University of the Cumberlands EMISS ISOL532 Telecommunications and Network Security. Final Exam. 100 Q&A

Document Content and Description Below

Take Test: ISOL 532 Final Exam Test Information Description This test consists of 100 questions and has a time limit of 2 hours. Once started, it has to be completed within the time limit. It wil... l auto submit after 120 minutes or at 11:59 PM EST August 20th - whichever comes first Do not wait until the last minute to complete the exam - if you run past the deadline while you are taking the exam (or go past the 2 hour time limit) it will close and auto-complete the exam. Instruction s This test consists of 100 questions and has a time limit of 2 hours. Once started, it has to be completed within the time limit. It will auto submit after 120 minutes or at 11:59 PM EST August 20th - whichever comes first Do not wait until the last minute to complete the exam - if you run past the deadline while you are taking the exam (or go past the 2 hour time limit) it will close and auto-complete the exam. Timed Test This test has a time limit of 2 hours.This test will save and submit automatically when the time expires. Warnings appear when half the time, 5 minutes, 1 minute, and 30 seconds remain. Multiple Attempts Not allowed. This test can only be taken once. Force Completion Once started, this test must be completed in one sitting. Do not leave the test before clicking Save and Submit. Remaining Time: 1 hour, 58 minutes, 19 seconds. Question Completion Status: Question 1 1. A passive threat seeks out vulnerable targets. True False 10 points Question 2 1. Which name is given to a set of communications standards for simultaneous digital transmission of voice, video, data, and other network services over the traditional circuits of the public switched telephone network?National Security Agency (NSA) Asymmetric Digital Subscriber Line (ADSL) Integrated Services Digital Network (ISDN) Clipper Chip 10 points Question 3 1. While the Tor network does provide a level of anonymity, the user never knows what other computers the request will go through; data sent and received can be captured by any of these computers. True False 10 points Question 4 1. The degree to which a firewall can impose user access restrictions is known as which of the following? Security assurance Privilege control Authentication Audit capabilities 10 points Question 5 1. Which of the following supports multiple layers of security? is similar to defense in depth—it supports multiple layers of security. Defense in depth Diversity of defense Chokepoint Weakest link 10 points Question 61. Used with compatible VPNs, IPSec guarantees the authenticity, integrity, and confidentiality of network traffic. True False 10 points Question 7 1. When considering transaction security, it is common for the web server to stand behind one firewall and the database server to stand behind a second firewall. True False 10 points Question 8 1. You should immediately terminate any communication found to take place without firewall filtering. True False 10 points Question 9 1. Which of the following is not a security suite? Netfilter Webroot Internet Security Essentials McAfee Personal Firewall Plus Computer Associates 10 points Question 10 1. Every five minutes, SmoothWall allows the viewing of graphs representing network traffic, generated by RRDtool. TrueFalse 10 points Question 11 1. Which of the following is an IPSec-based VPN protocol that uses NAT traversal (NAT-T)? Internet Key Exchange v2 (IKEv2) Layer 2 Tunneling Protocol (L2TP) Point-to-Point Tunneling Protocol (PPTP) Remote Desktop Protocol (RDP) 10 points Question 12 1. Which of the following refers to a series of tools and techniques used to prevent forensic examination from identifying an attack or attacker? IP Multimedia Subsystem (IMS) Information Technology Infrastructure Library (ITIL) Anti-forensics Data leakage prevention (DLP) 10 points Question 13 1. When implementing VPNs, you should not write down your password unless it will be stored in a safe. True False 10 points Question 14 1. Which of the following is an open source product? One that is non-commercial One where the source code cannot be obtained and view by just anyone One where the source code can be obtained and viewed by anyone One that is commercial10 points Question 15 1. What are digital forensic techniques? Identifying, extracting, and evaluating evidence obtained from digital media such as computer hard drives, CDs, DVDs and other digital storage devices A series of tools and techniques used to prevent forensic examination from identifying an attack or attacker A set of concepts and practices that provide detailed descriptions and comprehensive checklists, tasks, and procedures for common IT practices A distributed data protection technology that leverages deep analysis, context evaluation, and rules configured from a central console to ensure confidential information