Professional Documents
Culture Documents
21
Practice Questions
Question 1
Which of the following is a knowledgebased authentication mechanism? 0 a. Smart card 0 b. Token 0 c. Password 0 d. Biometrics
Answer c is correct.
Question 2
Which of the following is a centraized access controlmethodology? l 0 a. RADIUS 0 b. Lattice
0 c. DAC 0 d. MAC
Answer a is correct.
Question 3
What is it called when an attacker sends unsolicited communications? 0 a. Sniffers 0 b. Crackers 0 c. Spoofing 0 d. Spamming
22 Chapter 2
Answer d is correct..
Question 4
Which of the following allows attackers to break passwords? 0 a. Sniffers 0 b. Crackers 0 c. Spoofing 0 d. Spamming
Answer b is correct.
Question 5
Which of the following allows attackers to imitate a different user or system? 0 a. Sniffers 0 b. Crackers 0 c. Spoofing 0 d. Spamming
23
Question 6
Which of the following is a table that identifies user access rights for a particular system object?
0 a. MAC
0 b. DAC 0 c. ACL
Question 7
Which access control technique allows security officers to specify access security policies based on an organization's structure?
0 a. MAC
0 b. DAC
0 c. Lattice
0 d. RBAC
24 Chapter 2
Question 8
Which access control technique allows a resource owner to control other user's access to an object?
0
a.
MAC
0 b. DAC
0 c. Lattice
0 d. RBAC
Answer b is correct. DAC allows a resource owner to control other user's access to an object. Answer a is incorrect because MAC is a nondiscretionary access control technique that uses defined security classifications. Answer cis incorrect because lattices deal with information flow in multiuser environments. Answer d is incorrect because RBAC allows security officers to specify access security policies based on an organizations structure. '
Question 9
Which access control technique is nondiscretionary?
0
a.
MAC
0 b. DAC
0 c. Lattice
0 d. RBAC
Answer a is correct. MAC is nondiscretionary. Answer b is incorrect because DAC is discretionary access control. Answer c is incorrect because lattices deal with information flow in multiuser environments. Answer d is incorrect because RBAC allows security officers to specify access security policies based on an . wn orgam zat. 's structure.
25
Question 10
Which technique monitors networks and computer systems for signs of intrusion or misuse?
0 a. IDS
0 b. MAC
0 c. BeiiLaPadula
0 d. TACACS
Answer a is correct. IDS monitors networks and computer systems for signs of intrusion or misuse. Answer b is incorrect because MAC is an access control technique. Answer c is incorrect because Bell-LaPadula is an access control model. Answer d is incorrect because TACACS is a centralized access control methodology.
54 Chapter 3
Practice Questions
Question 1
Which layer of the OSI modelhandles TCP? 0 a. Physical
0 b. Network
Answer cis correct.TCP works at theTransport layer. Answers a and dare incorrect because the Physical and Data Link layers deal with getting data packets to the physical communications medium. Answer b is incorrect because IP works at the Network layer.
Question 2
Which of the following is a protocolthat one program can use to request a service from a program on another computer? 0 a. Secure RPC 0 b. CHAP 0 c. SLIP 0 d. PPTP
Answer a is correct. Secure RPC is a protocol that one program can use to request a service from a program on another computer. Answer b is incorrect because CHAP is a password authentication protocol. Answer cis incorrect because SLIP is a TCP/IP protocol used for communication between two machines configured for communication with each other. Answer dis incorrect because PPTP is a tunneling protocol.
55
Question 3
Which of the following is a tunneling protocol? 0 a. Secure RPC 0 b. CHAP 0 c. SLIP 0 d. PPTP
Answer d is correct. PPTP is a tunneling protocol. Answer a is incorrect because Secure RPC is a protocol that one program can use to request a service from a program on another computer. Answer b is incorrect because CHAP is a secure procedure for connecting to a system. Answer cis incorrect because SLIP is used for communications between machines, such as your system and your ISP.
