IT 3530 Test 2 | Questions with complete solutions

IT 3530 Test 2 | Questions with complete solutions Which data source comes first in the order of volatility when conducting a forensic investigation? a)Random access memory (RAM) b)Files on disk c)Swap and paging files d)Logs During which step of the incident-handling process should a lessons-learned review of the incident be conducted? a)Response b)Notification c)Documentation d)Recovery and follow-up During which step of the incident-handling process does triage take place? a)Notification b)Response c)Recovery and follow-up d)Identification Joe is responsible for the security of the systems that control and monitor devices for a power plant. What type of system does Joe likely administer? a)Mobile fleet b)Mainframe c)Embedded robotic systems d)Supervisory Control and Data Acquisition (SCADA) Business continuity management includes business continuity planning, disaster recovery planning, crisis management, incident response management, and risk management. True False What is the purpose of a disaster recovery plan (DRP)? a)To set the value of each business process or resource as it relates to how the entire organization operates b)To set the order or priority for restoring an organization's functions after a disruption c)To identify the critical needs to develop a business recovery plan d)To enable an organization to make critical decisions ahead of time so personnel can manage and review decisions without the urgency of an actual disaster Which method of fault tolerance connects two or more computers to act like a single computer in a highly coordinated manner? a)Load balancing b)Redundant Array of Inexpensive Disks (RAID) c)Outsourcing to the cloud d)Clustering Which of the following is not true of data backup options? a)An incremental backup starts with a full backup; successive backups back up only that day's changes. b)Backup; successive backups back up changes made since the last full backup. c)It is faster to create differential weekday backups than incremental backups. d)A full backup copies everything to backup media. Susan performs a full backup of her server every Sunday at 1:00 a.m. and differential backups on Mondays through Fridays at 1:00 a.m. Her server fails at 9:00 a.m. on Wednesday. How many backups does Susan need to restore? a)4 b)1 c)2 d)3 A business impact analysis (BIA) details the steps to recover from a disruption and restore the infrastructure necessary for normal business operations. True False Which approach to cryptography uses highly parallel algorithms that could solve problems in a fraction of the time needed by conventional computers? Quantum cryptography Asymmetric cryptography Elliptic curve cryptography Classic cryptography When Alice receives a message from Bob, she wants to be able to demonstrate to Miriam that the message actually came from Bob. What goal of cryptography is Alice attempting to achieve? Confidentiality Integrity Authentication Nonrepudiation Bob received a message from Alice that contains a digital signature. What cryptographic key does Bob use to verify the digital signature? Alice's private key Alice's public key Bob's public key Bob's private key True or False? An algorithm is a repeatable process that produces the same result when it receives the same input. True Alice and Bob would like to communicate with each other using a session key, but they do not already have a shared secret key. Which algorithm can they use to exchange a secret key? Blowfish Message digest algorithm (MD5) Rivest-Shamir-Adelman (RSA) Diffie-Hellman What is the only unbreakable cipher when it is used properly? Vernam Blowfish Elliptic Curve Diffie-Hellman Ephemeral (ECDHE) Rivest-Shamir-Adelman (RSA) True or False? You must always use the same algorithm to encrypt information and decrypt the same information. False Alice would like to send a message to Bob using a digital signature. What cryptographic key does Alice use to create the digital signature? Bob's private key Alice's private key Bob's public key Alice's public key Bob is sending a message to Alice. He wants to ensure that nobody tampers with the message while it is in transit. What goal of cryptography is Bob attempting to achieve? Nonrepudiation Authentication Confidentiality Integrity What is not a symmetric encryption algorithm? Data Encryption Standard (DES) Diffie-Hellman International Data Encryption Algorithm (IDEA) Carlisle Adams Stafford Tavares (CAST) Maria is a freelance network consultant. She is setting up security for a small business client's wireless network. She is configuring a feature in the wireless access point (WAP) that will allow only computers with certain wireless network cards to connect to the network. This feature filters out the network cards of any wireless computer not on the list. What is this called? Subnetting Service set identifier (SSID) broadcasting Media Access Control (MAC) address filtering Uniform Resource Locator (URL) filtering Wen is a network engineer. He would like to isolate several systems belonging to the product development group from other systems on the network, without adding new hardware. What technology is best to use? Transport