ITSY 2341 FINAL QUESTIONS AND ANSWERS
Signature recognition - Answer -Which of the following biometric authentication
systems is the most accepted by users?
It uses a secret key to encrypt and decrypt. - Answer -Which of the following is true
about symmetric encryption?
False - Answer -A semialphabetic substitution cipher is one that incorporates two or
more alphabets in the encryption process.
- Answer -Which of the following is true about symmetric encryption?
False reject rate - Answer -The rate at which authentic users are denied or prevented
access to authorized areas as a result of a failure in the biometric device is known as
the __________.
Stateful packet inspection - Answer -Which type of firewall keeps track of each network
connection established between internal and external systems?
Authentication - Answer -Which of the following access control processes confirms the
identity of the entity seeking access to a logical or physical area?
False - Answer -A validity table is a tabular record of the state and context of each
packet in a conversation between an internal and external user or system. __________
Port-address translation - Answer -Which technology employs sockets to map internal
private network addresses to a public address using one-to-many mapping?
True - Answer -A packet filtering firewall is a networking device that examines the
header information of data packets that come into a network and determines whether to
drop them (deny) or forward them to the next network connection (allow), based on its
configuration rules. __________
Cryptanalysis - Answer -The process of obtaining the plaintext message from a
ciphertext message without knowing the keys used to perform the encryption is known
as __________.
Signature-based - Answer -Which type of IDPS works like antivirus software?
True - Answer -A wireless access point is a device used to connect wireless networking
users and their devices to the rest of the organization's network(s). __________
Something a person says - Answer -Which of the following is NOT among the three
types of authentication mechanisms?
,False - Answer -The action level is a predefined assessment level of an IDPS that
triggers a predetermined response when surpassed. __________
Fingerprinting - Answer -What is the next phase of the pre-attack data gathering
process after an attacker has collected all of an organization's Internet addresses?
Sending dos packets to the source - Answer -Which of the following is NOT a method
employed by idpss to prevent an attack from succeeding?
Key - Answer -Which of the following is used in conjunction with an algorithm to make
computer data secure from anybody except the intended recipient of the data?
Honey pot - Answer -What is an application that entices individuals who are illegally
perusing the internal areas of a network by providing simulated rich content areas while
the software notifies the administrator of the intrusion?
Footprinting - Answer -What is the organized research and investigation of Internet
addresses owned or controlled by a target organization?
Dual-homed host - Answer -The bastion host is usually implemented as a __________,
as it contains two network interfaces: one that is connected to the external network and
one that is connected to the internal network, such that all traffic must go through the
device to move between the internal and external networks.
True - Answer -A password should be difficult to guess. __________
Both of these are correct. - Answer -In an IDPS, a piece of software that resides on a
system and reports back to a management server is known as a(n) __________.
False - Answer -In e-commerce situations, some cryptographic tools can be used for
misrepresentation in order to assure that parties to the transaction are authentic, and
that they cannot later deny having participated in a transaction. __________
Evaluate how the new technology will enhance employee skills. - Answer -When an
information security team is faced with a new technology, which of the following is NOT
a recommended approach?
PKI - Answer -An integrated system of software, encryption methodologies, protocols,
legal agreements, and third-party services that enables users to communicate securely
through the use of digital certificates.
Asymmetric encryption - Answer -A cryptographic method that incorporates
mathematical operations involving both a public key and a private key to encipher or
decipher a message.
, IP Security Protocol - Answer -Which technology has two modes of operation: transport
and tunnel?
Digital signature - Answer -What is most commonly used for the goal of nonrepudiation
in cryptography?
False - Answer -The "something a person has" authentication mechanism takes
advantage of something inherent in the user that is evaluated using biometrics.
Packet sniffer - Answer -What tool would you use if you want to collect information as it
is being transmitted on the network and analyze the contents for the purpose of solving
network problems?
Socket - Answer -The combination of a system's TCP/IP address and a service port is
known as a __________.
True - Answer -The KDC component of Kerberos knows the secret keys of all clients
and servers on the network.
False - Answer -A smart chip is an authentication component, similar to a dumb card,
that contains a computer chip to verify and validate several pieces of information
instead of just a PIN. __________
Anomaly-based - Answer -Which type of IDPS is also known as a behavior-based
intrusion detection system?
Footprinting - Answer -The organized research and investigation of Internet addresses
owned or controlled by a target organization.
Transport mode - Answer -In ipsec, an encryption method in which only a packet's IP
data is encrypted, not the IP headers themselves; this method allows intermediate
nodes to read the source and destination addresses.
Vernam cipher - Answer -A cryptographic technique developed at AT&T and known as
the "one-time pad," this cipher uses a set of characters for encryption operations only
one time and then discards it.
SSL - Answer -Was developed by Netscape in 1994 to provide security for online e-
commerce transactions.
Content filter - Answer -A software program or hardware/software appliance that allows
administrators to restrict content that comes into or leaves a network—for example,
restricting user access to Web sites with material that is not related to business, such as
pornography or entertainment.
