ITN 263 MIDTERM PT 1|| 100%
VERIFIED
Which of the following is described as "confidence in your expectation that others will
act in your best interest"? - ANSWER-Trust
Estefan is a network professional for an e-commerce company. The chief information
officer (CIO) wants the customer web portal downtime to be reduced from 5 minutes
per year to 30 seconds per year. The change should occur over the next 6 months.
Which security objective must Estefan employ to accomplish this goal? - ANSWER-
Availability
Kristin's position in IT focuses on using antivirus, anti-spyware, and vulnerability
software patch management to maintain security and integrity. Which IT
infrastructure domain is she protecting? - ANSWER-Workstation Domain
To secure the System/Application Domain of an IT infrastructure, what is the primary
focus? - ANSWER-In a collection of servers and virtualized systems, defending both
data and server computing power
Which of the following must be done first to accomplish an organization's security
goals? - ANSWER-Write down security goals.
Temika is the IT security officer for her company. The CIO has told her that network
security success is not about preventing all possible attacks or compromises. Of the
following, what goal or accomplishment should she work toward? - ANSWER-
Continually improving the state of security so that, as time passes, the network is
better protected than it was in the past
Which of the following roles is most commonly responsible for observing system and
user activity, looking for violations, trends towards bottlenecks, and attempts to
perform violations? - ANSWER-Auditor
A company has discovered that confidential business information has been
repeatedly acquired by a competitor over the past six months. The IT security team
has been unable to find the leaks. The team suspects a form of side-channel
eavesdropping may be involved. What is the suspected hacking method? -
ANSWER-The competitor is using a phreaking attack
As part of the bring your own device (BYOD) program, the company CIO is
encouraging employees to use their personal devices for business purposes.
However, an attacker with the right kind of antenna can access the wireless network
from a great distance, putting internal assets at risk. Of the following, what is the best
solution? - ANSWER-Physically isolate wireless access from the wired network.
, A combination of intrusion detection and prevention, as well as logging and
monitoring, provides the best defense against what kind of attack? - ANSWER-Zero-
day exploit
Which of the following is considered a node? - ANSWER-Networked printer
You are setting up a small home network. You want all devices to communicate with
each other. You assign IPv4 addresses between 192.168.0.1 and 192.168.0.6 to the
devices. What processes must still be configured so that these nodes can
communicate with the Internet? - ANSWER-Both network address translation (NAT)
and port address translation (PAT) must be enabled to allow private network
addresses to be translated to a random external port and public IP address.
Many company employees work from home on a full-time basis. What technology do
they commonly use to communicate securely with the organization's network? -
ANSWER-Virtual private network (VPN)
A major U.S. online retailer has discovered that thousands of purchases have been
paid for by stolen credit card numbers. An initial analysis of the location of the buyers
reveals IP addresses from within the United States. Upon further investigation, it is
found that the actual origin point of the fraudulent buyer is a series of IP addresses
located in Asia. What technology is the fraudster using? - ANSWER-Proxy server
You are a network professional. You want to overcome the security shortcomings of
the Domain Name System (DNS). Of the following, what is one of those
shortcomings? - ANSWER-Use of a plaintext communication
Mel is working from home and speaking with her department manager on a Voice
over IP (VoIP) phone connection. This technology allows telephone conversations to
be routed over the Internet. During a VoIP conversation, Mei loses a few moments of
what the manager has said to her. What is the problem? - ANSWER-The OSI model
Transport Layer was unable to guarantee reliable packet delivery.
Which OSI model layer deals with frames? - ANSWER-Data Link Layer
Which form of firewall filtering is NOT as clear or distinct as other types? - ANSWER-
Filtering on whether an address is real or spoofed
Which network security technology can block or restrict access if a computer does
NOT have the latest antivirus update, a certain security patch, or a host firewall? -
ANSWER-Network access control (NAC)
Which network index technology allows users to locate resources on a private
network, keeps track of which servers and clients are online, and identifies the
resources that network hosts share? - ANSWER-Directory services
In terms of networking, permission is the abilities granted on the network. -
ANSWER-False
VERIFIED
Which of the following is described as "confidence in your expectation that others will
act in your best interest"? - ANSWER-Trust
Estefan is a network professional for an e-commerce company. The chief information
officer (CIO) wants the customer web portal downtime to be reduced from 5 minutes
per year to 30 seconds per year. The change should occur over the next 6 months.
