Multiple Choice (2 Points Each) s1
Total Page:16
File Type:pdf, Size:1020Kb
Name: IST 485 Test 2
Multiple Choice (2 points each)
1. This group is responsible for handling hostile intrusions on the network, unauthorized access or acceptable use violations, virus activity, network outages, court-ordered discovery, illegal activities such as software piracy, etc. A. Facility Security Officers B. Security Awareness Trainers C. Red Team D. Incident Response Team
2. Name the network authentication system that Microsoft began using on it’s domain controllers with Windows Server 2003 and has continued to be a strong authentication method for them until this day. This is a multi step authentication process that is resistant to man in the middle attacks as well as injection attacks. A. SSH B. Telnet C. Kerberos D. SMTP
3. The book describes one advantage of micro kernels to be like submarines because: A. Micro kernels are smaller than regular kernels and therefore more secure B. Micro kernels are compartmentalized and therefore security breaches can be contained. C. Micro kernels are something that is necessary for the MAC/DAC protocol D. Micro kernels are centralized and therefore memory is easier to share
4. What is a grouping of domains and their domain controllers called on a Windows network? A. Security Group B. Organizational Unit (OU) C. Domain Group D. Forest
5. The author suggests that on most Linux servers like a web or email server you don’t need a GUI environment and you should therefore boot into what runlevel for multi-user support without a GUI? A. 2 B. 3 C. 4 D. 5 6. On a linux email server, it is often suggested that Sendmail be replaced by a simpler and more secure Linux email system, what is that email system? A. Postfix B. Exchange C. OWA D. hMail
7. What Linux command can be run to display all listening ports as well as active connections, what process and file is behind that connection, as well as the user that the process is being run as? A. Netstat B. DF C. LS D. LSOF
8. Name the Windows service that comes free with Windows Server 2003 and above that can be configured to automatically update Windows clients and provide a local central repository for Windows Updates. A. SCCM B. Solarwinds C. WSUS D. Shavlik
9. Which access control type does the following describe? All that is not expressly permitted is forbidden. A. DAC B. CAC C. SLAC D. MAC
10. These are outside firms contracted by business to perform specific security tasks, and are becoming increasingly popular and viable for modern businesses. A. SMTP B. WSUS C. SCCM D. MSSP
11. Match the definition with it’s term. ____ establishes who the user is ____ establishes what the user can do A. Authentication B. Authorization C. Integration D. Non-repudiation 12. The book says, “When you buy a DVD, put gas in your car, or make a purchase from an online retailer, all of these activities function because they operate in accordance with a common set of standards and guidelines.” What is it giving an example of? A. Common Criteria B. Common Computing C. Common MAC D. Common DAC
13. What set of permissions in Windows does modify include? (Mark all that apply) A. Read B. Write C. Execute D. List Folder Contents E. Delete F. Transpose
14. What set of permissions in Windows does full control include? (Mark all that apply) A. Read B. Write C. Execute D. List Folder Contents E. Delete F. Transpose
15. This Windows Authentication System was the standard for operating systems like Windows 95 and Windows 98, however it has since been shown to be vulnerable to attack and should be avoided if at all possible. A. NTLM (NT Lan Manager) B. NTLMv2 (NT Lan Manager) C. Kerberos D. LM (Lan Manager)
16. The way in which domains can be joined is called a trust. In Windows, … A. trusts have to be specified and are two-way B. trusts have to be specified and are one-way C. trusts have to be specified and can be either one-way or two-way D. trusts are automatically generated when two domains are added to the same forest
17. In Linux, where are the service daemons scripts usually stored? A. /var B. /var/log C. /etc D. /etc/init.d 18. This position is an executive staff member with ultimate accountability for all security efforts for the entire business. A. Chief Executive Officer B. Chief Information Security Officer C. Security Engineer D. Chief Information Planning Officer
19. In Linux, where are the scripts located that get run at system startup? A. /etc/start B. /var/start C. /etc/rc.d D. /var/rc.d
20. In what order of importance are Group policies applied. A. Local, OU, Site, Domain B. OU, Domain, Site, Local C. Domain, Site, Local, OU D. Local, Site, Domain, OU
21. In Linux, in what file are the password hashes stored for each user? A. /etc/password B. /etc/shadow C. /etc/user D. /etc/hosts
22. These typically specify what a user can do with specific files or folders (These typically use ACL’s or access control lists) A. Controls B. User Template C. Rights D. Permissions
23. In class, while reviewing chapter 20, we watched a presentation about a person who was able to circumvent network electronic door locks. What basic vulnerability was he using to unlock the doors on command? A. Buffer Overflow B. SYN Flooding C. Packet Malformation D. TCP Sequence Prediction 24. This suite is a free set of encryption libraries and applications to make limited use of them. A. DNS B. DHCP C. TCP Wrappers D. OpenSSL
25. These are simply configuration files that provide settings (or mark them “undefined” for major security configuration choices. They can be applied to one or many computers. A. Trusts B. Security Templates C. Password Policy Core D. Gold Security Code Short Answer (10 Points each)
1. List 3 ways in which the TCP/IP protocol is vulnerable and describe each vulnerability.
2. Explain under which situations you might apply security policy using local security policy, Windows security templates, and Group Policy.
3. Explain what TCP wrappers are and what you can do with them once a service is set up to use TCP wrappers.
4. Describe the Windows Reference Monitor and list and explain it’s 4 characteristics.
5. Explain what using chroot does to a service and why you would use it.