Academia.eduAcademia.edu

EC-Council

A program that pretends to be a regular and known program but it has a malicious intent is known as a(n) _______________.   A. trojan horse   B. a firewall   C. Intrusion Detection System   D. proxy server A good security policy lists in detail the resources owned by the company that need to be protected by the firewall.  What category of assets include the actual hardware devices that keep data flowing throughout the network including servers, routers, cables, workstations PCs, and printers?   A. Real Assets   B. Logical Assets   C. System Assets   D. Physical Assets What is the name of the filed that covers the use of computer resources to track down criminal activity?   A. anomaly detection   B. robo tracing   C. intrusion detection   D. computer forensics Your job is to prepare a security policy for your company in cooperation with other members of a Policy Team.  Everyone understands that a good policy should reflect the company’s overall stance toward security.  Your team has decided to implement a security stance that advocates strict control over network security emphasizing breaking the connection between the private network and external networks.  In this approach, application-layer gateways will handle all traffic between internal and external hosts and will allow only basic Web and e-mail traffic.  What is the name of this category of security policy?    A. Strict   B. Optimistic   C. Open   D. Paranoid Terminal Access Controller Access Control System (TACACS+) provides authentication for dial-in users and is used primarily on UNIX-based networks.  TACACS+ uses the _______ algorithm to encrypt data.   A. SHA-5   B. SHA-1   C. MD4   D. MD5 While designing a firewall solution for a very busy network, you choose a configuration that requires the installation of more than one firewall so each can divide the traffic load between them.  What is this design feature typically referred to as?   A. dueling   B. busy busing   C. Virtual Private Networking   D. load balancing “Users shall not attempt to send or receive personal email through the company gateway unless they use a personal account on a Web-based site.  They may not use email software with their own accounts through the gateway.  No mailing lists other than the company newsletter will be distributed through the office gateway.”  The above statement is an example of a(n) _____________________?   A. acceptable use policy   B. audit log policy   C. security risk policy   D. asset protection policy Remote Authentication Dial-In User Service (RADIUS) is a protocol used to provide dial-in authentication.  RADIUS transmits authentication packets ______________ across the network, which means they are vulnerable to attacks from packet sniffers.   A. encrypted   B. unencrypted   C. protected   D. quickly SecurID is an authentication system developed by RSA Security, Inc. that makes use of a highly touted feature called ______________ authentication.  SecurID requires “something you know” and “something you have” to increase access to resources.   A. two-factor   B. one-factor   C. no-factor   D. three-factor What service offers a form of protection to internal (private) networks by allowing internal networks to be configured with an IP address range that is not routable on the external (public) network?    A. PAP   B. PPTP   C. NAT   D. SAT Filtering by TCP or UDP port number is commonly called either port filtering or protocol filtering.  Using TCP or UDP port numbers can help you filter a wide variety of information, including SMTP and POP email messages, NetBIOS sessions, DNS requests, and Network News Transfer Protocol (NNTP) newsgroup sessions.  What protocol type and port number would you use to filter FTP traffic?   A. UDP 25 and 110   B. TCP 25 and 110   C. UDP 20 and 21   D. TCP 20 and 21 You have designed a packet filter and will filter based on the IP protocol ID field in the header.  The filter can use the data to allow or deny traffic of an entire type of service.  To filter UCP you would use Protocol number ______?   A. 17   B. 12   C. 3   D. 19 What is the name given to a set of rules and procedures developed by management in conjunction with security professionals that lists acceptable and unacceptable use of a network, what resources need to be protected, and how the company will respond to breaches of security?   A. a Vulnerability Assessment   B. a network diagram   C. a Penetration Test   D. a Security Policy The PING command uses what protocol?   A. ICMP   B. BGP   C. UDP   D. TCP User authentication is the simplest type of authentication, and the one with which you are most likely to be familiar.  Upon receiving a request, a program prompts the user for a username and password.  When the information is submitted, the software checks the information against a list of usernames and passwords in its database.  If a match is made, the user is __________________.   A. authenticated   B. authorized   C. rejected   D. audited Your company is very concerned about security.  You have decided to install a system that monitors traffic into and out of your network and automatically alerts you when suspicious traffic patterns occur, indicating a possible unauthorized intrusion attempt.  What is the name of this system?   A. Network Detection System   B. Defensive Alarm System   C. Intrusion Alert Detector   D. Intrusion Detection System Filtering by TCP or UDP port number is commonly called either port filtering or protocol filtering.  Using TCP or UDP port numbers can help you filter a wide variety of information, including SMTP and POP email messages, NetBIOS sessions, DNS requests, and Network News Transfer Protocol (NNTP) newsgroup sessions.  What protocol type and port number would you use to filter Web traffic?   A. UDP 80   B. TCP 60   C. UDP 60   D. TCP 80 You have been tasked will setting up a network for a new small business.  The owner of the business is one of those “hands-on” types of guy who thinks he knows more than he actually does and he starts telling you everything he knows about firewalls.  Out of the items in the list below, which is one of the common misconceptions about firewalls?   A. Firewalls need to be monitored and maintained after deployment   B. Firewalls are designed to prevent all hackers, viruses, and would-be intruders from entering a computer or computer network   C. Firewalls are designed to enable authorized traffic to pass through and to block unauthorized traffic   D. Firewalls can be software or hardware based What is the name of the simplest form of packet filtering that reviews packet header content and makes decisions on whether to allow or drop the packets based on whether a connection has actually been established between an external host and an internal one?   