RESTRICTED - EXAMINATION

Network Security Exemplifier Questions Paper 1

1. The NEC Handbook state which of the following is a component of Information Assurance. a. Computer Network Defence [CND] b. Information Exploitation [IX] c. Computer Network Exploitation [CNE] d. Information Management [IM] 2. Your unit has a large internal network that you would like to subnet into smaller parts. Which of the following devices would you not use to separate your LAN as it will not protect critical resources? a. An internal firewall b. A router between subnets c. A modem between computers d. A switch between departments 3. Which of the following is not considered as a factor of Risk? a. Threats b. Impact c. Vulnerabilities d. Assurance 4. Which of the following devices is specially designed to forward packets to specific ports based on the packet's address? a. Specialty hub b. Switching hub c. Port hub d. Filtering hub 5. Firewalls are designed to perform all the following except: a. Limiting security exposures b. Logging Internet activity c. Enforcing the organization's security policy d. Protecting against viruses 6. Which asymmetric cryptosystem is used for digital signatures? a. DES b. SHA1 c. Diffie-Hellman d. ECC

Page 1 of 12 RESTRICTED - EXAMINATION

RESTRICTED - EXAMINATION 7. VPN tunnels have end points. Which of the following methods is used to offer Strong Authentication at each end point? a. DES b. Block cipher c. Stream cipher d. Diffie-Hellman 8. What is the capability to combine data from separate sources to gain information? a. Metadata b. Inference c. Aggregation d. Deadlocking 9. Which of the following is not considered to be a primary goal of security? a. Integrity b. Non-repudiation c. Privacy d. Confidentiality 10. Confidentiality and integrity are important concepts when discussing security models. Which of the following was the first model developed to address the concerns of both confidentiality and integrity a. Biba b. Clark-Wilson c. Brewer and Nash d. Clark-Phillips 11. Which of the following is considered the first security model to be based on confidentiality a. Biba b. Bell-LaPadula c. Graham-Denning d. Clark-Wilson 12. Your primary concern is LAN security. You want to subnet your internal network with a device that provides security and stability. Which of the following devices do you choose to meet these needs? a. Static router b. Dynamic router c. Static switch d. Dynamic switch 13. Which of the following LAN devices is frequently a source of security concern because of its ability to process applications, share files, and perform network services in a peer-to-peer network? a. SQL Servers b. Routers c. Switches d. Workstations Page 2 of 12 RESTRICTED - EXAMINATION

RESTRICTED - EXAMINATION 14. Which one of the following is the most dependable authentication tool? a. Flashcards b. Smartcards c. Memory cards d. Authentication cards 15. Which of the following devices is used to monitor network traffic, including DoS attacks in real time? a. A host-based Intrusion Detection System b. A network-based Intrusion Detection System c. A router-based Intrusion Detection System d. A server-based Intrusion Detection System 16. Which of the following security devices acts more like a detective rather than a preventative measure? a. IDS b. DMZ c. NAT d. Proxy 17. You want to have a private communication between two sites that also allows for encryption and authorization. Which of the following is the best choice in this instance? a. Modem b. Firewall c. VPN d. Bastion Host 18. VPNs transfer encrypted data through tunnelling technology. Which of the following performs fast data encryption and may be used with VPNs? a. Stream cipher b. RSA c. DES d. IPSec 19. In the IA DMZ Architecture Framework of a Public Key Infrastructure, which of the following is not considered as a security driver? a. Government Information b. Personal Information c. Corporate Information d. User Information 20. Which of the following is not a Security Dimension in ITU-T X.805 Recommendation? a. Authentication b. Data integrity c. Privacy d. Assurance

