Download IT6310-Network Security Exam and more Exams Network security in PDF only on Docsity!
IT6310-Network Security ACE It is considered as a crucial part of information systems a.)Network b.)Security c.)Data d.)Information
1. It has a vital role in an information system because it is the one that allows a company to
link their computers and its users. a.)Switch b.)Internet c.)Router d.)Network
2. It is the tangible parts of a computer system.
a.)Hardware b.)Software c.)Peopleware
3. An information that is only accessed by an authorized person.
Confidentiality
4. It is a model designed to guide policies for information security within an organization.
a.)CIA Triad Information Security b.)Core Security Concepts c.)Security Trinity d.)AAA of Information
5. It is the network security solution by an institute to ____ any malicious activity in a
network. Detect
6. System that plays a vital part in Network security since it is the information that an
organization is trying to protect and avoid from any unauthorized access Information System
7. Areas of Security Trinity where they need to have a good security measures to avoid
hackers from getting access to the network. a.)Detection b.)Prevention c.)Response
8. It is the process of taking preventative measures to keep the network infrastructure from
any unauthorized access, misuse of important information Network Security
9. Any form of security incident that is not properly handled can and eventually wont turn
into a bigger problem that will lead to a damaging data breach and wont cause large amount of expense or it will collapse the whole system True False
10.System that are intended to manage the computer itself such as the operating system.
a.)Application Software b.)System Software c.)Application d.)Software
11.Internet is an example of a network.
True False
12.Which of these are not part of the reason why we need to secure our network?
a.)To gain a competitive advantage b.)To keep your job c.)To exploit vulnerabilities in the system d.)To secure company asset
13.How many key phases are there in an incident response plan?
Six (6)
14.Big corporations are not at risks to any form of security breach.
True False
15.It ensures that the information in an information system is accurate
a.)Availability b.)Accountability C.)Integrity
16.It determines whether you are allowed to access a specific information or file.
Authorization
17.It will help the company to provide a better strategy in keeping a data secured while
avoiding intruders to alter or steal important and confidential information. a.)Network Security b.)Security Trinity c.)Network Administrator d.)CIA Triad of Information
18.It is a structured procedure for taking care of any security incidents, breaches, and
network threats. a.)Response b.)Detection c.)Planning d.)Preventive
Flag question Question text It is anything that can disrupt the operation, functioning, integrity, or availability of a network or system Answer:
Question 4
Correct Mark 1.00 out of 1. Flag question Question text It may contain phishing scams and malware. Answer:
Question 5
Incorrect Mark 0.00 out of 1. Flag question Question text Worms can be classified as a type of computer virus that needs a third party or a user to replicate and spread through the system. Select one: True False
Question 6
Correct Mark 1.00 out of 1. Threat Spam
Flag question Question text This layer involves devices such as router, UTP Cables and other networking devices to transfer data. Select one: a. Physical Layer b. Transport Layer c. Data Link Layer d. Session Layer Feedback Your answer is correct.
Question 7
Correct Mark 1.00 out of 1. Flag question Question text What are the signs and symptoms that your device/s are getting infected by any malware. (Choose all that applies) Select one or more: a. Increased CPU usage b. Slower computer performance c. Appearance of strange desktop icons d. Software freezes or crashes
Flag question Question text Type of malware that may contain an attachment to an email that loads malware onto your computer system. Answer:
Question 11
Correct Mark 1.00 out of 1. Flag question Question text These layers work together to transmit the data from one person to another world wide. Select one: a. OS1 Layer b. ISO Layer c. OSI Layer d. 0SI Layer Feedback Your answer is correct.
Question 12
Incorrect Mark 0.00 out of 1. Flag question Question text phishing
Brute force attack are often successful because most of the users uses different ordinary words as their passwords. Select one: True False
Question 13
Correct Mark 1.00 out of 1. Flag question Question text These are what make networks prone to information loss and downtime Answer:
Question 14
Correct Mark 1.00 out of 1. Flag question Question text It provides data routing paths where data will take for network communication. Select one: a. Data Link Layer b. Network Layer c. Session Layer d. Physical Layer Feedback Your answer is correct.
Question 15
Vulnerabilities
a. Virus b. Trojan Horse c. Worms d. Adware Feedback Your answer is correct.
Question 18
Correct Mark 1.00 out of 1. Flag question Question text It has been developed by ISO in the year 1984. Select one: a. OSI Reference Model b. OS1 Reference Model c. 0SI Reference Model d. ISO Reference Model Feedback Your answer is correct.
Question 19
Correct Mark 1.00 out of 1. Flag question
Question text A type of malware that automatically sends advertisements to the users. Select one: a. Adware b. Spyware c. Ransomware d. Advertising-supported software Feedback Your answer is correct.
