BACS-382 Exam #1 Review – Flashcards
Unlock all answers in this set
Unlock answersquestion
Near Field Communication (NFS)
answer
This technology is predominately used for contactless payment systems
question
Authentication
answer
A user entering his/her user name would correspond this action in access control
question
DNS
answer
This protocol allows computers to find the IP addresses of a host from a logical name
question
SNMP
answer
This protocol uses traps to send notifications for Network Devices
question
Custodian
answer
The name given to the individual who periodically reviews security settings and maintains records of access by users
question
Unified Threat Management (UTM)
answer
This is known as a multipurpose security device
question
IPsec
answer
IPv6, in addition to having more bits allocated for each host address, has mandatory requirements built in for this security protocol
question
Ports 135, 137-139
answer
The ports you should close associated with netBIOS on your network firewalls to prevent attacks directed against netBIOS
question
Owner
answer
The person who is responsible for the information, determines the level of security needed for the data, and delegates security duties as required
question
Proxy Server
answer
This intercepts internal user requests and then processes those requests on behalf of the users
question
SFTP
answer
This service uses only TCP ports and not UDP
question
Application-aware Firewall
answer
This can identify the application that send packets and then make decisions about filtering based on it
question
Hub
answer
This device is easiest for an attacker to take advantage of in order to capture and analyze packets
question
Unified Threat Management (UTM)
answer
This is known as a multipurpose security device
question
Bluesnarfing
answer
The unauthorized access of information from a wireless device through a Bluetooth connection
question
Annualized rate of occurrence
answer
The average number of times that a specific risk is likely to be realized
question
Quantitative
answer
This analysis method assigns financial value to assets
question
Risk analysis
answer
This security design activity is similar to business impact analysis (BIA)
question
Transference
answer
Purchasing insurance is this type of response risk
question
Risk deterrence
answer
Understanding something about the enemy and letting them know the harm that can come their way if they cause harm to you
question
Sniffer
answer
This device network traffic in a passive manner
question
Heuristic IDS
answer
This IDS system uses algorithms to analyze the traffic passing through the network
question
Switch
answer
This multiport device improves network efficiency
question
Mandatory Access Control
answer
The end-user cannot change any security settings in this model
question
Least privilege
answer
This access control principle means that each user should be given only the minimal amount of privileges necessary for that person to perform his job function
question
SSH
answer
This network protocol uses TCP Port 22
question
Ports 20, 21
answer
The ports FTP uses to establish sessions and manage traffic
question
One of your users,Karen Scott, has recently married and is now Karen Jones. She requested that her username be changed from kscott to kjones, but no other values change. Which of the following commands will accomplish this?
answer
Usermod -l kjones kscott
question
You have performed an audit and have found active accounts for employees who no longer work for the company. You want to disable those accounts. What command example will disable a user account?
answer
Usermod -L joer
question
An employee named Bob Smith, with a user name of bsmith, has left the company. You have been instructed by your supervisor to delete his user account along with his home directory. Which of the following commands would produce the required outcome?
answer
? Userdel -r smith ? Userdel bsmith;rm -rf /home/bsmith
question
A user with an account name of larry has just been terminated from the company. There is good reason to believe that the userwill attempt to access and damage the files in the system in the very near future. Which command below will disable or remove the user account from the system and remove his home directory?
answer
Userdel -r larry
question
In the /etc/shadow file, which characterin the password field indicates that a standard user account is locked?
answer
!
question
? Usermod ? Passwd Which of the following utilities would you typically use to lock a user account?
answer
? Usermod ? Passwd
question
You suspect the gshant user account is locked. Which command will status of the user account?
answer
Passwd -S gshant
question
Which of the following wireless security methods uses a common shared key on the wireless access point and all wireless clients?
answer
WEP, WPA Personal, and WPA2 Personal
question
Which of the following offers weakest form of encryption for an 802.11 wireless network?
answer
WEP
question
Which of the following features are supplied by WPA2 on a wireless network?
answer
Encryption
question
You need to secure your wireless network. Which security protocol would be the best choice?
answer
WPA2
question
You need to configure a wireless network. You want to use WPA2 Enterprise. Which of the following components will be part of your design? (Select two)
answer
• 802.1x • AES encryption
question
6. Which of the following locations will contribute the greatest amount of interference for a wireless access point? (Select two)
answer
• Near cordless phones • Near backup generators
question
7. You need to implement a wireless network link between two buildings on a college campus. A wired network has already been implemented within each building. The buildings are 100 meters apart
answer
High-gain Parabolic
question
How does WPA2 differ from WPA?
