1. a Ping Sweep A) Sends ICMP Echo Requests to the Target
Total Page:16
File Type:pdf, Size:1020Kb
1. A ping sweep A) Sends ICMP echo requests to the target machine B) Is an exploit that creates a denial of service (DoS) using ICMP echo requests C) Is a method of clearing your network D) Determines what services are running on a system Points Earned: 1.0/1.0 Correct Answer(s): A 2. What is an unstructured threat? A) An attack that is uncoordinated, nonspecific, and lasts a short amount of time B) An elite hacker who mounts an attack against a specific target C) A poorly engineered building D) A type of malicious code that formats the hard drive on a computer. Points Earned: 1.0/1.0 Correct Answer(s): A 3. In 2009 _______________ was cut and resulted in widespread phone and Internet outages in the San Jose area of California. Points Earned: 1.0/1.0 Correct Answer(s): Fiber cable 4. A successful attack on a network may adversely impact security in all the following ways EXCEPT: A) Loss of confidentiality B) Loss of integrity C) Loss of functionality D) Loss of availability Points Earned: 1.0/1.0 Correct Answer(s): C 5. Which of the following is not one of the three general methods used in authentication? A) Something you do B) Something you have C) Something you are D) Something you know Points Earned: 1.0/1.0 Correct Answer(s): A 6. Authentication means that the person who sends and e-mail will be unable to deny sending the e-mail. A) True B) False Points Earned: 1.0/1.0 Correct Answer(s): False 7. The first step an administrator can take to reduce possible attacks is to A) Install a firewall B) Ensure all patches for the operating system and applications are installed C) Configure an intrusion detection system D) Install anti-spyware software Points Earned: 1.0/1.0 Correct Answer(s): B 8. The term "script kiddies" refers to A) A children's television show B) A type of video game C) A hacker of low-end technical ability D) An Internet site for peer-to-peer music sharing Points Earned: 1.0/1.0 Correct Answer(s): C 9. As the level of sophistication of attacks _________, the level of knowledge necessary to exploit vulnerabilities decreased. Points Earned: 1.0/1.0 Correct Answer(s): increased 10. A person who tries to gradually obtain information necessary to compromise a network— by first appealing for help, and then, if necessary, by a more aggressive approach—is a(n) __________. A) phreaker B) social engineer C) hacktivist D) terrorist Points Earned: 1.0/1.0 Correct Answer(s): B 11. Ensuring that users have access only to the files they need to complete their tasks is an example of which principle? A) Least privilege B) Implicit deny C) Keep it simple D) Separation of duties Points Earned: 1.0/1.0 Correct Answer(s): A 12. The ability to manage whether a subject can interact with an object is called _______________. Points Earned: 1.0/1.0 Correct Answer(s): access control 13. Fifty years ago, few people had access to a computer system or network, so securing them was a relatively easy matter. A) True B) False Points Earned: 1.0/1.0 Correct Answer(s): True 14. Vladimir Levin was able to steal $10 Million from _______________ by using its cash management system. Points Earned: 1.0/1.0 Correct Answer(s): Citibank 15. The hacker was successful in breaching the firewall, the packet filtering router, and the internal firewall, but was quickly detected and unable to get past the workstation personal firewall. This is an example of what principle? A) Job rotation B) Layered security C) Security through obscurity D) Diversity of defense Points Earned: 1.0/1.0 Correct Answer(s): B What is the problem described by the van Eck phenomenon and studied under TEMPEST? A) Magnetic fields that interfere with signals crossing Local Area Network (LAN) cables B) Electromagnetic pulses destroying sensitive computer equipment C) Piggybacking on electromagnetic communications D) Electromagnetic eavesdropping Points Earned: 1.0/1.0 Correct Answer(s): D 2. Halon is effective at putting out fires and safe for humans but can damage equipment. A) True B) False Points Earned: 1.0/1.0 Correct Answer(s): False 3. Your boss needs instructions explaining the steps of how to send encrypted email properly for all employees. You will need to create the _________. A) procedure B) policy C) guideline D) standard Points Earned: 1.0/1.0 Correct Answer(s): A 4. Voice recognition, iris scans, and facial geometry can be used for biometric access controls. A) True B) False Points Earned: 1.0/1.0 Correct Answer(s): True 5. Shoulder surfing is when a person looks over the shoulder of another