VPN - Answer -A private, secure network operated over a public and insecure network.
Signature recognition - Answer -Which of the following biometric authentication
systems is the most accepted by users?
It uses a secret key to encrypt and decrypt. - Answer -Which of the following is true
about symmetric encryption?
False - Answer -A semialphabetic substitution cipher is one that incorporates two or
more alphabets in the encryption process.
- Answer -Which of the following is true about symmetric encryption?
False reject rate - Answer -The rate at which authentic users are denied or prevented
access to authorized areas as a result of a failure in the biometric device is known as
the __________.
Stateful packet inspection - Answer -Which type of firewall keeps track of each network
connection established between internal and external systems?
Authentication - Answer -Which of the following access control processes confirms the
identity of the entity seeking access to a logical or physical area?
False - Answer -A validity table is a tabular record of the state and context of each
packet in a conversation between an internal and external user or system. __________
Port-address translation - Answer -Which technology employs sockets to map internal
private network addresses to a public address using one-to-many mapping?
True - Answer -A packet filtering firewall is a networking device that examines the
header information of data packets that come into a network and determines whether to
drop them (deny) or forward them to the next network connection (allow), based on its
configuration rules. __________
Cryptanalysis - Answer -The process of obtaining the plaintext message from a
ciphertext message without knowing the keys used to perform the encryption is known
as __________.
Signature-based - Answer -Which type of IDPS works like antivirus software?
True - Answer -A wireless access point is a device used to connect wireless networking
users and their devices to the rest of the organization's network(s). __________
Something a person says - Answer -Which of the following is NOT among the three
types of authentication mechanisms?
,False - Answer -The action level is a predefined assessment level of an IDPS that
triggers a predetermined response when surpassed. __________
Fingerprinting - Answer -What is the next phase of the pre-attack data gathering
process after an attacker has collected all of an organization's Internet addresses?
Sending dos packets to the source - Answer -Which of the following is NOT a method
employed by idpss to prevent an attack from succeeding?
Key - Answer -Which of the following is used in conjunction with an algorithm to make
computer data secure from anybody except the intended recipient of the data?
Honey pot - Answer -What is an application that entices individuals who are illegally
perusing the internal areas of a network by providing simulated rich content areas while
the software notifies the administrator of the intrusion?
Footprinting - Answer -What is the organized research and investigation of Internet
addresses owned or controlled by a target organization?
Dual-homed host - Answer -The bastion host is usually implemented as a __________,
as it contains two network interfaces: one that is connected to the external network and
one that is connected to the internal network, such that all traffic must go through the
device to move between the internal and external networks.
True - Answer -A password should be difficult to guess. __________
Both of these are correct. - Answer -In an IDPS, a piece of software that resides on a
system and reports back to a management server is known as a(n) __________.
False - Answer -In e-commerce situations, some cryptographic tools can be used for
misrepresentation in order to assure that parties to the transaction are authentic, and
that they cannot later deny having participated in a transaction. __________
Evaluate how the new technology will enhance employee skills. - Answer -When an
information security team is faced with a new technology, which of the following is NOT
a recommended approach?
PKI - Answer -An integrated system of software, encryption methodologies, protocols,
legal agreements, and third-party services that enables users to communicate securely
through the use of digital certificates.
Asymmetric encryption - Answer -A cryptographic method that incorporates
mathematical operations involving both a public key and a private key to encipher or
decipher a message.
, IP Security Protocol - Answer -Which technology has two modes of operation: transport
and tunnel?
Digital signature - Answer -What is most commonly used for the goal of nonrepudiation
in cryptography?
False - Answer -The "something a person has" authentication mechanism takes
advantage of something inherent in the user that is evaluated using biometrics.
Packet sniffer - Answer -What tool would you use if you want to collect information as it
is being transmitted on the network and analyze the contents for the purpose of solving
network problems?
Socket - Answer -The combination of a system's TCP/IP address and a service port is
known as a __________.
True - Answer -The KDC component of Kerberos knows the secret keys of all clients
and servers on the network.
False - Answer -A smart chip is an authentication component, similar to a dumb card,
that contains a computer chip to verify and validate several pieces of information
instead of just a PIN. __________
Anomaly-based - Answer -Which type of IDPS is also known as a behavior-based
intrusion detection system?
Footprinting - Answer -The organized research and investigation of Internet addresses
owned or controlled by a target organization.
Transport mode - Answer -In ipsec, an encryption method in which only a packet's IP
data is encrypted, not the IP headers themselves; this method allows intermediate
nodes to read the source and destination addresses.
Vernam cipher - Answer -A cryptographic technique developed at AT&T and known as
the "one-time pad," this cipher uses a set of characters for encryption operations only
one time and then discards it.
SSL - Answer -Was developed by Netscape in 1994 to provide security for online e-
commerce transactions.
Content filter - Answer -A software program or hardware/software appliance that allows
administrators to restrict content that comes into or leaves a network—for example,
restricting user access to Web sites with material that is not related to business, such as
pornography or entertainment.
VPN - Answer -A private, secure network operated over a public and insecure network.