Question 4
Which of the following allows or denies traffic based only on protocol/port information? 0 a. Packet filtering 0 b. Circuit gateways 0 c. Application proxies 0 d. Switch
Answer a is correct. Packet filtering allows or denies traffic based only on protocol/port information. Answer b is incorrect because circuit gateways are more tunnel oriented. Answer cis incorrect because application proxies create a break in the communication process. Answer d is incorrect because switches are networking devices.
Question 5
Which of the following creates a break in the communication process? 0 a. Packet filtering 0 b. Circuit gateways 0 c. Application proxies 0 d. Switch
56 Chapter 3
Answer c is correct. Application proxies create a break in the communication process. Answer a is incorrect because packet filters allow or deny traffic based only on protocol/port information. Answer b is incorrect because circuit gateways are more tunnel oriented. Answer d is incorrect because switches are networking devices.
Question 6
Firewalls often use which technology to help "hide" internal network IP addresses?
0 a. NAT
0 b. PAP
c. SLIP
0 d. CHAP
Answer a is correct. Firewalls often use NAT to help hide internal network IP addresses. Answers band dare incorrect because PAP and CHAP are authentication protocols. Answer cis incorrect because SLIP is a communications protocol.
Question 7
Which cabling method uses an RJ45 connector? 0 a. Coaxial cable
0 b. UTP
Answer b is correct. UTP uses an RJ-45 connector. Answer a is incorrect because coaxial cable uses a BNC connector. Answer c is incorrect because fiber optic cable uses an SC connector. Answer d is incorrect because wireless networks do not have specific connectors.
57
Question 8
An Ethernet network often uses which type of topology?
0 a. Star 0 b. Ring 0 c. Bus 0 d. Diamond
Answer cis correct. An Ethernet network often uses a bus topology. Answer a is incorrect because star topologies are used in switched environments. Answer b is incorrect because ring topology is often used in Token Ring implementations. Answer d is incorrect because diamond is not a network topology.
Question 9
Which of the following is not a transmission protocol?
0 a. PPP 0 b. SLIP
0 c. Frame Relay
0 d. ARP
Answer d is correct. ARP is not a transmission protocol. Answer a is incorrect because PPP is a protocol for communication between two computers using a serial interface. Answer b is incorrect because SUP is used for communications between machines, such as your system and your ISP. Answer c is incorrect because Frame Relay is a telecommunications service.
Question 10
Which protocol maps an IP address to a physicalmachine address?
0 a. PPP 0 b. SLIP
0 c. Frame Relay
0 d. ARP
58 Chapter 3
Answer d is correct. ARP maps an IP address to a physical machine address. Answer a is incorrect because PPP is a protocol for communication between two computers using a serial interface. Answer b is incorrect because SLIP is used for communications between machines, such as your system and your ISP. Answer c is incorrect because Frame Relay is a telecommunications service.
72 Chapter 4
Practice Questions
Question 1
Which of the following concepts ensures that data and resources are ac cessible when they need to be? 0 a. Confidentiality 0 b. Integrity 0 c. Availability 0 d. Authorization
Answer c is correct. Availability ensures data and resources are accessible when they need to be. Answer a is incorrect because confidentiality protects data from being viewed by unauthorized individuals. Answer b is incorrect because integrity protects data from being modified, retaining the consistency and original meaning of the information. Answer d is incorrect because authorization provides a means of determining who can access which system resources.
Question 2
Providing a means of determining who can access which system resources describes which of the following concepts? 0 a. Confidentiality 0 b. Integrity 0 c. Availability 0 d. Authorization
Answer d is correct. Authorization provides a means of determining who can access which system resources. Answer a is incorrect because confidentiality protects data from being viewed by unauthorized individuals. Answer b is incorrect because integrity protects data from being modified, retaining the consistency and original meaning of the information. Answer cis incorrect because availability ensures data and resources are accessible when they need to be.
Question 3
Protecting data from being viewed by unauthorized individuals describes which of the following concepts? 0 a. Confidentiality 0 b. Integrity 0 c. Availability 0 d. Authorization
Answer a is correct. Confidentiality protects data from being viewed by unauthorized individuals. Answer b is incorrect because integrity protects data from being modified, retaining the consistency and original meaning of the information. Answer c is incorrect because availability ensures data and resources are accessible when they need to be. Answer d is incorrect because authorization provides a means of determining who can access which system resources.
