You are on page 1of 32

Stateful packet inspection firewalls enhance the security of a network by doing what?

Select one:
a. Blocking packets that are inconsistent with allowed network connections (through
configuration).
b. Blocking packets that are known to originate from hostile (blocked) IP
addresses.
c. Blocking packets that carry prohibited data, like streaming media.
d. Blocking packets that contain viruses, worms, Trojans, or other malware in the

payload.
Question

Correct
1.00 points out of 1.00
Flag question

Question text
What does a host based IDS monitor?
Select one:
a. A single computer
b. A small local area network
c. A computer network
d. An series of Internet Provider servers

Question

Correct
1.00 points out of 1.00

Flag question

Question text
What is the primary reason that a Host Based Firewall is ineffective?
Select one:
a. Because the host based firewall acts as a honey pot, attracting unwanted
attention from malicious users.
b. Because the host based firewall cannot really be updated or managed centrally,
so network administrators discourage using them.
c. Because the host based firewall gets turned off by end users to avoid application
compatibility issues.
d. Because usually the attack has already caused the damage to the users files

before the host based firewall can determine something is wrong.


Question

Correct
1.00 points out of 1.00
Flag question

Question text
Which of the following is a drawback of signature based detection?
Select one:
a. The need to catalog signatures of system users.
b. The need to update definition files in order to offer defense against the latest
techniques employed by hackers.
c. The cost of the platforms required.

d. The rate at which hackers can discover the signatures of a company.

Question

Correct
1.00 points out of 1.00
Flag question

Question text
Which of the following describes one common use or deployment of VPNs?
Select one:
a. Route-to-route
b. Peer-to-peer
c. Border-to-border
d. Client-Server

Question

Incorrect
0.00 points out of 1.00
Flag question

Question text
What is signature based detection (used in IDSs and IPSs)?
Select one:
a. A technique for verifying someone's identity on the Internet.
b. A technique for isolating attackers who breach perimeter defenses.
c. A technique for detecting potential intrusions and attacks.

d. A technique for ensuring that information has not been altered during

transmission.
Question

Incorrect
0.00 points out of 1.00
Flag question

Question text
What is a network-based Intrusion Detection System (IDS)?
Select one:
a. A system that runs on each individual computer, examining the incoming and
outgoing network traffic for signs that it is participating in a bot-net.
b. A system that blocks incoming network traffic that is deemed to be carrying
unauthorized data (like pirated software, music, etc.).
c. A system that blocks incoming network traffic from reaching protected systems.
d. A system that monitors an entire network for signs of intrusion or attack.

Question

Incorrect
0.00 points out of 1.00
Flag question

Question text
___________ is the most widely used stream cipher.
Select one:
a. RC4

b. AES
c. R2D2
d. 3DES

Question

Correct
1.00 points out of 1.00
Flag question

Question text
AES can utilize keys of __________ bits in length
Select one:
a. 512
b. 256
c. 148
d. 392

Question

10

Correct
1.00 points out of 1.00
Flag question

Question text
Which of the following will apply if security of encryption keys is not maintained?
Select one:
a. Encrypted information could be decrypted and read by unauthorized parties,
resulting in a loss of confidentiality.

b. Information could be modified or forged, resulting in a loss of integrity.


c. Encryption keys will have to be re-generated and re-issued, and systems reliant
upon encryption cannot be considered trusted until this occurs, resulting in a loss of
availability.
d. All of the above.

Question

11

Incorrect
0.00 points out of 1.00
Flag question

Question text
Firewalls have been proven to be a very important component of a layered defense.
This fact has led to a progressive increase in both their popularity and in the number
of variations of firewalls that have been introduced into the marketplace. Which one
of the following is NOT a common firewall variation?
Select one:
a. Stateful packet inspection (SPI) firewalls
b. Host-based firewalls
c. Application layer firewalls
d. NAT and PAT firewalls

Question

12

Incorrect
0.00 points out of 1.00
Flag question

Question text
Which of the following are network-based Intrusion used in profile based detection?

Select one:
a. Fuzzy Logic
b. Developmental reasoning
c. Artificial Neural Network
d. a and c
e. a and b

Question

13

Correct
1.00 points out of 1.00
Flag question

Question text
Confidential data should be _________.
Select one:
a. Encrypted
b. Self-hosted
c. Translated
d. Destroyed

Question

14

Incorrect
0.00 points out of 1.00
Flag question

Question text
Which of the following is something that a network IPS will NOT do?

