|
|
1. | Which of the following is primarily concerned with the theft of a server?
|
|
2. | Which access method is primarily based on preestablished access?
|
|
3. | Your office administrator is being trained to perform server backups. Which authentication method would be ideal for this situation?
|
|
4. | Which of the authentication method uses a KDC to accomplish authentication?
|
|
5. | Which authentication method sends a challenge back to the client that is encrypted and sent back to the server?
|
|
6. | Which authentication uses more than one authentication process for logon?
|
|
7. | Which of the following services or protocols should be avoided in a network if possible?
|
|
8. | Which of the following is not an example of a security zone?
|
|
9. | Which of the following protocols allows an organization to present a single TCP/IP Address to the Internet?
|
|
10. | A popular method for breaking a network into smaller private networks is called?
|
|
11. | Which of the following services would most likely utilize a retinal scan?
|
|
12. | Which technology relies on a physical attribute of the user for authentication?
|
|
13. | The technology that allows a connection to be made between two networks using a secure protocol is called what?
|
|
14. | The process of determining the value of information or equipment in an organization is referred to as what?
|
|
15. | You have been asked to present the types of threats your organization could face from hackers. Which of the following would best categorize this information?
|
|
16. | What is the process of determining who owns a particular database file called?
|
|
17. | Your user just complained to you that his system has been infected with a new virus. Which of the following would be a first step in correcting this problem?
|
|
18. | Which of the following would be useful in determining what was accessed during an external attack?
|
|
19. | You want to install a server in the network area that provides web services to Internet clients. You do not want to expose your internal network to additional risks. Which method would accomplish this?
|
|
20. | Which authentication method provides credentials that are only valid during a single session?
|
|
Answers
1. | A. Physical security is primarily concerned with the loss or theft of physical assets. This would include theft, fire, and other acts that physically deny a service or information to the organization. |
2. | A. Mandatory Access Control (MAC) is oriented toward preestablished access. This access is typically established by the network administrators and cannot be changed by users. |
3. | C. Role Based Access Control allows specific people to be assigned to specific roles with specific privileges. A backup operator would need administrative privileges to back up a server. This privilege would be limited to the role and would not be present during the employees normal job functions. |
4. | B. Kerberos uses a Key Distribution Center to authenticate a principle. The KDC provides a credential that can be used by all Kerberos enabled servers and applications. |
5. | D. Challenge Handshake Authentication Protocol (CHAP) sends a challenge back to the originating client. This challenge is sent back to the server and encryption results are compared. If the challenge is successful the client is logged on. |
6. | A. A multi-factor authentication process uses two or more processes for logon. A two-factor method might use smart cards and biometrics for logon. |
7. | B. Telnet should not be used if possible. Telnet sends user ID and password information to the Telnet server unencrypted. This creates a potential security problem in an Internet environment. |
8. | D. Network Address Translation is a method of hiding TCP/IP addresses from other networks. Internets, Intranets, and Extranets are the three most common security zones in use. |
9. | A. Network Address Translation allows an organization to present a single address to the Internet. Typically, this is accomplished by the router or NAT server. The router or NAT server maps all inbound and outbound requests and maintains a table for returned messages. |
10. | A. Virtual Local Area Networks break a large network into smaller networks. These networks can coexist on the same wiring and be unaware of each other. A router or other routing type device would be needed to connect these VLANs together. |
11. | B. Authentication is a service that requests the principal user provide proof of their identity. A retinal scan is a very secure form of evidence used in high-security companies and government agencies. |
12. | B. Biometric technologies rely on a physical characteristic of the user to verify identity. Biometric devices typically use either a hand pattern or a retinal scan to accomplish this. |
13. | A. Tunneling allows a network to make a secure connection to another network through the Internet or other network. Tunnels are usually secure and present themselves as extensions of both networks. |
14. | A. Asset Identification is the process of identifying the types and values of assets in an organization. |
15. | C. A threat assessment would examine the potential for internal and external threats to your systems and information. |
16. | D. Accountability identifies who owns or is responsible for the accuracy of certain information in an organization. The department or individual that is accountable for certain information would also be responsible for verifying accuracy in the event of a data tampering incident. |
17. | A. Your first step would be to verify that his antivirus software is the most current version. This would include checking his virus definition files. |
18. | A. System logs will frequently tell you what was accessed and in what manner. These logs can usually be very explicit in describing the events that occurred in a security violation. |
19. | B. A DMZ is an area in a network that allows access to outside users while not exposing your internal users to additional threats. |
20. | A. Tokens are created when a user or system successfully authenticates. The token is destroyed when the session is over. |
|
|