Question 4
Confidentiality,integrity,and availability constitute which of the following? 0 a. Accountability 0 b. Nonrepudiation 0 c. Audit 0 d. CIA triad
Answer d is correct. Confidentiality, integrity, and availability constitute what is known as the CIA triad. Accountability, nonrepudiation, and audit are not part of the CIA triad. Answer a is incorrect because accountability binds an action to a specific individual. Answer b is incorrect because nonrepudiation keeps an individual from denying that a transaction took place. Answer c is incorrect because audit is the process of analyzing and reviewing configurations, policies, procedures, and so on.
74 Chapter 4
Question 5
Which of the following concepts describes binding an action to a specific individual? 0 a. Accountability 0 b. Nonrepudiation 0 c. Audit 0 d. CIA triad
Answer a is correct. Accountability binds an action to a specific individual. An swer b is incorrect because nonrepudiation keeps an individual from denying that a transaction took place. Answer c is incorrect because audit is the process of analyzing and reviewing configurations, policies, procedures, and so on. Answer dis incorrect because the CIA triad is a combination of confidentiality, integrity, and availability.
Question 6
Keeping an individualfrom denying that a transaction took place describes which of the following concepts? 0 a. Accountability 0 b. Nonrepudiation 0 c. Audit 0 d. CIA triad
Answer b is correct. Nonrepudiation keeps an individual from denying that a transaction took place. Answer a is incorrect because accountability binds an action to a specific individual. Answer cis incorrect because audit is the process of analyzing and reviewing configurations, policies, procedures, and so on. Answer d is incorrect because the CIA triad is the combination of confidentiality, integrity, and availability.
Question 7
Which of the following is not idealin an effective change control program? 0 a. Change requests must be formally documented. 0 b. All changes must be approved. 0 c. Programmer moves code directly to production. 0 d. Code is approved before being migrated to production.
Answer c is correct. A programmer moving code directly to production is not an effective change control program. Answers a, b, and d are incorrect because they are all effective change control procedures.
Question 8
What should you not do after dismissing an employee? 0 a. Escort him out the door 0 b. Let him return to his desk unsupervised 0 c. Disable all accounts and logons 0 d. Follow the termination checklist
Answer b is correct. After dismissing an employee, you should not let him return to his desk unsupervised. Answers a, c, and dare all steps of an effective termination policy.
Question 9
A(n) can assist only in the prevention of deliberate breaches of security such as theft, fraud,sabotage, and misuse. 0 a. Organization structure 0 b. Encapsulation 0 c. Training program 0 d. Change control
Answer a is correct. An organization's structure can assist only in the prevention of deliberate breaches of security such as theft, fraud, sabotage, and misuse. An swers b,c, and dare incorrect because encapsulation, training programs, and change
76 Chapter 4
control all help prevent other security breaches in addition to theft, fraud, sabotage, and misuse.
Question 10
Security awareness programs cannot: 0 a. Make employees aware of issues 0 b. Show them the proper procedures to follow 0 c. Enforce security poicy l 0 d. Make them aware of risks
Answer cis correct. Awareness programs help educate, but they cannot enforce security policy. Answers a, b, and d are thus incorrect.
Practice Questions
Question 1
When the computer programming, processing, and data that computers work on are spread out over more than one computer, you have imple mented a(n) 0 a. Distributed Computing Environment 0 b. Nondistributed computing environment 0 c. Agent 0 d. Applet
Answer a is correct. A Distributed Computing Environment is implemented when the computer programming, processing, and data that computers work on are spread out over more than one computer. Answer b is incorrect because a nondistributed computing environment is one where the computer programming, processing, and data are not spread out over more than one computer. Answer cis incorrect because an agent is a program that gathers information or performs some other service on some regular schedule without your immediate presence. Answer d is incorrect because an applet is a small application program.