Select one:
a. Cut off network access to some portion of the network.
b. Lock down a workstation.
c. Block incoming connections to a critical server.
d. Allow unlimited network access to critical employees.

Question

15

Incorrect
0.00 points out of 1.00
Flag question

Question text
How are NAT and PAT firewalls similar?
Select one:
a. Both allow a large number of systems to share a smaller number of public IP
addresses for Internet access.
b. Both examine network traffic, watching for deviations from normal, and shut down
Internet access when there are signs that an attack is underway.
c. Both utilize artificial intelligence to determine when network traffic should be
rejected.
d. Both monitor incoming traffic for viruses, worms, Trojans, or other malware that is

being downloaded onto the protected network.


Question

16

Incorrect
0.00 points out of 1.00
Flag question

Question text
Which cipher, which is still widely used, is being phased out in favor of the new AES
cipher?
Select one:
a. ROT-13
b. MD5
c. DES / 3DES
d. TLS

Question

17

Correct
1.00 points out of 1.00
Flag question

Question text
What does IPsec use the Authentication Header to assure?
Select one:
a. It ensures that the creators/sender of the packet are who they claim to
be.
b. It ensures that the intended recipient will be online and available at the time the
packet is transmitted.
c. It ensures that the confidentiality of the data has not been violated (i.e. data has
not been read by unauthorized parties).
d. It ensures that packets will be delivered within a reasonable amount of time after

being transmitted.
Question

18

Correct
1.00 points out of 1.00

Flag question

Question text
What protocol is used on the Internet to secure transmissions that uses a
combination of Symmetric and Asymmetric cryptography?
Select one:
a. 3DES
b. RC5
c. SSL
d. TLS

Question

19

Correct
1.00 points out of 1.00
Flag question

Question text
Firewalls are designed to:
Select one:
a. Prevent the functioning of malicious software like spyware and adware.
b. Secure data while it is in transit from one system to another.
c. Prevent employees from taking sensitive data off the organization's network.
d. Prevent unwanted network traffic from reaching the intended computer or
network, and from leaving the subnet.

Question

20

Correct
1.00 points out of 1.00
Flag question

Question text
Which of the following statements describes a honeypot?
Select one:
a. Honeypots are computer or networks that are delpoyed in an effort to attract
attacks for the purposes of resonnaissance and learning.
b. Honeypots are network security controls that launch counterstrikes against
attackers who attempt to compromise the network.
c. Honeypots is a term used to describe the most sensitive systems on a network,
the systems that are considered the most critical and responsive.
d. Honeypots are computers or network that are placed in front of critical systems,

serving as "bodygaurd" for highly critical systems.


Question

21

Incorrect
0.00 points out of 1.00
Flag question

Question text
A network-based Intrusion Answer

System is designed to monitor


detection

the network for attacks, and when an attack is observed, take steps to keep the
attack from spreading or continuing.
Question

22

Correct
1.00 points out of 1.00

Flag question

Question text
Which of the following does NOT describe anomaly detection (used in IDSs and IPSs)?
Select one:
a. Anomaly detection may have a higher false positive error rate when first used.
b. Anomaly detection monitors activities for deviations from normal behavior which
may indicate an attack is occurring.
c. Anomaly detection compares current activities to a database of known attacks,
alerting administrators when a match is found.
d. Anomaly detection may use artificial intelligence to "learn" what constitutes

normal behavior.
Question

23

Correct
1.00 points out of 1.00
Flag question

Question text
How does an Intrusion Prevention System (IPS) differ from an Intrusion Detection
System (IDS)?
Select one:
a. In the way it responds to attacks and intrusions.
b. In the type(s) of detection technology used (anomaly, signature/rule, etc.).
c. In the types of threat that can be detected.

d. In the place where monitoring occurs (on each individual computer vs. the entire

network).
Question

24

Correct
1.00 points out of 1.00
Flag question

Question text
Which of the following statements describes an application layer firewall?
Select one:
a. This is a firewall that runs locally on each individual computer, instead of on the
network.
b. This is a firewall that understands common application layer protocols (HTTP,
SMTP, DNS, etc.) and can block network activity when a connection begins exhibiting
abnormal behavior for that protocol.
c. This is a firewall that prevents users from accessing certain types of media, like
Internet radio.
d. This is a firewall that blocks network traffic by examining its intended recipient's

IP address and TCP port number.


