security plus

1 Marks: 1 Which security measure should be used while implementing access control? Choose one answer.

a. Password complexity requirements

b. Time of day restrictions

c. Changing default passwords

d. Disabling SSID broadcast CorrectMarks for this submission: 1/1.

2 Marks: 1 Which access control system allows the system administrator to establish access permissions to network resources?Choose one answer.

a. MAC

b. RBAC

c. DAC

d. None of the above CorrectMarks for this submission: 1/1.

3 Marks: 1 Which of the following authentication methods increases the security of the authentication process because it must be in your physical possession?Choose one answer.

a. Certificate

b. Smart Cards

c. Kerberos

d. CHAP CorrectMarks for this submission: 1/1.

4 Marks: 1 Users would not like to enter credentials to each server or application to conduct their normal work. Which type of strategy can solve this problem?Choose one answer.

a. Smart card

b. Two-factor authentication

c. Biometrics

d. SSO CorrectMarks for this submission: 1/1.

5 Marks: 1 Which of the following access control models uses subject and object labels?Choose one answer.

a. Role Based access Control (RBAC)

b. Mandatory Access Control (MAC)

c. Discretionary Access Control (DAC)

d. Rule Based Access Control (RBAC) CorrectMarks for this submission: 1/1.

6 Marks: 1 Who is responsible for establishing access permissions to network resources in the Discretionary Access Control (DAC) access control model? Choose one answer.

a. The system administrator

b. The owner of the resource

c. The system administrator and the owner of the resource

d. The user requiring access to the resource CorrectMarks for this submission: 1/1.

7 Marks: 1 Which of the following types of authentication BEST describes providing a username, password and undergoing a thumb print scan to access a workstation?Choose one answer.

a. Mutual

b. Multifactor

c. Kerberos

d. Biometric CorrectMarks for this submission: 1/1.

8 Marks: 1 The ability to logon to multiple systems with the same credentials is typically known as:Choose one answer.

a. Decentralized management

b. Role Based Access Control (RBAC)

c. Centralized management

d. Single sign-on CorrectMarks for this submission: 1/1.

9 Marks: 1 Which of the following access decisions are based on a Mandatory Access control (MAC) environment?Choose one answer.

a. Ownership

b. Group membership

c. Sensitivity labels

d. Access control lists CorrectMarks for this submission: 1/1.

10 Marks: 1 The DAC (Discretionary Access Control) model has an inherent flaw. Choose the option that describes this flaw.Choose one answer.

a. The DAC (Discretionary Access Control) model uses certificates to control access to resources. This creates an opportunity for attackers to use your certificates b. The DAC (Discretionary Access Control) model uses only the identity of the user or specific process to control access to a resource. This creates a security loophole for Trojan horse attacks. c. The DAC (Discretionary Access Control) model does not have any known security flaws. d. The DAC (Discretionary Access Control) model does not use the identity of a user to control access to resources. This allows anyone to use an account to access resources.

CorrectMarks for this submission: 1/1.

11 Marks: 1 Users need to access their email and several secure applications from any workstation on the network. In addition, an authentication system implemented by the administrator requires the use of a username, password, and a company issued smart card. This is an example of which of the following?Choose one answer.

a. SSO

b. Three factor authentication

c. Least privilege

d. ACL CorrectMarks for this submission: 1/1.

12 Marks: 1 Which of the following access control models uses roles to determine access permissions?Choose one answer.

a. DAB

b. MAC

c. None of the above

d. RBAC CorrectMarks for this submission: 1/1.

13 Marks: 1 Which of the following is correct about an instance where a biometric system identifies unauthorized users and allows them access? Choose one answer.

a. False acceptance

b. False positive

c. False rejection

d. False negative CorrectMarks for this submission: 1/1.

14 Marks: 1 Which password management system best provides for a system with a large number of users?

Choose one answer.

a. Self service password reset management systems

b. Multiple access methods management systems

c. Locally saved passwords management systems

d. Synchronized passwords management systems CorrectMarks for this submission: 1/1.

15 Marks: 1 Most key fob based identification systems use which of the following types of authentication mechanisms?Choose one answer.

a. Kerberos

b. Certificates

c. Token

d. Username/password

e. Biometrics CorrectMarks for this submission: 1/1.