answer
• WPA2 uses AES for encryption; WPA uses TKIP
question
You need to configure the wireless network card to connect to your network at work. The connection should use a user name and password for authentication with AES encryption? What should you do?
answer
Configure the connection to use WPA2-Enterprise
question
Match the wireless networking security standard on the left to its associated characteristics on the right
answer
WEP ? Short initialization vector makes key vulnerable ? Uses RG4 for encryption WPA ? Uses TKIP for encryption WPA2 ? Uses AES for encryption ? Uses CBC-MAC for data integrity ? Uses CCMP for key rotation
question
You need to add security for your wireless network. You would like to use most secure method. Which method should you implement?
answer
WPA2
question
Which of the following is used on a wireless network to identify the network name?
answer
SSID
question
13. Which of the following are true about Wi-Fi Protected Access 2 (WPA2)? (Select two)
answer
• Uses AES for encryption and CBC-MAC for data integrity • Upgrading from a network using WEP typically requires installing new hardware
question
14. WiMAX is an implementation of which IEEE committee?
answer
802.16
question
You want to connect a laptop computer running Windows 7 to a wireless network. The wireless network uses multiple access points and WPA2-Personal. You want to use the strongest authentication and encryption possible. SSID broadcast has been disabled. What should you do?
answer
Configure the connection with a preshared key and AES encryption
question
1. Your company security policy states that wireless networks are not to be used because of the potential security risk they present to your network. One day you find that an employee has connected a wireless access point to the network in his office. What type of security risk is this?
answer
Rogue access point
question
Which of the following describes marks that attackers place outside a building to identify an open wireless network?
answer
War chalking
question
The process of walking around an office building with an 802.11 signal detector known as what?
answer
War driving
question
Which of the following best describes Bluesnarfing?
answer
Unauthorized viewing of calendar, e-mails and messages on a mobile device
question
Which of the following sends unsolicited business cards and messages to a Bluetooth device?
answer
Bluejacking
question
Which of the following is the best protection to prevent attacks on mobile phones through the Bluetooth protocol?
answer
Disable Bluetooth on the phone
question
You are troubleshooting a wireless connectivity issue in a small office. You determine that the 2.4 GHz cordless phones used in the office are interfering with the wireless network transmissions. If the cordless phones are causing the interference, which of the following wireless standards could the network be using? (Select two)
answer
• Bluetooth • 802.11g
question
Which of the following best describes an evil twin?
answer
• An access point that is configured to mimic a valid access point to obtain logon credentials and other sensitive information
question
10. Network packet sniffing is often used to gain the information needed to conduct more specific and detailed attacks. Which of the following is the best defense against packet sniffing?
answer
Encryption
question
Which of the following common network monitoring or diagnostic activity can be uses as a passive malicious attack
answer
Sniffing
question
1You are concerned that wireless access points may have been deployed within your organization without authorization. What should you do? (Select two)
answer
- Check the MAC addresses of devices connected to your wired switch - Conduct a site survey
question
Match the malicious interference type on the right with the appropriate characteristic on the left.
answer
Spark jamming ? Repeatedly blasts receiving equipment with high-intensity, short-duration RF bursts at a rapid pace Random noise jamming ? Produces RF signals using random amplitudes and frequencies Random pulse jamming ? Uses radio signal pulses of random amplitude and frequency
question
What kind of attack has occurred in this sequence?
answer
NFC relay attack
question
Which of the following measures will make your wireless network invisible to the casual attacker performing war driving?
answer
Disable SSID broadcast
question
Which remote access authentication protocol allows for the use of smart cards for authentication?
answer
EAP
question
Which of the following do switches and wireless access points use to control access through the device?
answer
MAC filtering
question
4. You want to implement 802.1x authentication on your wireless network. Where would you configure passwords that are used for authentication?
answer
On a RADIUS server
question
You are the wireless network administrator for your organization. As the sie of the organization has grown, you've decide to upgrade your wireless network to use 802.1x authentication instead of pre-shared keys. You've decided to use LEAP to authenticate wireless clients. To do this, you configured a Cisco RADIUS server and installed the necessary Cisco client software on each RADIUS client. Which of the following is true concerning the implementation?
