19
5 out of 5 points
Which of the following reflects the ability of a network or system user to remain
unknown?
Selected Answer: Anonymity
Answers: Flexibility
Anonymity
Security
Denial of service
Question 20
5 out of 5 points
Which type of architecture recognizes that the VPN is vulnerable to attack if placed directly in the Internet,
and therefore places the Internet-facing VPN connection behind a firewall?
Question 1
5 out of 5 points
Which term describes an early proprietary protocol from Microsoft?
Selected Answer: Point-to-Point Tunneling Protocol (PPTP)
Answers: Authentication Header (AH)
Layer 2 Forwarding (L2F) Protocol
Internet Engineering Task Force (IETF)
Point-to-Point Tunneling Protocol (PPTP)
Question 2
5 out of 5 points
The next generation IP version and successor to IPv4 is called what?
Selected Answer: IPv6
Answers: IPv5
IPv6
IANA
SSL
Question 3
5 out of 5 points
Which component of Secure Shell (SSH) Protocol provides server authentication,
confidentiality, and integrity with perfect forward secrecy?
Selected Answer: Transport Layer Protocol
Answers: Rsync
Connection Protocol
Transport Layer Protocol
User Authentication Protocol
Question 4
5 out of 5 points
Which of the following represents a standards-based protocol suite designed specifically
for securing Internet Protocol communications?
Selected Answer: Internet Protocol Security (IPSec)
Answers: Authentication Header (AH)
Tunnel mode
Transport mode
Internet Protocol Security (IPSec)
Question 5
5 out of 5 points
One function of an SSL VPN is that it usually connects using a Web browser, whereas
an IPSec VPN generally requires client software on the remote system.
Selected Answer: True
Answers: True
False
Question 6
5 out of 5 points
Which of the following describes Layer 2 Tunneling Protocol (L2TP)?
Selected An older protocol largely replaced by IPSec and SSL/ TLS-based VPNs in
Answer:
production environments, but still in use in some older environments
Answers: The standards body for Internet-related engineering specifications
An older protocol largely replaced by IPSec and SSL/ TLS-based VPNs in
production environments, but still in use in some older environments
The second core IPSec security protocol; it can perform authentication to
provide integrity protection, although not for the outermost IP header
An early proprietary protocol from Microsoft
Question 7
5 out of 5 points
One of the drawbacks of HTTP is that it does not include the ability to encrypt or
otherwise protect the data stream between the client and server.
Selected Answer: True
Answers: True
False
Question 8
5 out of 5 points
The higher the encryption levels of VPN, the greater the impact on the memory and
processor of the endpoint devices.
Selected Answer: True
Answers: True
False
Question 9
0 out of 5 points
The use of PPP has extended the availability of IPv4 address space, thereby extending
the life span of IPv4. False
Selected Answer: True
Answers: True
False
Question 10
5 out of 5 points
Which layer of the OSI model is the Data Link Layer?
Selected Answer: Layer 2
Answers: Layer 1
Layer 2
Layer 3
Layer 4
Question 11
0 out of 5 points
The Secure Shell (SSH) protocol works in combination with rsync to back up, copy, and
mirror files securely. True
Selected Answer: False
Answers: True
False
Question 12
0 out of 5 points
The version of VPN software being used does not impact the stability of the rollout of a
successful VPN deployment. False
Selected Answer: True
Answers: True
False
Question 13
5 out of 5 points
Which of the following characteristics relates to Point-to-Point Protocol (PPP)?
Selected A protocol commonly used in establishing a direct connection between two
Answer:
networking nodes
Answers: The standards body for Internet-related engineering specifications
A protocol that provides integrity protection for packet headers and data, as
well as user authentication
A protocol commonly used in establishing a direct connection between two
networking nodes
An older protocol largely replaced by IPSec and SSL/TLS-based VPNs in
production environments, but still in use in some older environments
Question 14
0 out of 5 points
The performance characteristics of a VPN supporting remote clients are generally the same
as the performance characteristics of a VPN supporting site-to-site connections. False
Selected Answer: True
Answers: True
False
Question 15
5 out of 5 points
Which of the following can affect the stability of a VPN deployment?