16 Marks: 1 Choose the terminology or concept which best describes a (Mandatory Access Control) MAC model.Choose one answer.

a. Bell La-Padula

b. Clark and Wilson

c. Lattice

d. BIBA CorrectMarks for this submission: 1/1.

17 Marks: 1 Which access control method gives the owner control over providing permissions? Choose one answer.

a. Role-based Access Control (RBAC)

b. Mandatory Access Control (MAC)

c. Rule-based Access Control (RBAC)

d. Discretionary Access Control (DAC) CorrectMarks for this submission: 1/1.

18 Marks: 1 As a network administrator, your company uses the RBAC (Role Based Access Control) model. You must plan the security strategy for user to access resources on the network. These resources include mailboxes and files and printers. The departments in your company are Finance, Sales, Research and Development, and Production. Users access the resources based on the department wherein he/she works. Which roles should you create to support the RBAC (Role Based Access Control) model?Choose one answer.

a. Create mailbox, and file and printer roles

b. Create allow access and deny access roles.

c. Create user and workstation roles

d. Create Finance, Sales, Research and Development, and Production roles CorrectMarks for this submission: 1/1.

19 Marks: 1 Which of the following will restrict access to files according to the identity of the user or group?Choose one answer.

a. DAC

b. PKI

c. MAC

d. CRL CorrectMarks for this submission: 1/1.

20 Marks: 1 Choose the access control model that allows access control determinations to be performed based on the security labels associated with each user and each data item.Choose one answer.

a. LBACs (List Based Access Control) method

b. RBACs (Role Based Access Control) method

c. DACs (Discretionary Access Control) method

d. MACs (Mandatory Access Control) method

Correct

1 Marks: 1 An organization has a hierarchical-based concept of privilege management with administrators having full access, human resources personnel having slightly less access and managers having access to their own department files only. This is BEST described as: Choose one answer.

a. Mandatory access control (MAC)

b. Rule based access control (RBAC)

c. Role based access control (RBAC)

d. Discretionary access control (DAC) CorrectMarks for this submission: 1/1.

2 Marks: 1 Which security action should be finished before access is given to the network?Choose one answer.

a. Identification and authorization

b. Authentication and password

c. Authentication and authorization

d. Identification and authentication CorrectMarks for this submission: 1/1.

3 Marks: 1 Which item is not a logical access control method?Choose one answer.

a. Biometrics

b. Software token

c. ACL

d. Group policy CorrectMarks for this submission: 1/1.

4

Marks: 1 How is access control permissions established in the RBAC access control model?Choose one answer.

a. The owner of the resource

b. The role or responsibilities users have in the organization


d. The system administrator CorrectMarks for this submission: 1/1.

5 Marks: 1 The difference between identification and authentication is that:Choose one answer.

a. Authentication verifies a user ID belongs to a specific user while identification verifies the identity of a user group b. Authentication verifies a set of credentials while identification verifies the identity of the network c. Authentication verifies the identity of a user requesting credentials while identification verifies a set of credentials d. Authentication verifies a set of credentials while identification verifies the identity of a user requesting credentials


6 Marks: 1 In a classified environment, a clearance into a Top Secret compartment only allows access to certain information within that compartment.This is known as: Choose one answer.

a. Need to know

b. Dual control

c. Acceptable use

d. Separation of duties CorrectMarks for this submission: 1/1.

7 Marks: 1

During which phase of identification and authentication does proofing occur?Choose one answer.

a. Authentication

b. Verification

c. Identification

d. Testing CorrectMarks for this submission: 1/1.

8 Marks: 1 Which item best describes an instance where a biometric system identifies legitimate users as being unauthorized?Choose one answer.

a. False negative b. False acceptance

c. False rejection

d. False positive CorrectMarks for this submission: 1/1.

9 Marks: 1 A user is assigned access rights explicitly. This is a feature of which of the following control models?Choose one answer.

a. Rule Based Access Control (RBAC)

b. Discretionary Access Control (DAC)

c. Mandatory Access Control (MAC) CorrectMarks for this submission: 1/1.

10 Marks: 1 Access controls based on security labels associated with each data item and each user are known as:Choose one answer.

a. Role Based Access Control (RBAC)

b. List Based Access Control (LBAC)


d. Mandatory Access Control (MAC) CorrectMarks for this submission: 1/1.