A. stateless packet filtering   B. stateful packet filtering   C. successful packet filtering   D. standard packet filtering An internal network can be configured with an IP address range that is not routable on the external (public) network.  What is the name of the device that allows internal users to communicate on the external network by translating the user’s private IP address to a public IP address?   A. a Bastion Host System   B. a Virtual Private Network device   C. an Intrusion Detection System   D. a Network Address Translation device One way to balance the load placed on a firewall is to set up a _______________ system in which one or more auxiliary or failover firewalls are configured to take over all traffic if the primary firewall fails.   A. network restrictor   B. cold standby   C. load equalizer   D. hot standby One service related to data integrity that encryption can perform is ___________, which is the ability to prevent one participant in an electronic transaction from denying that it performed an action.   A. nonrepudiation   B. authentication   C. privacy   D. integrity It is possible that an unauthorized user with a wireless computer can gain access to your network by entering the network on the inside portion of the network behind the enterprise firewall.  What is the name given to a device used to connect wireless computers to wired networks?   A. wireless access point   B. wireless equivalent point   C. wireless node point   D. wireless converter point The TRACERT diagnostic utility determines the route taken to a destination by sending ___________ packets with varying IP Time-To-Live (TTL) values to the destination. Each router along the path is required to decrement the TTL on a packet by at least 1 before forwarding it, so the TTL is effectively a hop count. When the TTL on a packet reaches 0, the router should send an ICMP Time Exceeded message back to the source computer.   A. BGP   B. UDP   C. ICMP   D. TCP What is the name of a system used to store, distribute, and manage public and private keys within an organization?   A. RSA   B. ROI   C. NAT   D. PKI What is the name of a network of publicly accessible servers, such as Web and FTP servers, that is connected to the firewall but that is isolated from the internal network to protect internal users from intrusions and attacks?   A. Designated Mail Zone   B. Demilitarized Zone   C. Detection Matrix Zone   D. Designed Multipurpose Zone You are examining the output after running the “netstat -an” command from the command prompt on a computer.  You notice the following entry:   Foreign Address 216.239.51.104:80             What is this type of network connection called (i.e. when a port number is combined with a computer’s IP address) as shown above?   A. a Fully Qualified Domain Name   B. an illegal IP address   C. a DNS entry   D. a socket Pretty Good Privacy (PGP) is a personal encryption system developed by Phil Zimmerman that uses both symmetric and asymmetric encryption.  It relies on a “__________________” in which users authenticate one another by exchanging public keys.   A. Mesh of Trust   B. Web of Trust   C. Hierarchy of Trust   D. Latter of Trust You work for a small consulting business that focuses on installing network security products and you have been hired by a group of realtors that are forming a brand new company.  While speaking with the president of the new company about setting up a secure network that meets their needs, what product should you recommend that the company first purchase?   A. a Firewall   B. a Honey Pot   C. an Intrusion Detection System   D. a TCP/IP Stacker Your company operates a Web server and is promoting a new line of products.  The server experiences a high number of visits from users on the Internet who want to place orders.  Yet, the server needs to provide protection from viruses and harmful programs for users in the company; however, for business reasons you are instructed that commerce and revenue should take priority over security.  Under these circumstances, the server should be positioned where?   A. it does not matter where the server is located   B. inside the corporate network   C. in the DMZ   D. on the Internet backbone While doing volunteer work for a not-for-profit agency you are asked to build a network of computers and connect them to the Internet so that the agency can provide information about the services they offer to the public.  You know that the agency has no real budget for this project and you decide to setup a gateway between the internal network and the Internet by building a host that has all unnecessary services disabled to reduce the chance of exploitation and then using this host to build a firewall using a freeware program.  What is the name commonly given to a host that has all unnecessary service disabled?   A. maximum defense host   B. stripped host   C. bastion host   D. stronghold host You are the network administrator for a small company and you have been reading all of the advertising literature for the small firewall products that are on the market.  Many of the firewalls advertise that they perform a type of packet filtering in which the firewall checks a state table to make sure a connection has actually been established before checking its rule base to decide whether to allow or block a packet.  What is the name given to this form of filtering?   A. table population filtering   B. check type filtering   C. stateful packet filtering   D. decision based filtering What is the name given to a publicly available database that holds names of users and digital certificates that any client can connect to in order to verify someone or something’s identity?   A. CHAP   B. IPSec   C. PAP   D. LDAP In reference to load sharing firewalls, what is the name of the protocol used by routers to route traffic based on its IP type?  This protocol can also divide traffic equally between two routers that are equally far apart or that have an equal load already.   A. OSPF   B. BGP   C. PDQ   D. NAT You are the Security Manager for a small bank and while “making the rounds” talking to the bank employees about the importance of good security you are asked a question by one of the newer employees.  