SecurityPlusFinal

Prepared using testCommander - http://www.etestingsystems.com

NOVA
SecurityPlusFinal

CED

Final

Test Date: 8/28/2010

Allowed Time: 1 hr.

Instructions

1. Write your first and last names in the space provided.
2. Attempt all questions.
3. If question provides radio button choices you can select only one answer.
4. If question provides check boxes you must select two answers.
5. If question is true or false, you can select only one answer.
6. If a question includes an exhibit, an exhibit button appears below the question.
7. Buttons with unanswered choices already selected are provided for each question
to simplify verification of unanswered questions.

Enter Personal Information:

1. Which one does not use Smart Card Technology?

A	CD Player
B	ATM card
C	Mobile gas token
D	Medical card
	Unanswered

2.	An administrator of a web server notices many port scans to a server. To limit exposure and vulnerability exposed by these ports scans the administrator should:

A	Uninstall the Internet Information Server
B	Close the telnet port #23
C	Uninstall or disable any programs or processes that are not needed for the proper use of the server
D	Shut down port 80
	Unanswered

3.	The system administrator concerned about security has designated a special area in which to place the web server away from other servers on the network. This area is commonly known as the:

A	Bastion host
B	Screened Bastion host
C	Demilitarized Zone
D	Fire wall network
	Unanswered

4.	The integrity of a cryptographic system is considered compromised if which of the following conditions exist?

A	The Public key is disclosed
B	The Private key is disclosed
C	The Digital signature is compromised
D	The CA is discovered
	Unanswered

5.	Which of the following provides privacy, data integrity and authentication and handles devices in a wireless network environment?

A	WEP (Wired Equivalent Privacy)
B	WAP (Wireless Application Protocol)
C	WSET (Wireless Secure Electronic Transaction)
D	WTLS (Wireless Transport Layer Security)
	Unanswered

6.	File encryption using symmetric cryptography satisfies what security requirement?

A	Faithfulness
B	Confidentiality
C	Originality
D	Capability
	Unanswered

7.	Missing audit log entries most seriously affect an organization's ability to:

A	Legally prosecute an attacker
B	Hinder the network administrator in daily functions
C	Continue security operations
D	Pass annual security inspections
	Unanswered

8.	The primary Disadvantage of symmetric cryptography is:

A	Asymmetric keys
B	Loss of code
C	Key distribution
D	Private key compromise
	Unanswered

9.	Which access control method provides the most granular access to protected objects?

A	Access control lists
B	Mandatory control
C	Role-Based control
D	Access tokens
	Unanswered

10.	SSL (Secure Sockets Layer) session keys are available in what two lengths?

A	60-bit & 120-bit
B	40-bit & 160-bit
C	50-bit & 180-bit
D	40-bit & 128-bit
	Unanswered

11.	Which one of the following would most likely lead to a CGI (Common Gateway Interface) security problem?

A	External data supplied by the user
B	Buffer overflow
C	Errant code
D	Data leak
	Unanswered

12.	A network administrator wants to restrict internal access to other parts of the network. The network restrictions must be implemented with the least amount of administrative overhead and must be hardware based. What is the best solution?

A	Implement firewalls between subnets to restrict access
B	Install routers
C	Implement VLANS
D	Implement switches
	Unanswered

13.	A server placed into service for the purpose of attracting a potential intruder's attention is known as a

A	DMZ
B	Honey wagon
C	IDS
D	Honey pot
	Unanswered

14.	Which of the following options best describes a challenge-response session?

A	A workstation or system that generates a random challenge string that the user enters when prompted along with the proper PIN
B	A user inserts the password
C	The administrator challenges the server with a password
D	A system offers cash based on a personal picture
	Unanswered

15.	A network attack that misuses TCP's three way handshake to overload servers and deny access to legitimate users is called a:

A	Ping of Death
B	Man-in-the-middle
C	Syn(synchronize)
D	Kiss of Death
	Unanswered

16.	How can an E-mail administrator prevent malicious users from sending E-mails from nonexistent domains?

A	Enable DNS reverse lookup on the E-mail server
B	Use the WINs servers to assist
C	Employ the DHCP service
D	Allow SNMP services to assist
	Unanswered