Layer Security (TLS) Virtual LAN (VLAN) Network access control (NAC) Virtual private network (VPN) Arturo would like to connect a fibre channel storage device to systems over a standard data network. What protocol should he use? Fibre Channel (FC) Fibre Channel over Ethernet (FCoE) Secure Shell (SSH) Internet Small Computer System Interface (iSCSI) What type of firewall security feature limits the volume of traffic from individual hosts? Loop protection Network segmentation Flood guard Stateful inspection What is the maximum value for any octet in an Internet Protocol version 4 (IPv4) address? What firewall approach is shown in the figure, assuming the firewall has three network cards? Unified threat management Border firewall Screened subnet Bastion host Because network computers or devices may host several services, programs need a way to tell one service from another. To differentiate services running on a device, networking protocols use a(n) ________, which is a short number that tells a receiving device where to send messages it receives. ping network port Media Access Control (MAC) address Internet Protocol (IP) address Hakim is a network engineer. He is configuring a virtual private network (VPN) technology that is available only for computers running the Windows operating system. Which technology is it? Point-to-Point Tunneling Protocol (PPTP) Secure Socket Tunneling Protocol (SSTP) Internet Protocol Security (IPSec) OpenVPN Miriam is a network administrator. She would like to use a wireless authentication technology similar to that found in hotels where users are redirected to a webpage when they connect to the network. What technology should she deploy? Protected Extensible Authentication Protocol (PEAP) Remote Authentication Dial-In User Service (RADIUS) Lightweight Extensible Authentication Protocol (LEAP) Captive portal Bob has a high-volume virtual private network (VPN). He would like to use a device that would best handle the required processing power. What type of device should he use? VPN concentrator Unified threat management (UTM) Router Firewall A ________ is used to identify the part of an Ethernet network where all hosts share the same host address. router subnet mask access point switch What protocol is responsible for assigning Internet Protocol (IP) addresses to hosts on many networks? Dynamic Host Configuration Protocol (DHCP) Transport Layer Security (TLS) IP Simple Mail Transfer Protocol (SMTP) Susan is troubleshooting a problem with a computer's network cabling. At which layer of the Open Systems Interconnection (OSI) Reference Model is she working? Application Physical Session Presentation What network port number is used for unencrypted web-based communication by default? On early Ethernet networks, all computers were connected to a single wire, forcing them to take turns on a local area network (LAN). Today, this situation is alleviated on larger networks because each computer has a dedicated wire connected to a ___________ that controls a portion of the LAN firewall server router switch There are a large number of protocols and programs that use port numbers to make computer connections. Of the following, which ones do not use port numbers? Secure Sockets Layer (SSL) or Transport Layer Security (TLS) Hypertext Transfer Protocol (HTTP) or Hypertext Transfer Protocol Secure (HTTPS) File Transfer Protocol (FTP) data transfer or FTP control Simple Mail Transfer Protocol (SMTP) or Post Office Protocol v3 (POP3) Carl recently joined a new organization. He noticed that the firewall technology used by the firm opens separate connections between the devices on both sides of the firewall. What type of technology is being used? Application proxying Network address translation Stateful inspection Packet filtering Carrie is a network technician developing the Internet Protocol (IP) addressing roadmap for her company. While IP version 4 (IPv4) has been the standard for decades, IP version 6 (IPv6) can provide a much greater number of unique IP addresses. Which addressing system should she designate for primary use on her roadmap and why? IPv6 is rapidly replacing IPv4 worldwide. She should make IPv6 the primary addressing scheme in her roadmap. IPv6 is only slowly being adopted. She should make IPv4 the primary addressing scheme in her roadmap until IPv6 is more widely adopted. There will be adequate IPv4 addresses available well into the future. She should make IPv4 the primary addressing scheme. Few commercial businesses still use IPv4. She should feature IPv6 strongly in her roadmap rather than have her company fall behind technologically. Hajar is investigating a denial of service attack against her network. She notices that the Internet Control Message Protocol (ICMP) echo replies coming into her network far exceed the ICMP echo requests leaving her network. What type of attack is likely taking place? Smurf Land Cross-site scripting (XSS) Teardrop Isabella is a network engineer. She would like to strengthen the security of her organization's networks by adding more requirements before allowing a device to connect to a network. She plans to add authentication to the wireless network and posture