ITI581 Security Fundamentals
Practice Exam
Session 1 2017
This practice exam has been constructed using lecture materials and the set class text book/s only.
The questions are of a similar standard to those on the final exam.
This practice exam does not follow the same structure as the final exam.
MC & Short Answer Practice Questions
1) Which of the following is an intrusion detection system that monitors and analyses the internals
of a computing system rather than the network packets on its external interfaces?
a) IPS
b) HIDS
c) DMZ
d) NIDS
2) You are an Administrator for a network at an investment bank. You are concerned about
individuals breeching your network and being able to steal data before you can detect their
presence and shut down their access. Which of the following is the best way to address this
issue?
a) Implement a strong password policy.
b) Implement a strong firewall.
c) Implement a honey pot.
d) Implement network based anti-virus.
3) Peter, a malicious hacker, obtains e-mail addresses by harvesting them from postings, blogs,
DNS listings, and Web pages. He then sends a large number of unsolicited commercial e-mail
(UCE) messages to these addresses. Which of the following e-mail crimes is Peter committing?
a) E-mail spam
b) E-mail storm
c) E-mail bombing
d) E-mail spoofing
4) Which of the following is an intrusion detection system that reads all incoming packets and tries
to find suspicious patterns known as signatures or rules?
a) HIDS
b) IPS
c) DMZ
d) NIDS
5) Which of the following policies helps in defining what users can and should do to use network
and organization's computer equipment?
a) General policy
b) Remote access policy
, c) IT policy
d) User policy
6) In which of the following attacks does an attacker use software that tries a large number of key
combinations in order to get a password?
a) Buffer overflow
b) Brute force attack
c) Zero-day attack
d) Smurf attack
7) Which of the following examines network traffic to identify threats that generate unusual traffic
flows, such as distributed denial of service (DDoS) attacks, certain forms of malware, and policy
violations?
a) Network Behavior Analysis
b) Network-based Intrusion Prevention
c) Wireless Intrusion Prevention System
d) Host-based Intrusion Prevention
8) ______________management is an area of systems management that involves acquiring,
testing, and installing multiple patches (code changes) to an administered computer system.
9) Which of the following are the valid steps for securing routers? Each correct answer represents
a complete solution. Choose all that apply.
a) Use a password that is easy to remember for a router's administrative console.
b) Use a complex password for a router's administrative console.
c) Configure access list entries to prevent unauthorized connections and traffic routing.
d) Keep routers updated with the latest security patches.
10) Which of the following tools is an open source protocol analyser that can capture traffic in real
time?
a) Netresident
b) Wireshark
c) Snort
d) NetWitness
11) Which layer of the OSI model is responsible for routing packets?
a) Data Link
b) Application
c) Network
d) Physical
12) Which of the following network devices is primarily responsible for path analysis and forwarding
of packets?
a) Router
b) Switch
c) Access Point
Practice Exam
Session 1 2017
This practice exam has been constructed using lecture materials and the set class text book/s only.
The questions are of a similar standard to those on the final exam.
This practice exam does not follow the same structure as the final exam.
MC & Short Answer Practice Questions
1) Which of the following is an intrusion detection system that monitors and analyses the internals
of a computing system rather than the network packets on its external interfaces?
a) IPS
b) HIDS
c) DMZ
d) NIDS
2) You are an Administrator for a network at an investment bank. You are concerned about
individuals breeching your network and being able to steal data before you can detect their
presence and shut down their access. Which of the following is the best way to address this
issue?
a) Implement a strong password policy.
b) Implement a strong firewall.
c) Implement a honey pot.
d) Implement network based anti-virus.
3) Peter, a malicious hacker, obtains e-mail addresses by harvesting them from postings, blogs,
DNS listings, and Web pages. He then sends a large number of unsolicited commercial e-mail
(UCE) messages to these addresses. Which of the following e-mail crimes is Peter committing?
a) E-mail spam
b) E-mail storm
c) E-mail bombing
d) E-mail spoofing
4) Which of the following is an intrusion detection system that reads all incoming packets and tries
to find suspicious patterns known as signatures or rules?
a) HIDS
b) IPS
c) DMZ
d) NIDS
5) Which of the following policies helps in defining what users can and should do to use network
and organization's computer equipment?
a) General policy
b) Remote access policy
, c) IT policy
d) User policy
6) In which of the following attacks does an attacker use software that tries a large number of key
combinations in order to get a password?
a) Buffer overflow
b) Brute force attack
c) Zero-day attack
d) Smurf attack
7) Which of the following examines network traffic to identify threats that generate unusual traffic
flows, such as distributed denial of service (DDoS) attacks, certain forms of malware, and policy
violations?
a) Network Behavior Analysis
b) Network-based Intrusion Prevention
c) Wireless Intrusion Prevention System
d) Host-based Intrusion Prevention
8) ______________management is an area of systems management that involves acquiring,
testing, and installing multiple patches (code changes) to an administered computer system.
9) Which of the following are the valid steps for securing routers? Each correct answer represents
a complete solution. Choose all that apply.
a) Use a password that is easy to remember for a router's administrative console.
b) Use a complex password for a router's administrative console.
c) Configure access list entries to prevent unauthorized connections and traffic routing.
d) Keep routers updated with the latest security patches.
10) Which of the following tools is an open source protocol analyser that can capture traffic in real
time?
a) Netresident
b) Wireshark
c) Snort
d) NetWitness
11) Which layer of the OSI model is responsible for routing packets?
a) Data Link
b) Application
c) Network
d) Physical
12) Which of the following network devices is primarily responsible for path analysis and forwarding
of packets?
a) Router
b) Switch
c) Access Point