17.	Security requirements for servers do not typically include:

A	The use of user accounts and passwords
B	The ability to allow administrative activities to all users
C	The use of ACL to secure resources
D	The use of password attempt lockouts
	Unanswered

18.	The best way to harden an application that is developed in house is to:

A	Ensure that security is given due consideration throughout the entire development process
B	Security is implemented prior to the publication of the application
C	Test the application when the project is completed
D	Provide security patches after the product is in production
	Unanswered

19.	When a user digitally signs a document an symmetric algorithm is used to encrypt:

A	The data in the message
B	Hash results
C	Digital messages
D	Asymmetric keys
	Unanswered

20.	A need to know security policy would grant access based on:

A	Most privilege
B	Highest security level
C	Least privilege
D	Most rank
	Unanswered

21.	What is the best method of defense against IP spoofing attacks?

A	Change your networks' IP addresses
B	Adding a firewall to the network
C	Adding a bridge to the network
D	Applying ingress filtering to routers
	Unanswered

22.	What is the best method of reducing vulnerability from dumpster diving?

A	Destroying paper and media
B	Labeling documents before placing them in the trash
C	Proper filing
D	Securing dumpsters
	Unanswered

23.	A common algorithm used to verify the integrity of data from a remote user through the creation of a 128-bit hash from a data input is:

A	RSA
B	Blowfish
C	Twofish
D	MD5
	Unanswered

24.	A major difference between a worm and a Trojan Horse program is:

A	Trojans are self replicating
B	Worms are self replicating while Trojan horses are not
C	Trojan horses may be given as gifts
D	Worms are designed specifically for tunneling operations
	Unanswered

25.	When a change to user security policy is made, the policy maker should provide appropriate documentation to:

A	Upper level management
B	Middle management
C	The users
D	All staff
	Unanswered

26.	Message authentication codes are used to provide which service?

A	Integrity
B	Honesty
C	Authority
D	Duplicity
	Unanswered

27.	When hardening a machine against external attacks, what process should be followed when disabling services?

A	Remove all services & start up only those that you need
B	Research the services and their dependencies before disabling any default services
C	Shut down the services and then re-boot the server
D	Allow all the services because you might need them later
	Unanswered

28.	Incorrectly detecting authorized access as an intrusion or attack is called a false:

A	Positive
B	Negative
C	Neutral
D	Statement
	Unanswered

29.	What fingerprinting technique relies on the fact that operating systems differ in the amount of information that is quoted when ICMP errors are encountered?

A	Biometric prints
B	ICGP message quoting
C	ICMP message quoting
D	IP quoting
	Unanswered

30.	Which protocol is typically used for encrypting traffic between a web browser and web server?

A	SSL
B	TCP/IP
C	Netbeui
D	WTLS
	Unanswered

31.	The system administrator has just used a program that highlighted the susceptibility of several servers on the network to various exploits. The program also suggested fixes. What type of program was used?

A	Port scanner
B	Image scanner
C	Vulnerability scanner
D	Optical scanner
	Unanswered

32.	Which of the following is a popular VPN protocol operating at the OSI model layer three?

A	IPSec
B	IP
C	IPX/SPX
D	SSL
	Unanswered

33.	Which of the following is the best description of �separation of duties�?

A	Alternating tasks among people
B	Assigning different parts of tasks to different employees
C	Separating the people in different departments
D	Allowing people to finish the entire task
	Unanswered

34.	A DRP(Disaster Recovery Plan) typically includes which of the following:

A	Risk assessment
B	Security policy
C	Business continuity plan
D	Sanitization plan
	Unanswered

35.	One of the factors that influence the lifespan of a private key certificate and its associated Public keys is the:

A	Size of the certificate
B	Length of the asymmetric hash
C	Length of the symmetric hash
D	Bit-strength
	Unanswered

36.	The action of determining which operating system is installed on a system simply by analyzing its response to certain network traffic is called:

A	Scanning
B	Analyzing
C	Indicating
D	Fingerprinting
	Unanswered

37.	The most effective way an administrator can protect users from social engineering is:

A	Education
B	E-mail filtering
C	Denying them access
D	Security clearances
	Unanswered

