Related Essays

  • Health Information Security Analysis

    A firewall, the authors stated, operates in one of two ways. Either it examines all messages entering and leaving a system and blocks those that do not me...

  • Costco Firewalls: A Case Study

    Firewalls can be deployed on a machine, router, or LAN switch for service, direction, user, and behavior control. The firewall categories are: packet filteri...

  • Information Security Analysis Paper

    Although these networks provide convenience for companies and their customers a constant concern which remains will be how to protect the information. Due t...

  • Information Security Research Paper

    A well-planned and assembled platform can be the key to current success and future growth. The network is a careful balance of digital needs and innovative t...

  • Hacking: The Cost Of Crime In The 21st Century

    Since the creation of the internet in the late 1960’s, it has expanded even more than it creators could have thought. What was once just used by the governme...

  • Nt1310 Unit 6 Internal Security

    Hacker Access: The team focused on patch management, firewall strictness, DNS redundancy, IDPS, authentication, and role-based access control to reduce ...

  • Cyber Attacks Research Paper

    Chapter One Introduction As the information era takes a new shape with introduction of network and digital platforms of communication and mode of doing thin...

  • What Is Cyber Security?

    Running head: Technology and Cyber-security Technology and Cyber-security 7 Technology and Cyber-security Name: Institution: Course: Tutor: Date...

  • Nt1310 Final Project

    Introduction…………………………………………………………………………….. 3 2. Virtual Private Network (VPN)……………………………………………………….... 3 3. Classification…………………………………………………………………………....

  • 4G Case Study

    Computer world. [6]. Abante, Carl, "Relationship between Firewalls and Protection against DDoS". Ecommerce Wisdom. [7].

  • Shuffle
    Toggle On
    Toggle Off
  • Alphabetize
    Toggle On
    Toggle Off
  • Front First
    Toggle On
    Toggle Off
  • Both Sides
    Toggle On
    Toggle Off
  • Read
    Toggle On
    Toggle Off
Reading...
Front

Card Range To Study

through

image

Play button

image

Play button

image

Progress

1/50

Click to flip

Use LEFT and RIGHT arrow keys to navigate between flashcards;

Use UP and DOWN arrow keys to flip the card;

H to show hint;

A reads text to speech;

50 Cards in this Set

  • Front
  • Back
1. What can you detect by analyzing a data packet?
1. Policy violations and network vulnerabilities
N/A
2. Which of the following is true about Net Witness investigator?
2. Analyzes static and real-time data.
N/A
3. What is used by TCP to establish a session between two systems?
3. Three-way Handshake
Ch. 2, 69
Ch 4, 121
4. Which of the following protocols is a connection-oriented protocol that operates at the transport layer of the OSI model and supports reliable connections?
4. TCP
Ch. 2, 65,69
5. Promiscuous mode is most commonly associated with which of the following?
5. A network interface.