remains secure while in use, in transit, and at rest 10 points Question 16 1. Which of the following describes a native firewall? A small text file used by Web browsers and servers to track Web sessions A firewall in an operating system or hardware device that is placed there by the vendor or manufacturer Open-source and commercial software firewalls for most operating systems Windows 7 host software firewall 10 points Question 17 1. Which of the following is the term that describes the consistency, accuracy, and validity of data or information? Authenticat ion Availability Confidential ity Integrity 10 points Question 18 1. Which of the following refers to a public interest research group in Washington, D.C. that was established in 1994 to preserve the right of privacy in the electronic age as well as to give individuals greater control over personal information?National Security Agency (NSA) CERN National Information Infrastructure (NII) Electronic Privacy Information Center (EPIC) 10 points Question 19 1. Which of the following creates TCP and UDP network connections to or from any port? Cryptcat Back Orifice SubSeven Netcat 10 points Question 20 1. Which of the following steps of an incident response plan returns to the operation to normal? Detectio n Eradicati on Followup Recover y 10 points Question 21 1. BYOD stands for "Be Your Own Deterrent." True FALSE 10 points Question 221. All of the following are disadvantages of the build-it-yourself firewall, but one is an advantage. Which of the following is an advantage? Additional hardware manipulation Hardening of a host OS Juggling of device drivers Cost 10 points Question 23 1. Which of the following describes security stance? An organization’s filtering configuration; it answers the question, “What should be allowed and what should be blocked?” A means of providing faster access to static content for external users accessing internal Web servers An operating system such as Windows or Linux that supports a wide variety of purposes and functions, but when used as a bastion host OS must be hardened and locked down An approach to security similar to defense in depth that uses a different security mechanism at each or most of the layers 10 points Question 24 1. Which of the following allows file-sharing functionality? GoToMyPC NTRconne ct LogMeIn VPN appliance 10 points Question 25 1. Which of the following is an operating system built exclusively to run on a bastion host device? Proprietary OS General OS Reverse proxy Appliance firewall10 points Question 26 1. An encrypted VPN link guarantees that the other end of the VPN connection is secure. True False 10 points Question 27 1. Which of the following involves moving computing resources out to the Internet where resources are shared by multiple applications and, in many cases, shared by multiple corporations? Mobile computing BYOD mobility Cloud computing Screened IDS/IPS 10 points Question 28 1. Which of the following describes a general purpose OS? An operating system that supports only firewall functions An operating system that does not support firewall functions A means of providing faster access to static content for external users accessing internal Web servers An operating system such as Windows or Linux that can support a wide variety of purposes and functions, but which, when used as a bastion host OS, must be hardened and locked down 10 points Question 29 1. Diversity of defense uses a different security mechanism at each or most of the layers. True False10 points Question 30 1. Which term describes a set of concepts and practices that provide detailed descriptions and comprehensive checklists, tasks, and procedures for common IT practices? IP Multimedia Subsystem (IMS) Information Technology Infrastructure Library (ITIL) Anti-forensics Data leakage prevention (DLP) 10 points Question 31 1. Commercial Off-the-Shelf (COTS) software is a more popular choice over custom solutions with corporations because of their network security tools, firewalls, and VPNs. True False 10 points Question 32 1. Which of the following is a detailed and thorough review of the deployed security infrastructure compared with the organization’s security policy and any applicable laws and regulations? Incident response plan Compliance audit Disaster recovery plan Business continuity plan 10 points Question 33 1. BYOD stands for "Be Your Own Deterrent." TrueFalse 10 points Question 34 1. Which of the following involves writing hidden messages so that only the sender and intended recipient know a message exists? Steganography Anti-forensics Biometrics Virtualization security 10 points Question 35 1. It's important to evaluate the purpose and content of your firewall policy. Which of the following is not an evaluation method? Define the software and hardware options that will be used to adopt the policy. Determine the features necessary for the infrastructure's network communications. Determine how to write a policy that is as short as possible to avoid confusion. Order the rules properly to use the least numbers of rules. 