Question

25

Incorrect
0.00 points out of 1.00
Flag question

Question text
What does a host-based IPS do?
Select one:

a. A host-based IPS can examine network traffic after it has been decrypted, allowing
it to monitor for suspicious activity that would elude a network-based device.
b. Monitor the activities on a single computer, notifying the administrator if anything
unusual or suspicious is observed.
c. Monitor the activities on a single computer, taking steps to block any potentially
malicious programs that might be active.
d. Monitor the incoming network traffic, blocking unsolicited traffic.

Question

26

Incorrect
0.00 points out of 1.00
Flag question

Question text
What does a host-based Intrusion Detection System (IDS) do?
Select one:
a. It monitors network traffic for signs that encrypted data may have been
compromised.
b. It monitors a variety of things like CPU load, log files, and network activity for
signs that the local system may be under attack, reporting its findings to an
administrator.
c. It monitors network traffic, both incoming and outgoing, for signs that the network
may be under attack.
d. It monitors a variety of things like CPU load, log files, and network activity for

signs that the local system may be under attack, taking steps to isolate an attacker if
an intrusion is detected.

Question

27

Incorrect
0.00 points out of 1.00

Flag question

Question text
Which of the following is sometimes used to encrypt data at the data-link layer of the
TCP/IP stack?
Select one:
a. IPsec
b. WPA / WPA2
c. TLS
d. SSL

Question

28

Correct
1.00 points out of 1.00
Flag question

Question text
Which of the following is a reason to deploy a honeypot?
Select one:
a. Decreased bandwidth consumption for the organization's network.
b. Increased reconnaissance regarding hacker motives, techniques, and
capabilities.
c. Decreased legal liability in the event of a security incident.
d. Lowered cost of maintenance.

Question
Correct

29

1.00 points out of 1.00


Flag question

Question text
The four types of symmetric cryptography are:
Select one:
a. AIS, DE5, 8DES, RCS
b. AES, DES, 3DES, RC4
c. AES, DE5, R2D2, RC4
d. AIS, DES, 8DES, RC9

Stateful packet inspection firewalls enhance the security of a network by doing what?
Select one:
a. Blocking packets that are inconsistent with allowed network connections (through
configuration).
b. Blocking packets that are known to originate from hostile (blocked) IP addresses.
c. Blocking packets that carry prohibited data, like streaming media.
d. Blocking packets that contain viruses, worms, Trojans, or other malware in the
payload.

Question

Correct
1.00 points out of 1.00
Flag question

Question text
What is signature based detection (used in IDSs and IPSs)?

Select one:
a. A technique for verifying someone's identity on the Internet.
b. A technique for isolating attackers who breach perimeter defenses.
c. A technique for detecting potential intrusions and attacks.
d. A technique for ensuring that information has not been altered during

transmission.
Question

Correct
1.00 points out of 1.00
Flag question

Question text
What does IPsec use the Authentication Header to assure?
Select one:
a. It ensures that the creators/sender of the packet are who they claim to
be.
b. It ensures that the intended recipient will be online and available at the time the
packet is transmitted.
c. It ensures that the confidentiality of the data has not been violated (i.e. data has
not been read by unauthorized parties).
d. It ensures that packets will be delivered within a reasonable amount of time after

being transmitted.
Question

Correct
1.00 points out of 1.00

Flag question

Question text
Which of the following is something that a network IPS will NOT do?
Select one:
a. Cut off network access to some portion of the network.
b. Lock down a workstation.
c. Block incoming connections to a critical server.
d. Allow unlimited network access to critical employees.

Question

Correct
1.00 points out of 1.00
Flag question

Question text
Which two of the following are controls that, when used properly, will improve the
security of desktop computers?
Select one or more:
a. Router patches and updates
b. Anti-virus software
c. E-mail blacklists
d. Web filters

Question

Correct
1.00 points out of 1.00

Flag question

Question text
Which of the following statements describes an application layer firewall?
Select one:
a. This is a firewall that runs locally on each individual computer, instead of on the
network.
b. This is a firewall that understands common application layer protocols (HTTP,
SMTP, DNS, etc.) and can block network activity when a connection begins exhibiting
abnormal behavior for that protocol.
c. This is a firewall that prevents users from accessing certain types of media, like
Internet radio.
d. This is a firewall that blocks network traffic by examining its intended recipient's

IP address and TCP port number.


