Self Test

1.  

In performing a risk analysis of your network, you determine that your company lost approximately $100,000 last year from losses relating to laptops being stolen from unattended offices. Your company s CEO and CFO agree that they want to implement some type of safeguard that will reduce that number to a maximum of $50,000. You have been presented with three options to reduce losses. Option 1: A fully staffed reception desk that will sign visitors in and out of the building and examine all outgoing equipment to ensure that it is not leaving the premises illegally. It is expected that this will reduce losses due to equipment theft by 80 percent. The total annual cost for this measure, including equipment and personnel, will be $60,000. Option 2: A card-swipe system will be installed on all entrances that will ensure that only employees carrying legitimate access cards will be able to enter company premises. It is expected that this measure will reduce losses due to equipment theft by 65 percent. The total annual cost for this measure, including equipment and installation, will be $15,000. Option 3: A user -awareness campaign will be launched to make users more cognizant of the risks inherent in leaving their laptops and other equipment unattended. Certain employees will be designated as Loss Prevention Monitors to keep an eye out for potentially hazardous situations such as laptops being left unattended, and inform management so that the offending employee can be reminded of the importance of securing his or her equipment. It is expected that this measure will reduce losses due to equipment theft by 25 percent. The total annual cost for this measure, including personnel time, will be $10,000. Which of these measures is the most cost-effective way to meet the request of your CEO and CFO?

1. Implement Option 1.

2. Implement Option 2.

3. Implement Option 3.

4. None of these solutions is cost-effective.

2.  

You are creating a security design for the Blue Sky LTD Corporation. The company CEO knows that many people on the network currently use information like their pets or children s names for their network passwords; she is extremely concerned about hackers attempting to guess these passwords and gain access to corporate network resources. She has requested that password security be made more stringent in the new design, with a minimum of a 24-character password for all systems. What would you tell her is a potential drawback of requiring user passwords to be this long?

1. Users will be more likely to write down a password that is so difficult to remember.

2. User passwords should be at least 30 characters long to guard against brute-force password attacks.

3. There are no drawbacks; this creates network passwords that will be impossible for an unauthorized user to penetrate .

4. Windows 2003 will not allow a password of more than eight characters.

3.  

You are a security analyst for the Widgets Corporation, which uses Windows Server 2003 servers to store data regarding several patent-pending products that they are developing. Because of the sensitive nature of this information, both successful and failed attempts to access product- related data on the file server is logged to the Windows Security log, and the information can only be accessed from within the Widgets headquarters ”there is no current means of using VPN or other forms of remote access. While you are looking over the security logs one week, you notice that one of the Widgets product managers, Ethan Hopkins, accessed files for a number of different projects on a day when you know that he was out of the office for several days. When you question Ethan about it, he verifies that he was out of the office on that day and has no idea what could have happened . However, you discover in a passing conversation with your help desk manager that someone claiming to be Mr. Hopkins called the help desk that day demanding to have his password reset, since he had been called in for an important sales presentation and couldn t wait. What kind of attack has occurred here?

1. Password guessing

2. Spoofing

3. Network sniffing

4. Social engineering

1.  

B

2.  

A

3.  

D

4.  

You are the network administrator for a large Windows Server 2003 network, supporting 40 servers and over 1000 Windows 2000 Professional and Windows XP Professional clients . You have received a call from a user who is complaining that his computer will no longer boot correctly. Upon investigating, you discover that the machine will only get halfway through the logon sequence before displaying the Blue Screen of Death. When you ask the user if he noticed anything unusual before the computer began misbehaving, he reports that he had just downloaded a game from a URL that a friend had sent him via e-mail. The machine seemed to run fine after the game was installed, but as soon as the user rebooted the machine, it no longer powered on correctly. What is the most likely reason why the user s machine is no longer booting correctly?

1. The downloaded game is not compatible with Windows XP Professional.

2. The workstation has suffered a hardware failure.

3. The downloaded game was actually malicious code containing a Trojan horse.

4. The workstation is undergoing a DoS attack.

5.  