Question 2
A program that gathers information or performs some other service on some regular schedule without your immediate presence is a(n) 0 a. Applet 0 b. ActiveX control 0 c. Agent 0 d. C++ control
Answer cis correct. An agent is a program that gathers information or performs some other service on some regular schedule without your immediate presence. Answer a is incorrect because an applet is a small application program. Answers b and d are incorrect because a control (ActiveX or C++) is a component of the ActiveX language and environment.
94 Chapter 5
Question 3
Which programming language was developed for specific use on the Internet and on a wide variety of platforms? 0 a. Fortran
0 b. C++ 0 c.
0 d. Java Answer dis correct.Java was developed for specific use on the Internet and on a wide variety of platforms. Answers a, b, and c are incorrect because these languages were not developed specifically for use over the Internet and for functionality on a wide variety of platforms.
Question 4
An activity in which an unclassified user legitimately accesses unclassified
information and deduces secret information refers to 0 a. Inference 0 b. Polyinstantiation 0 c. Data mining 0 d. Aggregation Answer a is correct. Inference is an activity in which an unclassified user legitimately accesses unclassified information and deduces secret information. An swer b is incorrect because polyinstantiation is used to prevent inference violations. Answer cis incorrect because data mining is the analysis of data for relationships that have not previously been discovered. Amwer d is incorrect because aggregation is the process of combining small pieces of information to gain insight into the whole.
Question 5
The analysis of data for relationships that have not previously been discov ered is 0 a. Inference 0 b. Polyinstantiation 0 c. Data mining 0 d. Aggregation
Answer cis correct.Data mining is the analysis of data for relationships that have not previously been discovered. Answer a is incorrect because inference is a unilateral activity in which an unclassified user legitimately accesses unclassified information and deduces secret information. Answer b is incorrect because polyinstantiation is used to prevent inference violations. Answer d is incorrect because aggregation is the process of combining small pieces of information to gain insight into the whole.
Question 6
What technique is used to prevent inference violations? 0 a. Inference 0 b. Polyinstantiation 0 c. Data mining 0 d. Aggregation
Answer b is correct. Polyinstantiation is used to prevent inference violations. Answer a is incorrect because inference is a unilateral activity in which an unclassified user legitimately accesses unclassified information and deduces secret information. Answer c is incorrect because data mining is the analysis of data for relationships that have not previously been discovered. Answer d is incorrect because aggregation is the process of combining small pieces of information to gain insight into the whole.
96 Chapter 5
Question 7
A type of virus or replicative code that situates itself in a computer system in a place where it can do harm is a 0 a. Worm 0 b. Trojan horse 0 c. Logic bomb 0 d. Denial of service attack Answer a is correct. A worm is a type of virus or replicative code that situates itself in a computer system in a place where it can do harm. Answer b is incorrect because a Trojan horse is a program or virus in which malicious or harmful code is contained inside apparently harmless programming, data, or message in such a way that it can get control and do its chosen form of damage. Answer cis incorrect because a logic bomb is code or an application that is surreptitiously inserted into an application or OS that causes it to perform some destructive or securitycompromising activity whenever specified conditions are met. Answer dis incorrect because a denial of service attack prohibits users from accessing data or a service when needed.
Question 8
Code surreptitiously inserted into an application or DS that causes it to per form some destructive or securitycompromising activity whenever speci fied conditions are met is a 0 a. Worm 0 b. Trojan horse 0 c. Logic bomb 0 d. Denial of service attack Answer cis correct. A logic bomb is code surreptitiously inserted into an application or OS that causes it to perform some destructive or security-compromising activity whenever specified conditions are met. Answer a is incorrect because a worm is a type of virus or replicative code that situates itself in a computer system in a place where it can do harm. Answer b is incorrect because a Trojan horse is a program or virus in which malicious or harmful code is contained inside apparently harmless programming, data, or messages in such a way that it can get control and do its chosen form of damage. Answer dis incorrect because a denial of service attack prohibits users from accessing data or a service when needed.
