You are on page 1of 29

Question 1

1 out of 1 points

In ____ mode, the data within an IP packet is encrypted, but the header information is not.
1.

Transport
Question 2
1 out of 1 points

The ____ is responsible for the fragmentation, compression, encryption, and attachment of anSSL header to the
clear text prior to transmission.

4.

SSL Record Protocol
Question 3
1 out of 1 points

The CA periodically distributes a (n) ____ to all users that identies all revoked certicates.

3.

CRL
Question 4
1 out of 1 points

____ is the amount of effort (usually in hours) required to perform cryptanalysis to decode an encrypted
message when the key or algorithm (or both) are unknown.
2.

Work factor
Question 5
1 out of 1 points

A (n) ____ plan deals with the identication, classication, response, and recovery from an incident.

4.

IR
Question 6
1 out of 1 points

____ is the action of luring an individual into committing a crime to get a conviction.

1.

Entrapment
Question 7
1 out of 1 points

____ is the entire range of values that can possibly be used to construct an individual key.

3.

Key space
Question 8
1 out of 1 points

The restrictions most commonly implemented in packet-ltering rewalls are based on ____.

3.

All of the above
Question 9
1 out of 1 points
Bit stream methods commonly use algorithm functions like the exclusive OR operation (____).

2.

XOR
Question 10
1 out of 1 points

An X.509 v3 certicate binds a ____, which uniquely identies a certicate entity, to a users public key.

3.

Distinguished name
Question 11
1 out of 1 points

The rst phase in the development of the contingency planning process is the ____.

4.

BIA
Question 12
1 out of 1 points

____ Functions are mathematical algorithms that generate a message summary or digest to conrm the identity
of a specic message and to conrm that there have not been any changes to the content.

3.

Hash
Question 13
1 out of 1 points
The ____ is an intermediate area between a trusted network and an untrusted network.

3.

DMZ
Question 14
1 out of 1 points

____ is the information used in conjunction with an algorithm to create the cipher text from the plaintext or derive
the plaintext from the cipher text.

4.

Key
Question 15
1 out of 1 points

____ Inspection rewalls keep track of each network connection between internal and external systems.

3.

Tasteful
Question 16
1 out of 1 points

SP 800-14, Generally Accepted Principles and Practices for Securing Information Technology Systems, provides
best practices and security principles that can direct the security team in the development of a security ____.

3.

Blueprint
Question 17
1 out of 1 points

RAID ____ drives can be hot swapped.

3.

5
Question 18
1 out of 1 points

____ sensors are typically intended for network perimeter use, so they would be deployed in close proximity to
the perimeter rewalls, often between the rewall and the Internet border router to limit incoming attacks that
could overwhelm the rewall.

3.

Inline
Question 19
0 out of 1 points

The stated purpose of ____ is to give recommendations for information security management for use by those
who are responsible for initiating, implementing, or maintaining security in their organization.

1.

BS7799 (Part 2)
Question 20
1 out of 1 points

____ was developed by Phil Zimmermann and uses the IDEA Cipher for message encoding.
3.

PGP
Question 21
1 out of 1 points

____ Controls cover security processes that are designed by strategic planners and implemented by the security
administration of the organization.

1.

Managerial
Question 22
1 out of 1 points

ICMP uses port ____ to request a response to a query and can be the rst indicator of a malicious attack.
2.

7
Question 23
1 out of 1 points

A ____ ltering rewall can react to an emergent event and update or create rules to deal with the event.

3.

Dynamic
Question 24
1 out of 1 points

The dominant architecture used to secure network access today is the ____ rewall.

3.

Screened subnet
Question 25
1 out of 1 points
An alert ____ is a document containing contact information for the people to be notied in the event of an incident.

4.

Roster
Question 26
1 out of 1 points

Firewalls fall into ____ major processing-mode categories.
4.

ve
Question 27
1 out of 1 points

To determine whether an attack has occurred or is underway, NIDPSs compare measured activity to known
____ in their knowledge base.
1.

Signatures
Question 28
1 out of 1 points

Kerberos ____ provides tickets to clients who request services.

3.

TGS
Question 29
1 out of 1 points

In a ____ attack, the attacker eavesdrops during the victims session and uses statistical analysis of patterns and
inter-keystroke timings to discern sensitive session information.

3.