11 Marks: 1 Which of the following statements regarding the MAC access control models is TRUE?Choose one answer.

a. In the Mandatory Access Control (MAC) the owner of a resource establishes access privileges to that resource.

b. The Mandatory Access Control(MAC) is not restrictive c. In the Mandatory Access Control (MAC) users cannot share resources dynamically. d. The Mandatory Access Control (MAC) model is a dynamic model


12 Marks: 1 What does the MAC access control model use to identify the users who have permissions to a resource?Choose one answer.

a. Access Control Lists

b. The role or responsibilities user have in the organization


d. Predefined access privileges CorrectMarks for this submission: 1/1.

13 Marks: 1 Which of the following describes the process by which a single user name and password can be entered to access multiple computer applications?Choose one answer.

a. Single sign-on

b. Access control lists

c. Encryption protocol

d. Constrained user interfaces CorrectMarks for this submission: 1/1.

14 Marks: 1 The authentication process where the user can access several resources without the need for multiple credentials is known as:Choose one answer.

a. Need to know

b. Decentralized management


d. Single sign-on CorrectMarks for this submission: 1/1.

15 Marks: 1 What does the DAC access control model use to identify the users who have permissions to a resource?Choose one answer.

a. None of the above

b. Access Control Lists

c. The role or responsibilities users have in the organization

d. Predefined access privileges CorrectMarks for this submission: 1/1.

16 Marks: 1 Which solution can be used by a user to implement very tight security controls for technicians that seek to enter the users’ datacenter?Choose one answer.

a. Combination locks and key locks

b. Magnetic lock and pin

c. Smartcard and proximity readers

d. Biometric reader and smartcard

1 Marks: 12

moderate flexibility

Similar to Security Clearance

similar to group policy

least flexible

peer-to-peer

Labels

user is owner

duties

decentralized

job responsibilities

ACLs

owned by the administrator

1 Marks: 1 Due to a concern about staff browsing inappropriate material on the web, your company is purchasing a product which can decrypt the SSL session, scan the content and then repackage the SSL session without staff knowing. What type of attack is similar to this product?Choose one answer.

a. Spoofing

b. TCP/IP hijacking

c. Man-in-the-middle

d. Replay CorrectMarks for this submission: 1/1.

2 Marks: 1 Which of the following viruses has the characteristic where it may attempt to infect your boot sector, infect all of your executable files, and destroy your applications files form part of?Choose one answer.

a. Multipartite Virus

b. Armored Virus

c. Phage Virus

d. Companion Virus Correct

Marks for this submission: 1/1.

3 Marks: 1 Which one of the following options is an attack launched from multiple zombie machines in attempt to bring down a service?Choose one answer.

a. TCP/IP hijacking

b. Man-in-the-middle

c. DoS

d. DDoS CorrectMarks for this submission: 1/1.

4 Marks: 1 Choose the most effective method of preventing computer viruses from spreading throughout the network.Choose one answer.

a. You should install a host based IDS (Intrusion Detection System)

b. You should enable scanning of all email attachments

c. You should require root/administrator access to run programs and applications

d. You should prevent the execution of .vbs files CorrectMarks for this submission: 1/1.

5 Marks: 1 Which security threat will affect PCs and can have its software updated remotely by a command and control center? Choose one answer.

a. Zombie

b. Worm

c. Virus

d. Adware CorrectMarks for this submission: 1/1.

6 Marks: 1

Choose the attack of malicious code that cannot be prevented or deterred solely through using technical measures:Choose one answer.

a. Man in the middle attacks

b. DoS (Denial of Service) attacks

c. Dictionary attacks

d. Social engineering CorrectMarks for this submission: 1/1.

7 Marks: 1 Malicious code that enters a target system, lays dormant until a user opens the certain program then deletes the contents of attached network drives and removable storage devices is known as a:Choose one answer.

a. Honeypot

b. Logic bomb

c. Worm

d. Trojan horse CorrectMarks for this submission: 1/1.

8 Marks: 1 Which of the following is MOST effective in preventing adware?Choose one answer.

a. HIDS

b. Antivirus

c. Pop-up blocker

d. Firewall CorrectMarks for this submission: 1/1.