checking to the wired network. What technology should Isabella use? A demilitarized zone (DMZ) Virtual private network (VPN) Network access control (NAC) Virtual LAN (VLAN) Devaki is investigating an attack. An intruder managed to take over the identity of a user who was legitimately logged in to Devaki's company's website by manipulating Hypertext Transfer Protocol (HTTP) headers. Which type of attack likely took place? Structured Query Language (SQL) injection Session hijacking Extensible Markup Language (XML) injection Cross-site scripting (XSS) What tool might be used by an attacker during the reconnaissance phase of an attack to glean information about domain registrations? Whois Domain Name System (DNS) Ping Simple Network Management Protocol (SNMP) Arturo discovers a virus on his system that resides only in the computer's memory and not in a file. What type of virus has he discovered? Cross-platform virus Slow virus Retro virus Multipartite virus Lin installed a time-management utility that she downloaded from the Internet. Now several applications are not responding to normal commands. What type of malware did she likely encounter? Worm Virus Trojan horse Ransomware What type of system is intentionally exposed to attackers in an attempt to lure them out? Database server Honeypot Bastion host Web server What program, released in 2013, is an example of ransomware? BitLocker CryptoLocker FileVault CryptoVault Wen is a network security professional. He wants to strengthen the security of his agency's network infrastructure defenses. Which control can he use to protect the network? Ensure that all operating systems have been patched with the latest updates from vendors Require scanning of all removable media Disable any unnecessary operating system services and processes that may pose a security vulnerability Use proxy services and bastion hosts to protect critical services Bob is developing a web application that depends on a backend database. What type of attack could a malicious individual use to send commands through his web application to the database? Lightweight Directory Access Protocol (LDAP) injection Extensible Markup Language (XML) injection Cross-site scripting (XSS) Structured Query Language (SQL) injection What is not a typical sign of virus activity on a system? Unexpected power failures Unexpected error messages Unexplained decrease in available disk space Sudden sluggishness of applications Tonya would like to protect her users and the network when users browse to known dangerous sites. She plans to maintain a list of those sites and drop messages from those websites. What type of approach is Tonya advocating? Integrity checking Change detection Whitelisting Blacklisting Alison is a security professional. A user reports that, after opening an email attachment, every document he saves is in a template format and other Microsoft Word documents will not open. After investigating the issue, Alison determines that the user's Microsoft Office template has been damaged, as well as many Word files. What type of virus is the most likely cause? Polymorphic virus Retro virus Macro virus Cross-platform virus Hacking groups create _______ to launch attacks whereby they infect vulnerable machines with agents that perform various functions at the command of the controller. logic bombs botnets ransomware honeypots Larry recently viewed an auction listing on a website. As a result, his computer executed code that popped up a window that asked for his password. What type of attack has Larry likely encountered? Structured Query Language (SQL) injection Command injection Cross-site scripting (XSS) Extensible Markup Language (XML) injection The chief executive officer (CEO) of a company recently fell victim to an attack. The attackers sent the CEO an email that appeared to come from the company's attorney. The email informed the CEO that his company was being sued and he needed to view a subpoena at a court website. When visiting the website, malicious code was downloaded onto the CEO's computer. What type of attack took place? Ransomware Pharming Command injection Spear phishing What type of attack occurs in real time and is often conducted against a specific target? Structured Indirect Unstructured Direct Which type of virus targets computer hardware and software startup functions? Data infector Hardware infector File infector System infector What file type is least likely to be impacted by a file infector virus? .dll .com .docx .exe Yolanda would like to prevent attackers from using her network as a relay point for a smurf attack. What protocol should she filter? Transmission Control Protocol (TCP) User Datagram Protocol (UDP) Internet Control Message Protocol (ICMP) Hypertext Transfer Protocol (HTTP) Karen is a hacker. She wants to access a server and control it remotely. The tool she plans to use is a type of Trojan. What tool will Karen use for this purpose? Ping Simple Network Management Protocol (SNMP) agent Remote Access Tool (RAT) Network mapper (Nmap) Which of the following is a type of denial of service (DoS) attack? Structured Query Language (SQL) injection Synchronize (SYN) flood Logic bomb Cross-site scripting (XSS)