Timing
Question 30
1 out of 1 points

IDPS researchers have used padded cell and honeypot systems since the late ____.

1.

1980s
Question 31
1 out of 1 points

In recent years, the broadband router devices that can function as packet-ltering rewalls have been enhanced
to combine the features of ____.

4.

WAPs
Question 32
1 out of 1 points

Which of the following is a valid version of TACACS?

1.

All of the above
Question 33
1 out of 1 points

A(n) ____ is a network tool that collects copies of packets from the network and analyzes them.
1.

Packet sniffer
Question 34
1 out of 1 points

Intrusion ____ activities nalize the restoration of operations to a normal state and seek to identify the source
and method of the intrusion in order to ensure that the same type of attack cannot occur again.

4.

Correction
Question 35
1 out of 1 points

____ Attacks are a collection of brute-force methods that attempt to deduce statistical relationships between
the structure of the unknown key and the cipher text that is the output of the cryptosystem.

4.

Correlation
Question 36
1 out of 1 points

A(n) ____ IDPS is focused on protecting network information assets.

4.

Network-based
Question 37
1 out of 1 points

A(n) ____ is a proposed systems user.

1.

Supplicant
Question 38
1 out of 1 points

A ____ is a key-dependent, one-way hash function that allows only specic recipients (symmetric key holders) to
access the message digest.
4.

MAC
Question 39
1 out of 1 points

____ is the process of classifying IDPS alerts so that they can be more effectively managed.

1.

Alarm ltering
Question 40
1 out of 1 points

In most common implementation models, the content lter has two components: ____.

2.

Rating and ltering
Question 41
1 out of 1 points

Telnet protocol packets usually go to TCP port ____.
1.

23
Question 42
1 out of 1 points

The SETA program is the responsibility of the ____ and is a control measure designed to reduce the incidences of
accidental security breaches by employees.

4.

CISO
Question 43
1 out of 1 points

ISA Server can use ____ technology.

4.

Point to Point Tunneling Protocol
Question 44
1 out of 1 points

A buffer against outside attacks is frequently referred to as a (n) ____.

1.

DMZ
Question 45
1 out of 1 points

Using ____, the system reviews the log les generated by servers, network devices, and even other IDPSs.

2.

LFM
Question 46
1 out of 1 points

____-based IDPSs look at patterns of network trafc and attempt to detect unusual activity based on previous
baselines.

2.

Network
Question 47
1 out of 1 points

SHA-1 produces a (n) ____-bit message digest, which can then be used as an input to a digital signature
algorithm.

2.

160
Question 48
1 out of 1 points

The ____ is based on and directly supports the mission, vision, and direction of the organization and sets the
strategic direction, scope, and tone for all security efforts.

4.

EISP
Question 49
1 out of 1 points

____ testing is a straightforward testing technique that looks for vulnerabilities in a program or protocol by
feeding random input to the program or a network running the protocol.

4.

Fuzz
Question 50
1 out of 1 points

____ And TACACS are systems that authenticate the credentials of users who are trying to access an
organizations network via a dial-up connection.

1.

RADIUS
Question 51
1 out of 1 points

A (n) ____ is a private data network that makes use of the public telecommunication infrastructure, maintaining
privacy through the use of a tunneling protocol and securityprocedures.

3.

VPN
Question 52
1 out of 1 points

____ ltering requires that the ltering rules governing how the rewall decides which packets are allowed and
which are denied be developed and installed with the rewall.
3.

Static
Question 53
1 out of 1 points

Which of the following ports is commonly used for the HTTP protocol?

1.

80
Question 54
1 out of 1 points

The Security Area Working Group acts as an advisory board for the protocols and areas developed and
promoted by the Internet Society and the ____.

3.

IETF
Question 55
1 out of 1 points

____ Controls address personnel security, physical security, and the protection of production inputs and outputs.
1.

Operational
Question 56
1 out of 1 points

The ____ is the level at which the number of false rejections equals the false acceptances, and is also known as
the equal error rate.

4.

CER
Question 57
1 out of 1 points

Effective management includes planning and ____.
3.

All of the above
Question 58
1 out of 1 points
Since the bastion host stands as a sole defender on the network perimeter, it is commonly referred to as the
____ host.

3.

Sacricial
Question 59
1 out of 1 points

The proxy server is often placed in an unsecured area of the network or is placed in the ____zone.