10 points Question 36 1. You should not keep ports 465 and 995 open. True False 10 points Question 37 1. Which of the following identifies a user based on anatomical characteristics such as a fingerprint, a voice print, or iris patterns? Anti-forensics Data leakage prevention (DLP) BiometricsVirtualization security 10 points Question 38 1. Years ago, security threats came from mostly unsophisticated attackers; today, organized crime is taking advantage of computer hacking. True False 10 points Question 39 1. Which of the following is a minimum requirement for running SmoothWall? Three NICs 10 GB hard drive 84MHZ processor 512 MB PC SDRAM 10 points Question 40 1. A closed-source product is typically free. True False 10 points Question 41 1. Which of the following is not a security strategy? Defense diversity Firewall policies Weakest link Forced universal participation 10 points Question 42 1. Which of the following does port forwarding support?Any service on any port Caching Encryption endpoint Load balancing 10 points Question 43 1. Linux distributions automatically come with a native software firewall. True False 10 points Question 44 1. What term is used to describe a chipset developed and promoted by the U.S. government from 1993 to 1996 as an encryption device to be adopted by telecommunications companies for voice transmission? Synchronous Dynamic Random Access Memory (SDRAM) Clipper Chip Kerberos National Information Infrastructure (NII) 10 points Question 45 1. Which of the following is not an ISP connection? Cable Satell ite pfSens e DSL 10 points Question 46 1. Which of the following is a Microsoft solution that runs on a Microsoft Terminal Services server but appears, to end users, as if it were actually running on their systems? TS Web AccessDirectAccess TS RemoteApp Terminal Services for Applications 10 points Question 47 1. GoToMyPC, LogMeIn, and NTRconnect allow you to use a Mac as the client, but only NTRconnect enables you to use a Mac as the host. True False 10 points Question 48 1. Which of the following refers to a database tool intended to handle time-series data, such as network bandwidth, temperatures, CPU load, and so on? TCPdump RRDtool (Round-Robin Database Tool) Asymmetric Digital Subscriber Line (ADSL) Common Gateway Interface (CGI) script 10 points Question 49 1. Which of the following characteristics relates to Kerberos? A computer network authentication protocol that allows nodes communicating over a non-secure network to prove their identity to one another in a secure manner A public interest research group in Washington, D.C., established in 1994 to focus public attention on emerging civil liberties issues and to protect privacy, the First Amendment, and Constitutional values in the information age A round-robin database tool intended to handle time-series data like network bandwidth, temperatures, CPU load, and so on. Dynamic random access memory (DRAM) that has a synchronous interface10 points Question 50 1. Which of the following are documents that can help you to review and assess your organization’s status and state of security? Firewall checklists Risk assessment STIGs (Security Technical Implementation Guides) Incident response plan 10 points Question 51 1. Wireshark is a free packet capture, protocol analyzer, and sniffer that can analyze packets and frames as they enter or leave a firewall. True False 10 points Question 52 1. When troubleshooting firewalls, which of the following is not something you should do after you attempt a fix? Make multiple fixes. Repeat the failure. Test after each attempt. Reverse or undo solution failures. 10 points Question 53 1. Deploying a security product is more preferable than addressing your environment’s specific risks. True False10 points Question 54 1. When troubleshooting firewalls, you should never attempt to repeat the problem because you could do more damage. True False 10 points Question 55 1. Which of the following is not a commonsense element of troubleshooting firewalls? Focus on the most critical issues first. Isolate problems. Work with urgency. Know your firewall thoroughly. 10 points Question 56 1. Which of the following is a system that waits for an IDS to detect and attackers and then transfers the attackers to a special host where they cannot do damage to the production environment? Padded cell Honeypot Honeynet OpenVPN 10 points Question 57 1. Patch management watches for the release of new updates from vendors, tests the patches, obtains approval, and then oversees the deployment and implementation of updates across the production environment. True False10 points Question 58 1. Which one of the following is not a benefit of having a written firewall policy? It acts as a tool for assisting in troubleshooting. It serves as a guideline for detecting changes and differences. It defines how to use a reverse proxy to add an additional layer of protection and control between Internet-based users and internally hosted servers. It ensures consistent filtering across firewalls. 