1 Marks: 2 Which is not true about DoS and DDoS attacks. Choose one answer. a.

Flood guards are found in Firewalls, but not in Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS). b. An attacker sends SYN segments with modified source addresses in IP Packets to the target server. c. Flood Guard controls a device's tolerance for unanswered service requests. d. A Syn Flood Attack is a form of Dos attack.

2 Marks: 2 Loop protection prevents a broadcast storm from crippling a network. Answer: True 3 Marks: 2 A typical configuration baseline would include each of the following except _______. Choose one answer. a. changing any default settings that are insecure b. performing a security risk assessment c. eliminating any unnecessary software d. enabling operating system security features

4 Marks: 2 _____ is the unauthorized access of information from a wireless device through a Bluetooth connection. Choose one answer. a. Bluetooth snatching b. Bluesnarfing c. Bluetooth spoofing d. Bluejacking e. Bluesmurfing

5 Marks: 2

An advantage of WPA over WEP is that it dynamically generates a new key for each packet that is created. Because of this there are 280 trillion possible keys that can be generated for any given packet. Answer: True 6 Marks: 2 Which of the following is true about network address translation (NAT)? Choose one answer. a. It removes private addresses when the packet leaves the network. b. It can be stateful or stateless. c. It can only be found on core routers. d. It substitutes MAC addresses for IP addresses.

7 Marks: 2 _____ are a network of attackers, identity thieves, and financial fraudsters. Choose one answer. a. Spies b. Script kiddies c. Hackers d. Cybercriminals

8 Marks: 2 Which of the following is not a requirement for war driving? Choose one answer. a. Wireless NIC adapter b. Mobile computer device c. GPS receiver d. Antennas

9 Marks: 2 Which of the following is not an attack that uses ICMP Choose one answer. a. All of the above

b. Ping of Deah Attack c. Smurf DoS Attack d. ICMP Redirect Attack e. Arp Poison Attack f. None of the above

10 Marks: 2 Which of the following is a valid reason for not installing operating system patches on production computers as soon as the vendor releases them. Choose one answer. a. Vendor patches often contain virus that can infect systems. b. Vendor patches can introduce new operating system bugs that may interfere with applications running on the patched systems. c. Vendors charge too much for patches. It is better to take your chances using good security measures to protect your systems. d. Vendors seldom understand the true threat from viruses.

11 Marks: 2 In a network using IEEE 802.1x, a ____________ makes a request to the authenticator. Answer:
supplicant

12 Marks: 2 A vulnerability scan is usually performed outside of the security perimeter. Answer: True False

13 Marks: 2 Which version of the Simple Network Management Protocol is considered the most secure. Choose one answer. a. V5 b. V4 c. V3 d. V2

14 Marks: 2
Active Directory allows for a single security related configuration to be set and then deployed to

many or all users. Answer:

True False

15 Marks: 2 Select the statement that best describes the firewall. A Firewall Appliance A Firewall Program
is usually located outside of the security perimeter. is usually located on the host PC.

16 Marks: 2 Which is not true of viruses. Choose one answer. a. Relies on user action to spread b. Viruses are spread by transferring infected files c. Virus cannot automatically spread to another computer d. All of the above e. None of the above f. Viruses are attached to files

17 Marks: 2 Match the following threat category with the examples that best fit. Technical obsolescence Theft Software Attacks Natural disasters Intellectual property compromise Hardware failure or errors Espionage Sabotage or vandalism
Program does not function on new operating system Desktop system is stolen from unlocked room Bug prevents program from properly loading Fire, Flood, or eathquake destroys data Softw are is pirated or copyright is infringed Firew all blocks all netw ork traffic Spy steals new product plans Attacker implants a w orm that deletes files

Utility interruption

Electrical pow er is cut off

18 Marks: 2 Match the following statements with the correct lock type. The residential lock most often used for keeping out intruders. A lock that extends a solid metal bar into the door frame for extra security. A lock that can be used to secure a mobile device.
Keyed Entry Lock Deadbolt Lock Cable Lock

19 Marks: 2 A honeypot cannot be part of a honeynet. Answer: True False

20 Marks: 2 Each of the following is a state of a port that can be returned by a port scanner except _____. Choose one answer. a. blocked b. open c. closed d. busy

21 Marks: 2 The _____ is primarily responsible for assessment, management, and implementation of security. Choose one answer. a. Security Administrator b. Chief Executive Officer (CEO) c. Security Analyst d. Chief Information Security Officer (CISO) e. Security Manager

22

Marks: 2 A demilitarized zone (DMZ) contains and helps protect computers on the internal core network. Answer: True False

23 Marks: 2 A PAN is Choose one answer. a. A Protocol Authentication Node b. A Personal Area Network c. A Protocol Agnostic Network d. A type of pizza, as in personal pan pizza

24 Marks: 2 User Rights is a Microsoft Windows setting that can be configured through a security template. Answer: True False

Question 25 Marks: 2 The three types of information protection, Confidentiality, Integrity and Availability, are often called ______. Answer:
CIA

26 Marks: 2 Which of the following are NOT considered network security devices. Choose one answer. a. Firewalls b. Web Security Gateways c. VPN Concentraters d. All of the above e. None of the above f. Proxies

g. Internet Content Filters h. Spam Filters i. Intrusion Detection and Preventions Systems

27 Marks: 2 How does heuristic detection anti-virus software such as Avast help you avoid becoming infected by a computer virus? Choose one answer. a. The virus signature file is placed in a suspended chamber before streaming to the CPU. b. The bytes of a virus are placed in different piles and then used to create a profile. c. A string of bytes from the virus is compared against the suspected file. d. By creating a virualized environment and executing the suspect program code in it.