Page 3 of 12 RESTRICTED - EXAMINATION

RESTRICTED - EXAMINATION
21. Encryption, tokens, access control lists, and smart cards are known as: a. Discretionary access controls b. Physical controls c. Technical controls d. Administrative controls 22. Which one of the following is software used to logically connect workgroups, thereby improving network performance for group members in different physical locations? a. Virtual Private Network (VPN) b. Virtual Local Area Network (VLAN) c. Remote Authentication Dial-in User Service (RADIUS) d. Network Address Translation (NAT) 23. What is the primary purpose for Network Address Translation (NAT)? a. Multiple users sharing one IP address for Instant Messenger (IM) b. Hiding the IP addresses of the internal network from those outside of the network c. Showing the IP addresses of the external network to clients on the internal network d. Single users gaining access to multiple email accounts 24. IDS may be configured to report attack occurrences. You just received a notification that an attack occurred, but after checking, you find that it really wasn't an attack at all. What is the term for this type of alarm? a. True positive b. False positive c. True negative d. False negative 25. Which type of network device is characterized by the following description: Used to fool crackers, allowing them to continue an attack on a sacrificial computer that contains fictitious information? a. Fake firewall b. Rogue router c. Intrusion Prevention System d. Honey pot 26. Information security is the process of protecting all of the following except: a. Confidentiality of data b. Data integrity c. Availability of data d. Data configuration 27. Information security managers are often motivated by which of the following? a. Concern for the well-being of society b. Governmental regulation c. Fear of unwanted publicity d. All of the above are motivating factors 28. Security professionals activities include all of the following except: a. Finding the source of the problem b. Naming the virus c. Eradicating the problem d. Repairing the damage

Page 4 of 12 RESTRICTED - EXAMINATION

RESTRICTED - EXAMINATION

29. Demand for expertly trained security professionals is the result of: a. Specialized training b. Increased terrorist activity c. New laws regulating the flow of information d. Retirement of current security professionals 30. An organizations security posture is defined and documented in ____________ that must exist before any computers are installed. a. standards b. guidelines c. procedures d. All of the above 31. ____________ establish and maintain the user base permitted to access a system in the normal course of their job duties. a. Security testers b. Security administrators c. Access coordinators d. Network engineers

32. Given enough time, tools, inclination, and ____________, a hacker can break through any security measure. a. talent b. skills c. intelligence d. assets 33. In 2003 the Whitworth Gallerys layered security system included all of the following except: a. Closed-circuit television b. Alarm systems c. Electronic motion sensors d. Rolling patrols. 34. The NEC has three domains, which domain(s) covers the possibility of CNA and the countermeasures to be employed. a. People b. Network c. Information d. All 3 domains 35. Layered security is also referred to as: a. Denial of service b. Defense in depth c. Multi-system security d. None of the above.

Page 5 of 12 RESTRICTED - EXAMINATION

RESTRICTED - EXAMINATION

36. A system used to identify anomalies on a network is known as a: a. Signature based intrusion detection system b. Network based intrusion detection system c. Event correlation intrusion detection system d. Remote anomaly intrusion detection system 37. What is the prime directive of Risk Management? a. Reduce the risk to a tolerable level. b. Reduce all risk regardless of cost. c. Transfer any risk to external third parties. d. Prosecute any employees that are violating published security policies. 38. Which choice most accurately describes the differences between standards, guidelines and procedures? a. Standards are recommended policies and guidelines are mandatory policies. b. Procedures are step-by-step recommendations for compliance with mandatory guidelines. c. Procedures are the general recommendations for compliance with mandatory guidelines. d. Procedures are step-by-step instructions for compliance with mandatory standards. 39. The factors used to determine degree of risk include:

a. Determining the consequence of loss

b. Determining the likelihood that loss will occur c. Both of the above d. None of the above. 40. The goals of information security measures include: a. Protecting confidentiality of data b. Preserving the integrity of data c. Promoting the availability of data for authorized use d. All of the above are goals 41. IA professionals who create a plan to protect a computer system consider all of the following in the planning process except: a. Defining the structural composition of data b. Protecting the confidentiality of data c. Preserving the integrity of data d. Promoting the availability of data for authorized use 42. Synonyms for confidentiality include all of the following except: a. privacy b. secrecy c. integrity d. discretion 43. Which of the following is NOT a goal of an integrity model security system? a. Preventing unauthorized users from modifying data or programs b. Verifying data consistency for internal and external programs c. Preventing authorized users form making unauthorized modifications