3.

Demilitarized
Question 60
1 out of 1 points

Incident damage ____ is the rapid determination of the scope of the breach of the condentiality, integrity, and
availability of information and information assets during or just following an incident.

1.

Assessment
Question 61
1 out of 1 points
The ____ protocol provides system-to-system authentication and data integrity verication, but does not
provide secrecy for the content of a network communication.

4.

AH
Question 62
1 out of 1 points
____ is the protocol used to secure communications across any IP-based network such as LANs, WANs, and the
Internet.

2.

IPSec
Question 63
1 out of 1 points

____ is based on the use of some measurable human characteristic or trait to authenticate the identity of a
proposed systems user.

3.

Biometric access control
Question 64
1 out of 1 points

Security ____ are the areas of trust within which users can freely communicate.

1.

Domains
Question 65
1 out of 1 points

More advanced substitution ciphers use two or more alphabets, and are referred to as ____substitutions.

1.

Polyalphabetic
Question 66
1 out of 1 points
____ Applications use a combination of techniques to detect an intrusion and then trace it back to its source.

1.

Trap and trace
Question 67
1 out of 1 points

A (n) ____ works like a burglar alarm in that it detects a violation (some system activities analogous to an opened
or broken window) and activates an alarm.

2.

IDS
Question 68
1 out of 1 points

Strategic planning is the process of moving the organization towards its ____.

2.

Vision
Question 69
1 out of 1 points

In SESAME, the user is rst authenticated to an authentication server and receives a token. The token is then
presented to a privilege attribute server as proof of identity to gain a (n) ____.

1.

PAC
Question 70
1 out of 1 points

The ____ algorithm was the rst public key encryption algorithm developed (in 1977) and published for
commercial use.

2.

RSA
Question 71
1 out of 1 points

____ generates and issues session keys in Kerberos.
2.

KDC
Question 72
1 out of 1 points

____ benchmark and monitor the status of key system les and detect when an intruder creates, modies, or
deletes monitored les.

2.

HI DPSs
Question 73
1 out of 1 points

Activities that scan network locales for active systems and then identify the network services offered by the host
systems is known as ____.

1.

ngerprinting
Question 74
1 out of 1 points

In TCP/IP networking, port ____ is not used.
4.

0
Question 75
1 out of 1 points

____ is a hybrid cryptosystem that combines some of the best available cryptographic algorithms and has
become the open-source de facto standard for encryption and authentication of e-mail and le storage
applications.

3.

PGP
Question 76
1 out of 1 points

____ are decoy systems designed to lure potential attackers away from critical systems.

4.

Honeypots
Question 77
1 out of 1 points

A ____ site provides only rudimentary services and facilities.

1.

Cold
Question 78
1 out of 1 points

Among all possible biometrics, ____ is (are) considered truly unique.

Selected Answer:

3.

All of the above
Question 79
1 out of 1 points

Digital signatures should be created using processes and products that are based on the ____.
2.

DSS
Question 80
1 out of 1 points

The spheres of ____ are the foundation of the security framework and illustrate how information is under attack
from a variety of sources.

4.

Security
Question 81
1 out of 1 points

A method of encryption that requires the same secret key to encipher and decipher the message is known as
____ encryption.

3.

Symmetric
Question 82
1 out of 1 points

Most NBA sensors can be deployed in ____ mode only, using the same connection methods as network-
based IDPSs.
1.

Passive
Question 83
1 out of 1 points

____ is a federal information processing standard that species a cryptographic algorithm used within the U.S.
government to protect information in federal agencies that are not a part of the national defense infrastructure.

3.

AES
Question 84
1 out of 1 points

____ often function as standards or procedures to be used when conguring or maintaining systems.

4.

Sys SPs
Question 85
1 out of 1 points

____ rewalls examine every incoming packet header and can selectively lter packets based on header
information such as destination address, source address, packet type, and other key information.
3.

Packet-ltering
Question 86
1 out of 1 points
Standards may be published, scrutinized, and ratied by a group, as in formal or ____ standards.

1.

de jure
Question 87
1 out of 1 points

____ is an event that triggers an alarm when no actual attack is in progress.
1.

False Attack Stimulus
Question 88
1 out of 1 points

____ are encrypted messages that can be mathematically proven to be authentic.
3.

Digital signatures
Question 89
1 out of 1 points

____ is the protocol for handling TCP trafc through a proxy server.

3.

