ITN 263 QUIZ 6 WITH COMPLETE
SOLUTIONS
Brianna is an IT technician. She is studying a threat that holds the communication
channel open when a TCP handshake does not conclude. What kind of attack does
this involve? - ANSWER-Denial of service (DoS) attack
Werner is a security manager for a health insurance company. He is examining the
organization's compliance with patient privacy. While investigating how staff handle
verbal and email communications, he discovers that some staff members are lax
about how well they protect details that, when combined, might be used to reveal
sensitive details about some customers. What is the focus of his concern? -
ANSWER-Personally identifiable information (PII)
Nina is a corporate attorney for a San Francisco firm. The chief information and
security officer (CISO) told her that the firm's data center had been hacked 24 hours
ago. The personal information of more than 3 million users was accessed, including
their full names, addresses, and login credentials. Nina discusses the company's
liability under the law, including the requirement to implement and maintain
reasonable security procedures and practices. If it can be proven that the firm was
negligent, it may need to pay damages. Which of the following regulates this issue? -
ANSWER-California Consumer Privacy Act (CCPA)
Chang is a network engineer. He is revising the company's firewall implementation
procedure. He is reviewing the procedural element requiring placement of network
firewalls at chokepoints and mapping out the network structure to pinpoint the
location where firewalls are to be placed. Which of the following is he focusing on? -
ANSWER-Network design
The network infrastructure supervisor is designing a firewall placement strategy that
will protect the organization's Internet-facing web and email servers and the internal
network. Which design will provide the best protection? - ANSWER-Using two
firewalls to create a demilitarized zone (DMZ); one firewall is placed between the
Internet and the servers, the other firewall is located behind the first firewall and the
servers protecting the internal network
Demetrice is a network consultant. She has been hired to design security for a
network that hosts 25 employees, many of whom need remote access. The client
recently opened another small office in a neighboring community and wants to be
able to routinely establish secure network connections between the two locations.
The client often deals with customer bank information and requires a particularly
secure solution. What is her response to these requirements? - ANSWER-Small
office/home office (SOHO) virtual private network (VPN)
Which of the following is a concern when considering the use of a demilitarized zone
(DMZ) firewall solution to access high-value data on an internal network? -
ANSWER-Poorly constructed firewall rules
SOLUTIONS
Brianna is an IT technician. She is studying a threat that holds the communication
channel open when a TCP handshake does not conclude. What kind of attack does
this involve? - ANSWER-Denial of service (DoS) attack
Werner is a security manager for a health insurance company. He is examining the
organization's compliance with patient privacy. While investigating how staff handle
verbal and email communications, he discovers that some staff members are lax
about how well they protect details that, when combined, might be used to reveal
sensitive details about some customers. What is the focus of his concern? -
ANSWER-Personally identifiable information (PII)
Nina is a corporate attorney for a San Francisco firm. The chief information and
security officer (CISO) told her that the firm's data center had been hacked 24 hours
ago. The personal information of more than 3 million users was accessed, including
their full names, addresses, and login credentials. Nina discusses the company's
liability under the law, including the requirement to implement and maintain
reasonable security procedures and practices. If it can be proven that the firm was
negligent, it may need to pay damages. Which of the following regulates this issue? -
ANSWER-California Consumer Privacy Act (CCPA)
Chang is a network engineer. He is revising the company's firewall implementation
procedure. He is reviewing the procedural element requiring placement of network
firewalls at chokepoints and mapping out the network structure to pinpoint the
location where firewalls are to be placed. Which of the following is he focusing on? -
ANSWER-Network design
The network infrastructure supervisor is designing a firewall placement strategy that
will protect the organization's Internet-facing web and email servers and the internal
network. Which design will provide the best protection? - ANSWER-Using two
firewalls to create a demilitarized zone (DMZ); one firewall is placed between the
Internet and the servers, the other firewall is located behind the first firewall and the
servers protecting the internal network
Demetrice is a network consultant. She has been hired to design security for a
network that hosts 25 employees, many of whom need remote access. The client
recently opened another small office in a neighboring community and wants to be
able to routinely establish secure network connections between the two locations.
The client often deals with customer bank information and requires a particularly
secure solution. What is her response to these requirements? - ANSWER-Small
office/home office (SOHO) virtual private network (VPN)
Which of the following is a concern when considering the use of a demilitarized zone
(DMZ) firewall solution to access high-value data on an internal network? -
ANSWER-Poorly constructed firewall rules