N/A
6. Which of the following is NOT a primary objective of information security?
6. Privacy
Ch. 1, 6
7. Personnel should be authenticated and authorized prior to being granted access to company’s information resources. This statement is an example of which of the following?
7. Policy
Ch 1, 9
8. Which security group is responsible for managing network vulnerabilities and threats?
8. IT security staff
Ch. 1,12
9. Which network component filters traffic between nodes?
9. Firewall
Ch2, 44
10. Which is the most important consideration when designing a network?
10. Ability to meet business needs.
Ch1, 10
11. What is usually the first activity in the hacking process?
11. Reconnaissance
Ch4,119
12. Which of the following might a hacker offer as a service?
12. DoS attack, spam distribution and password cracking.
Ch4, 113
13. Which of the following IT domains is most vulnerable to social engineering?
13. User
Ch4, 115
14. What type of attack can result in arbitrary code execution with system-level privileges?
14. Buffer Overflow
Ch4, 134
15. Name three (3) social engineering techniques?
15. Impersonation, Reciprocity and Phishing. (All of these).
Ch4, 129, 144, 145
16. Which domain marks the boundary where the private network meets the public network?
16. LAN-to-WAN
Ch5, 152
17. A port scanner is a type of vulnerability assessment scanner. True or False?
17. False.
N/A
18. Which of the following is NOT covered by a data loss, data leak prevention tool?
18. Paper documents
Ch1, 22
Ch15
19. Which of the following is not a purpose of network analysis?
19. Detect security policy violations.
Ch1
20. Where do you capture network data to analyze inbound/outbound network traffic?
20. Inside the perimeter firewall.
Ch1
21. What can you accomplish by filtering network packets?
21. Prevent malware infections.
Ch2, 69
22. Which of the following characteristics does NOT apply to stateful firewalls?
22. Analyze both static and real-time data
Ch2, 69,70,73
23. What does an application-level proxy do?
23. Examines packet payloads.
Ch2, 70, 71
24. Which of the following is a problem for static filtering?
24. Random source ports.
Ch2, 69
25. What type of firewall keeps track of state tables to sieve network traffic?
25. Stateful packet inspection
Ch2, 60, 69
26. Where should firewall rules that explicitly deny traffic be placed?
26. At the top of the rules list
Ch7, 213
27. What is the most important practice associated with firewall logging?
27. Review the log files frequently.
Ch7 227, 228
28. Which firewall limitation is typically characterized by a memory-based exploit?
28. Buffer Overrun (Overflow)
Ch7, 234
29. Firewall enhancements are desirable in all situations and should be deployed at any cost. True or False?
29. False
Ch7, 239, 240
30. Which of the following characteristics is included in a reverse proxy?
30. Caching and authentication
Ch4, 141
Ch8, 261, 262
31. What is benefit of using VPNs?
31. Establish remote network access
Ch3, 85
32. Which aspect of the VPN prevents others from eavesdropping and observation?
32. Cryptographic functions
Ch3, 81
33. What is an advantage of VPN tunnel mode?
33. Encapsulates protocol headers and packet payloads
Ch3, 94
34. Which of the following characteristics of software VPN makes it less advantageous than hardware VPN?
34. Open source clients can be complex to install
Ch12, 2-4
35. To develop an AUP, you need to _____.
35. Establish baseline rules.
Ch5, 151
Ch6, 198
36. Uninstalling all unnecessary applications and services on a system is an example of which of the following?
36. System hardening.
Ch5, 166
37. 192.168312.12/222.255.255.255. Is an example of which of the following?
37. Private IP address.
Ch5, 152
38. Encryption is primarily concerned with which of the following primary objectives(s)?
38. Integrity and confidentiality
Ch1, 21
Ch5, 171,172
39. Logging what time a user accessed a particular resource is an example of which of the following?
39. Accounting
Ch5 171
40. Using a fingerprint to unlock a workstation is an example of which of the following?
40. Something you are
Ch6, 169, 170
41. What is the primary purpose of log monitoring?
41. Detect injection attacks.
Ch6, 229-230
Ch9
42. Building your own firewall can result in which of the following?
42. Complex setup, cost savings and customized features
Ch9
43. When planning a firewall implementation, which of the following is the key consideration?
43. Availability, Address space and Skill set of support personnel (all of these).
Ch2
Ch5
44. When dealing with a firewall emergency, what should you NOT do?
44. Document your network.
Ch9
45. Which of the following is true for a VPN?
45. Has software installed on the host and gateway
Ch14
46. Which of the following must an administrator organize to ensure follow-through of a new security plan?
46. End-user training and awareness
Ch6, 196, 198
47. Which of the following steps is included in a security assessment?
47. Perform a risk assessment, Perform penetration testing and Perform vulnerability scanning (All of these).
Ch6, 205
48. Which of the following is a valid network monitoring tool?
48. Smoke-Ping
N/A
49. Which of the following does NOT represent a valid incident response strategy phase?
49. Collection
Ch6, 191
50. Which of the following is NOT a security management best practice?
50. Assign maximum required permissions
Ch6, 182-189