Question 1

Password cracking is&#10;A) Passwords on the system known to unauthorized users&#10;B) Acquiring passwords from storage, network transmission or user knowledge&#10;C) Repeated attempts to authenticate using possible passwords&#10;D) Generating character strings to match existing passwords

Accepted Answer

D

Question 2

The merits of firewalls include all the following except&#10;A) Costs&#10;B) Complexity&#10;C) Wide availability&#10;D) Vulnerability to poor configuration

Accepted Answer

Vulnerability to poor configuration is a demerit of firewalls, not a merit.

Question 3

Password guessing is&#10;A) Passwords on the system known to unauthorized users&#10;B) Acquiring passwords from storage, network transmission or user knowledge&#10;C) Repeated attempts to authenticate using possible passwords&#10;D) Generating character strings to match existing passwords

Accepted Answer

Password guessing involves repeatedly attempting to authenticate using possible passwords, in order to gain unauthorized access to a system or account. This is often done through automated programs that generate character strings in an attempt to match existing passwords. A and B refer to specific methods of obtaining passwords, not the act of guessing them.

Question 4

In enterprise networks, power users can facilitate patch management by&#10;A) Administering as much of the patch management themselves as possible&#10;B) Setting automatic updates to as many services and software as possible&#10;C) Using department funds to deploy local patch management systems to as many systems as possible&#10;D) Allowing system administrators to controls as much of the patch management as possible

Accepted Answer

The answer of In enterprise networks, power users can facilitate...

Question 5

A PIN is&#10;A) A short numerical password&#10;B) A sequences of words used as a password&#10;C) An alpha-numeric phrase used for authentication&#10;D) None of the above

Accepted Answer

A PIN (Personal Identification Number) is a short numerical password used for authentication. It typically consists of a four to six digit number that is entered on a keypad or touchscreen device to verify the identity of the user.

Question 6

Password capturing is&#10;A) Passwords on the system known to unauthorized users&#10;B) Acquiring passwords from storage, network transmission or user knowledge&#10;C) Repeated attempts to authenticate using possible passwords&#10;D) Generating character strings to match existing passwords

Accepted Answer

Password capturing refers to the act of obtaining passwords by intercepting or stealing them from various sources, including storage, network transmission or user knowledge.

Question 7

Password management is&#10;A) A list of permissions attached to specified objects&#10;B) A form of protection that allows one network to connect to another network while maintaining some amount of protection&#10;C) The process of defining, implementing, and maintaining password policies throughout an enterprise&#10;D) Passwords on the system known to unauthorized users

Accepted Answer

Password management refers to the process of defining, implementing, and maintaining password policies throughout an enterprise. This includes establishing password complexity requirements, expiration policies, and other security measures to protect sensitive information. It also involves implementing tools and processes for securely storing and sharing passwords among authorized users. A and B refer to other concepts like permissions and network security, and D describes a security vulnerability rather than a management practice.

Question 8

An ACL is&#10;A) The process of defining, implementing, and maintaining password policies throughout an enterprise&#10;B) A list of permissions attached to specified objects&#10;C) A form of protection that allows one network to connect to another network while maintaining some amount of protection&#10;D) Passwords on the system known to unauthorized users

Accepted Answer

An ACL (Access Control List) is a list of permissions associated with an object, such as a file or folder. It specifies which users or groups are granted access, and which permissions they have (such as read, write, or execute). ACLs can be used to control access to resources in a variety of contexts, such as file servers, routers, and firewalls.

Question 9

PINs are useful in high security systems

Accepted Answer

PINs are generally considered less secure than other methods like biometrics or multi-factor authentication, as they are typically short and can be easily guessed or stolen.

Question 10

Limitations of IDS include&#10;A) Evasion&#10;B) Passwords&#10;C) Complexity&#10;D) Access

Accepted Answer

IDS can be evaded by attackers using sophisticated techniques such as encryption, randomization, or fragmentation. Therefore, evasion is one of the limitations of IDS. The other options (passwords, complexity, and access) do not accurately reflect the limitations of IDS.