answer
The system is vulnerable because LEAP is susceptible to dictionary attacks
question
You are the wireless network administrator for your organization. As the size of the organization has grown, you've decide to upgrade your wireless network to use 802.1x authentication instead of pre-shared keys. To do this, you need to configure a RADIUS server and RADIUS clients. You want the server and the clients to mutually authenticate with each other. What should you do? (Select two)
answer
• Configure all wireless access points with client certificates • Configure the RADIUS server with a server certificate
question
Which EAP implementation is most secure?
answer
EAP-TLS
question
Which of the following features on a wireless network allows or rejects client connections based on the hardware address?
answer
MAC address filtering
question
You've just finished installing a wireless access point for a client. What should you do to prevent unauthorized users from accessing the access point (AP) configuration utility?
answer
Change the administrative password on the AP
question
10. You are concerned about sniffing attacks on your wireless network. Which of the following implementations offers the best countermeasure to sniffing?
answer
WPA2 with AES
question
11. What is the least secure place to locate an access point with an omni-directional antenna when creating a wireless cell?
answer
Near a window
question
12. What purposes does a wireless site survey serve? (Select two)
answer
• To identify existing or potential sources of interference • To identify the coverage area and preferred placement of access points
question
13. You need to place a wireless access point in your two-story building. While trying avoid interference, which of the following is the best location for the access point?
answer
• In the top floor
question
1. Which of the following defines the crossover rate for evaluating biometric systems?
answer
• The point where the number of false positives matches the number of false negatives in a biometric system
question
Which of the following are examples of single sign-on authentication solutions? ( Select two)
answer
- SESAME - Kerberos
question
Which of the following is stronger than any biometric authentication factor?
answer
A two-factor authentication
question
4. A device which is synchronized to an authentication server uses which type of authentication?
answer
• Synchronous token
question
Which of the following authentication methods uses tickets to provide single sign-on
answer
• Kerberos
question
6. Which of the following is the strongest form of multi-factor authentication?
answer
• A password, a biometric scan, and a token device
question
7. Which of the following advantages can Single Sign-On ( SSO ) provide? ( Select two ):
answer
• The elimination of multiple user accounts and passwords for an individual • Access to all authorized resources with a single instance of authentication
question
10. Which of the following are examples of Type II authentication credentials ( Select two )
answer
• Smart Card • Photo ID
question
11. Which of the following terms is used to describe an event in which a person is denied access to a system when they should be allowed to enter?
answer
• False negative
question
12. Which of the following is a hardware device that contains identification information and which can be used to control building access or computer logon?
answer
• Smart card
question
13. Match the authentication factor types on the left with the appropriate factor on the right.
answer
PIN ? Something you know Smart card ? Something you have Password ? Something you know Retina scan ? Something you are Fingerprint scan ? Something you are Hardware token ? Something you have User name ? Something you know Voice recognition ? Something you are Wi-Fi triangulation ? Somewhere you are Typing behaviors ? Something you do
question
The mathematical algorithm used by HMAC-based One-Time Passwords ( HOTP ) relies on two types of information to generate a new password based on the previously generated password. Which information is used to generate the new password? ( Select Two ) :
answer
• Counter • Shared Secret
question
15. The mathematical algorithm used to generate Time-based One-Time Passwords ( TOTP ) uses a shared secret and a counter to generate unique, one-time passwords. Which event causes the counter to increment when creating TOTP passwords?
answer
The passage of time
question
1. Which of the following is an example of a decentralized privilege management solution?
answer
Workgroup
question
1. What should be done to a user account if the user goes on an extended vacation?
answer
Disable the account
question
1. You are the administrator for a small company. You need to add a new group of users, named sales, to the system. Which command will accomplish this?
answer
groupadd sales
question
2. Due to a merger with another company, standardization is now being imposed throughout the company. As a result of this, the sales group must be renamed marketing. Which of the following commands will accomplish this?
answer
• groupmod -n marketing sales
question
3. You have a group named temp¬_sales on your system. The group is no longer needed, and you should remove the group. Which of the following commands should you use?
answer
3. You have a group named temp¬_sales on your system. The group is no longer needed, and you should remove the group. Which of the following commands should you use?
question
What is the effect of the following command?
answer
• Sets the password for jsmith to expire after 60 days and gives a warning 10 days before it expires
question
2. What chage command should you use to set the password for jsmith to expire after 60 days and give a warning 10 days before it expires?