Selected Answer: Software version
Answers: Topology
Encryption level
Traffic
Software version
Question 16
5 out of 5 points
Which of the following key VPN protocols used today is the main alternative for a VPN
solution that does not leverage an IPSec solution?
Selected Answer: Secure Sockets Layer (SSL)/Transport Layer Security (TLS)
Answers: Internet Engineering Task Force (IETF)
Authentication Header (AH)
Secure Sockets Layer (SSL)/Transport Layer Security (TLS)
Layer 2 Forwarding (L2F) Protocol
Question 17
5 out of 5 points
One of the advantages of L2TP is that it provides a mechanism for encrypting the data
being tunneled.
Selected Answer: False
Answers: True
False
Question 18
5 out of 5 points
TCP is responsible for providing reliable transmissions from one system to another, and
IP is responsible for addressing and route selection.
Selected Answer: True
Answers: True
False
Question 19
5 out of 5 points
Operating system virtualization is the emulation of an operating system environment
hosted on another operating system.
Selected Answer: True
Answers: True
False
Question 20
5 out of 5 points
Which of the following refers to a protocol that provides integrity protection for packet
headers and data, as well as user authentication?
Selected Answer: Authentication Header (AH)
Answers: Point-to-Point Tunneling Protocol (PPTP)
Request for Comments (RFC)
Authentication Header (AH)
Layer 2 Tunneling Protocol (L2TP)
Monday, April 18
Setting up dedicated hardware environments for each customer allows the service
provider to take advantage of economies of scale. False
Selected Answer: True
Answers: True
False
Question 2
5 out of 5 points
Which of the following can affect the stability of a VPN deployment?
Selected Answer: Software version
Answers: Topology
Encryption level
Traffic
Software version
Question 3
5 out of 5 points
The use of PPP has extended the availability of IPv4 address space, thereby extending
the life span of IPv4.
Selected Answer: False
Answers: True
False
Question 4
5 out of 5 points
Which of the following represents a standards-based protocol suite designed specifically
for securing Internet Protocol communications?
Selected Answer: Internet Protocol Security (IPSec)
Answers: Authentication Header (AH)
Tunnel mode
Transport mode
Internet Protocol Security (IPSec)
Question 5
5 out of 5 points
Which of the following refers to a protocol that provides integrity protection for packet
headers and data, as well as user authentication?
Selected Answer: Authentication Header (AH)
Answers: Point-to-Point Tunneling Protocol (PPTP)
Request for Comments (RFC)
Authentication Header (AH)
Layer 2 Tunneling Protocol (L2TP)
Question 6
5 out of 5 points
Support for quality of service (QoS) is built into IPv6, whereas it was an add-on in IPv4.
Selected Answer: True
Answers: True
False
Question 7
5 out of 5 points
One of the advantages of L2TP is that it provides a mechanism for encrypting the data
being tunneled.
Selected Answer: False
Answers: True
False
Question 8
5 out of 5 points
IPSec is a mandatory component for IPv6, and is used to natively protect IPv6 data as it
is sent over the network.
Selected Answer: True
Answers: True
False
Question 9
5 out of 5 points
Operating system virtualization is the emulation of an operating system environment
hosted on another operating system.
Selected Answer: True
Answers: True
False
Question 10
5 out of 5 points
Which of the following negotiates, creates, and manages security associations?
Selected Answer: Internet Key Exchange (IKE)
Answers: Layer 2 Tunneling Protocol (L2TP)
Point-to-Point Tunneling Protocol (PPTP)
Authentication Header (AH)
Internet Key Exchange (IKE)
Question 11
5 out of 5 points
Which of the following refers to a network protocol that is a method for secure remote
logon and other secure network services over a public network?
Selected Answer: Secure Shell (SSH)
Answers: Point-to-Point Protocol (PPP)
Secure Shell (SSH)
Authentication Header (AH)
Encapsulating Security Payload (ESP)
Question 12
5 out of 5 points
One of the drawbacks of HTTP is that it does not include the ability to encrypt or
otherwise protect the data stream between the client and server.
Selected Answer: True
Answers: True
False
Question 13
5 out of 5 points
Which of the following is commonly used with an authentication header to provide both
confidentiality and integrity protection for communications?