Which security objective must Estefan employ to accomplish this goal? - ANSWER-
Availability
Kristin's position in IT focuses on using antivirus, anti-spyware, and vulnerability
software patch management to maintain security and integrity. Which IT
infrastructure domain is she protecting? - ANSWER-Workstation Domain
To secure the System/Application Domain of an IT infrastructure, what is the primary
focus? - ANSWER-In a collection of servers and virtualized systems, defending both
data and server computing power
Which of the following must be done first to accomplish an organization's security
goals? - ANSWER-Write down security goals.
Temika is the IT security officer for her company. The CIO has told her that network
security success is not about preventing all possible attacks or compromises. Of the
following, what goal or accomplishment should she work toward? - ANSWER-
Continually improving the state of security so that, as time passes, the network is
better protected than it was in the past
Which of the following roles is most commonly responsible for observing system and
user activity, looking for violations, trends towards bottlenecks, and attempts to
perform violations? - ANSWER-Auditor
A company has discovered that confidential business information has been
repeatedly acquired by a competitor over the past six months. The IT security team
has been unable to find the leaks. The team suspects a form of side-channel
eavesdropping may be involved. What is the suspected hacking method? -
ANSWER-The competitor is using a phreaking attack
As part of the bring your own device (BYOD) program, the company CIO is
encouraging employees to use their personal devices for business purposes.
However, an attacker with the right kind of antenna can access the wireless network
from a great distance, putting internal assets at risk. Of the following, what is the best
solution? - ANSWER-Physically isolate wireless access from the wired network.
, A combination of intrusion detection and prevention, as well as logging and
monitoring, provides the best defense against what kind of attack? - ANSWER-Zero-
day exploit
Which of the following is considered a node? - ANSWER-Networked printer
You are setting up a small home network. You want all devices to communicate with
each other. You assign IPv4 addresses between 192.168.0.1 and 192.168.0.6 to the
devices. What processes must still be configured so that these nodes can
communicate with the Internet? - ANSWER-Both network address translation (NAT)
and port address translation (PAT) must be enabled to allow private network
addresses to be translated to a random external port and public IP address.
Many company employees work from home on a full-time basis. What technology do
they commonly use to communicate securely with the organization's network? -
ANSWER-Virtual private network (VPN)
A major U.S. online retailer has discovered that thousands of purchases have been
paid for by stolen credit card numbers. An initial analysis of the location of the buyers
reveals IP addresses from within the United States. Upon further investigation, it is
found that the actual origin point of the fraudulent buyer is a series of IP addresses
located in Asia. What technology is the fraudster using? - ANSWER-Proxy server
You are a network professional. You want to overcome the security shortcomings of
the Domain Name System (DNS). Of the following, what is one of those
shortcomings? - ANSWER-Use of a plaintext communication
Mel is working from home and speaking with her department manager on a Voice
over IP (VoIP) phone connection. This technology allows telephone conversations to
be routed over the Internet. During a VoIP conversation, Mei loses a few moments of
what the manager has said to her. What is the problem? - ANSWER-The OSI model
Transport Layer was unable to guarantee reliable packet delivery.
Which OSI model layer deals with frames? - ANSWER-Data Link Layer
Which form of firewall filtering is NOT as clear or distinct as other types? - ANSWER-
Filtering on whether an address is real or spoofed
Which network security technology can block or restrict access if a computer does
NOT have the latest antivirus update, a certain security patch, or a host firewall? -
ANSWER-Network access control (NAC)
Which network index technology allows users to locate resources on a private
network, keeps track of which servers and clients are online, and identifies the
resources that network hosts share? - ANSWER-Directory services
In terms of networking, permission is the abilities granted on the network. -
ANSWER-False
