ITN 263 FINAL REVIEW|| 85 QUESTIONS AND ANSWERS

ITN 263 FINAL REVIEW|| 85
QUESTIONS AND ANSWERS
A security assessment may include which of the following steps? - ANSWER-All of
the above

Assigning users, including administrators, only the necessary privileges, access, and
permissions to accomplish their assigned work is an example of __________. -
ANSWER-the principle of least privilege

Isolating and compartmentalizing administrative privileges, so that no single
administrator has full or total power over the entire environment, is an example of
__________. - ANSWER-separation of duties

One of the most effective preventative techniques in network security
troubleshooting is __________. - ANSWER-installing patches and updates

What is a potential disadvantage of online data backups? - ANSWER-Dependency
on provider's security

What is another form of a honeypot? - ANSWER-Padded cell

What is not an example of containment during incident response? - ANSWER-
Confirming a breach

What is the purpose of the post-mortem review after a security assessment? -
ANSWER-Learn from mistakes.

Which of the following could compromise network security? - ANSWER-Simplify by
assigning maximum required permissions

Which of the following is not a network security management best practice? -
ANSWER-Implement single-factor authentication

Which of the following is not true of compliance auditing? - ANSWER-A regular
compliance audit can be used in place of an organization's security policy.

Which of the following must an administrator organize to ensure follow-through of a
new security plan? - ANSWER-End-user training and awareness

Which type of backup solution typically stores your data on another organization's
hardware, making you dependent on their security, confidentiality assurance, and
reliability? - ANSWER-Cloud

Who performs penetration testing? - ANSWER-Ethical hackers

, Window locks, door locks, and security cameras are examples of which of the
following? - ANSWER-Physical security

An IDS or IPS that uses a database of signatures or patterns of known malicious
activities to detect threats is called _______________ detection. - ANSWER--
knowledge-based

Deciding which firewall rules to define is subject to an organization's
_____________. - ANSWER-- security policy

In which situation is a change control system most effective? - ANSWER--
Troubleshooting

Regarding firewall rules, what is another name for default deny? - ANSWER-- Deny
all

What is an access control list (ACL)? - ANSWER-- A firewall rule or filter

What is an important thing to do regarding firewall logs? - ANSWER-- Review the log
files frequently.

What is one of the most problematic issues with an intrusion detection system (IDS)?
- ANSWER-- False negatives

What is the primary purpose of log monitoring? - ANSWER-- Detect malicious
network activities

Which firewall limitation is typically characterized by a memory-based exploit? -
ANSWER-- Buffer overflow

Which of the following firewalls uses rules? - ANSWER-- All of the above "Circuit
proxy, Application proxy, Content filtering"

Which of the following is a centralized logging system? - ANSWER-- Syslog

Which of the following is not a best practice when creating firewall rules? -
ANSWER-- Make sure the Default Deny rule is first.

Which of the following is the best method of determining an optimal firewall
configuration? - ANSWER-- Test the rules in a laboratory environment.

Which type of firewall commonly uses inbound rules? - ANSWER-- DMZ firewall

___________ is the process of verifying the identity of an electronic entity. -
ANSWER-- Authentication

A critical business function conflicts with a security solution. What is the best
response? - ANSWER-Design a new security solution or modify how the task is
accomplished.