28 Marks: 2 Match the Network Layer Model to the number layers in that model. The TCP/IP Model The OSI Model
4 7

29 Marks: 2 A worm sends copies of itself to other network devices. Answer: True False

30 Marks: 2 A threat agent _____. Choose one answer. a. does not include natural disasters b. is limited to attacks using viruses and worms c. is a person or entity with the power to carry out a threat against an asse d. is the manager for a professional hacker

e. is something that cannot be determined in advance

31 Marks: 2 The optimum place to install a spam filter is: Choose one answer. a. on the user's PC. b. on the SMTP server. c. on the email webserver. d. on the POP3 server.

32 Marks: 2 Erin pretends to be a manager from another city and calls Nick to trick him into giving to her his password. What social engineering attack has Erin performed? Choose one answer. a. Duplicity b. Aliasing c. Impersonation d. Luring

33 Marks: 2 If a tester is given the IP addresses, network diagrams, and source code of customer applications, then she is using which technique? Choose one answer. a. White box b. Black box c. Blue Box d. Gray box

34 Marks: 2 The wide acceptance and use of network address translation (NAT) was the primary reason we did not run out of IP Addresses a long time ago. Answer: True False

35 Marks: 2 Each of the following could be a logic bomb except _______. Choose one answer. a. Erase all data if John Smiths name is removed from the list of employees b. Send spam e-mail to all users c. Reformat the hard drive three months after Susan Jones left the company d. If the companys stock price drops below $10 then credit Jeff Brown with ten additional years of retirement credit

36 Marks: 2 Which of the following Domain Name System (DNS) attacks replaces a fraudulent IP address for a symbolic name? Choose one answer. a. DNS replay b. DNS forwarding c. DNS poisoning d. DNS masking

37 Marks: 2 A replay attack ___________ Choose one answer. a. can be prevented by patching the Web browser b. is considered to be a type of DoS attack c. replays the attack over and over to flood the server d. makes a copy of the transmission for use at a later time

38 Marks: 2 Please match the following: Asset Threat agent

Item of value Element w ith pow er to carry out a threat

Threat

Actions or events that have potential to cause harm

39 Marks: 2 What type of attack intercepts legitimate communication and forges a fictitious response to the sender? Choose one answer. a. Interceptor b. SIDS c. Man in the middle d. SQL intrusion

40 Marks: 2 _____ is a general term used for describing software that gathers information without the users consent. Choose one answer. a. Adware b. Scrapware c. Spyware d. Pullware

41 Marks: 2 _____ requires banks and financial institutions to alert customers of their policies and practices in disclosing customer information and to protect all electronic and paper containing personally identifiable financial information. Choose one answer. a. Gramm-Leach-Bliley Act (GLBA) b. USA Patriot Act c. California Savings and Loan Security Act (CS&LSA) d. Sarbanes-Oxley Act (Sarbox or Sox)

42

Marks: 2 What is unique about a cross site scripting (XSS) attack compared to other injection attacks? Choose one answer. a. XSS requires the use of a browser b. XSS attacks are rarely used anymore compared to other injection attacks c. SQL code is used in an XSS attack d. XSS does not attack the Web application server to steal or corrupt its information

43 Marks: 2 To be completely sure you've removed a rootkit from a computer you should _______. Choose one answer. a. Run a thorugh virus scan on the infected machine b. Rebuild the master boot record (MBA) c. Erase and reinstall all files in the WINDOWS folder d. Flash the ROM BIOS e. Reformat the hard drive and reload the operating system.

44 Marks: 2 The IEEE _____ standard specifies a maximum rated speed of 54 Mbps using the 5 GHz spectrum. Choose one answer. a. 802.11g b. 802.11 c. 802.11b d. 802.11a

45 Marks: 2 A _____ attack exploits previously unknown vulnerabilities. Choose one answer. a. virus resource b. surprise

c. shock and awe d. zero day

46 Marks: 2 After an attacker probes a network for information the next logical step is to _______. Choose one answer. a. paralyze networks and devices b. penetrate any defenses c. modify security settings d. circulate to other systems

47 Marks: 2 A cookie that was not created by the Web site being viewed is called a ___________. Choose one answer. a. second party cookie b. third party cookie c. silent cookie d. chocolate chip cookie e. redirect cookie

48 Marks: 2 A _____ requires a user to transport it from one computer to another. Choose one answer. a. rootkit b. virus c. Trojan d. worm

49 Marks: 2 Each of the following is an advantage of IEEE 802.11n except _______. Choose one answer.

a. faster speed b. smaller coverage area c. stronger security d. less interference

50 Marks: 2 Wi-Fi Protected Access 2 (WPA2) is based on the IEEE 802.11_ standard ratified in June 2004. Choose one answer. a. 802.11g b. 802.11b c. 802.11a d. 802.11x e. 802.11i