Question 9
Which viruses infect executable code found in certain system areas on a disk? 0 a. Trap doors 0 b. Trojan horses 0 c. Macro viruses 0 d. Bootsector viruses
Answer d is correct. Boot-sector viruses infect executable code found in certain system areas on a disk. Answer a is incorrect because a trap door is a back door to an application or system created by the developer. Answer b is incorrect because a Trojan horse is a program or virus in which malicious or harmful code is contained inside apparently harmless programming, data, or messages in such a way that it can get control and do its chosen form of damage. Answer c is incorrect because macro viruses infect applications such as Word and Excel by planting malicious macros.
Question 10
A backdoor application entry point added by the developer is a 0 a. Trap door 0 b. Trojan horse 0 c. Macro virus 0 d. Bootsector virus
Answer a is correct. A trap door is a backdoor application entry point added by the developer. Answer b is incorrect because a Trojan horse is a program or virus in which malicious or harmful code is contained inside apparently harmless programming, data, or messages in such a way that it can get control and do its chosen form of damage. Answer cis incorrect because macro viruses infect applications such as \IVord and Excel by planting malicious macros. Answer d is incorrect because a boot-sector virus infects executable code found in the master boot record.
Cryptography
125
Practice Questions
Question 1
Which of the following is a symmetric encryption algorithm?
0 a. 3DES
0 b. MD5
0 c. RSA
0 d. DiffieHelman
Answer a is correct. 3DES is a symmetric encryption algorithm. Answer b is incorrect because MDS is a hashing algorithm. Answers c and d are incorrect because RSA and Diffie-Helman are asymmetric algorithms.
Question 2
Which of the following is a hash algorithm?
0 a. 3DES
0 b. MD5 0 c. RSA 0 d. DiffieHelman
Answer b is correct. MDS is a hash algorithm. Answer a is incorrect because 3DES is a symmetric algorithm. Answers c and dare incorrect because RSA and Diffie-Helman are asymmetric algorithms.
Question 3
Which of the following is an asymmetric algorithm?
0 a. 3DES
0 b. MD5 0 c. RSA 0 d. SHA
124 Chapter 6
Answer cis correct. RSA is an asymmetric algorithm. Answer a is incorrect because 3DES is a symmetric algorithm. Answers b and d are incorrect because MDS and SHA are hashing algorithms.
Question 4
Which of the following is not a core component of a PKI? 0 a. Digital certificate
0 b. CA
0 c. RA 0 d. Firewall
Answer d is correct. A firewall is not a core component of a PKI. Answers a, b, and c are incorrect because digital certificates, CAs, and RAs are core components of a PKI.
Question 5
make up the foundation of the encryption process. 0 a. Hashes 0 b. Email messages 0 c. Certificates 0 d. Algorithms
Answer dis correct.Algorithms make up the foundation of the encryption process. Answers a, b, and c are incorrect because hashes, email messages, and certificates can all use encryption, but they are not the foundation for the encryption process.
Question 6
refers to the method of using multiple processes,processors, or machines working together to try to crack an algorithm. 0 a. Parallelization 0 b. Polyinstantiation 0 c. Encryption 0 d. Hashing
126
Question 7
d.
Question 8
127
Question 9
a nxen
Question 10
Practice Questions
Question 1
a
Question 2
142
Question 3
a
f
d.
a
Question 4
Question 5
b.
Question 6
What is the name of the European evaluation criteria? 0 a. ITSEC 0 b. TEMPEST 0 c. IPSec 0 d. TCSEC
Answer a is correct. ITSEC is the European evaluation criteria. Answer b is incorrect because TEMPEST deals with electromagnetic radiation. Answer cis incorrect because IPSec is a communications protocol. Answer d is incorrect because TCSEC is the U.S. evaluation criteria.
Question 7
Which of the following is not an operating state? 0 a. Blocked 0 b. Running 0 c. Ready 0 d. Open
Answer d is correct. Open is not an operating state. Answers a, b, and c are incorrect because blocked, running, and ready are all operating states.