38.	During the digital signature process, asymmetric cryptography satisfied what security requirement?

A	Integrity
B	Authentication
C	Operations
D	Additional information
	Unanswered

39.	The best method to use for protecting a password stored on the server used for user authentication is to:

A	Delete the password
B	Copy the password
C	Hash the server password
D	Rename the password
	Unanswered

40.	What is the most common method used by attackers to identify the presence of an 802.11b network?

A	War driving
B	War-dialing
C	War-planning
D	War-avoidance
	Unanswered

41.	An inherent flaw of DAC relating to security is:

A	That the Operating systems dictate who sees the data
B	The role played by an individual indicates their access
C	DAC relies only on the identity of the user or process, leaving room for a Trojan horse
D	It includes a certain security level
	Unanswered

42.	Privileged accounts are most vulnerable immediately after a:

A	Hiring
B	Termination
C	In progress review
D	Inventory
	Unanswered

43.	A password security policy can help a system administrator to decrease the probability that a password can be guessed by reducing the password�s:

A	Lifetime
B	Length in characters
C	Difficulty
D	Special keys
	Unanswered

44.	What is the advantage of a multi-homed firewall? (a PC with two NICs)

A	Two nics are better than one
B	If the firewall is compromised, only the systems in the DMZ are exposed
C	If the firewall is compromised, only the honeypots will be exposed
D	If the firewall goes down, the IDS system will back it up
	Unanswered

45.	Poor programming techniques and the lack of code review can lead to which of the following type of attack?

A	DoS
B	DdoS
C	Buffer overflow
D	Man-in-the-middle
	Unanswered

46.	Technical security measures and countermeasures are primarily intended to prevent:

A	Acts of nature
B	Server re-configuration
C	Emergency recovery programs
D	Unauthorized access, unauthorized modification and denial of authorized access
	Unanswered

47.	The WAP (Wireless Application Protocol) programming model is based on the following three elements:

A	Client, gateway & original server
B	Client & server
C	3 Gateway services
D	Three way handshake
	Unanswered

48.	An organization is implementing Kerberos as its primary authentication protocol. Which of the following must be deployed for kerberos to function properly?

A	Date time group
B	Time synchronization services for clients and servers
C	IPSec protocol
D	Reverse social engineering
	Unanswered

49.	Which of he following correctly identifies some of the contents of a user�s X.509 certificate?

A	User�s public key, the certificate�s serial number, & the validity dates
B	Proof of purchase & proof of delivery
C	Type of CA distribution method
D	Location of the certificate�s place of origin
	Unanswered

50.	Which of the following steps in the SSL(Secure Socket Layer) protocol allows for client and server authentication, MAC and encrypting algorithm negotiation, and selection of cryptographic keys?

A	The SSL handshake protocol
B	The negotiation step
C	The message session termination step
D	The encryption rejection process step
	Unanswered

51.	Which of the following is expected network behavior?

A	DoS attacks
B	DdoS attacks
C	Changes in network performance such as variations in traffic load
D	Anti-virus signature updates
	Unanswered

52.	Assuring the recipient that a message has not been altered in transit is an example of which of the following:

A	Anti-trust
B	Web of trust
C	Authentication
D	Integrity
	Unanswered

53.	Appropriate documentation of a security incident is important for each of the following reasons EXCEPT:

A	The documentation will indicate who should be fired for the incident
B	It should indicate the time and place of the incident
C	The servers or services attacked
D	Any information about ports of entry
	Unanswered

54.	The process by which remote users can make a secure connection to internal resources after establishing an Internet connection could correctly be referred to as:

A	Tunneling
B	Remote access
C	Telnetting
D	Protocol hopping
	Unanswered

55.	With regards to the use of Instant Messaging, which of the following type of attack strategies is effectively combated with user awareness training?