person while typing pins or passwords. A) True B) False Points Earned: 1.0/1.0 Correct Answer(s): True 6. Standards are recommendations relating to a policy. A) True B) False Points Earned: 1.0/1.0 Correct Answer(s): False 7. When an attacker attempts to get credit card numbers using telephone and voice technologies, it's called A) Phreaking B) Telephishing C) Vishing D) Voicing Points Earned: 1.0/1.0 Correct Answer(s): C 8. One of the most effective tools for foiling the efforts of a social engineering attack is an active security awareness program. A) True B) False Points Earned: 1.0/1.0 Correct Answer(s): True 9. The greatest danger to networks comes from A) Attacks coming across the public switched telephone network B) Natural disasters C) Foreign hackers D) Insiders Points Earned: 1.0/1.0 Correct Answer(s): D 10. When an attacker tries to position himself behind a user so that he can see what keys are being typed or what information is on the screen is called _______________ Points Earned: 1.0/1.0 Correct Answer(s): shoulder surfing 11. _______________ are mandatory elements regarding the implementation of a policy. Points Earned: 1.0/1.0 Correct Answer(s): Standards 12. Statements made by management that lays out the organization's position on an issue are called ________. A) procedures B) policies C) guidelines D) standards Points Earned: 1.0/1.0 Correct Answer(s): B 13. All of the following are characteristics of a strong password EXCEPT: A) Contains special characters, i.e., *%$#@ B) Contains numbers and letters C) Contains an uncommon dictionary word D) Contains at least eight characters Points Earned: 1.0/1.0 Correct Answer(s): C 14. _______________ is the simple tactic of following closely behind a person who has just used their own access card or PIN to gain physical access to a room or building. Points Earned: 1.0/1.0 Correct Answer(s): Piggybacking 15. _______________ are devices that have batteries that are used to keep equipment running in the event of a power outage. Points Earned: 1.0/1.0 Correct Answer(s): UPS 1. _______________ is done by comparing the input plaintext to the output ciphertext to try to determine the key used to encrypt the information. Points Earned: 1.0/1.0 Correct Answer(s): Differential cryptanalysis 2. The art of secret writing that enables an individual to hide the contents of a message from all but the intended recipient is called A) Key management B) Steganography C) Cryptanalysis D) Cryptography Points Earned: 0.0/1.0 Correct Answer(s): D 3. PKI can be used as a measure to trust individuals we do not know. A) True B) False Points Earned: 1.0/1.0 Correct Answer(s): True 4. Keyspace refers to A) All possible key values B) The number of keys needed to encrypt or decrypt a message C) The location where keys are stored D) The portion of the algorithm that the key connects with to encrypt or decrypt a message Points Earned: 1.0/1.0 Correct Answer(s): A 5. The benefit of SHA-1 over MD5 is that it is resistant to a collision attack. A) True B) False Points Earned: 1.0/1.0 Correct Answer(s): False 6. All of the following are asymmetric encryption algorithms EXCEPT: A) ECC B) RSA C) 3DES D) ElGamal Points Earned: 1.0/1.0 Correct Answer(s): C 7. The process for protecting intellectual property from unauthorized used is called A) Digital signatures B) Digital rights management C) Key escrow D) Anti-pirating management Points Earned: 1.0/1.0 Correct Answer(s): B 8. What is a certificate authority? A) An entity that generates electronic credentials B) An entity that requires proof of identity from the individual requesting a certificate C) A centralized directory in which the registered certificate is stored D) An entity that generates a digitally signed identification certificate Points Earned: 1.0/1.0 Correct Answer(s): D 9. Hiding a text file in a jpg file is an example of steganography. A) True B) False Points Earned: 1.0/1.0 Correct Answer(s): True 10. The encryption method based on the idea of using a shared key for encryption and decryption of data is A) Symmetric encryption B) Elliptical curve encryption C) Hashing function D) Asymmetric encryption Points Earned: 1.0/1.0 Correct Answer(s): A 11. The term used to describe a centralized directory that can be accessed by a subset of individuals is _______________ Points Earned: 1.0/1.0 Correct Answer(s): certificate repository 12. The cipher that replaces each letter of the alphabet with a different letter (not in sequence) is a A) Substitution cipher B) Vigenère cipher C) Shift cipher D) Transposition cipher Points Earned: 0.0/1.0 Correct Answer(s): A 13.