Page 6 of 12 RESTRICTED - EXAMINATION

RESTRICTED - EXAMINATION
d. Maintaining internal and external consistency of data and programs 44. Common availability challenges do NOT include which of the following? a. Equipment failure b. Denial of service c. Rapid spread of viruses d. Loss of information system due to natural disaster or human action. 45. Which of the following is NOT an activity designed to preserve information system availability? a. Grant access to authorized personnel b. Apply encryption to information sent over the Internet c. Develop a disaster recovery plan d. All of the above preserve system availability. 46. Layered security is also referred to as: a. Denial of service b. Defense in depth c. Multi-system security d. None of the above. 47. Overlapping layers provide all of the following elements necessary to secure assets except: a. Direction b. Response c. Detection d. Prevention 48. Defense in depth means that security devices are layered in a series that ____________, detects, and responds to attacks on systems. a. deflects b. denies c. defends d. prevents 49. Which of the following statements about the security Principle that When left on their own is false? a. In exchange for worthless goods, people tend to give up credentials. b. The organizers of Infosecurity Europe found that 75% of survey respondents revealed information immediately. c. Todays virus writers are not very sophisticated. d. It is easy to fool people into spreading viruses. 50. Avoid phishing, ID theft, and monetary loss by taking all of the following steps except: a. Recognize the signs of fraud b. Ignore links embedded in e-mail messages c. Follow advice of financial services provider d. Keep virus software current.

Page 7 of 12 RESTRICTED - EXAMINATION

RESTRICTED - EXAMINATION

51. Computer Security principle states that security depends on these requirements: a. Functional and assurance b. Verification and validation c. Availability and integrity d. Usability and interface. 52. Which of the following questions is NOT answered by the functional and assurance requirements as specified by the Computer Security principle? a. Does the system do the right things? b. Does the system do the right things in the right way? c. Both of the above are answered d. Neither of the above are answered. 53. Software developers often lack the ____________ and ____________ needed to test and break their software. a. Wherewithal, motivation b. Money, time c. Expertise, resources d. Qualifications, experience. 54. Which of the following is true for principle of Security Through Obscurity? a. There is no such thing as absolute security. b. Risk management provides security. c. Security through obscurity is not an answer. d. Security has no finite limit. 55. One school of thought says that if ____________ do not know how software is secured, security is better. a. hackers b. crackers c. users d. developers 56. What does security through obscurity mean? a. Security details are not published. b. Little known security techniques are used. c. Hiding details secures the system. d. Security details are encrypted. 57. To gain confidence in software products both ____________ and ____________ answers are needed. a. risk, process b. integrity, availability c. functional, assurance d. verification, validation. 58. More dangerous than not addressing security is obscuring security because it leads to a: a. False sense of security b. Higher level of security c. Reduced level of security d. Complete breakdown of security.

Page 8 of 12 RESTRICTED - EXAMINATION

RESTRICTED - EXAMINATION

59. Central themes to securing information systems are: a. Risk consequences and risk assessment b. Risk acceptance and risk mitigation c. Risk analysis and risk management d. None of the above. 60. Which of the following is NOT an outcome of risk analysis? A. Risks are countered B. Insurance against loss is acquired C. Risk is accepted and consequences are managed D. Risk is not accepted and consequences do not exist.

END OF PAPER

Page 9 of 12 RESTRICTED - EXAMINATION

RESTRICTED - EXAMINATION

Unit 13 Part A Answer Sheet

Candidate No: . Question 1. 2. 3. 4. 5. 6. 7. 8. 9. 10. 11. 12. 13. 14. 15. 16. 17. 18. 19. 20. 21. 22. 23. 24. 25. 26. 27. 28. 29. Answer A A A A A A A A A A A A A A A A A A A A A A A A A A A A A B B B B B B B B B B B B B B B B B B B B B B B B B B B B B C C C C C C C C C C C C C C C C C C C C C C C C C C C C C D D D D D D D D D D D D D D D D D D D D D D D D D D D D D MARK

Page 10 of 12 RESTRICTED - EXAMINATION

RESTRICTED - EXAMINATION

30. 31. 32. 33. 34. 35. 36. 37. 38. 39. 40. 41. 42. 43. 44. 45. 46. 47. 48. 49. 50. 51. 52. 53. 54. 55. 56. 57. 58. 59. 60.

A A A A A A A A A A A A A A A A A A A A A A A A A A A A A A A

B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B

C C C C C C C C C C C C C C C C C C C C C C C C C C C C C C C Total Mark

D D D D D D D D D D D D D D D D D D D D D D D D D D D D D D D

Page 11 of 12 RESTRICTED - EXAMINATION

RESTRICTED - EXAMINATION

Answers 1. 2. 3. 4. 5. 6. 7. 8. 9. 10. 11. 12. 13. 14. 15. 16. 17. 18. 19. 20. 21. 22. 23. 24. 25. 26. 27. 28. 29. 30. A C D B D D D C C A B A B B B A C C D D C B B B D D D B A D 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 C B C D B B A C C D A C B C D B A D C D A C A C A C D A C D

Page 12 of 12 RESTRICTED - EXAMINATION