A	DoS
B	Replay attack
C	Man-in-the-middle
D	Social engineering
	Unanswered

56.	For system logging to be an effective security measure, an administrator must:

A	Review the logs on a regular basis
B	Secure the logs on an unused portion of the hard drive
C	Backup the logs on a regular schedule
D	Forward the logs to the appropriate authorities
	Unanswered

57.	A security administrator tasked with confining sensitive data traffic to a specific subnet would do so by manipulating privilege policy based tables in the networks:

A	Bridge
B	Router
C	Gateway
D	Hub
	Unanswered

58.	What is the most effective social engineering defense strategy?

A	Reverse social engineering
B	E-mails evaluation
C	Training and awareness
D	A firewall router
	Unanswered

59.	Regarding security, biometrics are used for:

A	Data integrity
B	Authentication
C	Encryption
D	Data tampering
	Unanswered

60.	What type of attack CANNOT be detected by an IDS?

A	Spoofed E-mail
B	Internal network attack
C	Host based attack
D	DoS attack
	Unanswered

61.	An attacker can determine what network services are enabled on a target system by:

A	Using War-dialing
B	War-driving
C	Using sub-seven
D	Running a port scan against the target system
	Unanswered

62.	A malformed MIME header can:

A	Cause an E-mail server to crash
B	Crash a print server
C	Disrupt the DHCP server
D	Re-configure the DNS server
	Unanswered

63.	Analyzing log files after an attack has started an example of:

A	Active detection
B	Passive detection
C	Documentation
D	Normal detection
	Unanswered

64.	One of the most effective ways for an administrator to determine what security holes reside on a network is to:

A	Perform a vulnerability assessment
B	Port scan
C	DoS attack
D	Design a Risk analysis report
	Unanswered

65.	What is the best defense against man in the middle attacks?

A	Long passwords
B	A good line backer
C	A dedicated network administrator
D	Strong encryption
	Unanswered

66.	Currently, the most costly method of an authentication system is with the use of:

A	Biometrics
B	Trained guards and dogs
C	Digital certificate
D	Moat ID techniques
	Unanswered

67.	A PKI document that serves as the vehicle on which to base common interoperability standards and common assurance criteria on an industry wide basis is a certificate:

A	Token
B	Statement
C	Policy
D	Integrity
	Unanswered

68.	An effective method of preventing computer viruses from spreading is to:

A	Enable scanning of e-mail
B	Re-configuring servers
C	Disabling the Anti-virus service
D	Removing unnecessary services and protocols
	Unanswered

69.	What is NOT an acceptable use for smart card technology?

A	A smart card used with the proper password or pin
B	A smart card used with a fingerprint
C	A PKI token card shared by multiple users
D	An ATM card used with a pin
	Unanswered

70.	A network attack method that uses ICMP and improperly formatted MTUs(Maximum Transmission Unit) to crash target computer is known as a:

A	DoS attack
B	Man-in-the-Middle attack
C	Syn flood attack
D	Ping of death attack
	Unanswered

71.	Which of the following is likely to be found after enabling anonymous FTP read/write access?

A	Storage and distribution of unlicensed software
B	Unauthorized logon
C	DoS
D	Unauthorized logoff
	Unanswered

72.	IDEA, Blowfish, RC5 & CAST-128 are encryption algorithms of which type?

A	Asymmetric
B	Desymmetric
C	Symmetric
D	Algommetric
	Unanswered

73.	When an Active X control is executed, it executes with the privileges of the:

A	Administrator account
B	Current user account
C	Power user account
D	Guest user account
	Unanswered

74.	An example of a physical access barrier would be:

A	Biometric fingerprints
B	Clear text password
C	Dumpster diving
D	Security guard
	Unanswered

75.	An administrator is concerned with viruses in E-mail attachments being distributed & inadvertently installed on user�s workstations. If the administrator sets up & attachment filter, what types of attachments should be filtered from E-mails to minimize the danger of viruses.

A	Executable files
B	System files
C	Program files
D	Batch files
	Unanswered

76.	What authentication problem is addressed by single sign on?

A	Identification
B	Multiple usernames & passwords
C	Remote access
D	Peer-to-peer logon
	Unanswered

77.	An extranet would be best defined as an area or zone:

A	That is for internal employees only
B	That is a DMZ area
C	That allows a business to securely transact with other businesses
D	That allows Web access for local company users
	Unanswered

78.	Access controls based on security labels associated with each data item & each user are known as:

A	DAC
B	MAC
C	RBAC (rule based)
D	RBAC (role based)
	Unanswered

79.	Which of the following is considered the best technical solution for reducing the threat of a man in the middle attack?