answer
• chage -M 60 -W 10 jsmith
question
3. Which chage option keeps a user from changing password every two weeks?
answer
-m 33
question
4. Which file should you edit to limit the amount of concurrent logins for a specific user?
answer
/etc/security/limits.conf
question
1. Which of the following is the single best rule to enforce when designing complex passwords?
answer
Longer passwords
question
2. For users on your network, you want to automatically lock their user accounts if four incorrect passwords are used within 10 minutes. What should you do?
answer
• Configure account lockout policies in Group Policy
question
3. You want to make sure that all users have passwords over 8 characters and that passwords must be changed every 30 days. What should you do?
answer
• Configure account policies in Group Policy
question
4. You have hired 10 new temporary workers who will be with the company for 3 months. You want to make sure that these users can only log on during regular business hours. What should you do?
answer
• Configure day/time restriction in the user accounts
question
Which of the following is a privately controlled portion of a network that is accessible to some specific external entities?
answer
Extranet
question
Intranet
answer
Is a LAN that employs the technology of the Internet, namely TCP/IP, Web servers, and e-mail
question
Extranet
answer
Is a privately controlled portion of a network that is accessible to some specific external entities
question
Match the application-aware network device on the right with the appropriate description the left.
answer
Application-aware proxy ? Improves application performance Application-aware firewall ? Enforces security rules based on the application that is generating network traffic, instead of the traditional port and protocol Application-aware IDS ? Analyzes network packets to detect malicious payloads targeted at application-layer services
question
Which of the following is a firewall function?
answer
Packet filtering
question
Which of the following are characteristics of a circuit-level gateway? (Select two:)
answer
a. Filters based on sessions b. Stateful
question
Which of the following are characteristics of a packet filtering firewall? (Select two:)
answer
a. Filters IP addresses and port b. Stateless
question
You want to install a firewall that can reject packets that are not part of an active session. Which type of firewall should you use?
answer
Circuit-level
question
You provide Internet access for a local school. You want to control access based on user, and prevent access to specific URLs. Which type of firewall should you install?
answer
Application level
question
Which of the following is the best device to deploy to protect your private network from a public untrusted network?
answer
Firewall
question
You have been given a laptop to use for work. You connect the laptop to your company network, use it from home, and use it while traveling. You want to protect the laptop from Internet-based attacks
answer
Host-based Firewall
question
You connect your computer to a wireless network available at the local library. You find that you can access all web sites you want on the Internet except for two. What might be causing the problem?
answer
A proxy server is blocking access to the web sites
question
Which of the following functions are performed by proxies? (Select two:)
answer
a. Cache web pages b. Block employees from accessing certain Web Sites
question
Which of the following are true of a circuit proxy filter firewall? (Select two:)
answer
a. Verifies sequencing of session packets b. Operates at the Session Layer
question
Which of the following does a router acting as a firewall use to control which packets are forwarded or dropped?
answer
ACL
question
You have a router that is configured a a firewall. The router is a layer 3 device only. Which of the following does the router use for identifying allowed or denied packets?
answer
IP Address
question
You have just installed a packet-filtering firewall on your network. What options will you be able to set on your firewall? Select all that apply.
answer
a. Destination of a packet b. Port number c. Source address of a packet
question
When designing a firewall, what is the recommended approach for opening and closing ports?
answer
Close all ports; open only ports required by applications inside the DMZ
question
Which of the following firewall types can be proxy between servers and clients? (Select two:)
answer
a. Circuit Proxy Filtering firewall b. Application layer firewall
question
You have a small network at home that is connected to the Internet. On your home network you have a server with the IP address of 192.168.55.199/16. You have a single public address that is shared by all hosts on your private network. You want to configure the server as a Web server and allow Internet hosts to contact the server to browse a personal Web site. What should you use to allow access?
answer
Static NAT
question
You are the network administrator for a small company that implements NAT to access the Internet. However, you recently acquired 5 servers that must be accessible from outside your network. Your ISP has provided you with 5 additional registered IP addresses to support these new servers but you don't want the public to access these servers directly. You want to place these servers behind your firewall on the inside network yet still allow them to be accessible to the public from the outside. Which method of NAT translation should you implement for these 5 servers?
answer
Static
question
You want to connect your small company networks to the Internet. Your ISP provides you with a single IP address that is to be shared between all hosts on your private network. You do not want external hosts to be able to initiate connection to internal hosts. What type of Network Address Translation (NAT) should you implement?