10 points Question 59 1. Which terms describes a distributed data protection technology that leverages deep analysis, context evaluation, and rules configured from a central console to ensure confidential information remains secure while in use, in transit, and at rest? Anti-forensics Information Technology Infrastructure Library (ITIL) Digital Forensic Techniques Data leakage prevention (DLP) 10 points Question 60 1. Which of the following allows a single server to host one or more applications for remoter users? Terminal Services for Administration TS RemoteApp Terminal Services for Applications TS Web Access 10 points Question 61 1. A bastion host allows the firewall to connect to the internal network and the perimeter network. TrueFalse 10 points Question 62 1. If a firm puts Internet-facing servers directly in the Internet, they are exposed to threats of attack from anywhere in the world. True False 10 points Question 63 1. An intranet is an external network. True False 10 points Question 64 1. The more expensive it is, the better the security solution. True False 10 points Question 65 1. Which of the following risks can compromise the confidentiality of documents stored on the server? Risk that transaction data can be intercepted Risk that unauthorized individuals can breach the server’s document tree Risk that information about the server can be accessed Risk of denial of service attacks 10 points Question 661. Which name is given to an architectural framework for delivering IP multimedia services? IP Multimedia Subsystem (IMS) Anti-forensics Digital forensic techniques Data leakage prevention (DLP) 10 points Question 67 1. Which of the following steps of an incident response plan resolves the compromise? Eradicati on Detectio n Recover y Followup 10 points Question 68 1. Which of the following is not a firewall type? Universal Static packet filtering Proxy Stateful inspection 10 points Question 69 1. In SmoothWall, what color network interface card indicates the segment of the network is not trusted, but shares the Internet connection? Green Blue Oran geRed 10 points Question 70 1. Rule-set ordering is critical to the successful operation of firewall security. True False 10 points Question 71 1. Each form of firewall filtering or traffic management is vulnerable in some way. True False 10 points Question 72 1. Which term describes an approach to security similar to defense in depth in that it supports multiple layers, but uses a different security mechanism at each or most of the layers? Diversity of defense Security stance Proprietary OS Universal participation 10 points Question 73 1. Which of the following forces all traffic, communications, and activities through a single pathway or channel that can be used to control bandwidth consumption, filter content, provide authentication services, or enforce authorization. Fail-safe Chokepoi nt Fail-secureReverse proxy 10 points Question 74 1. Which of the following offers keycard security and allows you to restrict the times that your computer can be remotely accessed? GoToMyPC LogMeIn NTRconn ect Internet café 10 points Question 75 1. Which of the following is used to connect two offices in different locations? Remote gateway Host-to-gateway VPN Gateway-togateway VPN VPN appliance 10 points Question 76 1. Which of the following allows administrators to connect remotely into servers from their desktop computers? Terminal Services for Administration TS RemoteApp Terminal Services for Applications TS Web Access 10 points Question 77 1. Which of the following is not a step in an incident response solution? Evasion Containm entEradicatio n Recovery 10 points Question 78 1. What is meant by synchronous Dynamic Random Access Memory (SDRAM)? A computer network memory capability that allows nodes communicating over a non-secure network to prove their identity to one another in a secure manner Dynamic random access memory (DRAM) that has a synchronous interface A public interest research group in Washington, D.C., established in 1994 to focus public attention on emerging civil liberties issues and to protect privacy A web cache/proxy 10 points Question 79 1. A is a physical or logical subnetwork that contains and exposes an organization’s external services to a larger untrusted network, usually the Internet. Demilitarized zone (DMZ) VPN LAN Extranet 10 points Question 80 1. Which of the following monitors traffic that gets through the screening firewall and has the advantage of reducing the amount of traffic to be monitored? Unfiltered IDS/IPS installation Intrusion prevention system (IPS) Screened IDS/IPS solution Intrusion detection system (IDS)10 points Question 81 1. Which of the following is a form of threat that takes some type of