9 Marks: 1 A user downloads and installs a new screen saver and the program starts to rename and delete random files. Which of the following would be the BEST description of this program?Choose one answer.

a. Worm

b. Trojan horse

c. Virus

d. Logic bomb CorrectMarks for this submission: 1/1.

10 Marks: 1 Which of the following types of attacks is BEST described as an attacker capturing part of a communication and later sending that communication segment to the server while pretending to be the client?Choose one answer.

a. Back door

b. TCP/IP hijacking

c. Replay

d. Man in the middle CorrectMarks for this submission: 1/1.

11 Marks: 1 Which item can be commonly programmed into an application for ease of administration? Choose one answer.

a. Trojan

b. Worm

c. Back door

d. Zombie CorrectMarks for this submission: 1/1.

12 Marks: 1 Choose the statement which best defines the characteristics of a computer virus.Choose one answer.

a. A computer virus is a find mechanism, initiation mechanism and can propagate b. A computer virus is a search mechanism, connection mechanism and can integrate c. A computer virus is a replication mechanism, activation

mechanism and has an objective d. A computer virus is a learning mechanism, contamination mechanism and can exploit


13 Marks: 1 Which of the following web vulnerabilities is being referred to when it receives more data than it is programmed to accept? Choose one answer.

a. CGI

b. SMTP relay

c. Buffer Overflows

d. Cookies CorrectMarks for this submission: 1/1.

14 Marks: 1 Which description is correct about an application or string of code that could not automatically spread from one system to another but is designed to spread from file to file?Choose one answer.

a. Virus

b. Adware

c. Worm

d. Botnet CorrectMarks for this submission: 1/1.

15 Marks: 1 The risks of social engineering can be decreased by implementing: (Select TWO)Choose at least one answer.

a. Risk assessment policies

b. Operating system patching instructions

c. Vulnerability testing technique

d. Identity verification methods

e. Security awareness training


16 Marks: 1 Which of the following definitions BEST suit Buffer Overflow?Choose one answer.

a. It is used to provide a persistent, customized web experience for each visit b. It’s an older form of scripting that was used extensively in early web systems c. It has a feature designed into many email servers that allows them to forward email to other email servers

d. It receives more data than it is programmed to accept CorrectMarks for this submission: 1/1.

17 Marks: 1 In addition to bribery and forgery, which of the following are the MOST common techniques that attackers use to socially engineer people? (Select TWO)Choose at least one answer.

a. Dumpster diving

b. Phreaking

c. Assuming a position of authority

d. Flattery

e. Whois search CorrectMarks for this submission: 1/1.

18 Marks: 1 On the topic of comparing viruses and hoaxes, which statement is TRUE? Choose one answer.

a. Hoaxes can help educate users about a virus

b. Hoaxes can create as much damage as a real virus

c. Hoaxes are harmless pranks and should be ignored

d. Hoaxes carry a malicious payload and can be destructive CorrectMarks for this submission: 1/1.

19 Marks: 1 Choose the statement that best details the difference between a worm and a Trojan horse?Choose one answer.

a. There is no difference between a worm and a Trojan horse

b. Worms self replicate while Trojan horses do not

c. Worms are distributed through email messages while Trojan horses do not d. Worms are a form of malicious code while Trojan horses are not


20 Marks: 1 Study the following items carefully; which one will permit a user to float a domain registration for a maximum of five days?Choose one answer.

a. Kiting

b. Domain hijacking

c. Spoofing

d. DNS poisoning

1 Marks: 1 Social engineering attacks would be MOST effective in which of the following environments (Select TWO). Choose at least one answer.

a. Military facility with computer equipment containing biometrics b. A company with a dedicated information technology (IT) security staff

c. A locked, windowless building

d. A company with a help desk whose personnel have minimal training

e. A public building that has shared office space CorrectMarks for this submission: 1/1.

2 Marks: 1 Turnstiles, double entry doors and security guards are all prevention measures for which of the following types of social engineering?Choose one answer.

a. Piggybacking

b. Impersonation

c. Looking through a co-worker’s trash

d. Looking over a co-workers shoulder to retrieve information CorrectMarks for this submission: 1/1.

3 Marks: 1 From the following items, which will permit a user to float a domain registration for a maximum of five days?Choose one answer.

a. Kiting

b. Domain hijacking

c. DNS poisoning

d. Spoofing CorrectMarks for this submission: 1/1.