Question

Correct
1.00 points out of 1.00
Flag question

Question text
Firewalls are designed to:
Select one:
a. Prevent the functioning of malicious software like spyware and adware.
b. Secure data while it is in transit from one system to another.
c. Prevent employees from taking sensitive data off the organization's network.

d. Prevent unwanted network traffic from reaching the intended computer or


network, and from leaving the subnet.

Question

Correct
1.00 points out of 1.00
Flag question

Question text
Which of the following is a drawback of signature based detection?
Select one:
a. The need to catalog signatures of system users.
b. The need to update definition files in order to offer defense against the latest
techniques employed by hackers.
c. The cost of the platforms required.
d. The rate at which hackers can discover the signatures of a company.

Question

Correct
1.00 points out of 1.00
Flag question

Question text
Firewalls have been proven to be a very important component of a layered defense.
This fact has led to a progressive increase in both their popularity and in the number
of variations of firewalls that have been introduced into the marketplace. Which one
of the following is NOT a common firewall variation?
Select one:

a. Stateful packet inspection (SPI) firewalls


b. Host-based firewalls
c. Application layer firewalls
d. NAT and PAT firewalls

Question

10

Incorrect
0.00 points out of 1.00
Flag question

Question text
The following is a potential disadvantage of cloud based storage:
Select one:
a. Data loss
b. Response time
c. Redundancy
d. Cost

Question

11

Incorrect
0.00 points out of 1.00
Flag question

Question text
___________ is the most widely used stream cipher.
Select one:
a. 3DES

b. AES
c. RC4
d. R2D2

Question

12

Incorrect
0.00 points out of 1.00
Flag question

Question text
Which of the following describes an Intrusion Detection System?
Select one:
a. It is a system that scans network traffic for dropped packets that fit the guidelines
of acceptable traffic.
b. It is a system that monitors computer or computer network activities to detect
attack patterns and/or abnormal behavior, and notifies administrators or logs a
possible attack.
c. It is a system that monitors a computer or computer network, and actively takes
steps to isolate an attacker when an attack is observed.
d. It is a system that only scans individual computers for direct signs of infection by

viruses, worms, and Trojans.


Question

13

Correct
1.00 points out of 1.00
Flag question

Question text

Which of the following will apply if security of encryption keys is not maintained?
Select one:
a. Encrypted information could be decrypted and read by unauthorized parties,
resulting in a loss of confidentiality.
b. Information could be modified or forged, resulting in a loss of integrity.
c. Encryption keys will have to be re-generated and re-issued, and systems reliant
upon encryption cannot be considered trusted until this occurs, resulting in a loss of
availability.
d. All of the above.

Question

14

Correct
1.00 points out of 1.00
Flag question

Question text
Which of the following are methodologies used in profile based detection?
Select one:
a. Fuzzy Logic
b. Developmental reasoning
c. Artificial Neural Network
d. a and c
e. a and b

Question

15

Correct
1.00 points out of 1.00

Flag question

Question text
What does a host based IDS monitor?
Select one:
a. A single computer
b. A small local area network
c. A computer network
d. An series of Internet Provider servers

Question

16

Correct
1.00 points out of 1.00
Flag question

Question text
What is a network-based Intrusion Detection System (IDS)?
Select one:
a. A system that runs on each individual computer, examining the incoming and
outgoing network traffic for signs that it is participating in a bot-net.
b. A system that blocks incoming network traffic that is deemed to be carrying
unauthorized data (like pirated software, music, etc.).
c. A system that blocks incoming network traffic from reaching protected systems.
d. A system that monitors an entire network for signs of intrusion or attack.

Question

17

Correct
1.00 points out of 1.00

Flag question

Question text
How does an Intrusion Prevention System (IPS) differ from an Intrusion Detection
System (IDS)?
Select one:
a. In the way it responds to attacks and intrusions.
b. In the type(s) of detection technology used (anomaly, signature/rule, etc.).
c. In the types of threat that can be detected.
d. In the place where monitoring occurs (on each individual computer vs. the entire

network).
Question

18

Incorrect
0.00 points out of 1.00
Flag question

Question text
Regarding Virtual Private Networks (VPNs), what is tunneling?
Select one:
a. Using the recipient's public key to encrypt data prior to transmission, thereby
ensuring that the data cannot be decrypted except by the intended user.
b. Using a packet's payload to generate a hash (known as a message digest), then
packaging that hash along with the original payload as a means of verifying the
integrity of the packet.
c. Encrypting a packet as it leaves one network, placing it inside another packet for
transmission to the remote client/network, then decrypting it prior to delivery.

d. Verifying one party's identity with a trusted third party.