SOCKS
Question 90
1 out of 1 points

What country adopted ISO/IEC 17799?
4.

None of the above
Question 91
1 out of 1 points

____ rewalls are designed to operate at the media access control sub layer of the data link layer of the OSI
network model.

1.

MAC layer
Question 92
1 out of 1 points

____ are usually passive devices and can be deployed into existing networks with little or no disruption to normal
network operations.

1.

NI DPSs
Question 93
1 out of 1 points

A security ____ is an outline of the overall information security strategy for the organization and roadmap for
planned changes to the information security environment of the organization.

4.

Framework
Question 94
1 out of 1 points

____ is the process of converting an original message into a form that is unreadable to unauthorized individuals.

4.

Encryption
Question 95
1 out of 1 points

The application gateway is also known as a (n) ____.

2.

Application-level rewall
Question 96
0 out of 1 points

____ is a specially congured connection on a network device that is capable of viewing all of the trafc that
moves through the entire device.

1.

NI DPS
Question 97
1 out of 1 points

Redundancy can be implemented at a number of points throughout the security architecture, such as in ____.

2.

All of the above
Question 98
1 out of 1 points

DES uses a (n) ____-bit block size.
2.

64
Question 99
1 out of 1 points

The transfer of large batches of data to an off-site facility is called ____.

1.

Electronic vaulting
Question 100
1 out of 1 points

____ is an integrated system of software, encryption methodologies, protocols, legal agreements, and third-
party services that enables users to communicate securely.

4.

PKI
Question 101
1 out of 1 points

To assist in the footprint intelligence collection process, you can use an enhanced Web scanner that, among
other things, can scan entire Web sites for valuable pieces of information, such as server names and e-mail
addresses.
1.

True
Question 102
1 out of 1 points

A HIDPS can monitor systems logs for predened events.

1.

True
Question 103
0 out of 1 points.

The asymmetric encryption systems use a single key to both encrypt and decrypt a message.
1.

True
Question 104
1 out of 1 points

The encapsulating security payload protocol provides secrecy for the contents of network communications as
well as system-to-system authentication and data integrity verication.

1.

True
Question 105
1 out of 1 points

Failure to develop an information security system based on the organizations mission, vision, and culture
guarantees the failure of the information security program.

2.

True
Question 106
1 out of 1 points

The application rewall runs special software that acts as a proxy for a service request.

2.

True
Question 107
1 out of 1 points

There are limits to the level of congurability and protection that software rewalls can provide.

1.

True
Question 108
0 out of 1 points

To perform the Caesar cipher encryption operation, the pad values are added to numeric values that represent
the plaintext that needs to be encrypted.
1.

True
Question 109
1 out of 1 points

A VPN allows a user to turn the Internet into a private network.

1.

True
Question 110
0 out of 1 points

Intrusion detection and prevention systems can deal effectively with switched networks.

2.

True
Question 111
1 out of 1 points

The Federal Bureau of Investigation deals with many computer crimes that are categorized as felonies.

2.

True
Question 112
1 out of 1 points

Dictionary attacks are a collection of brute-force methods that attempt to deduce statistical relationships
between the structure of the unknown key and the cipher text generated by the cryptosystem.

2.

False
Question 113
1 out of 1 points

A starting scanner is one that initiates trafc on the network in order to determine security holes.

1.

False
Question 114
1 out of 1 points

You can create a single comprehensive ISSP document covering all information security issues.
1.

True
Question 115
1 out of 1 points

A Web server is often exposed to higher levels of risk when placed in the DMZ than when it is placed in the
untrusted network.

2.

False
Question 116
1 out of 1 points

The ability to restrict a specic service is now considered standard in most routers and is invisible to the user.
1.

True
Question 117
1 out of 1 points

Database shadowing only processes a duplicate in real-time data storage but does not duplicate the databases at
the remote site.

1.

False
Question 118
1 out of 1 points

A false positive is the failure of an IDPS system to react to an actual attack event.

2.

False
Question 119
1 out of 1 points

In order to determine which IDPS best meets an organizations needs, rst consider the organizational environment in
technical, physical, and political terms.

2.