A	Symmetric key
B	Hash key
C	PKI
D	Clear text passwords
	Unanswered

80.	Security controls may become vulnerabilities in a system unless they are:

A	Adequately tested
B	Documented
C	Published on the intranet
D	Placed it the newsletter
	Unanswered

81.	The standard encryption algorithm based on Rijndael is known as:

A	RC4
B	DES
C	CAST
D	AES
	Unanswered

82.	IEEE 802.11b is capable of providing data rates of up to:

A	2 Mbps
B	100Mbps
C	11Mbps
D	54Mbps
	Unanswered

83.	Security training should emphasize that the weakest links in the security of organization are typically:

A	People
B	People
C	Alarm systems
D	Encryptions systems
	Unanswered

84.	What would NOT improve the physical security of workstations?

A	Key locks for the monitors
B	Keyboards glued to the desks
C	Strong passwords
D	Small bicycle chains around some portion of the CPU
	Unanswered

85.	Which of the following is an example of an asymmetric algorithm?

A	RSA
B	Blowfish
C	Rijndael
D	Mars
	Unanswered

86.	Many intrusion detection systems look for known patterns or ___________ to aid in detecting attacks.

A	Signatures
B	Worms
C	Behaviors
D	Traits
	Unanswered

87.

While connected from home to an ISP, a network administrator performs a port scan against a corporate server &

encounters four open TCP ports: 25, 110,161, & 389. Corporate users in the organization must be able to connect from home,

send & receive messages on the Internet, read E-mail by beams of the IMAPv.4 protocol & search into a directory services database for user E-mail addresses & digital certificates. All the E-mail related services, as well as the directory server, run on the scanned server. Which of the above ports can be filtered out to decrease unnecessary exposure without affecting functionality?

A	25
B	110
C	161
D	389
	Unanswered

88.	What statement is most true about viruses and hoaxes?

A	Hoaxes can create as much damage as a real virus
B	Hoaxes really don�t count in the grand virus strategy
C	Hoaxes can cause real damage to many systems
D	Hoaxes can damage someone�s pride
	Unanswered

89.	A DMZ typically contains: (Select two)

A	A workstation for daily workers
B	An FTP server
C	The corporate Database server
D	The WEB server
	Unanswered

90.	Documenting change levels and revision information is most useful for:

A	Disaster recovery
B	Event documentation
C	Disaster planning
D	Change documentation
	Unanswered

91.	Which of the following is a technical solution that supports high availability?

A	Striped disks
B	RAID
C	Multiple disks
D	Disk duplexing
	Unanswered

92.	Computer forensics experts collect & analyze date using which of the following guidelines so as to minimize data loss?

A	Chain of custody
B	Chain of Data
C	Clearing the crime scene
D	Clean up everything
	Unanswered

93.	The primary purpose of NAT is to:

A	Distribute IP addresses
B	Translate Host names to IP addresses
C	Look up the MAC address of an IP
D	Hide internal hosts from the public network
	Unanswered

94.	Which of the following backup methods copies only modified files since the last full backup?

A	Copy
B	Daily
C	Differential
D	Incremental
	Unanswered

95.	At what stage of an assessment would an auditor test systems for weaknesses & attempt to defeat existing encryption, passwords & access lists?

A	The planning stage
B	The penetration stage
C	he Disaster recovery stage
D	The security stage
	Unanswered

96.	What two functions does IPSec perform?

A	Provides the authentication Header (AH) for data integrity
B	Provides the encapsulation security payload (ESP) for data confidentiality
C	Provides for the tunneling necessary to bypass the firewall
D	Provides the Integrity necessary for most instant messaging
	Unanswered

97.	After installing a new operating system, what configuration changes should be implemented?

A	Rename the guest account
B	Update all Microsoft applications
C	Place the appropriate patches on the server
D	Rename the administrator account & disable the guest account
	Unanswered

98.	Which of the following results in a domain name server resolving the domain name to a different IP and thus misdirecting Internet traffic?

A	Man in the middle attack
B	Spoofing attack
C	DoS attack
D	Syn Attack
	Unanswered

99.	What kind of attacks are hashed passwords vulnerable to?

A	Worms
B	Brute force
C	DDoS
D	Dictionary
	Unanswered

100.	By definition, how many keys are needed to lock and unlock data using symmetric key encryption?

A	1
B	2
C	3
D	4
	Unanswered

IMPORTANT! Double check your test before submitting.