She states that yesterday she received a phone call from someone who said they were from the “Network Support Group” and they had her give them her password for “troubleshooting” reasons.  She felt a little strange about doing this and that is why she is bringing it to your attention.  You tell her that it is possible that she was a victim of what type of attack?   A. Trojan horse attack   B. virus flood attack   C. social engineering attack   D. denial of service attack Filtering by TCP or UDP port number is commonly called either port filtering or protocol filtering.  Using TCP or UDP port numbers can help you filter a wide variety of information, including SMTP and POP email messages, NetBIOS sessions, DNS requests, and Network News Transfer Protocol (NNTP) newsgroup sessions.  What protocol type and port number would you use to filter POP3 messages?   A. UDP 25   B. UDP 110   C. TCP 25   D. TCP 110 What is the name given to a set of security standards developed by the IETF and for the next version of IP – IPv6 – as an optional extension to IP4?  It is included in Windows 2000 and XP as well as many Cisco routers.  It enables devices to connect is a secure manner by having the host and destination computer first authenticate and then transmit data using encryption.   A. IPSwitch   B. NetSec   C. TNSec   D. IPSec Perimeter security is only effective when attacks are anticipated, detected, and handled effectively.  A(n) ____________________ is software or hardware that detects whether a network or server has experienced an unauthorized access attempt and that sends notification to the appropriate network administrators so that the intrusion attempts can be analyzed, damage can be assessed, and responses can be made.   A. virtual private network system   B. honey pot system   C. intrusion detection system   D. enterprise firewall system The manager of a small town has hired you to help develop a Security Policy for the town’s computer network.  One of the documents that you recommend the manager develops and implements as part of the Security Policy tells the town’s employees what constitutes acceptable use of the town’s resources.  What is the common name of this policy?     A. Network Audit Policy   B. Acceptable Use Policy   C. Common Needs Policy   D. Inappropriate Behavior Policy Setting up a firewall is only the start of an effective perimeter security effort.  Ongoing firewall administration ensures that the network is actually protected and that intrusions are detected and thwarted.  Without routinely reviewing logs, evaluating firewall performance, and upgrading hardware and software as needed, the best firewall configuration in the world ______________________________.   A. will work forever   B. will earn you tons of money   C. can quickly become useless   D. will save you plenty of time You are working at a software manufacturing firm that specializes in making online games.  You have been actively involved in trying to prevent an attempt by a hacker to put a false IP source address into packet headers to make them seem legitimate and sneak them past your firewall.  What type of attack is this commonly referred to as?   A. DNS spoofing   B. IP redirect   C. DNS redirect   D. IP spoofing What is the name of the sophisticated and secure approach to packet filtering that occurs when the filter maintains a record of the state of a connection and can thus make “intelligent” decisions on whether to allow traffic that is a genuine reply to an established connection?   A. successful packet filtering   B. stateless packet filtering   C. stateful packet filtering   D. standard packet filtering What is the name given for an error-checking procedure performed in the trailer section of an IP packet?   A. MD5   B. CHK   C. P2P   D. CRC When designing a firewall solution for a very large network, you must consider many different requirements.  One of the key solutions often chosen is to run two parallel installations of the firewall in tandem.  If one firewall goes down, the other remains functioning, keeping the network connected and maintaining current connections.  What is this key feature referred to as?   A. low processing   B. high availability   C. tandem development   D. elevated accessibility IPSec does have limitations.  Whereas digital certificates are used to authenticate individual users, IPSec only authenticates ________________.  You can’t use IPSec to ensure that the person you expect to be using a machine is actually operating it.   A. packets   B. networks   C. users   D. machines VPNs have advantages and disadvantages over leased lines.  On the plus side, VPNs are less expensive than leased lines.  They allow users to address packets using private addresses that are not normally routable on the Internet because the packets are encapsulated in other packets that contain the source and destination IP addresses of the VPN gateway involved.  They also give the network administrator control over how information is encrypted.  On the downside, VPNs are complex and, because they make use of the public Internet _______________.   A. data delivery is always guaranteed   B. you have little or no control over exactly how data gets from one LAN to another   C. security is never an issue   D. cost is very inexpensive A stateless packet filter looks at each packet’s header individually.  It compares the header data against its _____________________ and forwards only those packets that match a rule.    A. state list   B. data base   C. header list   D. rule base An attack in which a hacker intercepts a public key to gain control over data being exchanged is called a _______________.   A. man-in-the-middle attack   B. trojan horse   C. brute force attack   D. brute force attack You work for a very forward thinking company and have decided to install a firewall that monitors information going out of a network rather than trying to block what’s coming in.  For example, in a Denial of Service attack, information will be flooding out of the network from infected computer(s), thus overloading the network.  What is the name commonly given to this type of firewall?   A. forward firewall   B. reverse firewall   C. flood firewall   D. DoS firewall You work for a small ecommerce company as the Network Security guru.  You are building a firewall to protect your company’s web server.  At a minimum, what port do you need to leave open so that your customers can get to your web site?   A. 25   B. 20   C. 80   D. 135