You are performing a security audit of a Windows Server 2003 network for the branch office of a bank. You have detected an unauthorized computer that is capturing network traffic being sent between your head teller s workstation and the server used to settle account information at the end of the day. You suspect that this computer has changed some of the network data that has been transmitted between these two computers to alter the financial records coming from the teller workstation. What type of attack is most likely taking place in this scenario?

1. DoS

2. Man-in-the-middle

3. Password guessing

4. IP Spoofing

6.  

You are performing a Risk Analysis for Blue Sky, LTD., a charter plane service running a Windows Server 2003 network. Since Blue Sky receives a significant portion of its client referrals from the blueskyltd.com Web site, the CFO has decided that any losses due to a Web server outage would pose an extreme financial risk to the company. Because of this, you have decided to outsource the hosting of your Web site to a third party. You will pay this hosting service a monthly fee, in return for which they will guarantee 99.999-percent uptime and availability of the Blue Sky Web site for your customers. Which principle of Risk Management have you employed by taking this measure?

1. Risk Avoidance

2. Risk Mitigation

3. Risk Transference

4. Risk Acceptance

7.  

You are working as the network administrator responsible for monitoring and maintaining 25 Windows Server 2003 servers and 500 Windows XP Professional workstations. You are checking the Network Monitor that is running on your Web server and notice a sudden influx of TCP SYN (Synchronization) packet requests with no subsequent completion of the TCP handshake. What is this type of activity most likely an indicator of?

1. Your network is beginning to sustain a DoS attack.

2. Someone is attempting to guess passwords of user accounts on your network.

3. This is normal activity and not something that you should worry about.

4. Your company s Internet connection has failed and you should contact your Internet service provider (ISP).

4.  

C

5.  

B

6.  

C

7.  

A

8.  

You have been hired as a consultant by the Widgets, Inc. manufacturing company to design security for their company headquarters. The current network consists of several Windows NT4 application and file servers; users connect to the servers via NT4 workstations located throughout the floor of the manufacturing plant. Because of a specialized interface between the manufacturing equipment and the mission-critical software that controls it, user workstations cannot be upgraded away from NT4 until the Widgets developers are able to port the application to a new version of the desktop operating system. Because of a concern regarding the security of user passwords and logon information, the Widget s CTO wants all network communications to be encrypted. What is the highest level of encryption that you would recommend in this scenario?

1. LM

2. NTLM

3. NTLMv2

4. Kerberos

9.  

You have been contracted to create an Internet-based VPN solution for an organization with a large traveling sales force. The organization has standardized on Windows Server 2003 servers. Sixty percent of the sales force has been issued a new laptop running the Windows 2000 Professional operating system within the past year. As part of the VPN deployment, the remainder of the sales force will receive laptops that are running Windows XP Professional. The CEO and CTO both agree that the VPN solution should use the best security possible. Which protocol should you recommend when designing a VPN solution in this scenario?

1. SPAP

2. IPSEC/L2TP

3. PPTP

4. MS-CHAPv2

10.  

You are the network administrator for a network whose infrastructure is made up of a combination of Windows Server 2003 and UNIX servers. Currently, your company s DNS servers all exist on DNS servers using BIND version 8.1.2. You would like to transition the DNS service to Windows Server 2003 in order to take advantage of secure updates. Your CTO is concerned that the transition needs to be seamless, and has asked you to bring a single Windows Server 2003 DNS server online and configure it to coexist with the existing BIND servers to ensure that client name resolution will not be interrupted . What should you be concerned with when configuring a Windows Server 2003 DNS server to coexist with a BIND DNS server? (Choose all that apply.)

1. Securing the zone transfer process.

2. Securing WINS lookups from the BIND DNS servers.

3. Configuring the BIND servers to use NTLMv2 authentication.

4. Securing the record update process.

8.  

C

9.  

B

10.  

A , D