Question 1

Which approach to security is proactive in addressing potential threats before they occur?&#10;A)Passive security approach&#10;B)Layered security approach&#10;C)Dynamic security approach&#10;D)Hybrid security approach

Accepted Answer

The dynamic security approach is proactive as it involves continuously adapting and responding to potential threats before they occur, rather than reacting to them after they happen.

Question 2

What is a technique used to determine if someone is trying to falsely deny that they performed a particular action?&#10;A)Auditing&#10;B)Sneaking&#10;C)Non-repudiation&#10;D)Access Control Authorization

Accepted Answer

Non-repudiation is a technique used to ensure that a party in a communication cannot deny the authenticity of their signature on a document or the sending of a message that they originated. This is crucial in security and legal contexts to prove the integrity and origin of data, thereby preventing false denial of performing actions.

Question 3

An attack characterized by an explicit attempt by attackers to prevent legitimate users from accessing a system is called:&#10;A)denial of service.&#10;B)social engineering.&#10;C)spoofing.&#10;D)war-dialing.

Accepted Answer

Denial of Service (DoS) attacks are specifically aimed at making a resource (such as a website or application) unavailable to its intended users, thereby denying them the service they expect.

Question 4

Encryption and virtual private networks are techniques used to secure which of the following?&#10;A)Data&#10;B)Firewalls&#10;C)Proxy servers&#10;D)Connection points

Accepted Answer

Encryption and virtual private networks (VPNs) are primarily used to secure data by ensuring that it is transmitted securely over networks.

Question 5

Which of the following is NOT a connectivity device used to connect machines on a network?&#10;A)Hub&#10;B)Switch&#10;C)Proxy server&#10;D)Network interface card

Accepted Answer

A proxy server is not primarily a connectivity device; it acts as an intermediary between a client and the internet, providing functions like web filtering, security, and cache data to speed up common requests. Hubs, switches, and network interface cards are direct connectivity devices used to connect machines on a network.

Question 6

Which is a technique used to provide false information about data packets?&#10;A)Hacking&#10;B)Spoofing&#10;C)Phreaking&#10;D)Social engineering

Accepted Answer

Spoofing is the technique used to deceive or trick systems by masquerading as a different entity through falsifying data, making it appear as though it is coming from a trusted source, often used in the context of IP address, email, caller ID, and DNS spoofing.

Question 7

A text file that is downloaded to a computer by a Web site to provide information about the Web site and online access is called a:&#10;A)cookie&#10;B)key logger&#10;C)script kiddy&#10;D)Trojan horse.

Accepted Answer

A cookie is a small piece of data sent from a website and stored on the user's computer by the user's web browser while the user is browsing. Cookies were designed to be a reliable mechanism for websites to remember stateful information or to record the user's browsing activity.

Question 8

The process of reviewing logs,records,and procedures to determine whether they meet appropriate standards is called:&#10;A)auditing&#10;B)filtering&#10;C)sneaking&#10;D)authenticating

Accepted Answer

Auditing is the process of examining and evaluating a company's or individual's financial documents, records, and procedures to ensure they adhere to certain standards, laws, or regulations. It involves a systematic review to assess accuracy, compliance, and adequacy.

Question 9

Which term is generally used by hackers to refer to attempts at intrusion into a system without permission and usually for malevolent purposes?&#10;A)Hacking&#10;B)Cracking&#10;C)Blocking&#10;D)Social engineering.

Accepted Answer

Cracking is the term often used to describe unauthorized access to computer systems with the intent to cause harm or steal information.

Question 10

The process of determining whether the credentials given by a user are authorized to access a particular network resource is called:&#10;A)auditing&#10;B)accessing&#10;C)authorization&#10;D)authentication

Accepted Answer

Authentication is the process of verifying the identity of a user or device, often as a precursor to granting access to resources in a system.

Question 11

Which of the following maintains a repository for information on virus outbreaks and detailed information about specific viruses?&#10;A)CERT&#10;B)F-Secure Corporation&#10;C)Microsoft Security Advisor&#10;D)SANS Institute

Accepted Answer

The answer of Which of the following maintains a repository...

Question 12

A category of software that keeps track of users' activities on a computer is called ____________.

Accepted Answer

The answer of A category of software that keeps track...

Question 13

____________ is a type of attack where header information on data packets is changed to provide false information.

Accepted Answer

The answer of ____________ is a type of attack where...

Question 14

Which approach to security addresses both the system perimeter and individual systems within the network?&#10;A)Perimeter security approach&#10;B)Layered security approach&#10;C)Dynamic security approach&#10;D)Hybrid security approach

Accepted Answer

The answer of Which approach to security addresses both the...

Question 15

In addition to mandating federal agencies to establish security measures,the Computer Security Act of 1987 defined important terms such as:&#10;A)sensitive information&#10;B)unauthorized access&#10;C)private information&#10;D)security information

Accepted Answer

The answer of In addition to mandating federal agencies to...

Question 16

A(n)____________ serves as a barrier to unauthorized communication between a network and the outside world.

Accepted Answer

The answer of A(n)____________ serves as a barrier to unauthorized...

Question 17

Those who exploit systems for harm such as to erase files,change data,or deface Web sites are typically called:&#10;A)white hat hackers&#10;B)gray hat hackers&#10;C)red hat hackers&#10;D)black hat hackers

Accepted Answer

The answer of Those who exploit systems for harm such...

Question 18

A term used to describe calling numerous telephone numbers,usually sequentially,in hopes of reaching a computer to attempt to hack into is called ____________.

Accepted Answer

The answer of A term used to describe calling numerous...

Question 19

Another name for an ethical hacker operating legally and with permission is ____________.

Accepted Answer

The answer of Another name for an ethical hacker operating...

Question 20

Which is NOT one of the three broad classes of security threats?&#10;A)Malicious software&#10;B)Disclosing contents of private networks&#10;C)Gaining unauthorized access into a system&#10;D)Preventing or blocking access to a system

Accepted Answer

The answer of Which is NOT one of the three...

Question 21

____________ refers to a process used to locate wireless networks that might be vulnerable to attack.

Accepted Answer

The answer of ____________ refers to a process used to...

Question 22

The first computer incident-response team was sponsored by ____________ University.

Accepted Answer

The answer of The first computer incident-response team was sponsored...

Question 23

Flooding a system with many false connection attempts in an effort to prevent legitimate use is an example of a ____________ attack.

Accepted Answer

The answer of Flooding a system with many false connection...

Question 24

The preferred paradigm,or approach to security,is a ____________ approach.

Accepted Answer

The answer of The preferred paradigm,or approach to security,is a...

Question 25

Since they are easier to perpetrate than intrusions,____________ attacks are the most common form of attack after viruses.

Accepted Answer

The answer of Since they are easier to perpetrate than...

Deck 1: Introduction to Network Security