4 Marks: 1 A user has received an email from a mortgage company asking for personal information including bank account numbers. This would BEST be described as:Choose one answer.

a. Packet sniffing

b. Spam

c. Phishing

d. A hoax CorrectMarks for this submission: 1/1.

5 Marks: 1 Which one of the following options will permit an attacker to hide the presence of malicious code through altering the systems process and

registry entries? Choose one answer.

a. Rootkit

b. Worm

c. Trojan


6 Marks: 1 A denial-of-service attack (DOS attack or distributed denial-of-service (DDoS) is an attempt to make computer resource unavailable to its intended users. Which method can be used to perform denial of service (DoS)?Choose one answer.

a. Malware

b. Adware

c. Botnet

d. Spyware CorrectMarks for this submission: 1/1.

7 Marks: 1 Which of the following describes a server or application that is accepting more input than the server or application is expecting?Choose one answer.

a. Buffer overflow

b. Brute force

c. Syntax error

d. Denial of service (DoS) CorrectMarks for this submission: 1/1.

8 Marks: 1 Which of the following types of malicious software travels across computer networks without requiring a user to distribute the software?Choose one answer.

a. Worm

b. Virus

c. Trojan horse


9 Marks: 1 A person pretends to be a telecommunications repair technician, enters a building stating that there is a networking trouble work order and requests that a security guard unlock the wiring closet. The person connects a packet sniffer to the network switch in the wiring closet and hides the sniffer behind the switch against the wall. This is an example of:Choose one answer.

a. A vulnerability scan

b. A penetration test

c. Social engineering

d. A man in the middle attack CorrectMarks for this submission: 1/1.

10 Marks: 1 In order to recover discarded company documents, which of the following might an attacker resort to?Choose one answer.

a. Phishing

b. Dumpster diving

c. Shoulder surfing

d. Insider theft CorrectMarks for this submission: 1/1.

11 Marks: 1 Which of the following definitions would be correct regarding Active Inception?Choose one answer.

a. Someone looking through your files

b. Involve someone who routinely monitors network traffic

c. Placing a computer system between the sender and receiver to capture information


12 Marks: 1 Which of the following definitions would be correct regarding Eavesdropping? Choose one answer.

a. Listening or overhearing parts of a conversation

b. Placing a computer system between the sender and receiver to capture information

c. Someone looking through your files

d. Involve someone who routinely monitors network traffic CorrectMarks for this submission: 1/1.

13 Marks: 1 Disguising oneself as a reputable hardware manufacturer’s field technician who is picking up a server for repair would be described as:Choose one answer.

a. A man-in-the-middle attack

b. Social engineering

c. A Trojan horse

d. A phishing attack CorrectMarks for this submission: 1/1.

14 Marks: 1 Malicious software that travels across computer networks without user assistance is an example of a:Choose one answer.

a. Virus

b. Worm

c. Trojan horse


15 Marks: 1 Which of the following is a major reason that social engineering attacks succeed?Choose one answer.

a. Audit logs are not monitored frequently

b. Multiple logins are allowed

c. Lack of security awareness

d. Strong passwords are not required CorrectMarks for this submission: 1/1.

16 Marks: 1 For the following items, which is an example of an attack that executes once a year on a certain date?Choose one answer.

a. Logic bomb

b. Virus

c. Rootkit

d. Worm CorrectMarks for this submission: 1/1.

17 Marks: 1 Which of the following access attacks would involve looking through your files in the hopes of finding something interesting? Choose one answer.

a. Interception

b. Snooping


d. Eavesdropping CorrectMarks for this submission: 1/1.

18 Marks: 1 Which of the following can affect heaps and stacks? Choose one answer.

a. Rootkits

b. Cross-site scripting

c. SQL injection

d. Buffer Overflow CorrectMarks for this submission: 1/1.

19 Marks: 1 Which of the following describes an attacker encouraging a person to perform an action in order to be successful?Choose one answer.

a. Man in the middle

b. Back door

c. Social engineering

d. Password guessing CorrectMarks for this submission: 1/1.

20 Marks: 1 Which scanner can find a rootkit? Choose one answer.

a. Anti-spam scanner

b. Malware scanner

c. Adware scanner

d. Email scanner

security plus

Documents