Question

19

Correct
1.00 points out of 1.00
Flag question

Question text
Which of the following is the best description of Kerberos?
Select one:
a. Kerberos is an authentication protocol that allows network administrators to
manage authentication from a single, centralized location.
b. Kerberos is a modern suite of encryption algorithms that can be used in place of
symmetric key ciphers like AES. Adoption is still in the early stages.
c. Kerberos is a model for remotely regulating permissions for files, folders, and
services like email.
d. Kerberos is a suite of auditing tools that while difficult to use, is very powerful.

Question

20

Correct
1.00 points out of 1.00
Flag question

Question text
Profile based detection merges which of the following:
Select one:
a. An anomaly discovering engine
b. A signature based methodology

c. A host based firewall


d. A and B
e. B and C

Question

21

Correct
1.00 points out of 1.00
Flag question

Question text
Which of the following does NOT describe anomaly detection (used in IDSs and IPSs)?
Select one:
a. Anomaly detection may have a higher false positive error rate when first used.
b. Anomaly detection monitors activities for deviations from normal behavior which
may indicate an attack is occurring.
c. Anomaly detection compares current activities to a database of known attacks,
alerting administrators when a match is found.
d. Anomaly detection may use artificial intelligence to "learn" what constitutes

normal behavior.
Question

22

Correct
1.00 points out of 1.00
Flag question

Question text
What is the primary reason that a Host Based Firewall is ineffective?
Select one:

a. Because the host based firewall acts as a honey pot, attracting unwanted
attention from malicious users.
b. Because the host based firewall cannot really be updated or managed centrally,
so network administrators discourage using them.
c. Because the host based firewall gets turned off by end users to avoid application
compatibility issues.
d. Because usually the attack has already caused the damage to the users files

before the host based firewall can determine something is wrong.


Question

23

Correct
1.00 points out of 1.00
Flag question

Question text
What protocol is used on the Internet to secure transmissions that uses a
combination of Symmetric and Asymmetric cryptography?
Select one:
a. 3DES
b. RC5
c. SSL
d. TLS

Question

24

Correct
1.00 points out of 1.00
Flag question

Question text
Which of the following describes one common use or deployment of VPNs?
Select one:
a. Route-to-route
b. Peer-to-peer
c. Border-to-border
d. Client-Server

Question

25

Incorrect
0.00 points out of 1.00
Flag question

Question text
How are NAT and PAT firewalls similar?
Select one:
a. Both allow a large number of systems to share a smaller number of public IP
addresses for Internet access.
b. Both examine network traffic, watching for deviations from normal, and shut down
Internet access when there are signs that an attack is underway.
c. Both utilize artificial intelligence to determine when network traffic should be
rejected.
d. Both monitor incoming traffic for viruses, worms, Trojans, or other malware that is
being downloaded onto the protected network.

Question

26

Incorrect
0.00 points out of 1.00

Flag question

Question text
Which of the following is sometimes used to encrypt data at the data-link layer of the
TCP/IP stack?
Select one:
a. IPsec
b. WPA / WPA2
c. TLS
d. SSL

Question

27

Incorrect
0.00 points out of 1.00
Flag question

Question text
A network-based Intrusion Answer

System is designed to monitor


Detection

the network for attacks, and when an attack is observed, take steps to keep the
attack from spreading or continuing.
Question

28

Incorrect
0.00 points out of 1.00
Flag question

Question text
What does a host-based IPS do?
Select one:
a. A host-based IPS can examine network traffic after it has been decrypted, allowing
it to monitor for suspicious activity that would elude a network-based
device.
b. Monitor the activities on a single computer, notifying the administrator if anything
unusual or suspicious is observed.
c. Monitor the activities on a single computer, taking steps to block any potentially
malicious programs that might be active.
d. Monitor the incoming network traffic, blocking unsolicited traffic.

Question

29

Incorrect
0.00 points out of 1.00
Flag question

Question text
What does a host-based Intrusion Detection System (IDS) do?
Select one:
a. It monitors network traffic for signs that encrypted data may have been
compromised.
b. It monitors a variety of things like CPU load, log files, and network activity for
signs that the local system may be under attack, reporting its findings to an
administrator.
c. It monitors network traffic, both incoming and outgoing, for signs that the network
may be under attack.
d. It monitors a variety of things like CPU load, log files, and network activity for

signs that the local system may be under attack, taking steps to isolate an attacker if
an intrusion is detected.

You might also like