Question 20
Correct Mark 1.00 out of 1. Flag question Question text It is a set of standards that are widely used as a basis for communication. Answer: Protocol MidtermQ
- Which of the following are the commands for the disabling a port in a Network Switch. Choose any that Apply SWITCH>enable SWITCH#config t SWITCH(config)#interface range f0/4- SWITCH(config-if-range)#shutdown SWITCH1>enable Protocol
Answer Services Running
- Is a service responsible for sending messages to other computers or users. a. Messenger service b. Print Spooler service c. Workstation service d. Server service
- It is a software service that manages the process of printing in the Windows environment. a. Messenger service b. Print Spooler service c. Workstation service d. Server service
- File System that has a features like permissions, encryption, quotas, and auditing services. Answer New Technologies File System (NTFS)
- Without this service on your environment, you won’t be able to share any of your resources. a. Messenger service b. Print Spooler service c. Workstation service d. Server service
- NTFS and FAT/FAT32 is an example of? Answer File System
- This service is the one responsible for handling connections to a remote network resources. a. Messenger service b. Print Spooler service c. Workstation service d. Server service 12, It is a standard configuration that is approved by anycompany for a specific type of system or device for being secure.
a. Security baseline b. File System c. Configuration Baseline d. Security
- It is a core feature of Windows that allow the network administrator to enable and disable different features in Windows. Answer Group Policies
- Which of the following are not part of the steps in order to harden your system. Choose only one. a. Disable Unnecessary Services b. Uninstall Necessary Software c. Patch System d. Disable or Remove Unnecessary Accounts Mdterm Q
- Always disable unnecessary features of the web server that are not going to be used True False
- Developers should always implement validation at both the client and the server to obtain high level of security. True False
- SMTP and FTP are used to transfer information over a computer network True False
- It is a special system used in industrial environments and settings to monitor a.Mainframe b.Embedded c.Android
12.To avoid and prevent this type of attack, users should always choose the “Remember Me” True False
- It is a restricted area with a resource that these Java applications can access. a. Java b. Sandbox c. ActiveX controls d. Scripting
- It is an advanced method of handling an error. Answer Exception Handling
- It is the idea of developing a database system to store and retrieve large volumes of data Answer File System
- It is the idea of developing a database system to store and retrieve large volumes of data Answer NoSQL Server Networking devices that sends the packets to every one of its ports to ensure that it will reach its intended destination. Hub It is an advanced method of error handling Exception Handling Software vendors used to find out about the vulnerabilities of their system after receiving some reports from their users. True Software that makes each network devices works and do its job is called? Firmware
Prelim Exam
- Type of software that is often called as end user programs Application Software
- Based with SANS technology institute, it is the process of making preventative measures to keep the underlying networking infrastructure from any unauthorized access. Network Security
- An attack allows any unauthorized users a way or passage to get inside a restricted area. Passive Attacks
- Information policy where the data should be access by an authorized person/s only. Authentication
- It is an end to-end layer used to deliver messages to a host Transport Layer
- Combination of brute force and dictionary attack. Hybrid Attack
- Any form of security incident that is properly handled can and eventually will turn into a bigger problem. False
- Adware is a type of malware that restricts user access to the computer either by encrypting files on the hard drive or locking down the system. False
- It’s anything that can interrupt the operation, functioning, integrity, or availability of a network or system. Threat
- It is the connection of two or more computer that share its resources. Networks
- Is the process of using social skills to encourage people to disclose their credentials. Social Engineering
- Which of the following is not a way on improving basic security.(Choose all that applies)
Brute-Force-attack
- It is a type of an injection attack that makes it possible to insert and execute malicious SQL statements. SQL Injection
- In implementing network security, company should invest more in preventing or avoiding any security breach over detecting and responding to any form of attack. True
- It is the one managing the computer hardware resources in addition to applications and data. System Software
- Data link layer enables data transfer between two devices on the same network True
- Which of these are not part of security model that is very popular to information security. Assurance
- It any program that is harmful to a computer user. Malware
- An attack where the hacker mimics another employee in the company Impersonation
- It is the foundation for all security policies. Prevention
- It is a combined set of components for collecting, storing and processing data and for providing information, facts and knowledge. Information System
- Type of software that is often called as end-user programs. Application Software
- Based with SANS technology institute, it is the process of making preventative measure to keep the underlying networking infrastructure from any unauthorized access. Network Security
- It serves as a proof and verifies that you are the person you say you are or what you claim to be.
Authentication
- This attack tries to defeat an authentication mechanism by systematically entering each word in a dictionary as password. Dictionary Attack
- Which of these are not part of the reason why network security is important (Choose all that applies) To expose company assets To take advantage of competitors confidential information
- A set of instructions and execute a specific task/s Software
- It is designed to appear as a legit program to gain access to a network. Trojan Horse
- Attack that send an email that contains attachment that loads malware onto your computer. Phishing
- Worm has the ability to replicate itself without a host program and spread independently while viruses rely on human activity to spread and damage a system or life. False When using RADIUS, what tells the AAA server which type of action is being authenticated? The Service-Type fields. Why is RADIUS or TACACS+ needed? Why can’t the end user authenticate directly to the authentication server? Both RADIUS and TACACS+ extend the Layer 2 authentication protocols, allowing the end user to communicate with an authentication server that is not Layer-2 adjacent Which of the following best describes the difference between authentication and authorization? Authentication validates the user’s identity, whereas authorization determines what that user is permitted to do. True or False? A Tunneled EAP type is able to use native EAP types as its inner method. TRUE