Selected Answer: Encapsulating Security Payload (ESP)
Answers: Internet Key Exchange (IKE)
Layer 2 Forwarding (L2F)
Encapsulating Security Payload (ESP)
Point-to-Point Protocol (PPP)
Question 14
5 out of 5 points
Which term describes an early proprietary protocol from Microsoft?
Selected Answer: Point-to-Point Tunneling Protocol (PPTP)
Answers: Authentication Header (AH)
Layer 2 Forwarding (L2F) Protocol
Internet Engineering Task Force (IETF)
Point-to-Point Tunneling Protocol (PPTP)
Question 15
5 out of 5 points
Which of the following key VPN protocols used today is the main alternative for a VPN
solution that does not leverage an IPSec solution?
Selected Answer: Secure Sockets Layer (SSL)/Transport Layer Security (TLS)
Answers: Internet Engineering Task Force (IETF)
Authentication Header (AH)
Secure Sockets Layer (SSL)/Transport Layer Security (TLS)
Layer 2 Forwarding (L2F) Protocol
Question 16
0 out of 5 points
Which of the following is an advantage of SSL/TLS VPNs over IPSec VPNs?
Selected More firewall rules
Answer:
Answers: Installation on corporate systems only
More vendor-created workarounds on the network address translation
tool
More firewall rules
Platform Independence
Question 17
0 out of 5 points
In typical end user/browser usage, SSL/TLS authentication is two-way. False
Selected Answer: True
Answers: True
False
Question 18
0 out of 5 points
Although it provides a mechanism for creating tunnels through an IP network, which of the following does
not provide a mechanism for encrypting the data being tunneled?
Question 1
5 out of 5 points
Support for quality of service (QoS) is built into IPv6, whereas it was an add-on in IPv4.
Selected Answer: True
Answers: True
False
Question 2
5 out of 5 points
Which of the following characteristics relates to authentication header (AH)?
Selected It is a protocol that provides integrity protection for packet headers and data,
Answer:
as well as user authentication.
Answers: It is a document that defines or describes computer and networking
technologies. These documents are published by the Internet Engineering
Task Force, the standards body for Internet engineering specifications. RFCs
exist for hardware, operating systems, protocols, security services, and much
more.
It is an older protocol largely replaced by IPSec and SSL/ TLS-based VPNs
in production environments, but it is still in use in some older environments.
It is an early proprietary protocol from Microsoft.
It is a protocol that provides integrity protection for packet headers and data,
as well as user authentication.
Question 3
5 out of 5 points
What is the Internet Engineering Task Force (IETF)?
Selected The standards body for Internet-related engineering specifications
Answer:
Answers: An early proprietary protocol from Microsoft
An older protocol largely replaced by IPSec and SSL/ TLS-based VPNs in
production environments, but still in use in some older environments
A protocol that provides integrity protection for packet headers and data, as
well as user authentication
The standards body for Internet-related engineering specifications
Question 4
5 out of 5 points
Setting up dedicated hardware environments for each customer allows the service
provider to take advantage of economies of scale.
Selected Answer: False
Answers: True
False
Question 5
5 out of 5 points
TCP is responsible for providing reliable transmissions from one system to another, and
IP is responsible for addressing and route selection.
Selected Answer: True
Answers: True
False
Question 6
5 out of 5 points
One of the drawbacks of HTTP is that it does not include the ability to encrypt or
otherwise protect the data stream between the client and server.
Selected Answer: True
Answers: True
False
Question 7
5 out of 5 points
Operating system virtualization is the emulation of an operating system environment
hosted on another operating system.
Selected Answer: True
Answers: True
False
Question 8
5 out of 5 points
One proposed migration strategy for the move from IPv4 to IPv6 includes allowing two
IPv6 hosts to create a tunnel for traffic between two IPv6 hosts through an IPv4 network.
Selected Answer: True
Answers: True
False
Question 9
5 out of 5 points
Which of the following can affect the stability of a VPN deployment?
Selected Answer: Software version
Answers: Topology
Encryption level
Traffic
Software version
Question 10
5 out of 5 points
Which of the following is commonly used with an authentication header to provide both
confidentiality and integrity protection for communications?