initiative to seek out a target to compromise? Native firewall Passive threat Active threat Cookie 10 points Question 82 1. What must be enabled to test SmoothWall’s capability to mitigate attacks? open SSH SQUID Ping Snort intrusion detection software 10 points Question 83 1. Which type of software is closed-sourced to protect intellectual property and allow vendors to charge for the product? Noncommercial Open source Free software Commercial 10 points Question 84 1. Allowing every communication is a bad idea from a security standpoint as well as a productivity one. True False10 points Question 85 1. Which of the following is a double-blind encapsulation system that enables anonymous but not encrypted Internet communications? TOR (The Onion Router) Cryptcat Back Orifice Remote Desktop Protocol (RDP) and Remote Assistance 10 points Question 86 1. If the process of creating rules requires a significant number of special exceptions to modify or adjust ranges of addresses or ports, what should you do? Use a more complex rule set. Consider reconfiguring the network rather than using a too complex or too long rule set. Use a longer rule set. Don't use any addresses or ports. 10 points Question 87 1. Which of the following uses ICMP as a tunneling protocol? TOR Netca t Loki NetB us 10 points Question 88 1. Which of the following outbound ports is for DNS? Port 25 Port 53 Port80 Port 110 10 points Question 89 1. Which of the following is hardware that connects a local network—or even a single computer—to a telco’s carrier network to access the Internet? IPFire ISP connection device DSL line SOHO 10 points Question 90 1. Which of the following characteristics relates to mobile IP? A standard communications protocol designed to let mobile device users move from one network to another while maintaining a permanent IP address A distributed data protection technology that leverages deep analysis, context evaluation, and rules configured from a central console to ensure confidential information remains secure while in use, in transit, and at rest A series of tools and techniques used to prevent forensic examination from identifying an attack or attacker Identifying, extracting, and evaluating evidence obtained from digital media such as computer hard drives, CDs, DVDs and other digital storage devices 10 points Question 91 1. A pop-up blocker is any harmful code or site that depends upon the user’s actions to be accessed or activated. If users never visit an infected site or do not perform the risky activity, the threat never reaches them. True False 10 points Question 921. Which of the following steps of an incident response plan selects and trains security incident response team (SIRT) members and allocates resources? Preparat ion Detection Containm ent Eradicatio n 10 points Question 93 1. Which of the following command-line tools will list the current open, listening, and connection sockets on a system as well as the service related to each socket? TCPVie w Fport Netstat Nmap 10 points Question 94 1. Which of the following is a solution that represents the majority of VPNs on the market and is commonly referred to as a VPN appliance? This solution is easy to set up, manage, and maintain. Secure Sockets Layer (SSL) customer premise equipment (CPE) Microsoft exchange servers network address translation (NAT) 10 points Question 95 1. A padded cell is a system that waits for a honeynet to detect attackers and then transfers the attackers to a special host where they cannot do any damage to the production environment. TrueFalse 10 points Question 96 1. IPv6 includes a native information security framework (IPSec) that provides both data and control packets. True False 10 points Question 97 1. Which of the following uses a brute-force technique to craft packets and other forms of input directed toward the target? VMware Physical devices Fuzzing tools Laboratory tests 10 points Question 98 1. Which of the following describes separation of duties? A security stance that allows all communications except those prohibited by specific deny exceptions A plan to restore the mission-critical functions of the organization once they have been interrupted by an adverse event A security guideline, procedure, or recommendation manual An administrative rule whereby no single individual possesses sufficient rights to perform certain actions 10 points Question 99 1. Which of the following will generate a graph of network traffic every five minutes on a firewall? Asymmetric Digital Subscriber Line (ADSL)TCPdump RRDtool DDNS 10 points Question 100 1. Which of the following prevents or restricts Web sites from automatically opening additional tabs or windows without the user’s consent? Pop-up blocker Active threat Cookie filter Native firewall 10 points Save and Submit Click Save and Submit to save and submit. Click Save All Answers to save all answers. [Show More]

Last updated: 2 years ago

Preview 1 out of 27 pages