Name:     ID: 
 
Email: 

Chapters 7, 8, & 9

True/False
Indicate whether the statement is true or false.
 

 1. 

To determine which IDS would best meet the needs of a specific organization’s environment, first consider that environment, in technical, physical, and political terms.
 

 2. 

Intrusion detection systems perform monitoring and analysis of system events and user behaviors.
 

 3. 

A false positive is the failure of an IDS system to react to an actual attack event.
 

 4. 

IDSs are considered to be self-justifying systems.
 

 5. 

Nmap uses incrementing Time-To-Live packets to determine the path into a network as well as the default firewall policy.
 

 6. 

The Metasploit Framework is a collection of exploits coupled with an interface that allows the penetration tester to automate the custom exploitation of vulnerable systems.
 

 7. 

When an asymmetric cryptographic process uses the sender’s private key to encrypt a message, the sender’s public key must be used to decrypt the message.
 

 8. 

The most common hybrid system is based on the Diffie-Hellman Key Exchange method, which is a method for exchanging private keys using public key encryption.
 

 9. 

The encapsulating security payload protocol provides confidentiality services for IP packets across insecure networks.
 

 10. 

Popular cryptosystems use a hybrid combination of symmetric and asymmetric algorithms.
 

 11. 

Julius Caesar was associated with an early version of the substitution cipher.
 

 12. 

The AES algorithm was the first public key encryption algorithm.
 

 13. 

A name badge is typically worn concealed.
 

 14. 

The physical security of computing equipment, data storage media, and classified documents should be the same for each organization.
 

 15. 

There are three methods of data interception: direct observation, interception of data transmission, and mechanical interception.
 

Multiple Choice
Identify the choice that best completes the statement or answers the question.
 

 16. 

A(n) ____ works like a burglar alarm in that it detects a violation of its configuration (analogous to an opened or broken window) and activates an alarm.
a.
IDS
c.
ITS
b.
IIS
d.
SIS
 

 17. 

____ is a specially configured connection on a network device that is capable of viewing all of the traffic that moves through the entire device
a.
NIDS
c.
DPS
b.
SPAN
d.
IDSE
 

 18. 

Using _____, the system reviews the log files generated by servers, network devices, and even other IDSs.
a.
LFM
c.
AppIDS
b.
stat IDS
d.
HIDS
 

 19. 

In TCP/IP networking, port ____ is not used.
a.
0
c.
13
b.
1
d.
1023
 

 20. 

A(n) ____ is a network tool that collects copies of packets from the network and analyzes them.
a.
packet scanner
c.
honey pot
b.
packet sniffer
d.
honey packet
 

 21. 

____ is the validation of a supplicant’s identity.
a.
Authentication
c.
Password
b.
Authorization
d.
Passphrase
 

 22. 

Once ____ tokens are synchronized with a server, both devices (server and token) use the same time or a time-based database to generate a number that is displayed and entered during the user login phase.
a.
synchronous
c.
symmetric
b.
asynchronous
d.
asymmetric
 

 23. 

Which of the following is the most secure Biometric Authentication system?
a.
Retina pattern recognition
c.
Handprint recognition
b.
Fingerprint recognition
d.
Signature recognition
 

 24. 

____ is the information used in conjunction with an algorithm to create the ciphertext from the plaintext or derive the plaintext from the ciphertext.
a.
Password
c.
Key
b.
Cipher
d.
Passphrase
 

 25. 

Bit stream methods most commonly use functions like the exclusive OR operation (_____).
a.
XOR
c.
NOR
b.
EOR
d.
OR
 

 26. 

DES uses a(n) _____-bit block size.
a.
32
c.
128
b.
64
d.
256
 

 27. 

The CA periodically distributes a(n) ____ to all users that identifies all revoked certificates.
a.
CRL
c.
MAC
b.
RA
d.
AES
 

 28. 

An X.509 v3 certificate binds a(n) _____, which uniquely identifies a certificate entity, to a user’s public key.
a.
message digest
c.
distinguished name
b.
fingerprint
d.
digital signature
 

 29. 

Digital signatures should be created using processes and products that are based on the ____.
a.
DSS
c.
SSL
b.
NIST
d.
HTTPS
 

 30. 

____ attacks are a collection of brute-force methods that attempt to deduce statistical relationships between the structure of the unknown key and the ciphertext that is the output of the cryptosystem.
a.
Timing
c.
Correlation
b.
Dictionary
d.
Man-in-the-middle
 

 31. 

Most guards have clear ____ that help them to act decisively in unfamiliar situations.
a.
MACs
c.
POSs
b.
SOPs
d.
OPSs
 

 32. 

____ occurs when an authorized individual presents a key to open a door, and other individuals, who may or may not be authorized, also enter through.
a.
Sidegating
c.
Freeloading
b.
Tailgating
d.
Hitchhiking
 

 33. 

____ sprinklers are the newest form of sprinkler systems and rely on ultra fine mists instead of traditional shower-type systems.
a.
Pre-action
c.
Water-free
b.
Water mist
d.
Air-dry
 

 34. 

One of the leading causes of damage to sensitive circuitry is ____.
a.
CPU
c.
ESD
b.
EPA
d.
HVAC
 

 35. 

UPS devices typically run up to ____ VA.
a.
100
c.
500
b.
250
d.
1,000
 

Completion
Complete each statement.
 

 36. 

A signature-based IDS is sometimes called a(n) ____________________-based IDS.
 

 

 37. 

A(n) ____________________ is a honey pot that has been protected so that it cannot be easily compromised.
 

 

 38. 

Under the guise of justice, some less scrupulous administrators may be tempted to ____________________, or hack into a hacker’s system to find out as much as possible about the hacker.
 

 

 39. 

A(n) ____________________ scanner is one that initiates traffic on the network in order to determine security holes.
 

 

 40. 

A packet ____________________ is a network tool that collects copies of packets from the network and analyzes them.
 

 

 41. 

____________________ or cryptosystem is an encryption method or process encompassing the algorithm, key(s) or cryptovariable(s), and procedures used to perform encryption and decryption.
 

 

 42. 

The Secure ____________________ Standard is a standard issued by the National Institute of Standards and Technology.
 

 

 43. 

The encapsulating security ____________________ protocol provides secrecy for the contents of network communications as well as system to system authentication and data integrity verification.
 

 

 44. 

In IPSEC ____________________ mode, only the IP data is encrypted, not the IP headers.
 

 

 45. 

A secure _________________________ is a physical location that has been engineered with controls designed to minimize the risk of attacks from physical threats.
 

 

 46. 

_________________________ locks can be integrated into alarm systems and combined with other building management systems.
 

 

 47. 

A specialized type of keycard reader is the _________________________ reader, which allows individuals simply to carry their cards within the lock’s range for recognition.
 

 

 48. 

Building codes require that each floor have a number of _________________________ or walls that will limit the spread of damage should a fire break out in an office.
 

 

 49. 

Class _________________________fires are extinguished by agents that interrupt the ability of the fuel to be ignited.
 

 

 50. 

Halon is one of a few chemicals designated as a(n) _________________________ agent, which means that it does not leave any residue after use, nor does it interfere with the operation of electrical or electronic equipment.
 

 



 
         Start Over