Intro to Network Security sixth ed chapter 7

Which of the following TCP/IP protocols do not relate to security?
a. IP
b. SNMP
c. HTTPS
d. FTP

IP

Aideen sent an email to her supervisor
explaining the Domain Name System Security Extensions (DNSSEC). Which of the following statements would Aideen have NOT included in her email?
a. It is fully supported in BIND9.
b. It adds additional resource records.
c. It adds message header information.
d. It can prevent a DNS transfer attack.

It can prevent a DNS transfer attack

What is the recommended secure protocol for voice and video applications?
a. Secure Real-time Transport Protocol
(SRTP)
b. Hypertext Transport Protocol Secure
(HTTPS)
c. Network Time Protocol (NTP)
d. Secure/Multipurpose Internet Mail
Extensions (S/MIME)

Secure Real-time Transport Protocol (SRTP)

Which type of log can provide details
regarding requests for specific files on a system?
a. Audit log
b. Event log
c. Access log
d. SysFile log

Event log

Which type of device log contains the most beneficial security data?
a. Firewall log
b. Email log
c. Switch log
d. Router log

Firewall log

Which type of cloud is offered to specific organizations that have common concerns?
a. Public cloud
b. Hybrid cloud
c. Private cloud
d. Community cloud

Community Cloud

Which of these is NOT correct about an SSL accelerator?
a. It can be a separate hardware card
that inserts into a web server.
b. It can be a separate hardware module.
c. It should reside between the user’s device and the web servers.
d. It can only handle the SSL protocol.

It can only handle the SSL protocol

Catriona needed to monitor network traffic. She did not have the resources to install an additional device on the network. Which of the following solutions would meet her needs?
a. Network tap
b. Port mirroring
c. Aggregation switch
d. Correlation engine

Port Mirroring

Which version of Simple Network Management Protocol (SNMP) is considered the most secure?
a. SNMPv2
b. SNMPv3
c. SNMPv4
d.SNMPv5

SNMPv3

Which Domain Name System (DNS) attack replaces a fraudulent IP address for a symbolic name?
a. DNS replay
b. DNS masking
c. DNS poisoning
d. DNS forwarding

DNS poisoning

Which of these is the most secure protocol for transferring files?
a. FTPS
b. SFTP
c. TCP
d. FTP

TCP

Which of the following can be used to prevent a buffer overflow attack?
a. DEP
b. FIM
c. VPN
d. DNS

DEP

Which of the following is NOT a service
model in cloud computing?
a. Software as a Service (SaaS)
b. Hardware as a Service (HaaS)
c. Platform as a Service (PaaS)
d. Infrastructure as a Service (IaaS)

Hardware as a Service (HaaS)

Eachna is showing a new security intern the log file from a firewall. Which of the following entries would she tell him do not need to be investigated?
a. Suspicious outbound connections
b. IP addresses that are being rejected
and dropped
c. Successful logins
d. IP addresses that are being rejected
and dropped

Successful logins

Which type of hypervisor does not run
on an underlying operating system?
a. Type I
b. Type II
c. Type III
d. Type IV

Type 1

Which application stores the user’s
desktop inside a virtual machine that resides on a server and is accessible from multiple locations?
a. Application cell
b. Container
c. VDE
d. VDI

VDI

Kyle asked his supervisor which type of computing model was used when the enterprise first started. She explained that the organization purchased all the hardware and software necessary to run the company. What type of model was she describing to Kyle?
a. Virtual services
b. Off-premises
c. On-premises
d. Hosted services

On-premises

DNSSEC adds additional and message header information, which can be used to verify that the requested data has not been altered in transmission.
a. resource records
b. field flags
c. hash sequences
d. zone transfers

resource records

What functions of a switch does a software defined network separate?
a. Host and virtual
b. Control plane and physical plane
c. RAM and hard drive
d. Network level and resource level

Control plane and physical plane

Which of the following is NOT a security
concern of virtualized environments?
a. Virtual machines must be protected
from both the outside world and from other virtual machines on the same physical computer.
b. Physical security appliances are not always designed to protect virtual systems.
c. Virtual servers are less expensive than their physical counterparts.
d. Live migration can immediately move one virtualized server to another hypervisor.

Virtual servers are less expensive than their physical counterparts

Advanced malware management

A third- party service that monitors a network for any unusual activity.

aggregation switch

A device used to combine multiple network connections into a single link.

application cell

A virtualized environment that holds only the necessary operating system components (such as binary files and libraries) that are needed for a specific application to run. Also called an application cell.

application whitelisting

An inventory of applications and associated components (libraries, configuration files, etc.) that have been pre-approved and authorized to be active and present on the device.

Cloud access security broker (CASB)

A set of software tools or services that resides between the enterprises’ on-premises infrastructure and the cloud provider’s infrastructure to ensure that the security policies of the enterprise extend to their data in the cloud.

Cloud computing

A pay-per-use computing model in which customers pay only for the online computing resources that they need, and the resources can be easily scaled.

Cloud storage

A cloud system that has no computational capabilities but provides remote file storage.

community cloud

A cloud that is open only to specific organizations that have common concerns.

container

A virtualized environment that holds only the necessary operating system components (such as binary files and libraries) that are needed for a specific application to run. Also called an application cell.

correlation engine

A device that aggregates and correlates content from different sources to uncover an attack.

Data Execution Prevention (DEP)

A Microsoft Windows feature that prevents attackers from using buffer overflow to execute malware.

DDoS mitigator

A hardware device that identifies and blocks real-time distributed denial of service (DDoS) attacks.

Domain Name System
Security Extensions
(DNSSEC)

An extension to DNS that adds additional resource records and message header information, used to verify that DNS data has not been altered in transmission.

file integrity check (FIC)

A service that can monitor any changes made to computer files.

File Transfer Protocol
(FTP)

An unsecure TCP/IP protocol that is commonly used for transferring files.

FTP Secure (FTPS)

A TCP/IP protocol that uses Secure Sockets Layer or Transport Layer Security to encrypt commands sent over the control port (port 21) in an FTP session.

hosted services

A computing model in which servers, storage, and the supporting networking infrastructure are shared by multiple enterprises over a remote network connection.

hybrid cloud

A combination of public and private clouds.

hypervisor

Software that manages virtual machine operating systems.

Infrastructure as a Service (IaaS)

A cloud computing model in which customers have the highest level of control and can deploy and run their own software.

log

A record of events that occur.

network tap (test access
point)

A separate device that can be installed on the network for monitoring traffic.

on-premises

A computing model in which enterprises purchased all the hardware and software necessary to run the organization.

Platform as a Service
(PaaS)

A cloud service in which consumers can install and run their own specialized applications on the cloud computing network.

port mirroring

A facility that allows the administrator to configure a switch to copy traffic that occurs on some or all ports to a designated monitoring port on the switch.

private cloud

A cloud that is created and main- tained on a private network.

public cloud

A cloud in which the services and infrastructure are offered to all users with access provided remotely through the Internet.

removable media control

Tools that can be used to restrict which removable media, such as USB flash drives, can be attached to a system.

Secure FTP (SFTP)

A secure TCP/IP protocol that is used for transporting files by encrypting and compressing all data and commands.