answer
Dynamic
question
Which of the following is not one of the ranges of IP addresses defined in RFC 1918 that are commonly used behind a NAT server?
answer
169.254.0.0 - 169.254.255.255
question
Which of the following networking devices or services prevents the use of IPSec in most cases?
answer
NAT
question
You have a group of salesmen who would like to access your private network through the Internet while they are traveling. You want to control access to the private network through a single server. Which solution should you implement?
answer
VPN concentrator
question
A VPN is used primarly for what purpose?
answer
Support secured communications over an untrusted network
question
Which VPN protocl typically employees IPSec as its data encryption mechanism?
answer
L2TP
question
Which statement best describes IPSec when used in tunnel mode?
answer
The entire data packet, including headers, is encapsulated
question
Wihch IPSec subprotocol provides data encryption?
answer
ESP
question
Which of the following is not a VPN tunnel protocol?
answer
RADIUS
question
What is the best countermeasure for someone attempting to view your network traffic?
answer
VPN
question
PPTP is quickly becoming obsolete because of what VPN protocol?
answer
L2TP
question
What is the primary use of tunneling?
answer
Supporting private traffic through a public communication medium
question
In addition to Authentication Header (AH), IPSec is comprised of what other service?
answer
Encapsulating
question
6.9.7 #11
answer
a. Configure the browser to send HTTPS requeststhrough the VPN connection b. Configure the CPN connection to use IPsec
question
6.11.4
answer
Remediation 802
question
7.1.3
answer
Configure
question
Most of the sales force has been told that they should no longer report to the office on a daily basis. From now on, they're to spend the majority of their time on the road calling on customers. Each member of the sales force has been issued a laptop computer and told to connect to the network nightly through a dial-up connection. Which of the following protocols is widely used today as a transport protocol for Internet dial- up connections?
answer
PPP
question
Which of the following devices is the most capable of providing infrastructure security?
answer
Router
question
As more and more clients have been added to your network, the efficiency of the network has decreased significantly. You're preparing a budget for next year, and you specifically want to address this problem. Which of the following devices acts primarily as a tool to improve network efficiency?
answer
Switch
question
Which device monitors network traffic in a passive manner?
answer
IDS
question
Which protocol is primarily used for network maintenance and destination information
answer
ICMP
question
A socket is a cobination of which components
answer
IP and port number IP and session number
question
Which of the following can be implemented as a software or hardware solution and is usually associated with a device— a router, a firewall, NAT, and so on— used to shift a load from one device to another?
answer
Load balancer
question
Upper management has decreed that a firewall must be put in place immediately, before your site suffers an attack similar to one that struck a sister company. Responding to this order, your boss instructs you to implement a packet filter by the end of the week. A packet filter performs which function?
answer
Prevents unauthorized packets from entering the network
question
Which IDS system uses algorithms to analyze the traffic passing through the network?
answer
Heuristic
question
You're explaining protocols to a junior administrator shortly before you leave for vacation. The topic of Internet mail applications comes up, and you explain how communications are done now as well as how you expect them to be done in the future. Which of the following protocols is becoming the standard for Internet mail applications (Not sending)?
answer
IMAP
question
7.1.3
answer
Configure
question
1. Which of the following is an example of a decentralized privilege management solution?
answer
Workgroup
question
Which of the following is stronger than any biometric authentication factor?
answer
A two-factor authentication
question
10. You are concerned about sniffing attacks on your wireless network. Which of the following implementations offers the best countermeasure to sniffing?
answer
WPA2 with AES
question
What kind of attack has occured in this sequence?
answer
NFC relay attack
question
Which of the following best describes an evil twin?
answer
• An access point that is configured to mimic a valid access point to obtain logon credentials and other sensitive information
question
10. Network packet sniffing is often used to gain the information needed to conduct more specific and detailed attacks. Which of the following is the best defense against packet sniffing?
answer
Encryption
question
Which of the following common network monitoring or diagnostic activity can be uses as a passive malicious attack
answer
Sniffing
question
1You are concerned that wireless access points may have been deployed within your organization without authorization. What should you do? (Select two)
answer
• Check the MAC addresses of devices connected to your wired switch • Conduct a site survey
question
Which of the following best describes an evil twin?
answer
• An access point that is configured to mimic a valid access point to obtain logon credentials and other sensitive information
question
How does WPA2 differ from WPA?
answer
• WPA2 uses AES for encryption; WPA uses TKIP