Selected Answer: Encapsulating Security Payload (ESP)
Answers: Internet Key Exchange (IKE)
Layer 2 Forwarding (L2F)
Encapsulating Security Payload (ESP)
Point-to-Point Protocol (PPP)
Question 11
5 out of 5 points
Which of the following represents a standards-based protocol suite designed specifically
for securing Internet Protocol communications?
Selected Answer: Internet Protocol Security (IPSec)
Answers: Authentication Header (AH)
Tunnel mode
Transport mode
Internet Protocol Security (IPSec)
Question 12
5 out of 5 points
To prevent spoofing of transactions, IPv6 IPSec uses a cryptographic checksum that
incorporates a shared encryption key so the receiver can verify that is was sent by the
apparent sender.
Selected Answer: True
Answers: True
False
Question 13
5 out of 5 points
The performance characteristics of a VPN supporting remote clients are generally the
same as the performance characteristics of a VPN supporting site-to-site connections.
Selected Answer: False
Answers: True
False
Question 14
5 out of 5 points
Which of the following negotiates, creates, and manages security associations?
Selected Answer: Internet Key Exchange (IKE)
Answers: Layer 2 Tunneling Protocol (L2TP)
Point-to-Point Tunneling Protocol (PPTP)
Authentication Header (AH)
Internet Key Exchange (IKE)
Question 15
5 out of 5 points
The higher the encryption levels of VPN, the greater the impact on the memory and
processor of the endpoint devices.
Selected Answer: True
Answers: True
False
Question 16
0 out of 5 points
The IPv6 IPSec is a set of national standards that use cryptographic security services to
provide confidentiality, data origin authentication and data integrity.
Selected Answer: True
Answers: True
False
Question 17
5 out of 5 points
The version of VPN software being used does not impact the stability of the rollout of a
successful VPN deployment.
Selected Answer: False
Answers: True
False
Question 18
5 out of 5 points
Which term describes an early proprietary protocol from Microsoft?
Selected Answer: Point-to-Point Tunneling Protocol (PPTP)
Answers: Authentication Header (AH)
Layer 2 Forwarding (L2F) Protocol
Internet Engineering Task Force (IETF)
Point-to-Point Tunneling Protocol (PPTP)
Question 19
5 out of 5 points
Which of the following refers to an early communications protocol that competed with
Point-to-Point Tunneling Protocol?
Selected Answer: Layer 2 Forwarding (L2F) Protocol
Answers: Point-to-Point Tunneling Protocol (PPTP)
Layer 2 Tunneling Protocol (L2TP)
Layer 2 Forwarding (L2F) Protocol
Internet Engineering Task Force (IETF)
Question 20
5 out of 5 points
Which layer of the OSI model is the Data Link Layer?
Selected Answer: Layer 2
Answers: Layer 1
Layer 2
Layer 3
Layer 4
Monday, April 18, 2016 6:39:15 PM EDT
Question 1
Which term is used to describe the process of encasing one protocol or packet inside another
protocol or packet?
Chokepoint
Encapsulation
Intrusion Detection System (IDS)
Encryption
Question 2
When too much data crosses a network segment, throughput and latency are increased.
True
False
Question 3
Which of the following is one of the most common and easily exploited vulnerabilities on any hardware
network device?
Default password
Question 4
Which of the following refers to the end user’s desktop devices such as a desktop computer,
laptop, VoIP telephone, or other endpoint device?
WAN Domain
Remote Access Domain
Question 5
Which term describes programs used to control access to computer resources, enforce policies,
audit usage, and provide billing information?
Traffic congestion
Certificate authority (CA)
Authentication, authorization, and accounting (AAA) services
Trusted roots list
Question 6
Which term is used to describe an attack that occurs when a hacker uses a network sniffer to watch a
communications session to learn its parameters?
HOSTS file
Hijacking
Privacy
Appliance
Question 7
Checking authentication, checking authorization and access control, auditing systems, and verifying
firewalls and other filters should all be included on which of the following?
A whitelist
A response plan
A mechanism that defines traffic or an event to apply an authorization control of allow or deny
against
An intrusion detection system/intrusion prevention system (IDS/ IPS) based on a defined normal,
often defined using rules similar to firewall rules
An event that does not trigger an alarm but should have, due to the traffic or event actually being
abnormal and/or malicious
Question 9
Which malicious software program is distributed by hackers to take control of victims’ computers?
