Module 21 Exam Back to Main Page 1. These three attributes are the core of the enterprise security policy.ConfidentialityIntegrityAvailabilityAccountingAuthorizationQuestion 1 of 23 2. The main purpose of a Denial of Service (DoS) attack is to quietly take control of an end device without the user knowing.TrueFalseQuestion 2 of 23 3. With a Denial of Service (DoS) attack, the attacker does not try to gain access to a resource; rather, he tries to induce a loss of access to different users or services. These services include?The entire enterprise networkThe CPU of a network device or serverThe memory of a network device or serverThe disk of a network device or serverQuestion 3 of 23 4. An advanced form of DoS attack is _____, which works by manipulating a large number of systems to launch an attack on a target over the Internet or over an enterprise network.Rogue DHCP serverVirusWormDistributed Denial of Service (DDoS)Question 4 of 23 5. A ______ attack is the process in which a single host or entity falsely assumes (spoof) the identity of another host.DDoSspoofing (or masquerading)DoSwormQuestion 5 of 23 6. Programs like Telnet and FTP employ user-based authentication but the credentials are sent in clear text (unencrypted) over the wire.TrueFalseQuestion 6 of 23 7. There are three major types of viruses, depending on where they act:MBR (Master Boot Sector) virusesBoot sector virusesFile virusesDHCP virusesQuestion 7 of 23 8. Another way to categorize viruses is based on their behavior, of which there are two types:Harmonic virusesStealth virusesAdvanced virusesPolymorphic virusesQuestion 8 of 23 9. _____ programs are basically unauthorized code that is contained in legitimate programs and performs functions that are hidden to the user.WormTrojanDestroyerIntruderQuestion 9 of 23 10. Social engineering attacks are difficult to identify because they are not electronically detectable.TrueFalseQuestion 10 of 23 11. Some of the most important actions that can be taken against social engineering attacks are:IPS/IDSUser trainingAdvanced firewall settingsClear enterprise security policiesQuestion 11 of 23 12. ______ is the process of finding available wireless access points within a certain geographical area by driving around and listening for signals.Dumpster divingWar chalkingWar drivingShoulder surfingQuestion 12 of 23 13. WPA2-Personal is vulnerable to a series of attacks, including:Brute-forceARP spoofingDictionary attacksTrojan horse attacksQuestion 13 of 23 14. _______ describes a concept of configuring an external access point to look and behave just like a trusted access point (same SSID and same security settings) so that users connect to the “evil” AP by mistake.Wireless ARP spooferWireless DHCP spooferWireless evil twinsWireless wormQuestion 14 of 23 15. DoS and DDoS attacks are meant to compromise the connectivity and availability to or from the network and can be categorized into different types:Flooding the network with poisoned packetsSpoofing network trafficExploiting weak passwordsExploiting application bugsQuestion 15 of 23 16. Trust and identity management has three components.IdentityAccess controlTrustIntegrityQuestion 16 of 23 17. The authentication of identity is based on three attributes that make the connection to access control:Something that the subject knows (password or PIN)Something that the subject has (token or smartcard)Something that the subject is (biometrics like fingerprint, voice, or facial recognition)Something that the subject wears (smart watch or phone)Question 17 of 23 18. Th e Public Key Infrastructure (PKI) is a complex authentication technique that functions by using digital certificates.TrueFalseQuestion 18 of 23 19. Kerberos has three main components:KDC (Key Distribution Center)Authentication ServiceIntegrity ServiceTicket Granting ServiceQuestion 19 of 23 20. AAA offers the following services:Verifies user identity and credentials (authentication)Provides access to network resources (authorization)Maintaining records (auditing)Logs user access (accounting)Question 20 of 23 21. RADIUS functions over ___, while TACACS+ uses ___.SSH/SSLIP/ICMPTCP/UDPUDP/TCPQuestion 21 of 23 22. 802.1X works by authenticating the user before receiving access to the network, and this involves three components:Supplicant (client)FirewallAuthenticator (access point or switch)Authentication server (RADIUS or TACACS+)DMZQuestion 22 of 23 23. Lightweight EAP (LEAP) was created by Cisco as a proprietary solution for their equipment and systems.TrueFalseQuestion 23 of 23 Loading...