True/False Indicate whether the
statement is true or false.
|
|
1.
|
To determine which IDS would best meet the needs of a specific
organization’s environment, first consider that environment, in technical, physical, and
political terms.
|
|
2.
|
Intrusion detection systems perform monitoring and analysis of system events and
user behaviors.
|
|
3.
|
A false positive is the failure of an IDS system to react to an actual attack
event.
|
|
4.
|
IDSs are considered to be self-justifying systems.
|
|
5.
|
Nmap uses incrementing Time-To-Live packets to determine the path into a network
as well as the default firewall policy.
|
|
6.
|
The Metasploit Framework is a collection of exploits coupled with an interface
that allows the penetration tester to automate the custom exploitation of vulnerable systems.
|
|
7.
|
When an asymmetric cryptographic process uses the sender’s private key to
encrypt a message, the sender’s public key must be used to decrypt the message.
|
|
8.
|
The most common hybrid system is based on the Diffie-Hellman Key Exchange
method, which is a method for exchanging private keys using public key encryption.
|
|
9.
|
The encapsulating security payload protocol provides confidentiality services
for IP packets across insecure networks.
|
|
10.
|
Popular cryptosystems use a hybrid combination of symmetric and asymmetric
algorithms.
|
|
11.
|
Julius Caesar was associated with an early version of the substitution
cipher.
|
|
12.
|
The AES algorithm was the first public key encryption algorithm.
|
|
13.
|
A name badge is typically worn concealed.
|
|
14.
|
The physical security of computing equipment, data storage media, and classified
documents should be the same for each organization.
|
|
15.
|
There are three methods of data interception: direct observation, interception
of data transmission, and mechanical interception.
|
Multiple Choice Identify the
choice that best completes the statement or answers the question.
|
|
16.
|
A(n) ____ works like a burglar alarm in that it detects a violation of its
configuration (analogous to an opened or broken window) and activates an alarm.
|
|
17.
|
____ is a specially configured connection on a network device that is capable of
viewing all of the traffic that moves through the entire device
|
|
18.
|
Using _____, the system reviews the log files generated by servers, network
devices, and even other IDSs.
a. | LFM | c. | AppIDS | b. | stat IDS | d. | HIDS |
|
|
19.
|
In TCP/IP networking, port ____ is not used.
|
|
20.
|
A(n) ____ is a network tool that collects copies of packets from the network and
analyzes them.
a. | packet scanner | c. | honey pot | b. | packet sniffer | d. | honey packet |
|
|
21.
|
____ is the validation of a supplicant’s identity.
a. | Authentication | c. | Password | b. | Authorization | d. | Passphrase |
|
|
22.
|
Once ____ tokens are synchronized with a server, both devices (server and token)
use the same time or a time-based database to generate a number that is displayed and entered during
the user login phase.
a. | synchronous | c. | symmetric | b. | asynchronous | d. | asymmetric |
|
|
23.
|
Which of the following is the most secure Biometric Authentication
system?
a. | Retina pattern recognition | c. | Handprint
recognition | b. | Fingerprint recognition | d. | Signature recognition |
|
|
24.
|
____ is the information used in conjunction with an algorithm to create the
ciphertext from the plaintext or derive the plaintext from the ciphertext.
a. | Password | c. | Key | b. | Cipher | d. | Passphrase |
|
|
25.
|
Bit stream methods most commonly use functions like the exclusive OR operation
(_____).
|
|
26.
|
DES uses a(n) _____-bit block size.
|
|
27.
|
The CA periodically distributes a(n) ____ to all users that identifies all
revoked certificates.
|
|
28.
|
An X.509 v3 certificate binds a(n) _____, which uniquely identifies a
certificate entity, to a user’s public key.
a. | message digest | c. | distinguished name | b. | fingerprint | d. | digital
signature |
|
|
29.
|
Digital signatures should be created using processes and products that are based
on the ____.
|
|
30.
|
____ attacks are a collection of brute-force methods that attempt to deduce
statistical relationships between the structure of the unknown key and the ciphertext that is the
output of the cryptosystem.
a. | Timing | c. | Correlation | b. | Dictionary | d. | Man-in-the-middle |
|
|
31.
|
Most guards have clear ____ that help them to act decisively in unfamiliar
situations.
|
|
32.
|
____ occurs when an authorized individual presents a key to open a door, and
other individuals, who may or may not be authorized, also enter through.
a. | Sidegating | c. | Freeloading | b. | Tailgating | d. | Hitchhiking |
|
|
33.
|
____ sprinklers are the newest form of sprinkler systems and rely on ultra fine
mists instead of traditional shower-type systems.
a. | Pre-action | c. | Water-free | b. | Water mist | d. | Air-dry |
|
|
34.
|
One of the leading causes of damage to sensitive circuitry is ____.
|
|
35.
|
UPS devices typically run up to ____ VA.
|
Completion Complete each
statement.
|
|
36.
|
A signature-based IDS is sometimes called a(n) ____________________-based
IDS.
|
|
37.
|
A(n) ____________________ is a honey pot that has been protected so that it
cannot be easily compromised.
|
|
38.
|
Under the guise of justice, some less scrupulous administrators may be tempted
to ____________________, or hack into a hacker’s system to find out as much as possible about
the hacker.
|
|
39.
|
A(n) ____________________ scanner is one that initiates traffic on the network
in order to determine security holes.
|
|
40.
|
A packet ____________________ is a network tool that collects copies of packets
from the network and analyzes them.
|
|
41.
|
____________________ or cryptosystem is an encryption method or process
encompassing the algorithm, key(s) or cryptovariable(s), and procedures used to perform encryption
and decryption.
|
|
42.
|
The Secure ____________________ Standard is a standard issued by the National
Institute of Standards and Technology.
|
|
43.
|
The encapsulating security ____________________ protocol provides secrecy for
the contents of network communications as well as system to system authentication and data integrity
verification.
|
|
44.
|
In IPSEC ____________________ mode, only the IP data is encrypted, not the IP
headers.
|
|
45.
|
A secure _________________________ is a physical location that has been
engineered with controls designed to minimize the risk of attacks from physical threats.
|
|
46.
|
_________________________ locks can be integrated into alarm systems and
combined with other building management systems.
|
|
47.
|
A specialized type of keycard reader is the _________________________ reader,
which allows individuals simply to carry their cards within the lock’s range for
recognition.
|
|
48.
|
Building codes require that each floor have a number of
_________________________ or walls that will limit the spread of damage should a fire break out in an
office.
|
|
49.
|
Class _________________________fires are extinguished by agents that interrupt
the ability of the fuel to be ignited.
|
|
50.
|
Halon is one of a few chemicals designated as a(n) _________________________
agent, which means that it does not leave any residue after use, nor does it interfere with the
operation of electrical or electronic equipment.
|