Hardware firewalls
Viruses
Bots
Bastion host
Question 10
Question 11
A plan to restore the mission-critical functions of the organization once they have been
interrupted by an adverse event
An administrative rule whereby no single individual possesses sufficient rights to perform certain
actions
Question 12
An internal employee capable of enclosing or encasing one protocol or packet inside another
protocol or packet
Question 13
Ingress and egress filtering can expand beyond protection against spoofing and include a variety of
investigations on inbound and outbound traffic. Which of the following is not one of the ways ingress
and egress filtering expand beyond protection against spoofing?
Question 14
Question 15
A security policy is important for all of the following reasons except which one?
It establishes goals.
Question 16
Although it provides a mechanism for creating tunnels through an IP network, which of the
following does not provide a mechanism for encrypting the data being tunneled?
Question 17
Question 18
Virus
Worm
Chip creep
Trojan horse
Question 19
Which term is a form of exploitation in which an unauthorized or rogue DNS server responds to DNS
queries with false resolutions?
DNS poisoning
DNS spoofing
Banner grabbing
Dumpster diving
Question 20
Which of the following refers to the malicious insertion of scripting code onto a vulnerable Web site?
Insertion attack
Upstream filtering
Keystroke logger
Cross-site scripting (XSS)
Question 21
Hackers can be deterred by defense methods that detect and evade. All of the following are defense
methods, except which one?
Honeypots
Firewalls
IDSs
Botnet army
Question 22
Static filtering
Content filtering
Application gateway
Question 23
A type of filtering in which all activities or entities are permitted except those identified
A list that describes the steps to lock down a host against threats and attacks
Question 24
Which term describes a VPN created between two individual hosts across a local or intermediary
network?
VPN appliance
Host-to-host VPN
Hash
Site-to-site VPN
Question 25
A method of discovering wireless networks by moving around a geographic area with a detection
device.
A tactic of pursuing and extracting information for the purpose of making a sale or performing a
social engineering attack.
Question 26
Layer 1
Layer 2
Layer 3
Layer 4
Question 27
Eavesdropping
Filtering
Question 28
Confidence in the expectation that others will act in your best interest or that a resource is
authentic
Question 29
When employees have multiple concurrent connections, what might be happening to the VPN system?
Question 30
All of the following are advantages of a defense-in-depth security design except which one?
Defense in depth keeps senior management out of the activities of the security department.
Defense in depth divides and conquers, which separates projects into smaller pieces.
Question 31
The inability to encrypt or otherwise protect the data stream between the client and server is a
drawback of which protocol?
Question 32
Hijacking
Backdoor
Tunneling
Exploit
Question 33
Which of the following is a malicious software program distributed by a hacker to take control of a
victim’s computers?
Sacrificial host
Client
Server
Agent
Question 34
Which of the following characteristics relates to a distributed Denial of Service (DDoS) attack?
The information related to the owners and managers of a domain name accessed through the
domain registrar’s Web sites and Whois lookups
An advancement of keystroke logging to monitor and record many other user activities
An attack that uses multiple remotely controlled software agents disseminated across the
Internet
An attack that occurs on the logical division of a hard drive that can be formatted with a file
system
Question 35
Which term describes a network device that forwards traffic between networks based on the MAC
address of the Ethernet frame?
Domain
Bottleneck
Bridge
Node
Question 36
A plan explaining the use of only a single element of validation or verification to prove the
identity of a subject.
A plan outlining the failure response that results in open and unrestricted access or
communication.
A plan to maintain the mission-critical functions of the organization in the event of a problem
that threatens to take business processes offline.
A plan to restore the mission-critical functions of the organization once they have been
interrupted by an adverse event.
Question 37
A security stance that blocks access to all resources until a valid authorized explicit exception is defined?
Fail-secure
Fail-open
Default deny
Default allow
Question 38
IPv5
IPv6
IANA
SSL
Question 39
What attack cracks a password or encryption key by trying all possible valid combinations from a defined
set of possibilities (a set of characters or hex values)?
Brute-force attack
Hybrid attack
Modeling
Question 40
Which of the following refers to a form of attack that attempts to compromise availability?
Man-in-the-middle (mitm)
Sniffer