ITN 263 FINAL EXAM QUESTIONS WITH
100% CORRECT ANSWERS
A small fire breaks out in the lunch room of a branch office and the fire alarms sound.
The employees are directed to leave the building and assemble in the parking lot. What
condition is required to enable them to cross restricted access areas that are normally
locked? - Answer- Fail-open
A company hires security experts to play the role of hackers. The experts are asked to
attempt to breach the infrastructure to determine how secure the company is from
threats. The experts are also asked to recommend improvements. What is this activity
called? - Answer- Penetration testing
A malicious person is performing a technique called anti-forensics on a target network
to hide evidence of an intrusion and conceal implanted rootkits and other malware.
What is one action that might be taken when this method is used? - Answer-
Overwriting metadata
What is a common security mistake made by both end users and experts? - Answer-
Using the same password on multiple systems
Delay is the use of security to convince a potential attacker that the efforts to
compromise a system are not worth it. - Answer- False
Detection involves watching for attempts to breach security and being able to respond
promptly. - Answer- True
Delay involves slowing down an attack so that even successful breaches give defenders
time to respond. - Answer- True
Prevention is the use of safeguards to thwart exploitation or compromise. - Answer-
True
The longer the time span between a malicious action and an authoritative response, the
greater the likelihood the perpetrator will get away without consequence. - Answer- True
Physical damage is not related to denial of service. - Answer- False
A network security management best practice is to focus on the big-impact and big-
result issues first. - Answer- True
, In a layered security strategy, each security mechanism addresses a single issue or a
small set of issues within a specific context. - Answer- True
In layered security strategy, the strengths and benefits of one countermeasure do not
affect the other countermeasures. - Answer- False
A best practice is to block any device connecting to a network that is not in compliance
with the security policy. - Answer- True
Pushing out a patch without proper testing can result in negative impacts that are just as
bad as delaying patch approval. - Answer- True
Whole hard drive encryption prevents anyone from accessing data on the drive. -
Answer- False
The purpose of compartmentalization is to create small collectives of systems that
support work tasks while minimizing risk. - Answer- True
Which layer of the OSI model is the Data Link Layer? - Answer- Layer 2
Chad is a network engineer. He is tasked with selecting a virtual private network (VPN)
platform for his company. He chooses a solution that is inexpensive and runs on UNIX,
although it is less scalable and less stable than other solutions. What has he chosen? -
Answer- Operating system-based VPN
Your sales department likes to stream professional sports games across the computer
network on Wednesday afternoons, causing VPN performance issues during that time.
What is the most likely cause of the performance issues? - Answer- Traffic spike
Felicia is a network engineer deploying a virtual private network (VPN) solution. The
VPN operates using Secure Shell (SSH). When asked by a new help desk tech about
which layer of the OSI model it employs, how does Felicia answer? - Answer- 7
Internet Protocol Security (IPSec) is a standards-based protocol suite designed
specifically for securing ____________ communications. - Answer- Internet Protocol
(IP)
Which of the following can perform authentication to provide integrity protection for the
outermost IP header? - Answer- Authentication Header (AH)
Which of the following provides integrity protection for packet headers and data and can
optionally provide replay protection and access protection? - Answer- Authentication
Header (AH)
Maria is a new network engineer for a company that was established more than 30
years ago. She is examining the IT infrastructure and discovers that the virtual private
100% CORRECT ANSWERS
A small fire breaks out in the lunch room of a branch office and the fire alarms sound.
The employees are directed to leave the building and assemble in the parking lot. What
condition is required to enable them to cross restricted access areas that are normally
locked? - Answer- Fail-open
A company hires security experts to play the role of hackers. The experts are asked to
attempt to breach the infrastructure to determine how secure the company is from
threats. The experts are also asked to recommend improvements. What is this activity
called? - Answer- Penetration testing
A malicious person is performing a technique called anti-forensics on a target network
to hide evidence of an intrusion and conceal implanted rootkits and other malware.
What is one action that might be taken when this method is used? - Answer-
Overwriting metadata
What is a common security mistake made by both end users and experts? - Answer-
Using the same password on multiple systems
Delay is the use of security to convince a potential attacker that the efforts to
compromise a system are not worth it. - Answer- False
Detection involves watching for attempts to breach security and being able to respond
promptly. - Answer- True
Delay involves slowing down an attack so that even successful breaches give defenders
time to respond. - Answer- True
Prevention is the use of safeguards to thwart exploitation or compromise. - Answer-
True
The longer the time span between a malicious action and an authoritative response, the
greater the likelihood the perpetrator will get away without consequence. - Answer- True
Physical damage is not related to denial of service. - Answer- False
A network security management best practice is to focus on the big-impact and big-
result issues first. - Answer- True
, In a layered security strategy, each security mechanism addresses a single issue or a
small set of issues within a specific context. - Answer- True
In layered security strategy, the strengths and benefits of one countermeasure do not
affect the other countermeasures. - Answer- False
A best practice is to block any device connecting to a network that is not in compliance
with the security policy. - Answer- True
Pushing out a patch without proper testing can result in negative impacts that are just as
bad as delaying patch approval. - Answer- True
Whole hard drive encryption prevents anyone from accessing data on the drive. -
Answer- False
The purpose of compartmentalization is to create small collectives of systems that
support work tasks while minimizing risk. - Answer- True
Which layer of the OSI model is the Data Link Layer? - Answer- Layer 2
Chad is a network engineer. He is tasked with selecting a virtual private network (VPN)
platform for his company. He chooses a solution that is inexpensive and runs on UNIX,
although it is less scalable and less stable than other solutions. What has he chosen? -
Answer- Operating system-based VPN
Your sales department likes to stream professional sports games across the computer
network on Wednesday afternoons, causing VPN performance issues during that time.
What is the most likely cause of the performance issues? - Answer- Traffic spike
Felicia is a network engineer deploying a virtual private network (VPN) solution. The
VPN operates using Secure Shell (SSH). When asked by a new help desk tech about
which layer of the OSI model it employs, how does Felicia answer? - Answer- 7
Internet Protocol Security (IPSec) is a standards-based protocol suite designed
specifically for securing ____________ communications. - Answer- Internet Protocol
(IP)
Which of the following can perform authentication to provide integrity protection for the
outermost IP header? - Answer- Authentication Header (AH)
Which of the following provides integrity protection for packet headers and data and can
optionally provide replay protection and access protection? - Answer- Authentication
Header (AH)
Maria is a new network engineer for a company that was established more than 30
years ago. She is examining the IT infrastructure and discovers that the virtual private
