Question 1 | Which of the following are applicable reasons why you should create a security policy? -
A. To establish what security equipment is needed -
B. To establish preferred security vendors -
C. To outline security procedures in case a security breach occurs -
D. To establish an acceptable use policy -
E. To identify acceptable behaviors |
A1: | Answers: C, E. Additional reasons to create a security policy are to determine necessary tools and procedures, to define roles and communicate consensus, to structure security implementations , and to assess the present network security posture . |
Question 2 | What are some of the significant components of a security policy? |
A2: | Answers: B, C, D, E. A good security policy should contain these components. |
Question 3 | Eavesdropping can be a threat to network security. Which activities could be considered eavesdropping? |
A3: | Answers: D, E. Encryption provides protection against eavesdropping. In some cases, the attacker changes routing tables on all the routers between the source and destination. |
Question 4 | An IP spoofing attack is when an attacker changes the contents of packets. What field or field is changed in an IP spoofing attack? -
A. Destination MAC address -
B. Source IP address -
C. Source MAC address -
D. Destination IP address -
E. TCP or UDP header flags |
A4: | Answer: B. IP spoofing is an attack that changes the source IP address of a packet. |
Question 5 | An attack is directed against a bug that is unknowingly contained within an application. How should you classify this attack? -
A. DoS attack -
B. Protocol weakness -
C. Application weakness -
D. Vulnerability -
E. Technology weakness |
A5: | Answer: D. An exploit is an attack used to take advantage of a vulnerability. |
Question 6 | Joe works for BlueWidgets.com and decides to download a port scanner to determine what it can do. He directs it against his employer's network. What type of threat is Joe? -
A. Common threat -
B. External threat -
C. Internal threat -
D. Structured threat -
E. Unstructured threat |
A6: | Answers: C, E. Joe does not know what a port scanner is and is therefore an unstructured threat. Additionally, because Joe is using the tool against his employer's network, Joe is an internal threat. Because Joe is using the tool from the corporate intranet, the attack is internal. |
Question 7 | What type of attack is the most difficult to eliminate? -
A. DoS -
B. Access -
C. Application -
D. Trust exploitation -
E. IP spoofing |
A7: | Answer: A. A DoS attack is the most difficult to completely eliminate because it relies upon the structure of protocols and because of the variety of DoS attacks that are available. |