True
Question 120
0 out of 1 points

Your organizations operational goals, constraints, and culture should not affect the selection of the IDPS and
other security tools and technologies to protect your systems.

1.

True
Question 121
1 out of 1 points

A content lter is technically a rewall.

1.

False
Question 122
1 out of 1 points

A strategy based on the concept of defense in depth is likely to include intrusion detection systems, active
vulnerability scanners, passive vulnerability scanners, automated log analyzers, and protocol analyzers.

2.

True
Question 123
1 out of 1 points

All IDPS vendors target users with the same levels of technical and security expertise.

2.

False
Question 124
1 out of 1 points

Nmap uses incrementing Time-To-Live packets to determine the path into a network as well as the default
rewall policy.

1.

False
Question 125
1 out of 1 points

Passive scanners are advantageous in that they require vulnerability analysts to get approval prior to testing.

2.

False
Question 126
1 out of 1 points

Firewall Rule Set 1 states that responses to internal requests are not allowed.
1.

False
Question 127
0 out of 1 points

It is important that e-mail trafc reach your e-mail server and only your e-mail server.
2.

False
Question 128
1 out of 1 points

The Extended TACACS version uses dynamic passwords and incorporates two-factor authentication.

1.

False
Question 129
1 out of 1 points

One method of protecting the residential user is to install a software rewall directly on the users system.

2.

True
Question 130
1 out of 1 points

To remain viable, security policies must have a responsible individual, a schedule of reviews, method for making
recommendations for reviews, and a policy issuance and planned revision date.

1.

True
Question 131
1 out of 1 points

Internet connections via dial-up and leased lines are becoming more popular.

2.

False
Question 132
1 out of 1 points

HIDPSs are also known as system integrity veriers.
1.

True
Question 133
1 out of 1 points

One encryption method made popular by spy movies involves using the text in a book as the key to decrypt a
message.

2.

True
Question 134
1 out of 1 points

NIDPSs can reliably ascertain if an attack was successful or not.

2.

False
Question 135
1 out of 1 points

In DNS cache poisoning, valid packets exploit poorly congured DNS servers to inject false information to corrupt
the servers answers to routine DNS queries from other systems on the network.

1.

True
Question 136
1 out of 1 points

Secure Electronic Transactions was developed by MasterCard and VISA in 1997 to protect against electronic payment
fraud.

2.

True
Question 137
1 out of 1 points

Packet ltering rewalls scan network data packets looking for compliance with or violation of the rules of the
rewalls database.

2.

True
Question 138
1 out of 1 points

In 1917, Gilbert S. Vernam, an AT&T employee, invented a polyalphabetic cipher machine that used a non-
repeating random key.
1.

True
Question 139
0 out of 1 points

The ISSP sets out the requirements that must be met by the information security blueprint or framework.

2.

True

Question 140
0 out of 1 points

The process by which attackers change the format and/or timing of their activities to avoid being detected by the
IDPS is known as a false attack stimulus.
1.

True
Question 141
1 out of 1 points

Many industry observers claim that ISO/IEC 17799 is not as complete as other frameworks.

1.

True
Question 142
1 out of 1 points

Information security safeguards provide two levels of control: managerial and remedial.

1.

False
Question 143
1 out of 1 points

A sniffer cannot be used to eavesdrop on network trafc.
2.

False
Question 144
1 out of 1 points

Circuit gateway rewalls usually look at data trafc owing between one network and another.

2.

False
Question 145
1 out of 1 points

NIST Special Publication 800-18 Rev. 1, The Guide for Developing Security Plans for Federal Information Systems,
includes templates for major application security plans.
1.

True
Question 146
1 out of 1 points

The Simple Network Management Protocol contains trap functions, which allow a device to send message to
the SNMP management console indicating that a certain threshold has been crossed, either positively or
negatively.

1.

True
Question 147
1 out of 1 points

IDPS responses can be classied as active or passive.

1.

True
Question 148
1 out of 1 points

An HIDPS can detect local events on host systems and also detect attacks that may elude network-based
IDPS.

1.

True
Question 149
0 out of 1 points

Nonrepudiation means that customers or partners can be held accountable for transactions, such as online
purchases, which they cannot later deny.

1.

False
Question 150
1 out of 1 points

Each policy should contain procedures and a timetable for periodic review.

1.

True

You might also like