Question 8
A is an access control concept that refers to an abstract ma chine that mediates all access to objects by subjects. 0 a. Closed system 0 b. Security perimeter 0 c. Reference monitor 0 d. Covert channel
Answer c is correct. A reference monitor is an access control concept that refers to an abstract machine that mediates all access to objects by subjects. Answer a is
144
Question 9
Question 0
Practice Questions
Question 1
Question 2
Question 3
156
Question 4
Question 5
Question 6
Question 7
158 Chapter 8
Question 8
When dealing with media,which of the following is not important? 0 a. Marking 0 b. Handling 0 c. Destruction 0 d. Writng i
Answer d is correct.The method used to get the data onto the media type is not as important as proper marking, handling, and destruction. Answers a, b, and c are thus incorrect.
Question 9
Audits can be performed: 0 a. Daily 0 b. Weekly 0 c. Annually 0 d. All of the above
Answer d is correct. Audits can be performed whenever possible.They can be formal projects or quick tasks that just take a minute. Answers a, b, and care thus mcorrect.
Question 10
When an employee is dismissed, which of the following should you not do? 0 a. Let him back on his computer 0 b. Lock his account 0 c. Remove network access 0 d. Disable email
Answer a is correct. You should not let employees back on their computers when they have been dismissed. Answers b, c, and d are all things that should be done when an employee is terminated.
168
Practice Questions
Question 1
Question 2
d.
Question 3
d.
169
Question 4
Question 5
170
Question 6
Question 7
b.
171
Question 8
the
Question 9
172
Question 10
193
Practice Questions
Question 1
Question 2
,,
of 1
194
Question 3
Question 4
195
Question 5
Question 6
196
Question 7
Question 8
thing
197
Question 9
not
Question 10
218
Practice Questions
Question 1
Question 2
Question 3
21
c
Question 4
a
Question 5
218
Question 6
1
Question 7
Question 8
21
Question 9
Question 0
a
Sample Test
Question 1
a
Question 2
221
227
Question 3
d.
Question 4
Question 5
b.
Question 6
a a
c.
222
Question 7
Question 8
Question 9
on
Question 10
a
225
""' "'"'"'"'"'* ""' "'"' "'"'* """"''" "'"'"'"'""'""'"' "''"'"'
Question 1
a
Question 2
Question 3
Question 14
224
Question 15
1
?
Question 16
a
Question 17
Question 18
226 Chapter 12
Question 19
A backdoor application entry point added by the developer is a: 0 a. Trap door 0 b. Trojan horse 0 c. Macro virus 0 d. Bootsector virus
Question 20
encryption converts data from a variable length to a fixed length piece of data. 0 a. Symmetric 0 b. Asymmetric 0 c. Hash 0 d. Email
Question 21
Which of the following is not a TCSEC level? 0 a. F
0 b.
0 c. B 0 d. D
Question 22
Maintaining backups in case a system needs to be restored is what type of control? 0 a. Detective control 0 b. Preventive control 0 c. Corrective control 0 d. Recovery control
227
Question 23
Question 24
Question 25
b.
Question 26
228
m m m
1
m m m m
E
Question 27
Question 28
Question 29
Question 30
d.
229
Question 31
Question 32
Question 33
Question 34
d.
230
m m m
1
m m m m
E
Question 35
Question 36
b.
Question 37
b.
d.
Question 38
c.
d.
231
Question 39
Question 40
a
Question 41
Question 42
232
m m m
1
m m m m
E
Question 43
b.
Question 44
d.
Question 45
Question 46
Question 47
Question 48
a
Question 49
Question 50
236
Question 1
Question 2
Question 3
Question 4
Question 5
Question 6
c
Question 7
Question 8
d
Question 9
Question 10
238
Question 11
and
Question 12
Question 13
Question 14
Question 15
Question 16
Question 17
Question 18
Question 19
Question 20
c
Question 21
a
240
Question 22
Question 23
Question 24
Question 25
Question 26
241
Question 27
Question 28
c
help
and
Question 29
Question 30
Question 31
a
c
242
Question 32
Question 33
Question 34
all
Question 35
Question 36
a
Question 37
a a
a c
Question 38
c
Question 39
Question 40
244
Question 41
Question 42
Question 43
a
Question 44
a
Question 45
a
Question 46
Question 47
Question 48
Question 49
Question 50