Question 11

A firewall is&#10;A) A list of permissions attached to specified objects&#10;B) The process of defining, implementing, and maintaining password policies throughout an enterprise&#10;C) A form of protection that allows one network to connect to another network while maintaining some amount of protection&#10;D) Passwords on the system known to unauthorized users

Accepted Answer

The answer of A firewall is&#10;A) A list of permissions...

Question 12

Compromised passwords is/ are&#10;A) Passwords on the system known to unauthorized users&#10;B) Acquiring passwords from storage, network transmission or user knowledge&#10;C) Repeated attempts to authenticate using possible passwords&#10;D) Generating character strings to match existing passwords

Accepted Answer

The answer of Compromised passwords is/ are&#10;A) Passwords on the...

Question 13

The de-militarized zone in the context of information security refers to&#10;A) The network that hosts external services such as email, web and DNS&#10;B) The Internet&#10;C) The internal corporate network&#10;D) The organization's reception area

Accepted Answer

The answer of The de-militarized zone in the context of...

Question 14

An IDS that compares observed events against defined activities for each protocol is a&#10;A) Firewall&#10;B) Signature-based IDS&#10;C) Anomaly-based IDS&#10;D) Protocol-state IDS

Accepted Answer

The answer of An IDS that compares observed events against...

Question 15

An IDS that compares observed activity with defined patterns is a&#10;A) Firewall&#10;B) Signature-based IDS&#10;C) Anomaly-based IDS&#10;D) Protocol-state IDS

Accepted Answer

The answer of An IDS that compares observed activity with...

Question 16

A password policy is&#10;A) A set of rules for using passwords&#10;B) Acquiring passwords from storage, network transmission or user knowledge&#10;C) Repeated attempts to authenticate using possible passwords&#10;D) Generating character strings to match existing passwords

Accepted Answer

The answer of A password policy is&#10;A) A set of...

Question 17

Threats to passwords include&#10;A) Password guessing&#10;B) Password capturing&#10;C) Password replacing&#10;D) All of the above

Accepted Answer

The answer of Threats to passwords include&#10;A) Password guessing&#10;B) Password...

Question 18

Considerations while prioritizing patches include all of the following except the&#10;A) Importance of the vulnerability&#10;B) Importance of the system to be patched&#10;C) Licensing costs&#10;D) Dependencies with other patches

Accepted Answer

The answer of Considerations while prioritizing patches include all of...

Question 19

Patches should always be installed as soon as they become available

Accepted Answer

The answer of Patches should always be installed as soon...

Question 20

An IDS that looks for specific sequences of bytes is a&#10;A) Firewall&#10;B) Signature-based IDS&#10;C) Anomaly-based IDS&#10;D) Protocol-state IDS

Accepted Answer

The answer of An IDS that looks for specific sequences...

Question 21

Assessing the safety of a file using scores calculated from its observable attributes is called&#10;A) Reputation based end-point protection&#10;B) Protocol-based end-point protection&#10;C) Anomaly-based end-point protection&#10;D) Signature-based end-point protection

Accepted Answer

The answer of Assessing the safety of a file using...

Question 22

Examining byte sequences in incoming and outgoing data is called&#10;A) Reputation based end-point protection&#10;B) Protocol-based end-point protection&#10;C) Anomaly-based end-point protection&#10;D) Signature-based end-point protection

Accepted Answer

The answer of Examining byte sequences in incoming and outgoing...

Question 23

End-point protection defends against attacks on&#10;A) Firewalls&#10;B) Offices&#10;C) Vehicles&#10;D) Desktops

Accepted Answer

The answer of End-point protection defends against attacks on&#10;A) Firewalls&#10;B)...

Question 24

End-point protection defends against attacks on&#10;A) Firewalls&#10;B) Offices&#10;C) Vehicles&#10;D) Desktops

Accepted Answer

The answer of End-point protection defends against attacks on&#10;A) Firewalls&#10;B)...

Question 25

Methods used by endpoint security software for recognizing malware include&#10;A) Reputations&#10;B) Cracking&#10;C) Certificates&#10;D) Passwords

Accepted Answer

The answer of Methods used by endpoint security software for...

Deck 9: Hardware and Software Controls